Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/Yicj8_op75ymbzoaaR_CYcZe0VQ.roa
File: Yicj8_op75ymbzoaaR_CYcZe0VQ.roa (raw, json)
Hash identifier: 2+ymQL5q8ADUC0OeBfxhWEbeXNErcML6p19Ax/kmRSk=
Subject key identifier: 62:27:23:F3:FA:29:EF:9C:A6:6F:3A:1A:69:1F:C2:61:C6:5E:D1:54
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 019A07EE4660A8B83F97843F2F66B397C0F6
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/Yicj8_op75ymbzoaaR_CYcZe0VQ.roa
Signing time: Tue 21 Oct 2025 18:00:47 +0000
ROA not before: Tue 21 Oct 2025 18:00:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204909
IP address blocks: 2a11:4044::/32 maxlen: 32
2a11:6540::/32 maxlen: 32
2a11:6542::/32 maxlen: 32
2a11:6581::/32 maxlen: 32
2a11:6582::/32 maxlen: 32
2a11:6d07::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 12:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:07:ee:46:60:a8:b8:3f:97:84:3f:2f:66:b3:97:c0:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Oct 21 18:00:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=622723f3fa29ef9ca66f3a1a691fc261c65ed154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c0:44:6b:25:59:47:23:92:1d:ed:e0:be:38:
e9:e9:15:ff:a2:24:fe:84:48:b4:39:c0:ad:44:ab:
9f:5c:56:c2:73:da:d5:fd:16:9c:6a:73:a2:8d:da:
3e:3d:a9:12:24:05:6c:76:34:6a:d0:da:35:0c:6d:
a0:f6:14:97:d0:40:f3:a2:b8:7c:20:63:03:57:d6:
78:fb:1c:75:e2:b1:40:c9:1c:48:a9:4f:0f:9c:80:
83:41:b1:a0:ad:f0:20:f1:4a:7f:ba:83:d3:6f:a4:
4c:8d:7b:7d:4e:02:cd:3d:44:47:65:5e:ea:77:a3:
6f:14:14:a1:99:ec:fd:93:9a:95:9f:cc:04:d0:38:
92:c6:6f:4d:9f:d6:10:d3:32:ba:bf:bd:a8:b3:0d:
7a:25:dd:16:4f:ee:b8:7e:03:a0:61:be:70:17:c8:
88:26:5d:e6:c9:6a:7b:0c:e4:50:a9:87:e8:a1:6e:
78:bf:c4:f9:8c:86:9b:20:bb:06:81:dd:85:50:7a:
2a:ea:fd:dc:55:28:b0:ee:23:e1:4e:79:51:38:30:
43:d3:11:1e:7a:74:81:fe:1c:18:54:84:1c:d1:8a:
79:fd:df:82:8d:39:4c:cb:1f:8b:32:c7:f4:15:cf:
e5:8d:67:51:64:b6:03:38:1f:d2:bf:83:ee:35:16:
fe:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:27:23:F3:FA:29:EF:9C:A6:6F:3A:1A:69:1F:C2:61:C6:5E:D1:54
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/Yicj8_op75ymbzoaaR_CYcZe0VQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:4044::/32
2a11:6540::/32
2a11:6542::/32
2a11:6581::-2a11:6582:ffff:ffff:ffff:ffff:ffff:ffff
2a11:6d07::/32
Signature Algorithm: sha256WithRSAEncryption
bf:e4:2d:84:aa:b9:4a:7d:a2:ec:5d:27:37:0f:15:fd:0a:cb:
0a:b2:20:d5:fa:38:1c:27:5a:e3:ab:7a:0c:49:cf:9e:c0:5c:
bc:56:30:79:8b:26:f2:6c:cb:50:b1:40:5e:c6:ef:39:df:81:
a3:64:ec:8e:6d:f2:0b:8e:d9:f0:6b:21:2e:b9:42:a0:36:ea:
85:42:6e:43:dc:05:2c:55:2e:34:f3:df:2b:56:0e:45:c9:18:
43:39:24:81:e5:6a:15:f1:78:b2:d0:a7:39:78:e4:58:13:7f:
14:5c:2c:b8:c2:1a:e8:19:22:92:9f:26:0d:b3:52:8d:46:6f:
4b:3a:74:56:cf:1d:48:16:cb:f1:e3:a8:05:ea:9a:99:82:92:
c8:a3:63:7c:bc:3c:9f:85:7a:77:f7:c1:83:10:2b:28:07:b0:
26:e6:97:4c:06:ef:60:07:d9:c6:4b:b2:6d:06:79:08:1a:37:
0a:82:6a:5a:a2:cc:5f:25:15:8a:a4:7c:6c:99:ef:6b:c3:e4:
02:d4:8c:81:f2:6b:64:0d:4e:43:3a:20:e3:70:aa:ed:5c:ac:
07:87:e4:8f:5b:32:7c:7c:32:d6:b4:ee:a5:d0:ce:9a:51:e7:
9e:ef:08:96:68:15:05:a4:ac:31:03:68:02:42:47:5f:2e:59:
e4:40:cc:6f
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZoH7kZgqLg/l4Q/L2azl8D2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUxMDIxMTgwMDQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjI3MjNmM2ZhMjllZjljYTY2ZjNhMWE2OTFmYzI2MWM2NWVkMTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28BEayVZRyOSHe3gvjjp6RX/oiT+
hEi0OcCtRKufXFbCc9rV/RacanOijdo+PakSJAVsdjRq0No1DG2g9hSX0EDzorh8
IGMDV9Z4+xx14rFAyRxIqU8PnICDQbGgrfAg8Up/uoPTb6RMjXt9TgLNPURHZV7q
d6NvFBShmez9k5qVn8wE0DiSxm9Nn9YQ0zK6v72osw16Jd0WT+64fgOgYb5wF8iI
Jl3myWp7DORQqYfooW54v8T5jIabILsGgd2FUHoq6v3cVSiw7iPhTnlRODBD0xEe
enSB/hwYVIQc0Yp5/d+CjTlMyx+LMsf0Fc/ljWdRZLYDOB/Sv4PuNRb+vQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGInI/P6Ke+cpm86GmkfwmHGXtFUMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvWWljajhfb3A3NXltYnpvYWFSX0NZY1plMFZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAAjAsAwUAKhFARAMF
ACoRZUADBQAqEWVCMA4DBQAqEWWBAwUAKhFlggMFACoRbQcwDQYJKoZIhvcNAQEL
BQADggEBAL/kLYSquUp9ouxdJzcPFf0KywqyINX6OBwnWuOregxJz57AXLxWMHmL
JvJsy1CxQF7G7znfgaNk7I5t8guO2fBrIS65QqA26oVCbkPcBSxVLjTz3ytWDkXJ
GEM5JIHlahXxeLLQpzl45FgTfxRcLLjCGugZIpKfJg2zUo1Gb0s6dFbPHUgWy/Hj
qAXqmpmCksijY3y8PJ+Fenf3wYMQKygHsCbml0wG72AH2cZLsm0GeQgaNwqCalqi
zF8lFYqkfGyZ72vD5ALUjIHya2QNTkM6IONwqu1crAeH5I9bMnx8Mta07qXQzppR
557vCJZoFQWkrDEDaAJCR18uWeRAzG8=
-----END CERTIFICATE-----
Generated at Wed Oct 22 17:37:45 2025 by rpki-client