Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/YIwZGWzdsTBaa6JRDERfwbeBXZ0.roa
File: YIwZGWzdsTBaa6JRDERfwbeBXZ0.roa (raw, json)
Hash identifier: 2MqcB4x9yZprcZgjc6+oBlv69tQxhfqvxA+pZ+wYcMc=
Subject key identifier: 60:8C:19:19:6C:DD:B1:30:5A:6B:A2:51:0C:44:5F:C1:B7:81:5D:9D
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 0199056A4DF303CEC928CFD5E196A1F5C4A0
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/YIwZGWzdsTBaa6JRDERfwbeBXZ0.roa
Signing time: Mon 01 Sep 2025 13:14:36 +0000
ROA not before: Mon 01 Sep 2025 13:14:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197998
IP address blocks: 37.230.223.0/24 maxlen: 24
141.101.140.0/23 maxlen: 23
141.101.207.0/24 maxlen: 24
141.101.212.0/23 maxlen: 23
141.101.214.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 17:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:05:6a:4d:f3:03:ce:c9:28:cf:d5:e1:96:a1:f5:c4:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Sep 1 13:14:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=608c19196cddb1305a6ba2510c445fc1b7815d9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:a5:65:11:0b:e7:97:4b:89:3f:af:8d:14:02:
68:88:a4:ea:e6:34:4c:9a:cb:17:f3:a4:44:74:4a:
42:ec:4d:07:51:cb:a2:90:0e:22:38:bc:f5:6a:f3:
95:c1:e3:f6:da:05:4a:f1:8e:d0:74:2e:9d:19:7b:
56:d8:65:a2:1f:f9:1a:b2:be:5a:1e:6d:2c:33:5c:
ae:27:30:96:44:41:83:3b:c7:9c:ab:f0:7e:fd:76:
01:56:69:92:d5:26:e2:ee:d5:8b:9c:98:8e:e3:69:
15:c9:4f:66:cc:3d:85:25:86:5a:c4:75:05:8f:44:
01:65:38:b2:f9:4c:0b:3e:be:5c:21:92:b1:d3:07:
69:b8:5b:63:5e:b2:0f:26:c6:c9:81:a8:f9:0b:b7:
6b:5f:80:48:2f:b1:85:a9:22:e4:e6:21:be:65:65:
9b:58:7f:40:11:31:15:bf:71:e8:f5:b9:3c:99:12:
58:42:6f:ed:52:86:8f:6c:6d:91:34:a7:25:d8:53:
33:13:8f:46:73:ed:b2:ac:bc:a0:d4:09:27:9f:06:
77:e4:14:f0:29:8c:d0:ad:e5:cf:4f:2f:39:2b:31:
58:f8:dd:85:a3:53:16:9b:e9:f2:a9:1f:42:48:d6:
0f:0c:7f:c6:fb:31:2e:cc:84:bc:df:2f:05:7a:23:
b7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:8C:19:19:6C:DD:B1:30:5A:6B:A2:51:0C:44:5F:C1:B7:81:5D:9D
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/YIwZGWzdsTBaa6JRDERfwbeBXZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.223.0/24
141.101.140.0/23
141.101.207.0/24
141.101.212.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:28:60:59:42:b9:20:9a:93:f3:e9:65:da:7d:09:fb:fc:f3:
e6:ee:de:c4:4e:f7:d1:cc:51:ed:ff:16:92:82:e8:4a:63:b2:
92:11:b7:10:20:fd:49:5e:c8:19:0c:19:f7:64:5c:a8:e1:d8:
46:cf:ef:11:cb:c5:bc:d1:e8:19:04:cd:1e:89:93:d0:68:0e:
c9:2c:47:f1:2f:55:ec:bd:1b:65:ff:81:11:86:bc:12:f9:81:
53:cc:d2:9e:1c:f2:c9:b8:d0:85:66:3e:2a:0c:80:07:2d:97:
ac:5a:f9:06:a3:63:30:46:ac:29:c8:2e:13:4e:13:02:9a:9e:
87:36:db:76:84:b9:50:9a:a8:f1:48:8b:c9:b0:75:cb:77:c8:
39:3c:70:a3:e1:58:c9:59:3c:a8:36:55:ab:4d:3d:8c:15:23:
df:4d:00:80:02:e8:bf:9a:1a:f8:ae:7b:07:2c:7b:fc:18:21:
de:78:3f:c0:51:d6:35:73:f4:c3:d4:f6:33:4f:d5:a1:8c:30:
7d:4a:05:ef:57:bc:af:f7:4d:26:7e:ea:19:0d:ce:74:2c:31:
cc:1e:af:d1:ac:db:97:11:54:10:2b:fa:eb:68:74:e4:e2:1e:
86:e7:4a:19:9e:60:2b:4c:c5:30:0e:19:e0:34:7e:68:8e:ef:
e7:61:45:d3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZkFak3zA87JKM/V4Zah9cSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwOTAxMTMxNDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDhjMTkxOTZjZGRiMTMwNWE2YmEyNTEwYzQ0NWZjMWI3ODE1ZDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8qVlEQvnl0uJP6+NFAJoiKTq5jRM
mssX86REdEpC7E0HUcuikA4iOLz1avOVweP22gVK8Y7QdC6dGXtW2GWiH/kasr5a
Hm0sM1yuJzCWREGDO8ecq/B+/XYBVmmS1Sbi7tWLnJiO42kVyU9mzD2FJYZaxHUF
j0QBZTiy+UwLPr5cIZKx0wdpuFtjXrIPJsbJgaj5C7drX4BIL7GFqSLk5iG+ZWWb
WH9AETEVv3Ho9bk8mRJYQm/tUoaPbG2RNKcl2FMzE49Gc+2yrLyg1AknnwZ35BTw
KYzQreXPTy85KzFY+N2Fo1MWm+nyqR9CSNYPDH/G+zEuzIS83y8FeiO3gQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGCMGRls3bEwWmuiUQxEX8G3gV2dMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvWUl3WkdXemRzVEJhYTZKUkRFUmZ3YmVCWFowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJebfAwQB
jWWMAwQAjWXPAwQCjWXUMA0GCSqGSIb3DQEBCwUAA4IBAQCpKGBZQrkgmpPz6WXa
fQn7/PPm7t7ETvfRzFHt/xaSguhKY7KSEbcQIP1JXsgZDBn3ZFyo4dhGz+8Ry8W8
0egZBM0eiZPQaA7JLEfxL1XsvRtl/4ERhrwS+YFTzNKeHPLJuNCFZj4qDIAHLZes
WvkGo2MwRqwpyC4TThMCmp6HNtt2hLlQmqjxSIvJsHXLd8g5PHCj4VjJWTyoNlWr
TT2MFSPfTQCAAui/mhr4rnsHLHv8GCHeeD/AUdY1c/TD1PYzT9WhjDB9SgXvV7yv
900mfuoZDc50LDHMHq/RrNuXEVQQK/rraHTk4h6G50oZnmArTMUwDhngNH5oju/n
YUXT
-----END CERTIFICATE-----
Generated at Wed Sep 10 03:07:37 2025 by rpki-client