Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/YlDIKaB8euIzba12ToMGnySBz84.roa
File: YlDIKaB8euIzba12ToMGnySBz84.roa (raw, json)
Hash identifier: nKVG1dS4buniUqJ1W1EJzLaCnNU2lOtAtXAxwmlxhDY=
Subject key identifier: 62:50:C8:29:A0:7C:7A:E2:33:6D:AD:76:4E:83:06:9F:24:81:CF:CE
Certificate issuer: /CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Certificate serial: 019A1B4ED8839F7A8ECF1A35A65D47ED6CF4
Authority key identifier: 84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/YlDIKaB8euIzba12ToMGnySBz84.roa
Signing time: Sat 25 Oct 2025 12:19:03 +0000
ROA not before: Sat 25 Oct 2025 12:19:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 217.173.144.0/23 maxlen: 23
217.173.148.0/22 maxlen: 22
217.173.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.mft
rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 Oct 2025 19:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1b:4e:d8:83:9f:7a:8e:cf:1a:35:a6:5d:47:ed:6c:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84470af0d89d785ba18ba617dc09e3f72c5996f3
Validity
Not Before: Oct 25 12:19:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6250c829a07c7ae2336dad764e83069f2481cfce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f4:35:02:5b:98:36:b3:d6:0b:fa:a0:97:c5:
e9:76:e3:4b:7b:9f:40:a7:55:c0:bd:50:a3:a7:5f:
20:84:f2:82:bb:3d:aa:f9:bd:94:f2:ee:45:4e:66:
3a:c4:e6:3e:9a:b0:cc:21:d2:fa:ee:f9:16:46:b0:
2a:8d:d6:62:00:d1:ac:13:0f:67:ec:28:83:a4:2d:
b7:99:dc:ef:65:28:90:4b:a5:d4:80:88:96:be:2f:
a6:9d:5e:e9:97:e4:78:d6:cd:34:ca:5d:ce:36:a0:
75:5b:16:cb:19:9b:96:15:68:f6:25:17:71:e4:e9:
a5:65:f5:01:5e:8c:dd:d2:de:56:fe:07:15:f7:35:
96:00:45:2b:38:76:25:96:09:b8:f5:9a:0e:77:01:
68:30:97:d8:25:76:02:2d:b1:da:50:34:5b:bc:72:
95:df:5d:cd:cb:60:8d:ea:83:e2:cc:82:f3:40:ec:
73:c2:1d:ed:31:a2:45:e4:33:93:2e:dc:d2:5a:48:
1a:c0:99:61:6d:a0:6a:14:44:d4:91:69:f6:b3:30:
55:aa:80:26:c3:d4:3b:48:16:93:43:ba:eb:de:c8:
d5:6c:da:41:f6:49:86:f4:53:9a:57:4a:fd:b4:9e:
51:96:05:ac:7e:ee:07:df:81:d0:5b:39:93:eb:2d:
00:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:50:C8:29:A0:7C:7A:E2:33:6D:AD:76:4E:83:06:9F:24:81:CF:CE
X509v3 Authority Key Identifier:
keyid:84:47:0A:F0:D8:9D:78:5B:A1:8B:A6:17:DC:09:E3:F7:2C:59:96:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hEcK8NideFuhi6YX3Anj9yxZlvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/YlDIKaB8euIzba12ToMGnySBz84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/660f1d-5753-4516-8002-e76e3e293e02/1/hEcK8NideFuhi6YX3Anj9yxZlvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.173.144.0/23
217.173.148.0/22
217.173.157.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:17:2a:be:64:15:20:ac:31:7b:f6:0c:8f:7b:3b:f9:bf:e0:
ff:9e:b5:21:83:79:ee:1f:8d:f0:86:9e:33:a4:51:86:19:cb:
b8:24:a0:aa:e1:00:2c:9f:90:db:f1:f6:f2:3b:a2:8f:fd:f8:
73:da:b7:e1:65:92:63:8f:5c:5c:86:48:e3:51:3a:a7:08:3b:
1d:de:4b:5f:f2:30:14:49:b2:7a:eb:60:fb:0a:25:32:ae:48:
2a:27:ed:5a:53:52:6c:9f:e9:01:85:fd:a6:6d:a9:17:09:cf:
44:9d:7d:a2:c0:d7:14:0b:7a:e3:54:09:a7:dc:5a:4f:5e:1a:
44:28:37:f2:70:dd:44:44:dc:45:98:a3:2a:e9:41:8e:8c:5f:
3a:50:ea:50:2f:8f:01:62:8b:eb:c3:f0:07:1f:ab:04:61:4a:
a1:e9:59:d1:e0:bd:44:96:f9:aa:0d:a2:a3:6a:c3:d4:5e:16:
70:e5:35:fd:2e:eb:fa:82:d3:9b:cf:3e:06:70:18:16:44:ea:
5c:92:49:09:3d:64:e6:13:c9:e4:09:26:06:fe:44:7c:20:9a:
92:2c:83:0b:c3:6f:19:a9:7f:2d:50:d9:5f:ff:3b:f1:26:68:
50:2e:d0:55:a1:05:95:63:65:4f:af:60:c7:a6:8c:83:e4:fb:
d9:fd:91:1b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZobTtiDn3qOzxo1pl1H7Wz0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDcwYWYwZDg5ZDc4NWJhMThiYTYxN2RjMDllM2Y3MmM1
OTk2ZjMwHhcNMjUxMDI1MTIxOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjUwYzgyOWEwN2M3YWUyMzM2ZGFkNzY0ZTgzMDY5ZjI0ODFjZmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PQ1AluYNrPWC/qgl8XpduNLe59A
p1XAvVCjp18ghPKCuz2q+b2U8u5FTmY6xOY+mrDMIdL67vkWRrAqjdZiANGsEw9n
7CiDpC23mdzvZSiQS6XUgIiWvi+mnV7pl+R41s00yl3ONqB1WxbLGZuWFWj2JRdx
5OmlZfUBXozd0t5W/gcV9zWWAEUrOHYllgm49ZoOdwFoMJfYJXYCLbHaUDRbvHKV
313Ny2CN6oPizILzQOxzwh3tMaJF5DOTLtzSWkgawJlhbaBqFETUkWn2szBVqoAm
w9Q7SBaTQ7rr3sjVbNpB9kmG9FOaV0r9tJ5RlgWsfu4H34HQWzmT6y0AYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGJQyCmgfHriM22tdk6DBp8kgc/OMB8GA1UdIwQY
MBaAFIRHCvDYnXhboYumF9wJ4/csWZbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDIt
ZTc2ZTNlMjkzZTAyLzEvWWxESUthQjhldUl6YmExMlRvTUdueVNCejg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS82NjBmMWQtNTc1My00NTE2LTgwMDItZTc2ZTNlMjkzZTAy
LzEvaEVjSzhOaWRlRnVoaTZZWDNBbmo5eXhabHZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQB2a2QAwQC
2a2UAwQA2a2dMA0GCSqGSIb3DQEBCwUAA4IBAQClFyq+ZBUgrDF79gyPezv5v+D/
nrUhg3nuH43whp4zpFGGGcu4JKCq4QAsn5Db8fbyO6KP/fhz2rfhZZJjj1xchkjj
UTqnCDsd3ktf8jAUSbJ662D7CiUyrkgqJ+1aU1Jsn+kBhf2mbakXCc9EnX2iwNcU
C3rjVAmn3FpPXhpEKDfycN1ERNxFmKMq6UGOjF86UOpQL48BYovrw/AHH6sEYUqh
6VnR4L1ElvmqDaKjasPUXhZw5TX9Luv6gtObzz4GcBgWROpckkkJPWTmE8nkCSYG
/kR8IJqSLIMLw28ZqX8tUNlf/zvxJmhQLtBVoQWVY2VPr2DHpoyD5PvZ/ZEb
-----END CERTIFICATE-----
Generated at Fri Oct 31 05:32:51 2025 by rpki-client