Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/YvkbVKJlGhe5CueuyVxq1q2O70Q.roa
File: YvkbVKJlGhe5CueuyVxq1q2O70Q.roa (raw, json)
Hash identifier: /PYpgEWMTLMpLQZyNZ/8Wtvmlyq4J/45JtHdGT30fP8=
Subject key identifier: 62:F9:1B:54:A2:65:1A:17:B9:0A:E7:AE:C9:5C:6A:D6:AD:8E:EF:44
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 0199DD68835EFDF81FA13E38C78337B7E7D5
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/YvkbVKJlGhe5CueuyVxq1q2O70Q.roa
Signing time: Mon 13 Oct 2025 11:50:38 +0000
ROA not before: Mon 13 Oct 2025 11:50:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 86.104.215.0/24 maxlen: 24
89.32.200.0/24 maxlen: 24
89.32.204.0/24 maxlen: 24
89.33.83.0/24 maxlen: 24
103.47.52.0/22 maxlen: 22
162.218.158.0/24 maxlen: 24
188.215.5.0/24 maxlen: 24
194.26.149.0/24 maxlen: 24
212.102.116.0/24 maxlen: 24
2a07:4a80::/29 maxlen: 29
2a0a:eb00::/32 maxlen: 32
2a0a:eb01::/32 maxlen: 32
2a0a:eb02::/32 maxlen: 32
2a0a:eb03::/32 maxlen: 32
2a0a:eb04::/32 maxlen: 32
2a0a:eb05::/32 maxlen: 32
2a0a:eb06::/32 maxlen: 32
2a0a:eb07::/32 maxlen: 32
2a0f:c840::/32 maxlen: 32
2a0f:c841::/32 maxlen: 32
2a0f:c842::/32 maxlen: 32
2a0f:c843::/32 maxlen: 32
2a0f:c844::/32 maxlen: 32
2a0f:c845::/32 maxlen: 32
2a0f:c846::/32 maxlen: 32
2a0f:c847::/32 maxlen: 32
2a11:3bc0::/32 maxlen: 32
2a11:3bc1::/32 maxlen: 32
2a11:3bc2::/32 maxlen: 32
2a11:3bc3::/32 maxlen: 32
2a11:3bc4::/32 maxlen: 32
2a11:3bc5::/32 maxlen: 32
2a11:3bc6::/32 maxlen: 32
2a11:3bc7::/32 maxlen: 32
2a12:7700::/32 maxlen: 32
2a12:7701::/32 maxlen: 32
2a12:7702::/32 maxlen: 32
2a12:7703::/32 maxlen: 32
2a12:7704::/32 maxlen: 32
2a12:7705::/32 maxlen: 32
2a12:7706::/32 maxlen: 32
2a12:7707::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:dd:68:83:5e:fd:f8:1f:a1:3e:38:c7:83:37:b7:e7:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Oct 13 11:50:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=62f91b54a2651a17b90ae7aec95c6ad6ad8eef44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f3:3e:18:ed:b5:08:b8:9c:b4:dd:1c:e9:e2:
4d:dc:1e:c9:f7:ec:b3:17:3b:61:11:1f:aa:03:95:
0c:81:b5:ba:36:0d:2d:f4:b7:45:97:1d:25:2a:a1:
07:6f:6a:5d:78:39:b7:b9:ef:c7:09:9e:f5:42:19:
ad:3f:84:7f:5f:d3:fb:6e:5f:e2:18:67:21:4f:cd:
41:0c:01:62:0e:8f:0f:c6:f9:d7:32:b6:d6:d0:29:
82:34:d0:ef:6e:83:04:02:00:94:de:2d:9d:09:8d:
a8:b6:dc:71:93:e6:af:de:e3:15:35:47:f3:90:2b:
07:92:85:e7:d1:4e:b4:5e:97:df:25:f0:b4:5e:0d:
d8:1c:f2:4c:f7:dc:7a:0c:2f:de:ef:b1:0e:af:7b:
c5:5e:29:a3:cf:2b:97:ef:ac:09:b7:8c:41:b0:46:
f6:95:e3:0a:e9:2a:36:ac:63:dc:a3:08:62:5c:6f:
84:4b:6e:ee:2f:85:8e:ed:3d:58:bd:05:64:fe:7d:
a9:fc:2f:a4:6f:9b:fd:ae:0f:ab:7c:da:e8:b8:92:
fb:80:13:98:67:d1:7f:27:62:ac:88:63:4f:89:35:
47:cb:80:bd:2b:fa:a4:b8:c2:33:cf:4b:9d:e7:e8:
56:5e:be:e6:f4:d3:22:e4:c5:5f:af:f1:a0:b6:92:
36:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:F9:1B:54:A2:65:1A:17:B9:0A:E7:AE:C9:5C:6A:D6:AD:8E:EF:44
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/YvkbVKJlGhe5CueuyVxq1q2O70Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.215.0/24
89.32.200.0/24
89.32.204.0/24
89.33.83.0/24
103.47.52.0/22
162.218.158.0/24
188.215.5.0/24
194.26.149.0/24
212.102.116.0/24
IPv6:
2a07:4a80::/29
2a0a:eb00::/29
2a0f:c840::/29
2a11:3bc0::/29
2a12:7700::/29
Signature Algorithm: sha256WithRSAEncryption
46:20:bf:37:41:e8:24:a4:2b:f8:08:9b:3e:a3:1b:3d:6d:75:
9d:33:cf:76:b4:f1:bf:95:a2:16:74:bb:db:96:af:98:38:3f:
ae:db:d0:09:26:97:72:24:c2:c5:54:51:b2:2c:97:79:4a:ff:
53:bf:14:86:93:12:66:6a:ce:7e:8f:ff:51:e6:e0:1d:69:37:
52:0b:96:32:4e:c9:0d:36:47:48:6e:ed:c2:f6:64:3a:c5:83:
3c:84:e1:6f:9d:3a:0c:b8:a2:39:3d:37:6c:33:b2:3b:1d:b1:
ab:ad:40:02:96:a9:62:be:bb:1f:c2:2e:59:60:16:89:ee:63:
d0:41:f5:a6:22:3c:c9:c3:00:7e:29:a5:fc:5b:23:aa:43:53:
37:c5:cd:93:76:40:aa:66:0a:75:72:19:d3:70:aa:a8:da:e5:
f3:58:6f:e7:85:fe:02:35:2a:aa:ef:54:3f:5e:d0:24:1a:f2:
8a:cd:6d:82:65:06:60:95:5b:06:e3:6b:cf:6a:30:02:1e:a4:
76:c3:35:56:ef:97:b9:93:f0:b7:ad:8c:34:0a:28:74:d6:a2:
c3:af:3a:3a:0e:b5:1a:e1:cd:65:73:6d:05:6d:ed:76:1c:86:
09:5f:b2:38:d2:12:fe:75:b7:ad:a4:49:72:3d:b8:da:9b:8b:
05:0f:21:df
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAZndaINe/fgfoT44x4M3t+fVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjUxMDEzMTE1MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmY5MWI1NGEyNjUxYTE3YjkwYWU3YWVjOTVjNmFkNmFkOGVlZjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/M+GO21CLictN0c6eJN3B7J9+yz
FzthER+qA5UMgbW6Ng0t9LdFlx0lKqEHb2pdeDm3ue/HCZ71QhmtP4R/X9P7bl/i
GGchT81BDAFiDo8PxvnXMrbW0CmCNNDvboMEAgCU3i2dCY2ottxxk+av3uMVNUfz
kCsHkoXn0U60XpffJfC0Xg3YHPJM99x6DC/e77EOr3vFXimjzyuX76wJt4xBsEb2
leMK6So2rGPcowhiXG+ES27uL4WO7T1YvQVk/n2p/C+kb5v9rg+rfNrouJL7gBOY
Z9F/J2KsiGNPiTVHy4C9K/qkuMIzz0ud5+hWXr7m9NMi5MVfr/GgtpI2RwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFGL5G1SiZRoXuQrnrslcatatju9EMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvWXZrYlZLSmxHaGU1Q3VldXlWeHExcTJPNzBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTA8BAIAATA2AwQAVmjXAwQA
WSDIAwQAWSDMAwQAWSFTAwQCZy80AwQAotqeAwQAvNcFAwQAwhqVAwQA1GZ0MCkE
AgACMCMDBQMqB0qAAwUDKgrrAAMFAyoPyEADBQMqETvAAwUDKhJ3ADANBgkqhkiG
9w0BAQsFAAOCAQEARiC/N0HoJKQr+AibPqMbPW11nTPPdrTxv5WiFnS725avmDg/
rtvQCSaXciTCxVRRsiyXeUr/U78UhpMSZmrOfo//UebgHWk3UguWMk7JDTZHSG7t
wvZkOsWDPIThb506DLiiOT03bDOyOx2xq61AApapYr67H8IuWWAWie5j0EH1piI8
ycMAfiml/FsjqkNTN8XNk3ZAqmYKdXIZ03CqqNrl81hv54X+AjUqqu9UP17QJBry
is1tgmUGYJVbBuNrz2owAh6kdsM1Vu+XuZPwt62MNAoodNaiw686Og61GuHNZXNt
BW3tdhyGCV+yONIS/nW3raRJcj242puLBQ8h3w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:29:47 2025 by rpki-client