Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/1b60e9-b6e0-4890-9de1-13b431342ab8/1/Ylocyo8IuYXL1jFDJemfcOF7HII.roa
File: Ylocyo8IuYXL1jFDJemfcOF7HII.roa (raw, json)
Hash identifier: kWYwKTsoMIuvF5bk7I/FFQ+w4HxrfN+6bwhubAtqknA=
Subject key identifier: 62:5A:1C:CA:8F:08:B9:85:CB:D6:31:43:25:E9:9F:70:E1:7B:1C:82
Certificate issuer: /CN=96cbcf2e957ca8d942472a7b0044285b26db6b22
Certificate serial: 0197FCF1B8572EAF4788FCBDDC6B2ABFE996
Authority key identifier: 96:CB:CF:2E:95:7C:A8:D9:42:47:2A:7B:00:44:28:5B:26:DB:6B:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lsvPLpV8qNlCRyp7AEQoWybbayI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/1b60e9-b6e0-4890-9de1-13b431342ab8/1/Ylocyo8IuYXL1jFDJemfcOF7HII.roa
Signing time: Sat 12 Jul 2025 04:43:09 +0000
ROA not before: Sat 12 Jul 2025 04:43:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204203
IP address blocks: 91.108.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/1b60e9-b6e0-4890-9de1-13b431342ab8/1/lsvPLpV8qNlCRyp7AEQoWybbayI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/1b60e9-b6e0-4890-9de1-13b431342ab8/1/lsvPLpV8qNlCRyp7AEQoWybbayI.mft
rsync://rpki.ripe.net/repository/DEFAULT/lsvPLpV8qNlCRyp7AEQoWybbayI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:fc:f1:b8:57:2e:af:47:88:fc:bd:dc:6b:2a:bf:e9:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96cbcf2e957ca8d942472a7b0044285b26db6b22
Validity
Not Before: Jul 12 04:43:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=625a1cca8f08b985cbd6314325e99f70e17b1c82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:28:c2:8d:f1:d6:da:a1:62:a7:4c:50:18:01:
b1:5b:cd:84:37:b1:5e:41:1c:5f:b1:d5:26:37:9a:
e2:f8:8a:4c:fd:62:3c:ee:46:f1:cf:b7:b1:13:19:
85:c2:50:f7:d1:33:44:f6:3b:62:53:b5:d7:44:17:
fe:75:2c:60:a3:77:4e:08:05:d2:01:e4:3c:0e:5e:
8e:b9:79:8b:b4:1c:fd:84:b2:b9:95:7b:d5:3c:95:
46:0e:74:16:72:bb:77:0a:9c:a2:d9:7f:e8:26:15:
f2:9a:4e:93:97:d0:2a:04:8d:ec:45:c4:4f:09:6f:
19:ee:e3:43:cd:13:cd:03:5f:4b:51:40:ba:79:15:
c8:86:82:56:71:9f:45:ea:79:87:3f:29:95:9f:1f:
26:6f:32:25:2b:75:ea:2a:6a:3f:81:84:81:79:3f:
c0:83:a1:8a:9a:ff:a1:e9:ac:27:cb:46:74:d7:ad:
fc:60:61:39:b0:55:b9:af:89:fa:04:0e:c2:e4:37:
c9:88:3b:f6:fc:c3:55:6c:92:e0:b5:ec:82:a5:ec:
3b:07:95:48:ca:36:f1:0e:ff:9a:6d:3f:bd:e7:4e:
71:4f:db:2a:ad:5c:ff:a1:eb:fb:2f:38:ff:50:da:
2a:13:43:50:87:ef:16:95:57:b7:2a:e5:a6:4a:f4:
f5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:5A:1C:CA:8F:08:B9:85:CB:D6:31:43:25:E9:9F:70:E1:7B:1C:82
X509v3 Authority Key Identifier:
keyid:96:CB:CF:2E:95:7C:A8:D9:42:47:2A:7B:00:44:28:5B:26:DB:6B:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lsvPLpV8qNlCRyp7AEQoWybbayI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/1b60e9-b6e0-4890-9de1-13b431342ab8/1/Ylocyo8IuYXL1jFDJemfcOF7HII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/1b60e9-b6e0-4890-9de1-13b431342ab8/1/lsvPLpV8qNlCRyp7AEQoWybbayI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.145.0/24
Signature Algorithm: sha256WithRSAEncryption
93:47:c0:56:50:99:17:9b:a4:4c:82:64:08:4f:73:f7:43:63:
24:22:1b:c2:38:7d:e9:d2:c2:41:bf:60:85:ee:50:ab:2c:86:
5f:c2:26:a9:67:ea:04:5a:d9:ea:dc:26:12:3c:f8:3a:9f:b4:
34:81:ae:16:38:a6:49:78:98:88:69:e3:62:5c:91:51:e4:a3:
3f:0a:b7:77:5b:3c:21:97:26:eb:cd:ca:81:6f:f7:13:f8:59:
a9:7a:d9:2b:9e:a9:ed:4e:1f:ab:98:89:64:ba:2b:4c:6f:09:
93:27:60:21:f3:93:0a:a2:8f:34:e3:9d:1d:08:a8:f8:23:75:
71:5c:75:85:ee:34:e2:1d:b6:bd:11:cd:07:f4:c6:d9:fa:4c:
02:fb:a2:b2:05:e7:f9:42:09:f8:99:44:47:8f:83:ec:92:12:
6f:5d:69:4d:e2:e5:a2:0a:8a:db:cd:0b:6c:ec:4f:1e:f2:fd:
78:77:28:12:cf:59:f3:6e:ab:f2:a0:37:60:49:79:ff:f2:01:
3b:dc:d6:2b:b5:c2:b9:24:e8:11:ac:5b:3b:e5:48:c5:ef:42:
89:a1:fc:09:fc:84:12:3d:fe:db:d2:c0:1c:32:05:3a:50:f3:
70:be:a6:a6:c5:b1:d9:b9:72:1c:41:f8:a5:00:0d:00:bb:49:
81:44:00:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZf88bhXLq9HiPy93Gsqv+mWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2Y2JjZjJlOTU3Y2E4ZDk0MjQ3MmE3YjAwNDQyODViMjZk
YjZiMjIwHhcNMjUwNzEyMDQ0MzA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjVhMWNjYThmMDhiOTg1Y2JkNjMxNDMyNWU5OWY3MGUxN2IxYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoyjCjfHW2qFip0xQGAGxW82EN7Fe
QRxfsdUmN5ri+IpM/WI87kbxz7exExmFwlD30TNE9jtiU7XXRBf+dSxgo3dOCAXS
AeQ8Dl6OuXmLtBz9hLK5lXvVPJVGDnQWcrt3Cpyi2X/oJhXymk6Tl9AqBI3sRcRP
CW8Z7uNDzRPNA19LUUC6eRXIhoJWcZ9F6nmHPymVnx8mbzIlK3XqKmo/gYSBeT/A
g6GKmv+h6awny0Z01638YGE5sFW5r4n6BA7C5DfJiDv2/MNVbJLgteyCpew7B5VI
yjbxDv+abT+9505xT9sqrVz/oev7Lzj/UNoqE0NQh+8WlVe3KuWmSvT1vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGJaHMqPCLmFy9YxQyXpn3DhexyCMB8GA1UdIwQY
MBaAFJbLzy6VfKjZQkcqewBEKFsm22siMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHN2UExwVjhxTmxDUnlwN0FFUW9XeWJiYXlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8xYjYwZTktYjZlMC00ODkwLTlkZTEt
MTNiNDMxMzQyYWI4LzEvWWxvY3lvOEl1WVhMMWpGREplbWZjT0Y3SElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8xYjYwZTktYjZlMC00ODkwLTlkZTEtMTNiNDMxMzQyYWI4
LzEvbHN2UExwVjhxTmxDUnlwN0FFUW9XeWJiYXlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW2yRMA0G
CSqGSIb3DQEBCwUAA4IBAQCTR8BWUJkXm6RMgmQIT3P3Q2MkIhvCOH3p0sJBv2CF
7lCrLIZfwiapZ+oEWtnq3CYSPPg6n7Q0ga4WOKZJeJiIaeNiXJFR5KM/Crd3Wzwh
lybrzcqBb/cT+FmpetkrnqntTh+rmIlkuitMbwmTJ2Ah85MKoo80450dCKj4I3Vx
XHWF7jTiHba9Ec0H9MbZ+kwC+6KyBef5Qgn4mURHj4PskhJvXWlN4uWiCorbzQts
7E8e8v14dygSz1nzbqvyoDdgSXn/8gE73NYrtcK5JOgRrFs75UjF70KJofwJ/IQS
Pf7b0sAcMgU6UPNwvqamxbHZuXIcQfilAA0Au0mBRABr
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:31:41 2025 by rpki-client