Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cy_UIKFqnJiV1c44d2QknsXct2Y.roa
File: cy_UIKFqnJiV1c44d2QknsXct2Y.roa (raw, json)
Hash identifier: fNMXg2AAbF0NU000IcqpA/TtHpOW9v6pM0a5ATzxbZQ=
Subject key identifier: 73:2F:D4:20:A1:6A:9C:98:95:D5:CE:38:77:64:24:9E:C5:DC:B7:66
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0196A4FD1387F0204CC671F73D453A117652
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cy_UIKFqnJiV1c44d2QknsXct2Y.roa
Signing time: Tue 06 May 2025 09:46:10 +0000
ROA not before: Tue 06 May 2025 09:46:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 192.124.191.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
194.87.12.0/24 maxlen: 24
194.87.22.0/24 maxlen: 24
194.87.32.0/24 maxlen: 24
194.87.40.0/24 maxlen: 24
194.87.88.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.142.0/24 maxlen: 24
194.87.150.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.185.0/24 maxlen: 24
195.133.6.0/24 maxlen: 24
195.133.42.0/24 maxlen: 24
195.133.43.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.85.0/24 maxlen: 24
212.193.14.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 18:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:fd:13:87:f0:20:4c:c6:71:f7:3d:45:3a:11:76:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 6 09:46:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=732fd420a16a9c9895d5ce387764249ec5dcb766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:8a:f0:29:5a:61:65:28:42:2e:f0:bb:fa:cf:
12:9c:b5:25:ac:5a:46:53:72:9e:ad:bd:a7:3a:50:
88:b9:1d:33:c8:64:9f:a4:a5:90:a0:2f:f0:14:9c:
4e:af:1c:b0:01:ce:97:69:f8:21:65:28:05:12:e6:
9c:1c:f4:b1:b5:ff:a0:b5:c1:97:07:0b:0c:82:28:
28:6e:63:72:cb:f2:2a:12:a4:d3:7f:95:0c:26:f0:
b2:50:b2:53:f2:ba:05:cd:dd:50:16:bd:3a:6c:07:
5d:fe:d3:c3:ce:13:83:b3:88:45:14:a6:6d:93:64:
8e:bd:e1:90:40:a8:4d:ed:ce:e3:66:09:85:f3:36:
ca:b8:c2:64:c1:bc:0f:2f:c6:18:5c:31:54:93:72:
b8:b0:53:4f:d7:ff:ad:8e:78:83:38:58:0c:2f:bd:
89:c3:8c:12:1e:0b:de:6e:5c:ca:d4:05:62:62:27:
29:64:7a:e6:d1:9e:01:b4:23:47:59:6b:14:5f:3e:
4a:c4:ae:aa:a4:c0:d8:e3:59:3b:a4:14:28:cf:7d:
d0:1c:9b:01:c5:f2:99:20:a0:10:c2:48:79:1e:4f:
24:8d:40:f8:53:78:9b:67:e5:9c:6e:17:67:45:75:
d4:ec:20:16:2d:04:f7:3c:68:77:31:d7:7f:4a:22:
57:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:2F:D4:20:A1:6A:9C:98:95:D5:CE:38:77:64:24:9E:C5:DC:B7:66
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/cy_UIKFqnJiV1c44d2QknsXct2Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.191.0/24
193.124.5.0/24
194.87.12.0/24
194.87.22.0/24
194.87.32.0/24
194.87.40.0/24
194.87.88.0/24
194.87.124.0/24
194.87.136.0/24
194.87.142.0/24
194.87.150.0/24
194.87.169.0/24
194.87.185.0/24
195.133.6.0/24
195.133.42.0/23
195.133.72.0/24
195.133.85.0/24
212.193.14.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:46:3f:06:77:57:7d:ef:13:84:5c:7a:72:79:26:98:3a:3d:
a4:39:0d:30:4d:1b:2c:89:f2:fe:b2:59:e0:cb:e3:b8:b3:99:
59:7c:28:4d:a4:af:2f:22:7b:df:4a:b9:8f:7b:6b:6e:a4:71:
8a:45:bf:54:e6:2d:63:ab:bc:e3:d0:61:68:88:95:a4:79:0b:
88:a4:e4:c2:fa:d5:90:3b:68:88:91:90:26:20:3d:2d:fd:9b:
60:a6:97:23:d5:8f:db:9b:7d:92:fa:29:d2:a1:d0:8a:87:c7:
ea:93:47:d4:6c:27:70:3b:43:64:a9:ee:86:94:23:67:b1:30:
b2:0b:1d:96:ed:d0:42:d2:51:91:c4:ec:a9:ce:22:86:57:80:
2f:e7:c5:df:de:4a:18:90:86:a9:ab:8c:93:c8:2f:a9:10:5a:
23:04:32:53:44:cd:1f:1b:9e:fd:d2:f3:cf:b5:5f:c6:a9:36:
d7:bf:0a:e3:d3:03:60:c6:e9:19:e5:8c:3a:fb:bb:23:e9:49:
f1:db:1b:d2:b9:02:71:44:d4:ea:60:0b:b7:68:8a:51:7f:78:
bd:49:b3:70:44:2c:90:be:79:06:d4:42:6f:0d:af:c6:5b:56:
24:8a:55:85:8d:1e:6c:d9:ca:e6:fd:08:b9:c2:cb:4a:73:8c:
38:ea:d6:c3
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZak/ROH8CBMxnH3PUU6EXZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNTA2MDk0NjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzJmZDQyMGExNmE5Yzk4OTVkNWNlMzg3NzY0MjQ5ZWM1ZGNiNzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2IrwKVphZShCLvC7+s8SnLUlrFpG
U3Kerb2nOlCIuR0zyGSfpKWQoC/wFJxOrxywAc6XafghZSgFEuacHPSxtf+gtcGX
BwsMgigobmNyy/IqEqTTf5UMJvCyULJT8roFzd1QFr06bAdd/tPDzhODs4hFFKZt
k2SOveGQQKhN7c7jZgmF8zbKuMJkwbwPL8YYXDFUk3K4sFNP1/+tjniDOFgML72J
w4wSHgveblzK1AViYicpZHrm0Z4BtCNHWWsUXz5KxK6qpMDY41k7pBQoz33QHJsB
xfKZIKAQwkh5Hk8kjUD4U3ibZ+WcbhdnRXXU7CAWLQT3PGh3Mdd/SiJXlQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFHMv1CChapyYldXOOHdkJJ7F3LdmMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvY3lfVUlLRnFuSmlWMWM0NGQyUWtuc1hjdDJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAMB8vwME
AMF8BQMEAMJXDAMEAMJXFgMEAMJXIAMEAMJXKAMEAMJXWAMEAMJXfAMEAMJXiAME
AMJXjgMEAMJXlgMEAMJXqQMEAMJXuQMEAMOFBgMEAcOFKgMEAMOFSAMEAMOFVQME
ANTBDjANBgkqhkiG9w0BAQsFAAOCAQEAX0Y/BndXfe8ThFx6cnkmmDo9pDkNME0b
LIny/rJZ4MvjuLOZWXwoTaSvLyJ730q5j3trbqRxikW/VOYtY6u849BhaIiVpHkL
iKTkwvrVkDtoiJGQJiA9Lf2bYKaXI9WP25t9kvop0qHQiofH6pNH1GwncDtDZKnu
hpQjZ7Ewsgsdlu3QQtJRkcTsqc4ihleAL+fF395KGJCGqauMk8gvqRBaIwQyU0TN
Hxue/dLzz7Vfxqk2178K49MDYMbpGeWMOvu7I+lJ8dsb0rkCcUTU6mALt2iKUX94
vUmzcEQskL55BtRCbw2vxltWJIpVhY0ebNnK5v0IucLLSnOMOOrWww==
-----END CERTIFICATE-----
Generated at Fri Jun 6 02:56:02 2025 by rpki-client