Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/4f54b4-009f-46ce-9ac0-36bac8d91e2e/1/y98rsRbz9YetT8VvkzkoAiVY58g.roa
File: y98rsRbz9YetT8VvkzkoAiVY58g.roa (raw, json)
Hash identifier: aJC5mD7J5OKym3wRhst01qD/8wp2OpjDxep2O82i5l8=
Subject key identifier: CB:DF:2B:B1:16:F3:F5:87:AD:4F:C5:6F:93:39:28:02:25:58:E7:C8
Certificate issuer: /CN=c65a1da1cb1c920ae2f9b748270fded8737a9184
Certificate serial: 019A5E0ECA15E2F65739D96AB05534181956
Authority key identifier: C6:5A:1D:A1:CB:1C:92:0A:E2:F9:B7:48:27:0F:DE:D8:73:7A:91:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xlodocsckgri-bdIJw_e2HN6kYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/4f54b4-009f-46ce-9ac0-36bac8d91e2e/1/y98rsRbz9YetT8VvkzkoAiVY58g.roa
Signing time: Fri 07 Nov 2025 11:23:38 +0000
ROA not before: Fri 07 Nov 2025 11:23:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212667
IP address blocks: 85.235.81.0/24 maxlen: 24
192.109.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/4f54b4-009f-46ce-9ac0-36bac8d91e2e/1/xlodocsckgri-bdIJw_e2HN6kYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/4f54b4-009f-46ce-9ac0-36bac8d91e2e/1/xlodocsckgri-bdIJw_e2HN6kYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/xlodocsckgri-bdIJw_e2HN6kYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:5e:0e:ca:15:e2:f6:57:39:d9:6a:b0:55:34:18:19:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c65a1da1cb1c920ae2f9b748270fded8737a9184
Validity
Not Before: Nov 7 11:23:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cbdf2bb116f3f587ad4fc56f933928022558e7c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:5c:93:65:d3:8a:2a:5d:0d:48:fe:c2:df:49:
75:b2:52:a3:25:d3:11:a1:90:5b:18:0e:cb:7e:82:
f5:81:41:22:1a:a9:eb:36:0e:91:35:bd:2a:75:58:
fb:c6:46:a5:87:cd:5b:4c:a2:04:a8:a3:95:eb:1f:
f2:72:a9:03:5f:c3:80:4f:f0:4a:24:73:81:0c:32:
e0:15:76:00:f4:65:97:a3:c3:dd:ef:3f:d7:9b:96:
30:c4:01:dd:ef:b4:a1:03:75:7e:57:dc:7b:0f:ef:
49:a3:2f:7b:28:1d:16:7e:5d:49:49:f9:7f:3c:b1:
f1:2e:24:18:6e:34:27:4b:10:7e:2f:37:aa:cb:81:
4e:b1:8f:aa:c5:6d:73:ed:10:6b:6f:64:cb:24:e0:
df:9d:d2:9e:ee:7f:ae:4f:09:c6:4e:3b:44:09:ca:
4a:d1:6d:b8:92:d4:f1:6a:e2:91:4a:69:5c:1e:0c:
13:3f:5e:fe:d8:64:fe:14:d1:14:a1:6c:ea:ed:8c:
36:98:86:0e:53:1b:95:ad:21:5c:12:13:f6:83:a1:
18:88:57:b3:d4:13:a5:5b:2b:41:38:b2:11:ed:2f:
84:f7:d5:18:fc:81:98:3c:c0:09:71:96:0e:85:7f:
62:e1:16:dd:a8:37:11:72:37:02:11:82:8c:b5:13:
42:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:DF:2B:B1:16:F3:F5:87:AD:4F:C5:6F:93:39:28:02:25:58:E7:C8
X509v3 Authority Key Identifier:
keyid:C6:5A:1D:A1:CB:1C:92:0A:E2:F9:B7:48:27:0F:DE:D8:73:7A:91:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xlodocsckgri-bdIJw_e2HN6kYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/4f54b4-009f-46ce-9ac0-36bac8d91e2e/1/y98rsRbz9YetT8VvkzkoAiVY58g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/4f54b4-009f-46ce-9ac0-36bac8d91e2e/1/xlodocsckgri-bdIJw_e2HN6kYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.235.81.0/24
192.109.97.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:82:6c:ec:00:bd:b7:31:3e:cc:47:3e:4c:f6:bf:a6:6a:3a:
a3:15:bf:ff:fb:cd:89:ac:3a:97:7c:6b:64:76:3e:37:87:53:
8e:04:01:4b:cd:0b:09:34:4d:ef:30:0b:1e:57:b2:38:1f:77:
72:80:c0:4c:a4:53:ab:1d:af:56:54:68:35:d9:3d:e2:bd:47:
c9:16:e9:de:16:0c:1a:30:3a:bb:aa:84:99:58:69:48:69:5f:
d2:6a:d2:4b:e9:3c:eb:b2:4b:32:79:3a:19:dd:99:bf:e9:c4:
24:12:ba:e4:f1:8e:15:97:46:a6:84:13:98:93:33:ae:82:0c:
14:7d:25:0e:dc:3b:25:16:d2:7f:82:29:ee:3e:a6:2e:ea:ff:
9f:e5:c3:3b:f4:1a:5d:20:68:6f:95:63:40:67:d8:dc:28:77:
6b:75:52:c5:32:c3:41:61:08:3c:df:46:d1:00:68:4c:4b:f1:
df:4a:cc:0e:e1:56:32:18:44:2d:b9:88:c0:49:f0:4a:64:f4:
80:82:43:0e:7f:f6:e0:fe:bf:c6:65:62:2a:cc:f1:14:22:9e:
6d:6c:61:5f:ab:99:51:80:22:93:9b:06:ff:c5:e1:4e:9a:c1:
2b:be:f7:a1:7a:8f:9f:b1:c7:3c:50:69:84:0a:11:f2:b0:7b:
bd:2f:46:d4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZpeDsoV4vZXOdlqsFU0GBlWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NWExZGExY2IxYzkyMGFlMmY5Yjc0ODI3MGZkZWQ4NzM3
YTkxODQwHhcNMjUxMTA3MTEyMzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYmRmMmJiMTE2ZjNmNTg3YWQ0ZmM1NmY5MzM5MjgwMjI1NThlN2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlyTZdOKKl0NSP7C30l1slKjJdMR
oZBbGA7LfoL1gUEiGqnrNg6RNb0qdVj7xkalh81bTKIEqKOV6x/ycqkDX8OAT/BK
JHOBDDLgFXYA9GWXo8Pd7z/Xm5YwxAHd77ShA3V+V9x7D+9Joy97KB0Wfl1JSfl/
PLHxLiQYbjQnSxB+Lzeqy4FOsY+qxW1z7RBrb2TLJODfndKe7n+uTwnGTjtECcpK
0W24ktTxauKRSmlcHgwTP17+2GT+FNEUoWzq7Yw2mIYOUxuVrSFcEhP2g6EYiFez
1BOlWytBOLIR7S+E99UY/IGYPMAJcZYOhX9i4RbdqDcRcjcCEYKMtRNC8QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMvfK7EW8/WHrU/Fb5M5KAIlWOfIMB8GA1UdIwQY
MBaAFMZaHaHLHJIK4vm3SCcP3thzepGEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGxvZG9jc2NrZ3JpLWJkSUp3X2UySE42a1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS80ZjU0YjQtMDA5Zi00NmNlLTlhYzAt
MzZiYWM4ZDkxZTJlLzEveTk4cnNSYno5WWV0VDhWdmt6a29BaVZZNThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS80ZjU0YjQtMDA5Zi00NmNlLTlhYzAtMzZiYWM4ZDkxZTJl
LzEveGxvZG9jc2NrZ3JpLWJkSUp3X2UySE42a1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVetRAwQA
wG1hMA0GCSqGSIb3DQEBCwUAA4IBAQBMgmzsAL23MT7MRz5M9r+majqjFb//+82J
rDqXfGtkdj43h1OOBAFLzQsJNE3vMAseV7I4H3dygMBMpFOrHa9WVGg12T3ivUfJ
FuneFgwaMDq7qoSZWGlIaV/SatJL6TzrsksyeToZ3Zm/6cQkErrk8Y4Vl0amhBOY
kzOuggwUfSUO3DslFtJ/ginuPqYu6v+f5cM79BpdIGhvlWNAZ9jcKHdrdVLFMsNB
YQg830bRAGhMS/HfSswO4VYyGEQtuYjASfBKZPSAgkMOf/bg/r/GZWIqzPEUIp5t
bGFfq5lRgCKTmwb/xeFOmsErvveheo+fscc8UGmEChHysHu9L0bU
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:56:31 2025 by rpki-client