Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/YFYR6Cg6Jd7MVJ8TQjrASDVBbFY.roa
File: YFYR6Cg6Jd7MVJ8TQjrASDVBbFY.roa (raw, json)
Hash identifier: lOv9uyxefr25/o7A/ZtnsWXOuQ4MbEep1/DU5dhurCE=
Subject key identifier: 60:56:11:E8:28:3A:25:DE:CC:54:9F:13:42:3A:C0:48:35:41:6C:56
Certificate issuer: /CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Certificate serial: 019910C5FB0967E9E82946B004876D74ADB0
Authority key identifier: 58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/YFYR6Cg6Jd7MVJ8TQjrASDVBbFY.roa
Signing time: Wed 03 Sep 2025 18:10:34 +0000
ROA not before: Wed 03 Sep 2025 18:10:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213641
IP address blocks: 2a14:c380:220::/44 maxlen: 44
2a14:c380:220::/48 maxlen: 48
2a14:c380:221::/48 maxlen: 48
2a14:c380:222::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.mft
rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 00:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:10:c5:fb:09:67:e9:e8:29:46:b0:04:87:6d:74:ad:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b3de5f9adb50fe41f6dc78ffd0a2c9086d2512
Validity
Not Before: Sep 3 18:10:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=605611e8283a25decc549f13423ac04835416c56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:fd:32:e8:3f:cb:e9:f1:08:1f:6e:15:d1:43:
64:ba:8e:b0:72:a4:10:c2:15:fa:fe:20:81:34:08:
94:2f:18:3f:bf:ad:4a:7d:6a:47:9c:c6:b7:dc:85:
9b:20:6a:81:e2:ba:9f:4e:f0:b8:bc:f7:a8:b9:6c:
ff:ba:b8:84:56:02:a1:74:a6:7e:11:bc:fd:0b:9f:
b8:ef:dc:5b:0d:fb:48:d3:dd:21:9d:fe:62:69:37:
41:17:e0:e6:12:c4:ae:4d:09:ea:93:19:82:28:d3:
62:0e:b5:d7:0c:34:a7:bd:ac:ba:a5:b5:95:28:c4:
70:be:ed:44:08:82:9b:b6:d2:c4:5d:af:ac:7c:4a:
a4:30:bb:b9:78:1e:5f:42:6d:94:15:58:d3:0d:94:
8d:cd:52:74:23:01:74:4b:4e:9d:12:18:52:38:71:
55:39:22:94:95:01:8b:70:c5:f5:34:1c:44:77:43:
bd:04:59:c4:36:fb:a2:a4:89:cb:5c:c5:11:36:87:
3b:5c:3b:72:a2:60:03:aa:d2:f9:24:9c:4b:82:c0:
a2:3e:27:1a:1b:3d:1d:45:08:30:25:f6:c3:f2:be:
fb:26:70:11:12:46:af:e8:f4:76:04:68:3a:d7:37:
8b:e6:10:7b:7e:32:9a:1e:b4:02:e3:1c:aa:02:93:
a6:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:56:11:E8:28:3A:25:DE:CC:54:9F:13:42:3A:C0:48:35:41:6C:56
X509v3 Authority Key Identifier:
keyid:58:B3:DE:5F:9A:DB:50:FE:41:F6:DC:78:FF:D0:A2:C9:08:6D:25:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLPeX5rbUP5B9tx4_9CiyQhtJRI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/YFYR6Cg6Jd7MVJ8TQjrASDVBbFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/6b7490-e10a-42e0-9e2e-5321d69d979d/1/WLPeX5rbUP5B9tx4_9CiyQhtJRI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:c380:220::/44
Signature Algorithm: sha256WithRSAEncryption
04:ae:05:15:fd:69:df:ea:f2:ce:e1:c8:e2:7c:a4:a6:f0:3e:
74:36:9b:c5:5c:35:a8:f1:d2:e8:02:78:7f:1d:37:5e:a0:37:
01:be:17:3b:55:a6:94:a7:12:93:bb:29:12:48:c0:f1:ba:63:
3c:03:78:6b:af:16:3e:d4:a8:22:37:a4:47:11:4a:89:8e:ec:
2c:c2:28:7d:61:98:00:09:b9:16:a9:5f:a4:27:32:1c:8c:29:
29:0f:52:1a:ed:52:03:87:7b:ec:d4:5a:ee:bd:fd:ad:54:8c:
e8:a8:67:8f:cb:0f:aa:03:ef:35:8b:cc:d6:4a:94:31:c3:d5:
52:e3:32:96:6a:e8:21:b4:ed:5d:17:e8:ee:57:c6:b2:ae:45:
76:a3:09:f9:cb:ee:3c:56:39:34:82:24:e7:2b:b7:77:74:d8:
a2:45:3a:a9:04:e3:16:0f:6f:fb:44:64:96:e9:e5:d6:64:76:
a8:50:80:bf:f6:c0:01:39:9c:21:41:38:d6:cc:35:a8:d8:be:
a4:fc:85:e9:87:0c:56:02:48:61:c0:25:a2:cb:ca:61:db:69:
e1:8c:72:a9:52:34:d3:b7:6e:a5:c4:d1:d9:72:45:35:41:50:
26:e9:dd:bf:49:8c:6b:a5:8d:7e:e3:98:4f:72:34:5a:46:1b:
74:fb:9a:b4
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZkQxfsJZ+noKUawBIdtdK2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjNkZTVmOWFkYjUwZmU0MWY2ZGM3OGZmZDBhMmM5MDg2
ZDI1MTIwHhcNMjUwOTAzMTgxMDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDU2MTFlODI4M2EyNWRlY2M1NDlmMTM0MjNhYzA0ODM1NDE2YzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/0y6D/L6fEIH24V0UNkuo6wcqQQ
whX6/iCBNAiULxg/v61KfWpHnMa33IWbIGqB4rqfTvC4vPeouWz/uriEVgKhdKZ+
Ebz9C5+479xbDftI090hnf5iaTdBF+DmEsSuTQnqkxmCKNNiDrXXDDSnvay6pbWV
KMRwvu1ECIKbttLEXa+sfEqkMLu5eB5fQm2UFVjTDZSNzVJ0IwF0S06dEhhSOHFV
OSKUlQGLcMX1NBxEd0O9BFnENvuipInLXMURNoc7XDtyomADqtL5JJxLgsCiPica
Gz0dRQgwJfbD8r77JnAREkav6PR2BGg61zeL5hB7fjKaHrQC4xyqApOmvwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGBWEegoOiXezFSfE0I6wEg1QWxWMB8GA1UdIwQY
MBaAFFiz3l+a21D+QfbceP/QoskIbSUSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUt
NTMyMWQ2OWQ5NzlkLzEvWUZZUjZDZzZKZDdNVko4VFFqckFTRFZCYkZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82Yjc0OTAtZTEwYS00MmUwLTllMmUtNTMyMWQ2OWQ5Nzlk
LzEvV0xQZVg1cmJVUDVCOXR4NF85Q2l5UWh0SlJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhTDgAIg
MA0GCSqGSIb3DQEBCwUAA4IBAQAErgUV/Wnf6vLO4cjifKSm8D50NpvFXDWo8dLo
Anh/HTdeoDcBvhc7VaaUpxKTuykSSMDxumM8A3hrrxY+1KgiN6RHEUqJjuwswih9
YZgACbkWqV+kJzIcjCkpD1Ia7VIDh3vs1Fruvf2tVIzoqGePyw+qA+81i8zWSpQx
w9VS4zKWaughtO1dF+juV8ayrkV2own5y+48Vjk0giTnK7d3dNiiRTqpBOMWD2/7
RGSW6eXWZHaoUIC/9sABOZwhQTjWzDWo2L6k/IXphwxWAkhhwCWiy8ph22nhjHKp
UjTTt26lxNHZckU1QVAm6d2/SYxrpY1+45hPcjRaRht0+5q0
-----END CERTIFICATE-----
Generated at Thu Sep 18 07:34:13 2025 by rpki-client