Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/y0u2Vx8cMDe0mIFNO8kpCOnu1Q8.roa
File: y0u2Vx8cMDe0mIFNO8kpCOnu1Q8.roa (raw, json)
Hash identifier: jobR31+zj60Dy+BOCtvS8OW8wvxi5mY5BhM46weukwo=
Subject key identifier: CB:4B:B6:57:1F:1C:30:37:B4:98:81:4D:3B:C9:29:08:E9:EE:D5:0F
Certificate issuer: /CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Certificate serial: 0197DC94B4548C7D63014C33D9B0D6CBCA5B
Authority key identifier: CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/y0u2Vx8cMDe0mIFNO8kpCOnu1Q8.roa
Signing time: Sat 05 Jul 2025 21:53:42 +0000
ROA not before: Sat 05 Jul 2025 21:53:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13150
IP address blocks: 85.255.16.0/24 maxlen: 24
85.255.17.0/24 maxlen: 24
85.255.19.0/24 maxlen: 24
85.255.20.0/24 maxlen: 24
85.255.21.0/24 maxlen: 24
85.255.22.0/24 maxlen: 24
85.255.23.0/24 maxlen: 24
85.255.24.0/24 maxlen: 24
85.255.25.0/24 maxlen: 24
85.255.26.0/24 maxlen: 24
85.255.27.0/24 maxlen: 24
85.255.28.0/24 maxlen: 24
85.255.29.0/24 maxlen: 24
85.255.30.0/24 maxlen: 24
85.255.31.0/24 maxlen: 24
159.117.224.0/24 maxlen: 24
159.117.225.0/24 maxlen: 24
159.117.226.0/24 maxlen: 24
159.117.227.0/24 maxlen: 24
185.114.120.0/24 maxlen: 24
185.114.121.0/24 maxlen: 24
185.114.122.0/24 maxlen: 24
185.114.123.0/24 maxlen: 24
209.206.0.0/24 maxlen: 24
209.206.1.0/24 maxlen: 24
209.206.2.0/24 maxlen: 24
209.206.3.0/24 maxlen: 24
209.206.4.0/24 maxlen: 24
209.206.5.0/24 maxlen: 24
209.206.6.0/24 maxlen: 24
209.206.7.0/24 maxlen: 24
209.206.8.0/24 maxlen: 24
209.206.9.0/24 maxlen: 24
209.206.10.0/24 maxlen: 24
209.206.11.0/24 maxlen: 24
209.206.12.0/24 maxlen: 24
209.206.13.0/24 maxlen: 24
209.206.14.0/24 maxlen: 24
209.206.15.0/24 maxlen: 24
209.206.16.0/24 maxlen: 24
209.206.17.0/24 maxlen: 24
209.206.18.0/24 maxlen: 24
209.206.19.0/24 maxlen: 24
209.206.20.0/24 maxlen: 24
209.206.21.0/24 maxlen: 24
209.206.22.0/24 maxlen: 24
209.206.23.0/24 maxlen: 24
209.206.24.0/24 maxlen: 24
209.206.25.0/24 maxlen: 24
209.206.26.0/24 maxlen: 24
209.206.27.0/24 maxlen: 24
209.206.28.0/24 maxlen: 24
209.206.29.0/24 maxlen: 24
209.206.30.0/24 maxlen: 24
209.206.31.0/24 maxlen: 24
216.252.177.0/24 maxlen: 24
216.252.178.0/24 maxlen: 24
216.252.179.0/24 maxlen: 24
216.252.180.0/24 maxlen: 24
216.252.181.0/24 maxlen: 24
216.252.182.0/24 maxlen: 24
216.252.183.0/24 maxlen: 24
216.252.184.0/24 maxlen: 24
216.252.185.0/24 maxlen: 24
216.252.186.0/24 maxlen: 24
216.252.187.0/24 maxlen: 24
216.252.189.0/24 maxlen: 24
216.252.190.0/24 maxlen: 24
216.252.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.mft
rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 18:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:dc:94:b4:54:8c:7d:63:01:4c:33:d9:b0:d6:cb:ca:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfb75191978866f1fc97f523c7dda40a88f7e777
Validity
Not Before: Jul 5 21:53:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb4bb6571f1c3037b498814d3bc92908e9eed50f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5b:88:c8:be:59:fe:7a:ec:ef:82:73:58:c0:
09:e0:6f:d5:fa:b7:7f:07:06:05:ab:67:8f:ca:be:
76:23:cd:9e:82:5d:20:74:42:28:36:68:8e:d9:81:
0d:8f:57:77:f5:ae:29:26:2a:94:85:a7:96:41:b3:
a2:e3:63:2b:da:dc:ee:5c:ff:8f:39:f2:48:d7:69:
c5:29:09:e5:1c:59:2d:1c:a3:44:8d:b1:7b:23:5b:
c5:00:ab:b1:c0:60:85:01:db:59:dd:6d:c2:71:9e:
b8:a0:fc:48:5e:f8:41:d9:68:a1:b1:03:88:d8:d9:
10:db:30:43:c1:3f:0f:c4:09:41:57:37:5e:8b:9e:
85:86:5e:91:1c:c7:36:95:12:8b:0c:a6:07:2f:3f:
50:6a:57:82:58:10:c9:dc:e5:19:49:a0:ca:9a:ba:
02:99:1f:a0:bf:35:f6:b7:64:6b:99:77:23:61:4a:
20:d0:e1:4b:4c:a1:b1:d3:a7:54:80:17:0c:8c:67:
e4:46:25:db:89:46:ee:7a:8f:25:70:82:75:80:69:
bc:0f:70:f0:89:ef:20:af:53:b1:9c:d0:74:e0:c8:
7c:9b:c5:0a:12:7b:3f:d7:52:e6:68:2b:13:de:d7:
a5:3f:f8:76:09:60:7e:05:99:15:b3:1c:8b:b4:1a:
45:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:4B:B6:57:1F:1C:30:37:B4:98:81:4D:3B:C9:29:08:E9:EE:D5:0F
X509v3 Authority Key Identifier:
keyid:CF:B7:51:91:97:88:66:F1:FC:97:F5:23:C7:DD:A4:0A:88:F7:E7:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z7dRkZeIZvH8l_Ujx92kCoj353c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/y0u2Vx8cMDe0mIFNO8kpCOnu1Q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/b9575b-b7c1-4c5c-9dab-c199c7b4cac2/1/z7dRkZeIZvH8l_Ujx92kCoj353c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.255.16.0/23
85.255.19.0-85.255.31.255
159.117.224.0/22
185.114.120.0/22
209.206.0.0/19
216.252.177.0-216.252.187.255
216.252.189.0-216.252.191.255
Signature Algorithm: sha256WithRSAEncryption
3f:8e:a5:53:30:fc:06:f0:93:06:b8:c9:7f:fb:a3:da:99:ea:
28:57:20:05:0d:cc:65:0b:4e:12:a9:c2:7b:39:67:b9:e5:b1:
1d:92:a3:92:47:f6:63:72:ec:8a:e0:fe:9f:5e:90:41:44:a0:
2a:e4:49:1e:f5:f0:98:05:c2:36:b7:bc:0d:6e:0e:cf:e3:36:
92:01:f5:f4:12:9c:35:b7:b8:25:5a:68:78:95:92:8c:49:9a:
d2:a2:ff:e9:a4:11:1a:d1:8a:8a:41:ea:de:61:4d:f9:51:8b:
a6:ae:8a:c0:4f:5e:d8:62:9f:5a:48:4f:e3:87:46:aa:9c:05:
c5:21:37:e4:30:58:29:38:cb:ed:56:8f:3d:10:60:4b:8e:2f:
f9:39:03:61:a1:76:f2:96:5f:76:3b:3b:82:f5:ea:46:7a:b5:
4d:62:83:2f:f8:b5:62:7f:05:cb:36:99:0e:9c:5e:81:b4:78:
07:a7:9b:7a:02:27:8d:8e:b7:ad:bf:58:e0:0e:f5:c5:e2:38:
35:8b:25:2f:02:02:a8:c5:e3:94:0c:6b:e5:2f:a4:aa:15:45:
1f:11:b1:08:82:d1:b2:80:1c:03:7a:f4:36:b0:22:a4:4c:30:
55:3c:8c:72:63:2a:99:6c:b0:88:ad:ec:2f:a6:5e:c5:71:56:
ea:95:50:36
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZfclLRUjH1jAUwz2bDWy8pbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmYjc1MTkxOTc4ODY2ZjFmYzk3ZjUyM2M3ZGRhNDBhODhm
N2U3NzcwHhcNMjUwNzA1MjE1MzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjRiYjY1NzFmMWMzMDM3YjQ5ODgxNGQzYmM5MjkwOGU5ZWVkNTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFuIyL5Z/nrs74JzWMAJ4G/V+rd/
BwYFq2ePyr52I82egl0gdEIoNmiO2YENj1d39a4pJiqUhaeWQbOi42Mr2tzuXP+P
OfJI12nFKQnlHFktHKNEjbF7I1vFAKuxwGCFAdtZ3W3CcZ64oPxIXvhB2WihsQOI
2NkQ2zBDwT8PxAlBVzdei56Fhl6RHMc2lRKLDKYHLz9QaleCWBDJ3OUZSaDKmroC
mR+gvzX2t2RrmXcjYUog0OFLTKGx06dUgBcMjGfkRiXbiUbueo8lcIJ1gGm8D3Dw
ie8gr1OxnNB04Mh8m8UKEns/11LmaCsT3telP/h2CWB+BZkVsxyLtBpF9QIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFMtLtlcfHDA3tJiBTTvJKQjp7tUPMB8GA1UdIwQY
MBaAFM+3UZGXiGbx/Jf1I8fdpAqI9+d3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWIt
YzE5OWM3YjRjYWMyLzEveTB1MlZ4OGNNRGUwbUlGTk84a3BDT251MVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9iOTU3NWItYjdjMS00YzVjLTlkYWItYzE5OWM3YjRjYWMy
LzEvejdkUmtaZUladkg4bF9Vang5MmtDb2ozNTNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBVf8QMAwD
BABV/xMDBAVV/wADBAKfdeADBAK5cngDBAXRzgAwDAMEANj8sQMEAtj8uDAMAwQA
2Py9AwQG2PyAMA0GCSqGSIb3DQEBCwUAA4IBAQA/jqVTMPwG8JMGuMl/+6Pameoo
VyAFDcxlC04SqcJ7OWe55bEdkqOSR/ZjcuyK4P6fXpBBRKAq5Eke9fCYBcI2t7wN
bg7P4zaSAfX0Epw1t7glWmh4lZKMSZrSov/ppBEa0YqKQereYU35UYumrorAT17Y
Yp9aSE/jh0aqnAXFITfkMFgpOMvtVo89EGBLji/5OQNhoXbyll92OzuC9epGerVN
YoMv+LVifwXLNpkOnF6BtHgHp5t6AieNjretv1jgDvXF4jg1iyUvAgKoxeOUDGvl
L6SqFUUfEbEIgtGygBwDevQ2sCKkTDBVPIxyYyqZbLCIrewvpl7FcVbqlVA2
-----END CERTIFICATE-----
Generated at Tue Jul 22 23:20:14 2025 by rpki-client