Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/YFV3fg2_UFfx7WAKmvDqKbwP8jE.roa
File: YFV3fg2_UFfx7WAKmvDqKbwP8jE.roa (raw, json)
Hash identifier: dIpJXmybjciq6KSAb3XbD1GV1C0Qt6Lv/BzchkxxZYM=
Subject key identifier: 60:55:77:7E:0D:BF:50:57:F1:ED:60:0A:9A:F0:EA:29:BC:0F:F2:31
Certificate issuer: /CN=9b32a2e8fcbeee63020ba93daab9076c37bc9991
Certificate serial: 0197C0999E97B6515E66CFAAA2B89126387B
Authority key identifier: 9B:32:A2:E8:FC:BE:EE:63:02:0B:A9:3D:AA:B9:07:6C:37:BC:99:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mzKi6Py-7mMCC6k9qrkHbDe8mZE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/YFV3fg2_UFfx7WAKmvDqKbwP8jE.roa
Signing time: Mon 30 Jun 2025 11:29:42 +0000
ROA not before: Mon 30 Jun 2025 11:29:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57986
IP address blocks: 45.15.200.0/24 maxlen: 24
45.15.201.0/24 maxlen: 24
45.15.202.0/24 maxlen: 24
45.15.203.0/24 maxlen: 24
2a0e:3180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/mzKi6Py-7mMCC6k9qrkHbDe8mZE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/mzKi6Py-7mMCC6k9qrkHbDe8mZE.mft
rsync://rpki.ripe.net/repository/DEFAULT/mzKi6Py-7mMCC6k9qrkHbDe8mZE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 15:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c0:99:9e:97:b6:51:5e:66:cf:aa:a2:b8:91:26:38:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b32a2e8fcbeee63020ba93daab9076c37bc9991
Validity
Not Before: Jun 30 11:29:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6055777e0dbf5057f1ed600a9af0ea29bc0ff231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:01:45:60:40:90:d8:93:9d:91:0c:be:68:2d:
78:11:f7:28:98:d6:8c:7f:2a:85:d2:f9:e6:29:79:
6c:ac:e4:3f:2e:e6:eb:68:2f:6f:0c:5f:81:21:48:
66:00:c5:bf:f1:fb:14:c2:45:68:47:12:80:72:73:
21:7a:b3:1a:57:62:7b:0a:c2:c7:2b:9d:58:2c:53:
df:45:5e:04:9e:6b:35:d1:45:82:19:bc:ff:95:d1:
08:7e:5b:f1:a1:dc:27:3d:65:4a:0e:a2:02:d9:47:
3f:2c:ad:f1:01:e8:24:94:a8:ff:01:1c:f5:ed:f0:
25:64:c2:2d:39:7b:4c:62:2c:1f:36:4a:55:4d:dc:
1d:d0:39:00:10:39:9d:ac:68:4d:f3:cf:61:97:55:
55:5d:f3:b2:61:29:59:a0:1f:df:b9:82:4a:af:b8:
42:e2:7c:65:9d:3d:c2:46:9c:21:f5:f4:31:a1:b6:
06:ca:60:a7:2b:a7:f3:36:07:af:fe:77:12:f9:6f:
7a:6f:ec:80:67:ce:60:ee:c3:14:a0:b1:54:61:1b:
43:e5:a0:52:24:cf:70:fe:28:1e:cc:6e:05:66:8b:
56:8c:3d:8a:8d:00:d7:04:d1:56:bc:98:e1:8b:47:
82:95:ce:44:fb:86:1a:d3:f7:4b:d3:cb:c9:c9:77:
3e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:55:77:7E:0D:BF:50:57:F1:ED:60:0A:9A:F0:EA:29:BC:0F:F2:31
X509v3 Authority Key Identifier:
keyid:9B:32:A2:E8:FC:BE:EE:63:02:0B:A9:3D:AA:B9:07:6C:37:BC:99:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mzKi6Py-7mMCC6k9qrkHbDe8mZE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/YFV3fg2_UFfx7WAKmvDqKbwP8jE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/df21cb-08ac-4e5c-b854-e3ab9087d403/1/mzKi6Py-7mMCC6k9qrkHbDe8mZE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.200.0/22
IPv6:
2a0e:3180::/29
Signature Algorithm: sha256WithRSAEncryption
85:6f:34:a9:35:5a:c9:de:38:52:9f:26:6f:2c:d5:3a:8c:c5:
66:44:fc:3b:6a:cb:fc:1d:e7:b9:d1:de:4f:8e:37:2a:dc:9a:
e1:81:9b:d0:82:03:ec:87:cf:0e:73:1a:41:eb:07:b6:2b:25:
fd:9c:6d:a1:e6:c6:87:10:5b:38:b4:c6:23:db:7b:a5:fa:fd:
be:f6:f8:73:61:33:de:03:70:84:f3:73:50:de:65:d8:01:c1:
4c:8a:52:1c:ac:f1:e4:10:bb:8a:05:4a:b6:09:a9:5e:b3:c0:
eb:44:a5:7a:2c:f4:f2:f8:e1:b1:80:60:88:db:ed:2b:b4:99:
70:f6:5e:e9:ed:d1:dc:11:27:24:d0:b7:eb:e0:78:6b:5d:1d:
4e:52:02:de:f1:3a:e5:b9:3a:a3:18:75:23:eb:a7:a8:f7:e9:
a8:e8:85:ce:13:43:32:81:33:98:d6:60:f8:42:84:c1:ed:7e:
4e:de:bb:42:ce:6b:6e:11:90:c9:ad:37:65:15:0b:dd:81:f0:
3a:00:08:f7:70:b7:11:63:63:b3:ad:e2:77:94:4a:a5:6e:95:
76:f2:47:a6:f7:fb:1e:ca:00:e4:92:95:44:76:ed:78:ab:5a:
00:4f:65:87:51:44:d6:33:36:c2:35:a4:07:ff:b3:04:a8:ee:
23:50:3e:ad
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZfAmZ6XtlFeZs+qoriRJjh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliMzJhMmU4ZmNiZWVlNjMwMjBiYTkzZGFhYjkwNzZjMzdi
Yzk5OTEwHhcNMjUwNjMwMTEyOTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDU1Nzc3ZTBkYmY1MDU3ZjFlZDYwMGE5YWYwZWEyOWJjMGZmMjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAFFYECQ2JOdkQy+aC14EfcomNaM
fyqF0vnmKXlsrOQ/LubraC9vDF+BIUhmAMW/8fsUwkVoRxKAcnMherMaV2J7CsLH
K51YLFPfRV4Enms10UWCGbz/ldEIflvxodwnPWVKDqIC2Uc/LK3xAegklKj/ARz1
7fAlZMItOXtMYiwfNkpVTdwd0DkAEDmdrGhN889hl1VVXfOyYSlZoB/fuYJKr7hC
4nxlnT3CRpwh9fQxobYGymCnK6fzNgev/ncS+W96b+yAZ85g7sMUoLFUYRtD5aBS
JM9w/igezG4FZotWjD2KjQDXBNFWvJjhi0eClc5E+4Ya0/dL08vJyXc+4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGBVd34Nv1BX8e1gCprw6im8D/IxMB8GA1UdIwQY
MBaAFJsyouj8vu5jAgupPaq5B2w3vJmRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXpLaTZQeS03bU1DQzZrOXFya0hiRGU4bVpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9kZjIxY2ItMDhhYy00ZTVjLWI4NTQt
ZTNhYjkwODdkNDAzLzEvWUZWM2ZnMl9VRmZ4N1dBS212RHFLYndQOGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9kZjIxY2ItMDhhYy00ZTVjLWI4NTQtZTNhYjkwODdkNDAz
LzEvbXpLaTZQeS03bU1DQzZrOXFya0hiRGU4bVpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLQ/IMA0E
AgACMAcDBQMqDjGAMA0GCSqGSIb3DQEBCwUAA4IBAQCFbzSpNVrJ3jhSnyZvLNU6
jMVmRPw7asv8Hee50d5Pjjcq3JrhgZvQggPsh88OcxpB6we2KyX9nG2h5saHEFs4
tMYj23ul+v2+9vhzYTPeA3CE83NQ3mXYAcFMilIcrPHkELuKBUq2Cales8DrRKV6
LPTy+OGxgGCI2+0rtJlw9l7p7dHcESck0Lfr4HhrXR1OUgLe8TrluTqjGHUj66eo
9+mo6IXOE0MygTOY1mD4QoTB7X5O3rtCzmtuEZDJrTdlFQvdgfA6AAj3cLcRY2Oz
reJ3lEqlbpV28kem9/seygDkkpVEdu14q1oAT2WHUUTWMzbCNaQH/7MEqO4jUD6t
-----END CERTIFICATE-----
Generated at Sun Jul 27 01:02:01 2025 by rpki-client