Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Ya5-h2ETMjyWDhCB2tvxKRLAqsQ.roa
File: Ya5-h2ETMjyWDhCB2tvxKRLAqsQ.roa (raw, json)
Hash identifier: coLWeAGOhf5VNkz6Fd+O+ZH/zyRAc6w/wTvM49zi9Dc=
Subject key identifier: 61:AE:7E:87:61:13:32:3C:96:0E:10:81:DA:DB:F1:29:12:C0:AA:C4
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019782122A31B9223172F3B2353168B1EB75
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Ya5-h2ETMjyWDhCB2tvxKRLAqsQ.roa
Signing time: Wed 18 Jun 2025 08:05:17 +0000
ROA not before: Wed 18 Jun 2025 08:05:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 83.137.154.0/24 maxlen: 24
88.209.203.0/24 maxlen: 24
88.209.230.0/24 maxlen: 24
88.209.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 06:21:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:82:12:2a:31:b9:22:31:72:f3:b2:35:31:68:b1:eb:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jun 18 08:05:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=61ae7e876113323c960e1081dadbf12912c0aac4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7a:76:2d:d7:a4:19:7e:f3:a3:c4:26:e6:a6:
df:91:ae:62:50:6d:30:80:2c:53:8b:79:55:65:c4:
ad:c8:57:dc:92:67:37:be:74:b6:1c:5e:b1:24:58:
cf:6a:70:7e:62:63:36:fb:ea:bb:55:07:d9:e6:bf:
9f:ca:b9:16:db:7e:0e:50:e3:ed:bf:71:a7:76:d1:
30:a1:c3:a7:b4:fb:c2:dc:9a:4e:29:6a:0d:1e:0b:
49:db:c3:4d:fe:f7:fd:09:8e:a9:6f:30:21:34:fc:
9e:be:13:16:0a:5f:88:d8:e6:5c:de:db:e2:aa:56:
e8:98:cd:ee:16:3f:63:b0:a7:f0:f2:48:7b:41:06:
9b:9c:fb:64:f4:ce:35:4b:9e:0f:dd:b9:02:7c:23:
29:23:89:a3:b6:7d:c4:13:f0:2e:a1:c4:b8:fc:2b:
45:fe:4b:1c:35:e7:71:e3:b2:1e:03:4f:c9:24:d2:
75:b2:47:d1:a5:a6:0d:ea:c6:95:76:ef:aa:1d:18:
5c:bb:70:f2:fc:ed:7e:75:18:05:bc:ff:9c:55:c3:
bc:a4:1f:b7:2d:1d:cf:55:c5:93:19:c1:06:32:de:
4f:d3:a5:68:98:12:81:55:95:25:b6:64:4f:3f:2f:
38:35:6a:f6:8c:05:25:42:d1:07:55:5d:8a:4e:68:
7e:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:AE:7E:87:61:13:32:3C:96:0E:10:81:DA:DB:F1:29:12:C0:AA:C4
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Ya5-h2ETMjyWDhCB2tvxKRLAqsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.154.0/24
88.209.203.0/24
88.209.230.0/24
88.209.255.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:69:0f:5f:e4:f7:21:2a:4f:6b:01:64:79:f6:f4:a2:55:c2:
0a:2a:44:e0:c8:28:a3:89:25:00:90:63:ed:19:1a:b8:d3:f2:
94:ca:00:d0:0b:d7:a8:1a:32:60:9c:1d:aa:62:8e:8b:e5:b8:
e5:99:e4:46:af:51:2e:53:9e:9e:f7:4f:08:77:f9:45:bf:23:
a0:0e:4a:69:5d:5d:23:d7:77:2a:d7:0b:01:1f:3d:5c:ae:2f:
a9:a2:2a:9e:b8:57:cc:b5:77:ab:d2:22:22:39:fb:ba:54:15:
87:a0:35:a2:e4:a7:a4:eb:e8:55:31:ff:fa:6e:ca:d4:a0:7a:
26:e1:c9:9b:78:2c:b2:b1:3c:ee:4f:36:0d:c9:08:57:7a:5a:
aa:43:db:81:fa:d4:54:fe:d9:1b:4f:59:91:98:12:14:f0:23:
7a:a8:07:b2:4e:f8:47:5d:50:1d:4c:5c:e4:97:ba:97:3e:69:
8f:c3:50:87:de:02:29:a1:34:24:1a:84:eb:f6:06:ce:fd:ad:
bd:bf:53:fe:ce:86:51:92:f2:d5:ae:84:3e:96:1a:19:c2:1a:
16:42:01:ce:3c:13:f6:15:e1:02:8e:f2:3c:ec:eb:53:4c:f3:
51:d0:80:1c:56:7a:e8:00:9b:bc:e8:e9:61:47:a6:02:8a:1b:
aa:4e:8c:9b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZeCEioxuSIxcvOyNTFoset1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwNjE4MDgwNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MWFlN2U4NzYxMTMzMjNjOTYwZTEwODFkYWRiZjEyOTEyYzBhYWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXp2LdekGX7zo8Qm5qbfka5iUG0w
gCxTi3lVZcStyFfckmc3vnS2HF6xJFjPanB+YmM2++q7VQfZ5r+fyrkW234OUOPt
v3GndtEwocOntPvC3JpOKWoNHgtJ28NN/vf9CY6pbzAhNPyevhMWCl+I2OZc3tvi
qlbomM3uFj9jsKfw8kh7QQabnPtk9M41S54P3bkCfCMpI4mjtn3EE/AuocS4/CtF
/kscNedx47IeA0/JJNJ1skfRpaYN6saVdu+qHRhcu3Dy/O1+dRgFvP+cVcO8pB+3
LR3PVcWTGcEGMt5P06VomBKBVZUltmRPPy84NWr2jAUlQtEHVV2KTmh+fwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGGufodhEzI8lg4Qgdrb8SkSwKrEMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvWWE1LWgyRVRNanlXRGhDQjJ0dnhLUkxBcXNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAU4maAwQA
WNHLAwQAWNHmAwQAWNH/MA0GCSqGSIb3DQEBCwUAA4IBAQB7aQ9f5PchKk9rAWR5
9vSiVcIKKkTgyCijiSUAkGPtGRq40/KUygDQC9eoGjJgnB2qYo6L5bjlmeRGr1Eu
U56e908Id/lFvyOgDkppXV0j13cq1wsBHz1cri+poiqeuFfMtXer0iIiOfu6VBWH
oDWi5Kek6+hVMf/6bsrUoHom4cmbeCyysTzuTzYNyQhXelqqQ9uB+tRU/tkbT1mR
mBIU8CN6qAeyTvhHXVAdTFzkl7qXPmmPw1CH3gIpoTQkGoTr9gbO/a29v1P+zoZR
kvLVroQ+lhoZwhoWQgHOPBP2FeECjvI87OtTTPNR0IAcVnroAJu86OlhR6YCihuq
Toyb
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:25:07 2025 by rpki-client