Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/YF5-v-73V9jzqTCek3KrFz6bZtE.roa
File: YF5-v-73V9jzqTCek3KrFz6bZtE.roa (raw, json)
Hash identifier: 4qF8xu38DQT/RQNxkMatdlrCh2ELJ5b3ZXmFLGgGvJQ=
Subject key identifier: 60:5E:7E:BF:EE:F7:57:D8:F3:A9:30:9E:93:72:AB:17:3E:9B:66:D1
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 0198E35EE7D47E62BB0F5AF9BF3978580876
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/YF5-v-73V9jzqTCek3KrFz6bZtE.roa
Signing time: Mon 25 Aug 2025 22:35:04 +0000
ROA not before: Mon 25 Aug 2025 22:35:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47645
IP address blocks: 94.137.64.0/21 maxlen: 21
94.137.72.0/24 maxlen: 24
94.137.73.0/24 maxlen: 24
94.137.74.0/24 maxlen: 24
94.137.75.0/24 maxlen: 24
94.137.80.0/22 maxlen: 22
94.137.84.0/22 maxlen: 22
94.137.88.0/24 maxlen: 24
2a05:c440::/48 maxlen: 48
2a05:c441::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 02:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e3:5e:e7:d4:7e:62:bb:0f:5a:f9:bf:39:78:58:08:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: Aug 25 22:35:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=605e7ebfeef757d8f3a9309e9372ab173e9b66d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:50:d1:49:39:52:fe:18:13:58:4f:4b:12:5e:
a8:c2:38:a4:db:a5:0e:9d:7c:a3:b6:5f:0d:a8:09:
15:32:84:85:c4:06:f7:f8:e9:f5:19:9e:49:03:6c:
87:8c:b8:f3:e5:c6:e6:35:6c:e6:bd:d7:31:97:98:
13:cf:6c:6a:8e:cc:2a:11:48:e3:cf:31:92:0b:1c:
fe:7c:85:0d:5a:52:91:bf:19:3f:e9:1d:7e:63:8a:
22:a5:3e:4d:5b:c6:0b:43:68:67:85:a8:1f:d8:e0:
26:83:ec:72:a2:ea:0e:e0:2c:2a:2c:28:f2:35:37:
86:ec:3c:9b:b1:c0:ac:72:c7:33:4c:60:4b:ce:dd:
1d:88:71:0e:72:0b:26:52:1e:05:45:81:f4:f1:40:
09:ee:cf:74:c6:67:99:bf:bc:e1:95:0b:bc:7d:f3:
a6:b5:9f:6f:20:d9:0b:77:28:0a:e7:ca:cc:4c:a3:
b0:a4:1d:4e:43:99:d9:89:9c:f8:ec:6e:4d:45:84:
91:0c:57:e9:b6:54:d0:df:16:9a:41:a4:f4:42:d7:
b1:a6:cb:26:e7:f2:77:76:0c:8a:80:d7:52:66:76:
81:b6:e2:79:07:aa:d9:71:dc:41:c7:40:9d:3b:41:
35:56:f6:fa:b3:bf:e6:2b:0f:85:df:dc:b7:e2:ae:
9f:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:5E:7E:BF:EE:F7:57:D8:F3:A9:30:9E:93:72:AB:17:3E:9B:66:D1
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/YF5-v-73V9jzqTCek3KrFz6bZtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.137.64.0-94.137.75.255
94.137.80.0-94.137.88.255
IPv6:
2a05:c440::/48
2a05:c441::/32
Signature Algorithm: sha256WithRSAEncryption
51:e7:77:9f:a4:d5:d1:f4:36:78:d5:b4:8f:b3:39:78:fd:07:
32:8b:86:65:93:42:b5:74:07:46:a3:0d:1b:11:64:93:8f:a9:
b1:3d:a7:08:c0:8f:d7:cc:1c:bb:7d:18:85:c6:d6:12:11:2b:
6b:b2:28:ce:44:59:c4:f6:4d:0f:84:39:36:18:36:6e:ab:17:
1f:97:36:e4:ef:96:24:56:60:2a:79:49:0c:c9:14:9d:a9:48:
d4:36:53:28:4b:0c:ed:cd:97:2e:67:96:59:bd:ff:c8:2f:c9:
64:99:9b:e6:d4:6c:09:f1:55:60:cf:e3:9a:2b:a2:8e:99:12:
bd:3f:33:01:82:ca:a2:12:06:c3:b4:84:cc:4e:bf:c0:4a:05:
22:a6:34:b1:96:4c:d7:be:9c:2a:f7:be:21:05:cd:f4:aa:7f:
50:0c:ff:54:1b:c8:c2:b4:a6:c2:88:99:4c:49:09:e3:31:db:
1a:d3:27:4e:48:a5:75:99:bb:be:17:89:7b:6c:07:66:aa:dd:
a6:04:3f:5b:ce:20:e3:75:da:b0:4f:75:4d:62:8e:83:ed:d0:
1d:09:b9:2d:45:f2:cf:8a:70:96:45:1d:47:b5:f8:ae:76:89:
48:35:10:3f:86:8c:21:66:b2:bc:19:f4:e8:99:3c:e4:a7:62:
d1:c0:50:fa
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZjjXufUfmK7D1r5vzl4WAh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWMwYWNiZmRiN2EyNzRlZjM2YzE2ZjU4NjBhZGEyYTI0
NzA2OTcwHhcNMjUwODI1MjIzNTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDVlN2ViZmVlZjc1N2Q4ZjNhOTMwOWU5MzcyYWIxNzNlOWI2NmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7lDRSTlS/hgTWE9LEl6owjik26UO
nXyjtl8NqAkVMoSFxAb3+On1GZ5JA2yHjLjz5cbmNWzmvdcxl5gTz2xqjswqEUjj
zzGSCxz+fIUNWlKRvxk/6R1+Y4oipT5NW8YLQ2hnhagf2OAmg+xyouoO4CwqLCjy
NTeG7DybscCscsczTGBLzt0diHEOcgsmUh4FRYH08UAJ7s90xmeZv7zhlQu8ffOm
tZ9vINkLdygK58rMTKOwpB1OQ5nZiZz47G5NRYSRDFfptlTQ3xaaQaT0Qtexpssm
5/J3dgyKgNdSZnaBtuJ5B6rZcdxBx0CdO0E1Vvb6s7/mKw+F39y34q6fcQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFGBefr/u91fY86kwnpNyqxc+m2bRMB8GA1UdIwQY
MBaAFImsCsv9t6J07zbBb1hgraKiRwaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMt
ZDRkYmY3MDY2ZmQzLzEvWUY1LXYtNzNWOWp6cVRDZWszS3JGejZiWnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMtZDRkYmY3MDY2ZmQz
LzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAiBAIAATAcMAwDBAZeiUAD
BAJeiUgwDAMEBF6JUAMEAF6JWDAWBAIAAjAQAwcAKgXEQAAAAwUAKgXEQTANBgkq
hkiG9w0BAQsFAAOCAQEAUed3n6TV0fQ2eNW0j7M5eP0HMouGZZNCtXQHRqMNGxFk
k4+psT2nCMCP18wcu30YhcbWEhEra7IozkRZxPZND4Q5Nhg2bqsXH5c25O+WJFZg
KnlJDMkUnalI1DZTKEsM7c2XLmeWWb3/yC/JZJmb5tRsCfFVYM/jmiuijpkSvT8z
AYLKohIGw7SEzE6/wEoFIqY0sZZM176cKve+IQXN9Kp/UAz/VBvIwrSmwoiZTEkJ
4zHbGtMnTkildZm7vheJe2wHZqrdpgQ/W84g43XasE91TWKOg+3QHQm5LUXyz4pw
lkUdR7X4rnaJSDUQP4aMIWayvBn06Jk85Kdi0cBQ+g==
-----END CERTIFICATE-----
Generated at Wed Sep 10 09:29:11 2025 by rpki-client