Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/yl_NI-m4wzcNAk8wOb4n5IlsPPY.roa
File: yl_NI-m4wzcNAk8wOb4n5IlsPPY.roa (raw, json)
Hash identifier: EYkRuG/0jtAMx7xUjIaiDqt2GJ01+5QvGzfUHSZDIJc=
Subject key identifier: CA:5F:CD:23:E9:B8:C3:37:0D:02:4F:30:39:BE:27:E4:89:6C:3C:F6
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 0197E41AFAB93AE9EF1D80985F63544DFC13
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/yl_NI-m4wzcNAk8wOb4n5IlsPPY.roa
Signing time: Mon 07 Jul 2025 08:57:42 +0000
ROA not before: Mon 07 Jul 2025 08:57:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.11.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.15.0/24 maxlen: 24
140.150.16.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.20.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.26.0/24 maxlen: 24
140.150.27.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
140.150.40.0/24 maxlen: 24
140.150.41.0/24 maxlen: 24
140.150.42.0/24 maxlen: 24
140.150.43.0/24 maxlen: 24
140.150.44.0/24 maxlen: 24
140.150.46.0/24 maxlen: 24
140.150.47.0/24 maxlen: 24
146.103.64.0/24 maxlen: 24
146.103.65.0/24 maxlen: 24
146.103.66.0/24 maxlen: 24
146.103.67.0/24 maxlen: 24
146.103.68.0/24 maxlen: 24
146.103.71.0/24 maxlen: 24
146.103.73.0/24 maxlen: 24
146.103.74.0/24 maxlen: 24
146.103.75.0/24 maxlen: 24
146.103.76.0/24 maxlen: 24
146.103.77.0/24 maxlen: 24
146.103.78.0/24 maxlen: 24
146.103.79.0/24 maxlen: 24
146.103.80.0/24 maxlen: 24
146.103.81.0/24 maxlen: 24
146.103.82.0/24 maxlen: 24
146.103.83.0/24 maxlen: 24
146.103.84.0/24 maxlen: 24
146.103.85.0/24 maxlen: 24
146.103.86.0/24 maxlen: 24
146.103.87.0/24 maxlen: 24
146.103.88.0/24 maxlen: 24
146.103.89.0/24 maxlen: 24
146.103.90.0/24 maxlen: 24
146.103.91.0/24 maxlen: 24
146.103.92.0/24 maxlen: 24
146.103.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 06:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e4:1a:fa:b9:3a:e9:ef:1d:80:98:5f:63:54:4d:fc:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Jul 7 08:57:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca5fcd23e9b8c3370d024f3039be27e4896c3cf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8f:68:b0:5b:10:99:bd:b1:e3:2d:7d:51:ab:
22:39:a6:25:1d:54:5d:0d:e6:08:b6:be:65:cc:a0:
c0:f3:d5:45:c9:60:bb:cc:a2:b0:8b:fd:24:00:65:
79:58:e3:fa:2b:9f:a9:8e:95:02:25:7b:c8:eb:c9:
43:3f:a7:b0:87:c4:27:8a:4c:46:9d:68:1c:7b:ca:
73:f0:fe:2f:55:4c:a4:77:b5:79:ea:cb:60:52:31:
a6:3c:86:3e:77:04:1c:e6:90:45:7b:fe:76:ce:63:
92:1e:3f:bf:e7:60:6d:e5:e3:10:31:9d:9f:2a:d3:
b2:e5:6e:0a:d5:ef:83:23:5f:0f:2e:21:ca:4d:4e:
5e:00:9d:6d:10:81:c8:74:49:22:6e:d8:d8:c5:63:
a4:b2:80:e3:61:c6:57:79:7d:7d:03:5c:ee:ed:07:
99:91:50:a7:3e:27:c9:dc:86:2c:bb:b2:c8:d3:76:
b7:de:f1:27:75:86:d3:e0:06:4c:68:6a:fe:4f:d2:
d0:8d:58:ee:8f:7c:37:03:16:c8:37:ff:90:8b:d1:
18:84:79:2d:65:3e:b7:ce:0f:72:25:bc:a3:9b:d9:
33:d8:2c:74:25:5b:6c:72:51:d3:ca:0c:7d:6a:4b:
31:f1:84:19:bd:9e:ae:5d:11:15:23:12:b6:ec:2e:
af:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:5F:CD:23:E9:B8:C3:37:0D:02:4F:30:39:BE:27:E4:89:6C:3C:F6
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/yl_NI-m4wzcNAk8wOb4n5IlsPPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0-140.150.12.255
140.150.14.0-140.150.16.255
140.150.18.0-140.150.38.255
140.150.40.0-140.150.44.255
140.150.46.0/23
146.103.64.0-146.103.68.255
146.103.71.0/24
146.103.73.0-146.103.93.255
Signature Algorithm: sha256WithRSAEncryption
50:4e:15:72:12:7f:a9:d8:ec:bc:3f:a0:36:43:52:e9:bc:22:
61:0b:98:63:83:a5:33:e7:ee:7d:c7:4e:36:95:a0:6b:14:71:
8c:4d:f6:6c:bd:07:8b:76:67:0f:21:cd:f3:f1:dc:6d:2e:93:
07:03:6e:8e:4e:3f:dc:1b:5c:dc:98:6a:99:33:2d:6d:b4:c7:
49:35:1f:6c:57:2a:c8:96:91:51:e4:03:d9:a3:e8:3f:a6:3a:
77:5d:da:e8:71:c8:af:de:56:1c:e7:bd:dd:9f:dc:44:5b:46:
ca:d6:f8:35:69:f9:95:08:2e:5a:67:37:9d:34:03:ab:90:e8:
68:b4:3a:5d:51:e8:57:8c:72:3f:56:bf:c1:ba:4f:47:82:2f:
53:3f:7e:6f:d0:11:ed:eb:a7:cc:34:a5:57:3f:b9:3b:09:87:
03:d2:da:8b:ff:26:0c:7a:80:a8:3d:73:01:a9:90:d0:17:76:
9e:5e:ba:73:26:07:8b:a8:1c:35:ce:96:df:b3:04:61:27:a8:
8e:22:cc:0d:78:51:5d:91:b6:b3:71:db:30:28:38:8b:e7:0f:
a6:b1:a1:d9:c4:1e:31:bd:2f:96:b1:80:8d:40:98:5a:17:8f:
91:1c:50:6d:f7:eb:80:81:b4:75:1b:07:9d:ed:7f:dc:b8:1b:
55:ed:2a:a4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZfkGvq5OunvHYCYX2NUTfwTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwNzA3MDg1NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTVmY2QyM2U5YjhjMzM3MGQwMjRmMzAzOWJlMjdlNDg5NmMzY2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArY9osFsQmb2x4y19UasiOaYlHVRd
DeYItr5lzKDA89VFyWC7zKKwi/0kAGV5WOP6K5+pjpUCJXvI68lDP6ewh8QnikxG
nWgce8pz8P4vVUykd7V56stgUjGmPIY+dwQc5pBFe/52zmOSHj+/52Bt5eMQMZ2f
KtOy5W4K1e+DI18PLiHKTU5eAJ1tEIHIdEkibtjYxWOksoDjYcZXeX19A1zu7QeZ
kVCnPifJ3IYsu7LI03a33vEndYbT4AZMaGr+T9LQjVjuj3w3AxbIN/+Qi9EYhHkt
ZT63zg9yJbyjm9kz2Cx0JVtsclHTygx9aksx8YQZvZ6uXREVIxK27C6vnQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFMpfzSPpuMM3DQJPMDm+J+SJbDz2MB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEveWxfTkktbTR3emNOQWs4d09iNG41SWxzUFBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQDjJYAMAwD
BAGMlgoDBACMlgwwDAMEAYyWDgMEAIyWEDAMAwQBjJYSAwQAjJYmMAwDBAOMligD
BACMliwDBAGMli4wDAMEBpJnQAMEAJJnRAMEAJJnRzAMAwQAkmdJAwQBkmdcMA0G
CSqGSIb3DQEBCwUAA4IBAQBQThVyEn+p2Oy8P6A2Q1LpvCJhC5hjg6Uz5+59x042
laBrFHGMTfZsvQeLdmcPIc3z8dxtLpMHA26OTj/cG1zcmGqZMy1ttMdJNR9sVyrI
lpFR5APZo+g/pjp3Xdrocciv3lYc573dn9xEW0bK1vg1afmVCC5aZzedNAOrkOho
tDpdUehXjHI/Vr/Buk9Hgi9TP35v0BHt66fMNKVXP7k7CYcD0tqL/yYMeoCoPXMB
qZDQF3aeXrpzJgeLqBw1zpbfswRhJ6iOIswNeFFdkbazcdswKDiL5w+msaHZxB4x
vS+WsYCNQJhaF4+RHFBt9+uAgbR1Gwed7X/cuBtV7Sqk
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:15:00 2025 by rpki-client