Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/SYW7vJR8jh6OnS0xw0zxS3bgN60.roa
File: SYW7vJR8jh6OnS0xw0zxS3bgN60.roa (raw, json)
Hash identifier: RRdRxhUDlZPMyyr5BdAFCoJYcDMXRiJFFRNcVSSyJoQ=
Subject key identifier: 49:85:BB:BC:94:7C:8E:1E:8E:9D:2D:31:C3:4C:F1:4B:76:E0:37:AD
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 0198404ADEC8B774799E430AC2B11D848B78
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/SYW7vJR8jh6OnS0xw0zxS3bgN60.roa
Signing time: Fri 25 Jul 2025 06:35:05 +0000
ROA not before: Fri 25 Jul 2025 06:35:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56534
IP address blocks: 45.135.215.0/24 maxlen: 24
89.104.126.0/24 maxlen: 24
89.223.80.0/21 maxlen: 21
92.255.60.0/24 maxlen: 24
92.255.88.0/21 maxlen: 32
92.255.96.0/21 maxlen: 21
93.174.72.0/21 maxlen: 21
176.53.192.0/24 maxlen: 24
176.53.196.0/24 maxlen: 24
176.53.197.0/24 maxlen: 24
176.53.198.0/23 maxlen: 23
176.53.200.0/22 maxlen: 22
176.53.204.0/22 maxlen: 22
176.53.208.0/24 maxlen: 24
176.53.211.0/24 maxlen: 24
176.53.212.0/22 maxlen: 22
176.53.213.0/24 maxlen: 24
185.47.52.0/22 maxlen: 22
185.47.54.0/24 maxlen: 24
2a04:ac00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.mft
rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:40:4a:de:c8:b7:74:79:9e:43:0a:c2:b1:1d:84:8b:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jul 25 06:35:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4985bbbc947c8e1e8e9d2d31c34cf14b76e037ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ec:46:a7:a0:b4:e2:64:6d:e0:6f:9a:8d:c8:
c8:da:1e:a5:9c:0a:25:f1:e4:fc:1f:a9:cc:7c:01:
42:56:76:72:72:8c:ae:a9:8a:72:1d:b6:43:6e:70:
e1:04:d2:81:46:5e:fa:c9:f2:1f:e4:ed:69:8d:45:
4c:68:5c:65:f4:41:df:d6:da:f1:e6:54:dc:69:48:
8b:09:f1:fa:e6:3a:f8:52:84:2a:9c:a2:24:82:ec:
ca:21:87:7c:20:24:7f:ed:2f:73:64:20:29:b1:2f:
e9:2d:93:c7:8e:ba:22:9d:02:a0:6d:c9:66:00:d3:
63:2f:ee:87:c4:f3:38:63:16:41:b4:c7:c2:0a:18:
3d:4d:fe:0b:81:6a:3f:35:ae:a9:42:c6:6f:42:51:
fa:41:0a:d7:ac:c3:14:94:24:94:aa:39:3b:dd:67:
89:8d:67:c1:a2:bf:e9:50:b7:e2:2f:d7:bd:07:c7:
ed:6d:45:56:cc:94:c3:45:96:e7:a8:ec:fa:ba:39:
82:11:73:be:4a:e8:fa:cd:b6:12:13:af:c9:75:83:
70:a6:bd:42:a1:ba:a9:59:66:31:7a:c3:ca:19:9c:
86:ff:14:af:6a:2c:a2:b4:14:4a:8e:fa:2f:03:12:
0a:ad:36:89:72:0f:bb:1c:a7:e6:36:b1:eb:3b:ec:
47:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:85:BB:BC:94:7C:8E:1E:8E:9D:2D:31:C3:4C:F1:4B:76:E0:37:AD
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/SYW7vJR8jh6OnS0xw0zxS3bgN60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.215.0/24
89.104.126.0/24
89.223.80.0/21
92.255.60.0/24
92.255.88.0-92.255.103.255
93.174.72.0/21
176.53.192.0/24
176.53.196.0-176.53.208.255
176.53.211.0-176.53.215.255
185.47.52.0/22
IPv6:
2a04:ac00::/29
Signature Algorithm: sha256WithRSAEncryption
97:68:cb:9d:ad:8e:89:c3:ed:68:78:f8:8b:b5:a8:dc:91:a1:
4c:55:2b:cc:59:d3:d5:86:5a:8b:f4:cb:9b:c3:55:43:5a:fa:
0c:37:1e:a9:f9:9c:f4:2b:6c:c6:b2:8a:7c:06:75:11:c5:93:
28:24:7e:37:8a:71:37:c3:c4:05:77:58:99:2c:ef:3b:3d:ea:
8e:0c:ee:3c:1c:04:d2:b0:7e:27:b6:0c:d6:67:01:09:c2:53:
4a:4c:97:86:aa:83:35:46:b9:34:93:e2:ac:c6:c2:ed:41:7d:
d9:6b:93:d4:80:de:d7:bd:76:9a:d8:c0:53:89:03:46:53:6c:
16:93:79:a7:ae:ff:69:31:04:cc:34:06:74:6f:4f:3b:6d:91:
91:25:15:6e:74:9b:6e:74:79:19:71:e9:da:22:69:30:ca:31:
2c:db:ab:42:94:51:22:2f:88:24:db:f9:c7:8a:b9:6c:b2:25:
55:fc:59:9b:ca:79:99:3c:73:6b:89:53:f6:a2:82:48:8f:fc:
3f:bc:65:d4:50:30:9a:a9:d9:b2:0d:4f:ce:8e:64:ee:da:e3:
34:5d:d4:53:cb:3d:e4:b7:5f:0d:88:e2:00:d0:10:4d:b2:d6:
0d:03:1b:85:c6:64:68:57:4c:4f:b1:d4:65:20:4f:41:8c:4c:
f5:7c:27:d7
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZhASt7It3R5nkMKwrEdhIt4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjUwNzI1MDYzNTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTg1YmJiYzk0N2M4ZTFlOGU5ZDJkMzFjMzRjZjE0Yjc2ZTAzN2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+xGp6C04mRt4G+ajcjI2h6lnAol
8eT8H6nMfAFCVnZycoyuqYpyHbZDbnDhBNKBRl76yfIf5O1pjUVMaFxl9EHf1trx
5lTcaUiLCfH65jr4UoQqnKIkguzKIYd8ICR/7S9zZCApsS/pLZPHjroinQKgbclm
ANNjL+6HxPM4YxZBtMfCChg9Tf4LgWo/Na6pQsZvQlH6QQrXrMMUlCSUqjk73WeJ
jWfBor/pULfiL9e9B8ftbUVWzJTDRZbnqOz6ujmCEXO+Suj6zbYSE6/JdYNwpr1C
obqpWWYxesPKGZyG/xSvaiyitBRKjvovAxIKrTaJcg+7HKfmNrHrO+xHEwIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFEmFu7yUfI4ejp0tMcNM8Ut24DetMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvU1lXN3ZKUjhqaDZPblMweHcwenhTM2JnTjYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQALYfXAwQA
WWh+AwQDWd9QAwQAXP88MAwDBANc/1gDBANc/2ADBANdrkgDBACwNcAwDAMEArA1
xAMEALA10DAMAwQAsDXTAwQDsDXQAwQCuS80MA0EAgACMAcDBQMqBKwAMA0GCSqG
SIb3DQEBCwUAA4IBAQCXaMudrY6Jw+1oePiLtajckaFMVSvMWdPVhlqL9Mubw1VD
WvoMNx6p+Zz0K2zGsop8BnURxZMoJH43inE3w8QFd1iZLO87PeqODO48HATSsH4n
tgzWZwEJwlNKTJeGqoM1Rrk0k+KsxsLtQX3Za5PUgN7XvXaa2MBTiQNGU2wWk3mn
rv9pMQTMNAZ0b087bZGRJRVudJtudHkZcenaImkwyjEs26tClFEiL4gk2/nHirls
siVV/FmbynmZPHNriVP2ooJIj/w/vGXUUDCaqdmyDU/OjmTu2uM0XdRTyz3kt18N
iOIA0BBNstYNAxuFxmRoV0xPsdRlIE9BjEz1fCfX
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:19:11 2025 by rpki-client