Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/5a6d01-a375-4e11-871e-99e6141de7f1/1/VIy7_lrLiCEVKDASRrS6xEW1G2M.roa
File: VIy7_lrLiCEVKDASRrS6xEW1G2M.roa (raw, json)
Hash identifier: LImAH0WKm/fD41z7QWvfDbutbn8jAuxoHodrMfpLHfw=
Subject key identifier: 54:8C:BB:FE:5A:CB:88:21:15:28:30:12:46:B4:BA:C4:45:B5:1B:63
Certificate issuer: /CN=f7bed33ff01e8e09dc4fedcd01139c0e77854aae
Certificate serial: 019A20E051729A63321707477F6FA8FC52DF
Authority key identifier: F7:BE:D3:3F:F0:1E:8E:09:DC:4F:ED:CD:01:13:9C:0E:77:85:4A:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/977TP_AejgncT-3NAROcDneFSq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/5a6d01-a375-4e11-871e-99e6141de7f1/1/VIy7_lrLiCEVKDASRrS6xEW1G2M.roa
Signing time: Sun 26 Oct 2025 14:16:02 +0000
ROA not before: Sun 26 Oct 2025 14:16:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6205
IP address blocks: 185.70.84.0/24 maxlen: 24
185.70.85.0/24 maxlen: 24
185.70.86.0/24 maxlen: 24
185.70.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/5a6d01-a375-4e11-871e-99e6141de7f1/1/977TP_AejgncT-3NAROcDneFSq4.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/5a6d01-a375-4e11-871e-99e6141de7f1/1/977TP_AejgncT-3NAROcDneFSq4.mft
rsync://rpki.ripe.net/repository/DEFAULT/977TP_AejgncT-3NAROcDneFSq4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 14:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:20:e0:51:72:9a:63:32:17:07:47:7f:6f:a8:fc:52:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7bed33ff01e8e09dc4fedcd01139c0e77854aae
Validity
Not Before: Oct 26 14:16:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=548cbbfe5acb88211528301246b4bac445b51b63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:21:4c:5f:83:bf:7c:e5:91:9a:60:9f:00:e6:
61:c8:94:88:5f:3c:a2:ae:5b:36:25:5a:d6:d3:9d:
10:85:2c:02:18:0a:15:01:e6:a2:56:fe:57:ca:8d:
15:d7:e2:de:31:58:a1:02:8e:32:fa:97:51:32:f6:
22:63:d7:2c:54:d2:36:1b:1b:24:52:2f:ec:b0:56:
0e:78:29:44:da:78:16:6b:a0:3f:a7:8c:39:bd:2b:
7f:9f:e5:dc:78:f2:68:4f:8d:ec:d8:8c:04:24:4f:
5d:11:27:26:b4:79:84:50:c8:c9:45:fd:b7:44:6e:
d3:1d:54:5a:f9:11:7b:72:9b:0f:86:cd:0f:12:f0:
30:0a:37:d3:02:7b:7f:93:b2:f7:6e:96:b1:08:04:
11:a9:3a:10:ee:d3:d9:cb:d2:fc:dc:e0:05:a1:62:
03:91:25:11:a5:83:44:29:4f:3d:bd:79:b0:86:f0:
a7:7e:a5:96:81:8a:85:38:2b:d6:d9:54:7d:5c:f3:
eb:dd:b1:d4:3d:7c:1e:56:8a:b7:4c:66:d7:9e:4a:
59:a1:1e:51:6d:0d:f8:e3:88:15:a5:8d:01:55:30:
57:24:f6:2b:79:8b:d8:66:12:70:0b:ff:63:d3:2b:
5d:7f:57:ff:0b:6a:36:86:11:90:f8:bf:77:57:a7:
0f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:8C:BB:FE:5A:CB:88:21:15:28:30:12:46:B4:BA:C4:45:B5:1B:63
X509v3 Authority Key Identifier:
keyid:F7:BE:D3:3F:F0:1E:8E:09:DC:4F:ED:CD:01:13:9C:0E:77:85:4A:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/977TP_AejgncT-3NAROcDneFSq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5a6d01-a375-4e11-871e-99e6141de7f1/1/VIy7_lrLiCEVKDASRrS6xEW1G2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/5a6d01-a375-4e11-871e-99e6141de7f1/1/977TP_AejgncT-3NAROcDneFSq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.70.84.0/22
Signature Algorithm: sha256WithRSAEncryption
37:55:2a:47:4d:16:25:6c:64:df:b5:d7:d4:1f:cb:31:d2:ae:
9b:ad:df:a7:2a:f1:e6:8f:ee:83:02:d2:84:01:35:05:55:e4:
17:7d:94:0b:ea:4d:8d:db:8b:8b:60:4a:26:6b:11:cb:ae:12:
8b:36:fa:b1:af:cc:c5:5f:a2:65:c6:bc:6d:cd:2b:da:37:96:
cd:6b:e5:2e:fa:42:c2:9c:a7:9d:83:60:57:3c:5e:75:35:98:
00:43:13:1a:02:fe:ac:a3:17:91:67:d9:91:e0:b8:df:86:af:
f8:b6:ed:df:ad:2c:9d:38:34:81:f6:1b:3d:91:b4:b2:14:c4:
95:7a:58:bd:4d:6f:e3:b0:41:b5:27:7e:51:f9:cb:39:82:55:
a4:19:97:83:de:4e:4c:d4:38:8c:ce:34:62:4a:6d:90:8b:be:
5e:2a:40:d0:ea:a3:95:a8:40:c9:96:c5:09:21:02:6a:27:e1:
7d:02:3f:7f:ab:58:29:b6:75:cb:80:17:37:3f:97:a3:d1:bc:
8a:7c:93:9c:5e:41:cb:bc:45:43:83:47:cc:43:cc:47:87:4c:
f9:b7:3b:a7:f7:64:78:ef:b3:49:12:48:cf:03:6c:6a:9e:4e:
65:0d:6d:f7:25:a8:55:a2:78:43:a2:79:5b:34:e5:09:eb:39:
43:4f:27:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZog4FFymmMyFwdHf2+o/FLfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YmVkMzNmZjAxZThlMDlkYzRmZWRjZDAxMTM5YzBlNzc4
NTRhYWUwHhcNMjUxMDI2MTQxNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDhjYmJmZTVhY2I4ODIxMTUyODMwMTI0NmI0YmFjNDQ1YjUxYjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSFMX4O/fOWRmmCfAOZhyJSIXzyi
rls2JVrW050QhSwCGAoVAeaiVv5Xyo0V1+LeMVihAo4y+pdRMvYiY9csVNI2Gxsk
Ui/ssFYOeClE2ngWa6A/p4w5vSt/n+XcePJoT43s2IwEJE9dEScmtHmEUMjJRf23
RG7THVRa+RF7cpsPhs0PEvAwCjfTAnt/k7L3bpaxCAQRqToQ7tPZy9L83OAFoWID
kSURpYNEKU89vXmwhvCnfqWWgYqFOCvW2VR9XPPr3bHUPXweVoq3TGbXnkpZoR5R
bQ3444gVpY0BVTBXJPYreYvYZhJwC/9j0ytdf1f/C2o2hhGQ+L93V6cP1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFSMu/5ay4ghFSgwEka0usRFtRtjMB8GA1UdIwQY
MBaAFPe+0z/wHo4J3E/tzQETnA53hUquMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTc3VFBfQWVqZ25jVC0zTkFST2NEbmVGU3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS81YTZkMDEtYTM3NS00ZTExLTg3MWUt
OTllNjE0MWRlN2YxLzEvVkl5N19sckxpQ0VWS0RBU1JyUzZ4RVcxRzJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS81YTZkMDEtYTM3NS00ZTExLTg3MWUtOTllNjE0MWRlN2Yx
LzEvOTc3VFBfQWVqZ25jVC0zTkFST2NEbmVGU3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUZUMA0G
CSqGSIb3DQEBCwUAA4IBAQA3VSpHTRYlbGTftdfUH8sx0q6brd+nKvHmj+6DAtKE
ATUFVeQXfZQL6k2N24uLYEomaxHLrhKLNvqxr8zFX6JlxrxtzSvaN5bNa+Uu+kLC
nKedg2BXPF51NZgAQxMaAv6soxeRZ9mR4Ljfhq/4tu3frSydODSB9hs9kbSyFMSV
eli9TW/jsEG1J35R+cs5glWkGZeD3k5M1DiMzjRiSm2Qi75eKkDQ6qOVqEDJlsUJ
IQJqJ+F9Aj9/q1gptnXLgBc3P5ej0byKfJOcXkHLvEVDg0fMQ8xHh0z5tzun92R4
77NJEkjPA2xqnk5lDW33JahVonhDonlbNOUJ6zlDTycx
-----END CERTIFICATE-----
Generated at Sun Oct 26 21:48:57 2025 by rpki-client