Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/CYOt8VRUreDvQruL3ZYVHGan4yA.roa
File: CYOt8VRUreDvQruL3ZYVHGan4yA.roa (raw, json)
Hash identifier: TPTvCHjMFfYhyDFTnIJNNx8HFNG6Mbg5BVOu0LS2y8g=
Subject key identifier: 09:83:AD:F1:54:54:AD:E0:EF:42:BB:8B:DD:96:15:1C:66:A7:E3:20
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 0197EEFD532A69200EA8F77243DA672C8A14
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/CYOt8VRUreDvQruL3ZYVHGan4yA.roa
Signing time: Wed 09 Jul 2025 11:41:08 +0000
ROA not before: Wed 09 Jul 2025 11:41:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 5.1.40.0/24 maxlen: 24
194.41.114.0/24 maxlen: 24
2a06:fe40::/32 maxlen: 32
2a0e:2c00::/29 maxlen: 29
2a12:3a80::/32 maxlen: 32
2a12:3a81::/32 maxlen: 32
2a12:3a82::/32 maxlen: 32
2a12:3a83::/32 maxlen: 32
2a12:3a84::/32 maxlen: 32
2a12:3a85::/32 maxlen: 32
2a12:3a86::/32 maxlen: 32
2a12:3a87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ee:fd:53:2a:69:20:0e:a8:f7:72:43:da:67:2c:8a:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jul 9 11:41:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0983adf15454ade0ef42bb8bdd96151c66a7e320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0d:d1:63:71:a0:fa:75:27:d2:e1:91:79:71:
76:44:0f:90:86:4b:30:44:a6:f8:aa:88:04:48:64:
6b:64:85:11:c2:10:e6:d8:56:92:06:45:48:63:b7:
c1:7f:06:d7:dc:61:ce:ea:4e:7f:f0:7b:d9:b4:04:
a1:3b:aa:a7:41:a8:41:e6:4a:c0:e6:f8:35:f5:8d:
bb:3f:85:5b:b5:6a:4c:ae:08:c7:64:b4:16:be:90:
a4:fb:8b:87:cd:6c:4a:ea:ad:43:4a:df:ab:66:39:
e6:86:89:48:58:b9:69:2f:72:4a:f9:da:81:ef:60:
3b:1d:f5:bf:c9:28:79:4c:9d:6f:11:85:d4:60:b9:
54:45:49:b6:f7:b8:d3:8b:43:0b:5e:ed:86:d4:cf:
e1:7a:c6:75:36:79:e8:16:85:e1:e9:d9:83:a7:7a:
b1:b9:12:65:3b:b5:c2:56:22:54:7b:2b:d8:99:09:
33:c3:a1:7a:38:aa:ae:5c:c7:f2:a1:f4:12:9e:2d:
b4:ed:2e:21:0d:0e:2a:c9:dd:2f:9a:71:82:60:9a:
10:7e:5f:30:8f:c1:74:c4:81:e9:ac:0c:64:c4:9c:
d6:b1:8b:08:40:73:4f:1f:68:95:18:71:40:d2:c7:
4d:10:32:8e:eb:f6:52:98:77:fd:cc:f0:be:11:40:
f8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:83:AD:F1:54:54:AD:E0:EF:42:BB:8B:DD:96:15:1C:66:A7:E3:20
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/CYOt8VRUreDvQruL3ZYVHGan4yA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.40.0/24
194.41.114.0/24
IPv6:
2a06:fe40::/32
2a0e:2c00::/29
2a12:3a80::/29
Signature Algorithm: sha256WithRSAEncryption
42:5b:7c:8a:2c:3b:27:e9:4f:aa:51:ec:7c:21:8f:b8:bd:f1:
a3:0f:6a:e4:2c:74:c7:25:c3:cd:80:9d:29:a4:bd:68:fc:8d:
6f:07:cb:e9:93:4a:99:59:d6:6b:03:1a:0c:ab:5e:a0:f5:29:
5c:6d:45:ed:a1:fa:b4:99:f1:ba:0f:22:16:fc:d9:b6:4d:d9:
cf:9b:c6:71:09:34:3b:6b:8c:0c:91:e9:7e:aa:a9:b4:c6:9d:
18:f8:ca:fd:ef:d5:8f:d0:bc:63:50:49:48:65:3f:d2:1a:00:
32:05:d3:e6:1c:80:9c:ee:be:6b:5b:e9:6b:d0:79:d3:b8:47:
70:ef:55:fb:b4:3c:d3:dc:06:3d:cf:c7:f6:ce:ef:42:97:b9:
ac:8d:14:10:8d:a0:e4:53:44:67:87:e2:a7:a5:32:a7:db:04:
93:7b:69:8c:ca:49:91:e7:be:b4:78:2c:8e:6c:b2:b1:70:b2:
c4:d3:4a:e5:d4:ff:4e:e2:36:1d:01:ce:b1:e9:12:52:ef:bc:
b7:d8:30:ce:f3:a2:6c:26:3c:f9:37:8d:f7:1a:e2:83:ca:44:
5a:52:3a:aa:bb:4b:39:59:71:c4:04:12:50:25:98:82:c1:a4:
9e:2c:64:93:b7:84:f3:03:5e:d8:dd:44:07:3b:88:65:5e:98:
95:48:8e:a9
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZfu/VMqaSAOqPdyQ9pnLIoUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwNzA5MTE0MTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTgzYWRmMTU0NTRhZGUwZWY0MmJiOGJkZDk2MTUxYzY2YTdlMzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArw3RY3Gg+nUn0uGReXF2RA+Qhksw
RKb4qogESGRrZIURwhDm2FaSBkVIY7fBfwbX3GHO6k5/8HvZtAShO6qnQahB5krA
5vg19Y27P4VbtWpMrgjHZLQWvpCk+4uHzWxK6q1DSt+rZjnmholIWLlpL3JK+dqB
72A7HfW/ySh5TJ1vEYXUYLlURUm297jTi0MLXu2G1M/hesZ1NnnoFoXh6dmDp3qx
uRJlO7XCViJUeyvYmQkzw6F6OKquXMfyofQSni207S4hDQ4qyd0vmnGCYJoQfl8w
j8F0xIHprAxkxJzWsYsIQHNPH2iVGHFA0sdNEDKO6/ZSmHf9zPC+EUD48QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFAmDrfFUVK3g70K7i92WFRxmp+MgMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvQ1lPdDhWUlVyZUR2UXJ1TDNaWVZIR2FuNHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQABQEoAwQA
wilyMBsEAgACMBUDBQAqBv5AAwUDKg4sAAMFAyoSOoAwDQYJKoZIhvcNAQELBQAD
ggEBAEJbfIosOyfpT6pR7Hwhj7i98aMPauQsdMclw82AnSmkvWj8jW8Hy+mTSplZ
1msDGgyrXqD1KVxtRe2h+rSZ8boPIhb82bZN2c+bxnEJNDtrjAyR6X6qqbTGnRj4
yv3v1Y/QvGNQSUhlP9IaADIF0+YcgJzuvmtb6WvQedO4R3DvVfu0PNPcBj3Px/bO
70KXuayNFBCNoORTRGeH4qelMqfbBJN7aYzKSZHnvrR4LI5ssrFwssTTSuXU/07i
Nh0BzrHpElLvvLfYMM7zomwmPPk3jfca4oPKRFpSOqq7SzlZccQEElAlmILBpJ4s
ZJO3hPMDXtjdRAc7iGVemJVIjqk=
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:56:43 2025 by rpki-client