Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-WYTHLpGQYIl07iH-QjrWA7XXII.roa
File: 1-WYTHLpGQYIl07iH-QjrWA7XXII.roa (raw, json)
Hash identifier: uMJT1lr/DtArErvQuhZYEvGuHtz0TKNJWe67amEqU+c=
Subject key identifier: F9:66:13:1C:BA:46:41:82:25:D3:B8:87:F9:08:EB:58:0E:D7:5C:82
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01981D290BD1A7F101A628CB4509AF1FABB4
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-WYTHLpGQYIl07iH-QjrWA7XXII.roa
Signing time: Fri 18 Jul 2025 10:51:25 +0000
ROA not before: Fri 18 Jul 2025 10:51:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 185.206.250.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 06:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1d:29:0b:d1:a7:f1:01:a6:28:cb:45:09:af:1f:ab:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 18 10:51:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f966131cba46418225d3b887f908eb580ed75c82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:57:da:0f:3d:47:ad:7c:25:d8:d7:c8:75:e5:
35:85:2d:90:2f:1b:0e:87:e8:1e:68:2d:36:a3:4d:
c5:33:5d:41:e1:b7:b0:b8:96:f4:bc:03:1d:a0:cb:
f3:36:74:7d:c2:86:55:b2:98:bd:e4:45:0f:ed:e5:
6b:a3:e1:cd:b1:4e:dd:7a:70:76:cf:06:1a:07:2e:
eb:9f:9e:d6:e9:5d:6b:a9:c3:2c:3f:f0:82:81:7b:
6e:4c:c8:3e:30:da:0a:14:b6:b7:cf:7a:6f:63:7a:
ef:97:6d:f8:5d:99:31:c8:a7:c9:0c:b2:12:07:ce:
c5:7f:a0:a4:c7:b3:27:bb:8e:cc:e0:70:4c:ef:f7:
9b:fe:21:91:a1:0d:ab:12:46:54:95:50:2e:92:7e:
08:d0:56:25:a3:a4:43:14:d8:3f:ec:7c:3e:2f:c1:
bf:80:9b:7a:ab:18:b8:33:fb:5f:57:e6:29:7e:3d:
2e:4a:65:f6:13:18:0a:01:0f:21:34:59:63:f2:2f:
17:9d:66:1b:af:dc:4b:76:ed:24:5c:96:dd:23:54:
af:96:98:79:55:3b:06:33:cc:07:6c:0d:71:a4:6e:
ac:35:01:1c:f0:a3:af:61:73:ca:36:b0:86:9c:dd:
11:70:7d:de:e6:d8:16:0a:5e:32:a0:eb:c4:c9:12:
91:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:66:13:1C:BA:46:41:82:25:D3:B8:87:F9:08:EB:58:0E:D7:5C:82
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/1-WYTHLpGQYIl07iH-QjrWA7XXII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.250.0/24
185.226.107.0/24
Signature Algorithm: sha256WithRSAEncryption
36:24:7b:ff:82:22:42:b3:12:51:c5:de:c0:fe:38:30:2f:89:
17:bd:6e:57:ad:19:7a:13:96:c1:68:e2:44:2b:ce:f1:99:bb:
43:7d:87:d0:e7:a8:de:c9:b0:92:8d:3d:86:23:fe:22:c4:7b:
25:23:f8:cb:35:10:26:1d:8c:1e:cf:fb:bb:5a:bc:c3:61:dd:
eb:ff:46:a7:74:6b:2e:06:b5:76:34:f4:50:a7:b7:c1:03:85:
b8:f0:d0:0b:a1:55:0d:bf:7a:25:2f:0e:eb:bf:f0:dc:c6:2e:
cc:37:ff:bb:a4:50:11:95:6c:0e:eb:3c:d9:2b:74:b2:50:4f:
8a:f2:a8:49:08:7d:08:cb:30:ce:99:af:53:70:1b:0a:fc:06:
b6:1b:da:e3:bf:72:41:11:eb:2e:57:ea:a8:63:36:36:f4:7a:
2f:09:20:79:77:f3:ce:6b:91:71:17:62:a0:4f:c7:77:98:35:
2b:29:05:e7:1f:fe:59:d5:e2:4f:57:6e:54:ee:54:e9:bc:f9:
72:93:ba:4c:50:00:68:a9:01:ef:de:94:11:f2:5f:7f:87:47:
ce:28:3a:b4:c1:38:b6:ad:b1:02:f9:08:f9:50:b2:e2:d6:b5:
bf:da:85:fa:1a:2f:92:b6:f9:e2:d2:c3:08:61:45:a8:82:9f:
a3:96:5d:30
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZgdKQvRp/EBpijLRQmvH6u0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNzE4MTA1MTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTY2MTMxY2JhNDY0MTgyMjVkM2I4ODdmOTA4ZWI1ODBlZDc1YzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1faDz1HrXwl2NfIdeU1hS2QLxsO
h+geaC02o03FM11B4bewuJb0vAMdoMvzNnR9woZVspi95EUP7eVro+HNsU7denB2
zwYaBy7rn57W6V1rqcMsP/CCgXtuTMg+MNoKFLa3z3pvY3rvl234XZkxyKfJDLIS
B87Ff6Ckx7Mnu47M4HBM7/eb/iGRoQ2rEkZUlVAukn4I0FYlo6RDFNg/7Hw+L8G/
gJt6qxi4M/tfV+Ypfj0uSmX2ExgKAQ8hNFlj8i8XnWYbr9xLdu0kXJbdI1Svlph5
VTsGM8wHbA1xpG6sNQEc8KOvYXPKNrCGnN0RcH3e5tgWCl4yoOvEyRKRwQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPlmExy6RkGCJdO4h/kI61gO11yCMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvMS1XWVRITHBHUVlJbDA3aUgtUWpyV0E3WFhJSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDAvMmI4MzRlLWJhZDItNDlmZi1iYTM4LWI0MzQyYmE5MWFi
Yy8xL1lHZUV3UVVJVzUxcTFmYzZBN0lObWx3UlRLOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALnO+gME
ALniazANBgkqhkiG9w0BAQsFAAOCAQEANiR7/4IiQrMSUcXewP44MC+JF71uV60Z
ehOWwWjiRCvO8Zm7Q32H0Oeo3smwko09hiP+IsR7JSP4yzUQJh2MHs/7u1q8w2Hd
6/9Gp3RrLga1djT0UKe3wQOFuPDQC6FVDb96JS8O67/w3MYuzDf/u6RQEZVsDus8
2St0slBPivKoSQh9CMswzpmvU3AbCvwGthva479yQRHrLlfqqGM2NvR6LwkgeXfz
zmuRcRdioE/Hd5g1KykF5x/+WdXiT1duVO5U6bz5cpO6TFAAaKkB796UEfJff4dH
zig6tME4tq2xAvkI+VCy4ta1v9qF+hovkrb54tLDCGFFqIKfo5ZdMA==
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:45:17 2025 by rpki-client