Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/yCBOPaS01iKvqQk_YMaVaTTz234.roa
File: yCBOPaS01iKvqQk_YMaVaTTz234.roa (raw, json)
Hash identifier: e9QjMPbYzYYjfH2EZu8+PaBSsGZJBC9gvfRDCWljrsQ=
Subject key identifier: C8:20:4E:3D:A4:B4:D6:22:AF:A9:09:3F:60:C6:95:69:34:F3:DB:7E
Certificate issuer: /CN=962bd76a5cac283ece0a0f8eab2c97021401fb89
Certificate serial: 0198E24EFD6E8E96BD73A05ECEF0EFF155AE
Authority key identifier: 96:2B:D7:6A:5C:AC:28:3E:CE:0A:0F:8E:AB:2C:97:02:14:01:FB:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/livXalysKD7OCg-OqyyXAhQB-4k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/yCBOPaS01iKvqQk_YMaVaTTz234.roa
Signing time: Mon 25 Aug 2025 17:38:04 +0000
ROA not before: Mon 25 Aug 2025 17:38:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3758
IP address blocks: 85.203.24.0/24 maxlen: 24
85.203.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/livXalysKD7OCg-OqyyXAhQB-4k.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/livXalysKD7OCg-OqyyXAhQB-4k.mft
rsync://rpki.ripe.net/repository/DEFAULT/livXalysKD7OCg-OqyyXAhQB-4k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 02:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e2:4e:fd:6e:8e:96:bd:73:a0:5e:ce:f0:ef:f1:55:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=962bd76a5cac283ece0a0f8eab2c97021401fb89
Validity
Not Before: Aug 25 17:38:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8204e3da4b4d622afa9093f60c6956934f3db7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:72:32:fa:7f:aa:6d:7e:92:2b:d3:0e:65:32:
b8:02:ff:91:74:e1:f9:a2:be:6d:10:8e:80:a5:9a:
27:f4:cc:4a:d1:19:25:99:20:b5:18:5c:7f:5c:08:
fa:f5:4d:42:f7:2d:95:34:72:a0:b3:31:a8:d6:60:
56:1e:6f:49:12:d3:e0:cb:94:df:6c:87:df:94:5a:
ce:83:70:f5:ab:9d:be:cd:a4:0b:18:ca:9c:d5:06:
ba:e8:5f:9b:55:8d:29:39:4c:d4:9d:70:93:68:e4:
7f:34:40:74:52:6f:1e:33:f5:00:60:cf:be:56:5b:
fe:f0:fa:94:b1:3c:f5:9d:c0:bf:e8:bc:01:44:d5:
f2:aa:9c:ba:c3:84:5d:d0:5f:b0:2b:05:e1:2a:2d:
86:08:2c:99:f3:ed:cf:4c:4f:fb:9d:b2:06:26:1a:
42:45:2a:69:96:2a:f0:75:ee:27:ae:1e:c7:7a:24:
a1:51:5e:89:e1:55:cc:ee:ad:fd:7f:24:33:ea:67:
03:e7:a6:e3:2c:39:22:bc:f4:66:45:19:1a:da:14:
75:54:24:15:37:1c:03:29:42:9c:ce:5e:41:86:e5:
e4:88:70:f4:ad:10:75:82:48:78:4f:a7:8e:bc:4d:
f4:33:7a:15:8d:7d:b6:9e:3e:23:f6:91:74:c3:ef:
77:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:20:4E:3D:A4:B4:D6:22:AF:A9:09:3F:60:C6:95:69:34:F3:DB:7E
X509v3 Authority Key Identifier:
keyid:96:2B:D7:6A:5C:AC:28:3E:CE:0A:0F:8E:AB:2C:97:02:14:01:FB:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/livXalysKD7OCg-OqyyXAhQB-4k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/yCBOPaS01iKvqQk_YMaVaTTz234.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/046460-102c-4930-842c-6ab11155f6fb/1/livXalysKD7OCg-OqyyXAhQB-4k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.24.0/24
85.203.35.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:08:31:c9:64:77:46:38:32:05:3b:94:be:5f:81:bc:86:ea:
b7:98:08:05:5b:ab:a3:a6:16:35:b2:80:fa:46:2e:54:5f:bc:
a5:14:91:a8:da:b6:b4:e1:ce:d2:02:77:de:14:bb:57:b5:5c:
4d:3a:9f:1f:9a:53:f4:06:88:52:25:56:fa:7b:96:0f:f7:cc:
22:45:24:13:47:9b:e9:16:d9:4f:1e:6d:b5:ac:a8:c6:d2:e4:
30:d7:39:6d:f1:7a:a1:41:5e:2c:02:df:82:49:e1:e0:ad:d3:
98:8c:65:e2:36:16:63:70:70:0f:65:a6:4d:33:b3:4a:d3:3d:
9f:fc:08:57:38:b9:3f:2c:e3:e0:af:c9:ca:7b:ca:4c:57:2a:
50:02:5b:63:63:b5:dd:7f:c2:7e:5e:dd:30:06:56:84:48:64:
72:c4:ac:c2:8f:ed:90:cb:ad:64:74:b1:ad:9f:c8:c9:78:21:
87:15:0d:8b:5c:42:ce:2e:c5:cc:4d:64:7b:aa:11:a2:c0:f5:
e6:44:92:8b:97:57:6a:26:2d:12:ad:03:aa:ba:ee:1b:12:67:
ab:53:91:1c:81:56:a1:a8:ef:73:7c:1e:7b:4c:6e:1b:d1:38:
ee:d5:a1:48:e5:f6:12:0d:e4:11:ba:4a:7c:b7:27:7d:de:30:
db:71:4e:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZjiTv1ujpa9c6BezvDv8VWuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MmJkNzZhNWNhYzI4M2VjZTBhMGY4ZWFiMmM5NzAyMTQw
MWZiODkwHhcNMjUwODI1MTczODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODIwNGUzZGE0YjRkNjIyYWZhOTA5M2Y2MGM2OTU2OTM0ZjNkYjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3Iy+n+qbX6SK9MOZTK4Av+RdOH5
or5tEI6ApZon9MxK0RklmSC1GFx/XAj69U1C9y2VNHKgszGo1mBWHm9JEtPgy5Tf
bIfflFrOg3D1q52+zaQLGMqc1Qa66F+bVY0pOUzUnXCTaOR/NEB0Um8eM/UAYM++
Vlv+8PqUsTz1ncC/6LwBRNXyqpy6w4Rd0F+wKwXhKi2GCCyZ8+3PTE/7nbIGJhpC
RSpplirwde4nrh7HeiShUV6J4VXM7q39fyQz6mcD56bjLDkivPRmRRka2hR1VCQV
NxwDKUKczl5BhuXkiHD0rRB1gkh4T6eOvE30M3oVjX22nj4j9pF0w+93qQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMggTj2ktNYir6kJP2DGlWk089t+MB8GA1UdIwQY
MBaAFJYr12pcrCg+zgoPjqsslwIUAfuJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGl2WGFseXNLRDdPQ2ctT3F5eVhBaFFCLTRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8wNDY0NjAtMTAyYy00OTMwLTg0MmMt
NmFiMTExNTVmNmZiLzEveUNCT1BhUzAxaUt2cVFrX1lNYVZhVFR6MjM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8wNDY0NjAtMTAyYy00OTMwLTg0MmMtNmFiMTExNTVmNmZi
LzEvbGl2WGFseXNLRDdPQ2ctT3F5eVhBaFFCLTRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVcsYAwQA
VcsjMA0GCSqGSIb3DQEBCwUAA4IBAQA/CDHJZHdGODIFO5S+X4G8huq3mAgFW6uj
phY1soD6Ri5UX7ylFJGo2ra04c7SAnfeFLtXtVxNOp8fmlP0BohSJVb6e5YP98wi
RSQTR5vpFtlPHm21rKjG0uQw1zlt8XqhQV4sAt+CSeHgrdOYjGXiNhZjcHAPZaZN
M7NK0z2f/AhXOLk/LOPgr8nKe8pMVypQAltjY7Xdf8J+Xt0wBlaESGRyxKzCj+2Q
y61kdLGtn8jJeCGHFQ2LXELOLsXMTWR7qhGiwPXmRJKLl1dqJi0SrQOquu4bEmer
U5EcgVahqO9zfB57TG4b0Tju1aFI5fYSDeQRukp8tyd93jDbcU55
-----END CERTIFICATE-----
Generated at Sat Sep 6 07:35:42 2025 by rpki-client