Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/Y5p6F4UgeyNdjbmOK_eI5DEFB6I.roa
File: Y5p6F4UgeyNdjbmOK_eI5DEFB6I.roa (raw, json)
Hash identifier: cOCeggTPuj6BKNRi52gDbXr0EhrC3FJB715+fnKK0y0=
Subject key identifier: 63:9A:7A:17:85:20:7B:23:5D:8D:B9:8E:2B:F7:88:E4:31:05:07:A2
Certificate issuer: /CN=5975d519de239cf164cb94a6660c2530ceaef254
Certificate serial: 01991488F62CD9060C47E724FD8206FF0DD5
Authority key identifier: 59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/Y5p6F4UgeyNdjbmOK_eI5DEFB6I.roa
Signing time: Thu 04 Sep 2025 11:42:24 +0000
ROA not before: Thu 04 Sep 2025 11:42:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34450
IP address blocks: 85.11.161.0/24 maxlen: 24
85.11.167.0/24 maxlen: 24
85.11.180.0/22 maxlen: 22
85.11.180.0/24 maxlen: 24
85.11.181.0/24 maxlen: 24
85.11.182.0/24 maxlen: 24
85.11.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 23:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:14:88:f6:2c:d9:06:0c:47:e7:24:fd:82:06:ff:0d:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5975d519de239cf164cb94a6660c2530ceaef254
Validity
Not Before: Sep 4 11:42:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=639a7a1785207b235d8db98e2bf788e4310507a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f1:d7:27:3e:8c:df:13:4f:ce:f3:5f:9a:31:
f4:ec:eb:e8:86:13:3f:b2:5f:2a:b4:f1:ac:c6:5e:
92:03:db:5d:54:64:f6:0b:10:aa:3a:d1:1c:bb:d3:
fb:8c:46:c7:35:c4:48:9d:34:1f:e8:95:44:98:4d:
0a:be:a7:48:1d:f4:b9:40:fc:67:f8:f6:da:c4:6f:
b6:49:a4:d8:14:c2:4f:1c:60:58:ab:f3:73:90:0c:
08:bd:c6:59:bd:67:05:e3:a3:99:13:d1:22:f0:d7:
c0:10:da:d4:6e:8e:9d:e3:13:17:e4:18:25:69:d7:
6a:6a:83:7d:0b:22:fd:c4:c2:e4:fa:ab:a7:f8:98:
3f:13:32:bb:fb:3b:37:3d:60:cd:3a:d9:a6:8b:9a:
b9:25:b9:90:e4:9b:45:44:35:57:6c:59:19:05:cf:
b6:19:3a:03:d1:09:6f:4f:8a:56:8e:e7:31:8b:e0:
6e:e5:19:6f:85:cb:89:46:92:2b:f6:92:e9:12:76:
39:96:94:de:39:16:68:63:b9:9d:97:ac:4b:c4:5d:
a7:28:b9:94:5a:ee:10:b2:6c:37:c9:81:8c:d5:8a:
3d:6b:47:cf:6e:b9:ff:00:d5:c4:65:3c:e0:af:5a:
30:58:ee:36:4a:cf:1a:7c:3a:aa:0f:e8:a8:52:74:
fd:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:9A:7A:17:85:20:7B:23:5D:8D:B9:8E:2B:F7:88:E4:31:05:07:A2
X509v3 Authority Key Identifier:
keyid:59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/Y5p6F4UgeyNdjbmOK_eI5DEFB6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.11.161.0/24
85.11.167.0/24
85.11.180.0/22
Signature Algorithm: sha256WithRSAEncryption
03:c0:ab:9e:84:75:35:4b:89:ed:f9:73:d2:0d:3f:f8:03:94:
4a:ca:80:1b:1a:e0:7b:72:33:69:18:83:a2:cf:c0:61:e5:71:
fd:0a:41:87:12:9a:57:d5:73:04:96:b9:eb:1e:27:d1:7d:51:
d9:b6:e9:c6:1e:f6:57:01:9a:f9:8a:41:e7:93:a3:18:ed:a9:
35:af:e6:66:cc:7a:77:57:52:05:64:8e:c5:76:e5:44:4a:48:
2a:2b:de:b6:e8:6e:0b:ac:f9:30:2c:95:42:58:ce:ec:2c:96:
11:f6:cd:57:cf:35:9c:c1:86:89:76:de:f6:f8:a0:32:e7:74:
47:d5:ef:7a:b8:b7:f4:10:d4:2e:82:46:28:5c:ec:ba:42:84:
9d:a2:13:dc:00:26:3b:d7:e3:00:f7:bb:1e:d0:7d:9c:d3:f6:
aa:d8:c5:8f:81:c2:ce:e9:7b:bb:61:05:df:95:b6:33:ca:df:
4b:e0:ee:e1:d6:b8:f8:89:70:63:12:7e:fd:3c:95:6f:bf:ac:
40:8d:2c:e4:d3:7b:17:7d:c3:7b:79:31:99:2c:5a:c1:df:1c:
2d:dc:23:86:9c:a8:66:c5:0c:08:9f:a3:e2:bc:df:1c:0a:73:
4b:9f:9f:b1:45:63:2d:d7:eb:7e:b3:92:d4:c6:41:ea:dc:57:
7b:ec:e9:2a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZkUiPYs2QYMR+ck/YIG/w3VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NzVkNTE5ZGUyMzljZjE2NGNiOTRhNjY2MGMyNTMwY2Vh
ZWYyNTQwHhcNMjUwOTA0MTE0MjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzlhN2ExNzg1MjA3YjIzNWQ4ZGI5OGUyYmY3ODhlNDMxMDUwN2EyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fHXJz6M3xNPzvNfmjH07OvohhM/
sl8qtPGsxl6SA9tdVGT2CxCqOtEcu9P7jEbHNcRInTQf6JVEmE0KvqdIHfS5QPxn
+PbaxG+2SaTYFMJPHGBYq/NzkAwIvcZZvWcF46OZE9Ei8NfAENrUbo6d4xMX5Bgl
addqaoN9CyL9xMLk+qun+Jg/EzK7+zs3PWDNOtmmi5q5JbmQ5JtFRDVXbFkZBc+2
GToD0QlvT4pWjucxi+Bu5RlvhcuJRpIr9pLpEnY5lpTeORZoY7mdl6xLxF2nKLmU
Wu4Qsmw3yYGM1Yo9a0fPbrn/ANXEZTzgr1owWO42Ss8afDqqD+ioUnT9GQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGOaeheFIHsjXY25jiv3iOQxBQeiMB8GA1UdIwQY
MBaAFFl11RneI5zxZMuUpmYMJTDOrvJUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUt
MmNjNjc1NzI2OTc1LzEvWTVwNkY0VWdleU5kamJtT0tfZUk1REVGQjZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUtMmNjNjc1NzI2OTc1
LzEvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVQuhAwQA
VQunAwQCVQu0MA0GCSqGSIb3DQEBCwUAA4IBAQADwKuehHU1S4nt+XPSDT/4A5RK
yoAbGuB7cjNpGIOiz8Bh5XH9CkGHEppX1XMElrnrHifRfVHZtunGHvZXAZr5ikHn
k6MY7ak1r+ZmzHp3V1IFZI7FduVESkgqK9626G4LrPkwLJVCWM7sLJYR9s1XzzWc
wYaJdt72+KAy53RH1e96uLf0ENQugkYoXOy6QoSdohPcACY71+MA97se0H2c0/aq
2MWPgcLO6Xu7YQXflbYzyt9L4O7h1rj4iXBjEn79PJVvv6xAjSzk03sXfcN7eTGZ
LFrB3xwt3COGnKhmxQwIn6PivN8cCnNLn5+xRWMt1+t+s5LUxkHq3Fd77Okq
-----END CERTIFICATE-----
Generated at Tue Sep 9 07:53:31 2025 by rpki-client