Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/YpiZDj15UQloSo6Ej-P-5_wLmX0.roa
File: YpiZDj15UQloSo6Ej-P-5_wLmX0.roa (raw, json)
Hash identifier: U0LGxcrLnRjidOqQnFEuAvzeubqh8HZ24iVIBxmVgMY=
Subject key identifier: 62:98:99:0E:3D:79:51:09:68:4A:8E:84:8F:E3:FE:E7:FC:0B:99:7D
Certificate issuer: /CN=22f344a63dcb70e89057deb8e2761dc45165881a
Certificate serial: 0196C084CBCE939AB2EA3BFE3DC82CC82EB9
Authority key identifier: 22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/YpiZDj15UQloSo6Ej-P-5_wLmX0.roa
Signing time: Sun 11 May 2025 18:04:10 +0000
ROA not before: Sun 11 May 2025 18:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213541
IP address blocks: 85.28.43.0/24 maxlen: 24
85.28.44.0/23 maxlen: 23
85.28.46.0/24 maxlen: 24
85.28.57.0/24 maxlen: 24
85.28.59.0/24 maxlen: 24
85.28.60.0/24 maxlen: 24
109.238.201.0/24 maxlen: 24
109.238.203.0/24 maxlen: 24
109.238.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.mft
rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c0:84:cb:ce:93:9a:b2:ea:3b:fe:3d:c8:2c:c8:2e:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f344a63dcb70e89057deb8e2761dc45165881a
Validity
Not Before: May 11 18:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6298990e3d795109684a8e848fe3fee7fc0b997d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f6:ce:9b:ab:31:bd:5f:07:55:40:43:e8:28:
a5:47:1b:36:05:12:48:d7:97:43:6e:38:fb:a0:ab:
68:db:5b:b6:99:77:7e:fe:30:ac:d1:c0:2e:f4:2a:
83:46:03:2e:9f:7f:68:19:ca:2a:17:a2:8e:f6:69:
85:ac:cf:8c:7f:53:4f:ce:d3:e8:07:45:27:f0:6d:
a5:7f:ed:26:f3:ed:28:db:e4:07:6f:a9:c4:af:3e:
57:95:3b:56:38:c9:49:53:7f:b1:40:c3:79:c1:39:
ca:95:26:3d:b5:20:87:9e:7f:8c:f4:7f:b7:4c:5e:
d5:fe:c4:ff:cd:2d:cc:2c:f1:82:0d:5c:d3:43:be:
4e:ac:b9:cf:91:ea:48:cc:96:df:95:c3:0c:31:4a:
ad:bf:cd:fa:d2:35:a3:21:e0:65:c5:9d:68:0d:54:
23:4a:0a:c3:44:9c:08:d9:41:e4:ed:71:bd:53:c7:
9b:8b:6f:0f:76:32:5a:a6:a6:a6:f6:39:f6:e0:d7:
8d:6d:81:02:c8:82:5b:5c:e3:44:e0:84:15:48:df:
3a:e1:ac:c6:23:2a:55:87:3b:bd:1d:4c:3a:d0:28:
7b:18:00:c4:cd:82:8b:e0:22:f0:05:31:39:36:7e:
6e:74:6f:65:8e:0d:61:54:37:c0:e9:68:03:a1:d6:
42:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:98:99:0E:3D:79:51:09:68:4A:8E:84:8F:E3:FE:E7:FC:0B:99:7D
X509v3 Authority Key Identifier:
keyid:22:F3:44:A6:3D:CB:70:E8:90:57:DE:B8:E2:76:1D:C4:51:65:88:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvNEpj3LcOiQV9644nYdxFFliBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/YpiZDj15UQloSo6Ej-P-5_wLmX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/5360e7-f02a-4737-99c7-febb64b5e164/1/IvNEpj3LcOiQV9644nYdxFFliBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.28.43.0-85.28.46.255
85.28.57.0/24
85.28.59.0-85.28.60.255
109.238.201.0/24
109.238.203.0/24
109.238.206.0/24
Signature Algorithm: sha256WithRSAEncryption
61:3d:98:23:de:16:fe:65:ad:45:69:fd:0c:60:c4:d0:b0:cd:
1c:14:4a:13:54:88:ac:72:c8:d1:98:5b:13:cb:1a:fc:02:be:
02:37:4f:66:99:3c:5c:13:47:51:97:a3:38:18:ac:f6:96:1e:
6c:70:d2:2b:b9:5e:6e:e8:d0:55:e6:f8:b2:f3:46:e7:b9:4f:
61:78:e3:f0:2e:4a:02:b9:d9:63:8c:5a:c8:c1:4f:69:06:d2:
b2:d1:13:d7:29:09:ca:e7:2f:06:63:9c:bd:76:97:14:c8:dc:
33:a6:11:13:77:0b:29:56:e4:db:1d:bd:18:dc:b5:a1:02:68:
42:36:38:da:3c:f5:7c:80:67:9f:f3:e7:01:72:d8:57:e8:f9:
38:e5:f0:fe:85:62:09:d4:91:f6:4a:cb:10:60:49:ad:71:42:
62:f4:a9:32:88:df:e7:9e:57:ec:89:55:28:31:66:58:7f:2f:
a0:16:5c:55:92:3f:93:ff:e4:3d:57:0d:4b:aa:dc:5d:54:38:
57:35:19:8a:af:51:ec:4e:3d:c0:02:90:b7:ea:b6:fd:cc:b0:
a8:60:c4:fa:09:c7:b9:35:c9:ee:6a:09:9f:db:a0:2b:1b:d4:
4c:da:c1:af:bc:5b:82:56:4f:cb:a7:a8:87:03:4b:d7:11:03:
95:fb:06:e8
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZbAhMvOk5qy6jv+PcgsyC65MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjM0NGE2M2RjYjcwZTg5MDU3ZGViOGUyNzYxZGM0NTE2
NTg4MWEwHhcNMjUwNTExMTgwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mjk4OTkwZTNkNzk1MTA5Njg0YThlODQ4ZmUzZmVlN2ZjMGI5OTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/bOm6sxvV8HVUBD6CilRxs2BRJI
15dDbjj7oKto21u2mXd+/jCs0cAu9CqDRgMun39oGcoqF6KO9mmFrM+Mf1NPztPo
B0Un8G2lf+0m8+0o2+QHb6nErz5XlTtWOMlJU3+xQMN5wTnKlSY9tSCHnn+M9H+3
TF7V/sT/zS3MLPGCDVzTQ75OrLnPkepIzJbflcMMMUqtv8360jWjIeBlxZ1oDVQj
SgrDRJwI2UHk7XG9U8ebi28PdjJapqam9jn24NeNbYECyIJbXONE4IQVSN864azG
IypVhzu9HUw60Ch7GADEzYKL4CLwBTE5Nn5udG9ljg1hVDfA6WgDodZCLwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFGKYmQ49eVEJaEqOhI/j/uf8C5l9MB8GA1UdIwQY
MBaAFCLzRKY9y3DokFfeuOJ2HcRRZYgaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5Yzct
ZmViYjY0YjVlMTY0LzEvWXBpWkRqMTVVUWxvU282RWotUC01X3dMbVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi81MzYwZTctZjAyYS00NzM3LTk5YzctZmViYjY0YjVlMTY0
LzEvSXZORXBqM0xjT2lRVjk2NDRuWWR4RkZsaUJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBABVHCsD
BABVHC4DBABVHDkwDAMEAFUcOwMEAFUcPAMEAG3uyQMEAG3uywMEAG3uzjANBgkq
hkiG9w0BAQsFAAOCAQEAYT2YI94W/mWtRWn9DGDE0LDNHBRKE1SIrHLI0ZhbE8sa
/AK+AjdPZpk8XBNHUZejOBis9pYebHDSK7lebujQVeb4svNG57lPYXjj8C5KArnZ
Y4xayMFPaQbSstET1ykJyucvBmOcvXaXFMjcM6YRE3cLKVbk2x29GNy1oQJoQjY4
2jz1fIBnn/PnAXLYV+j5OOXw/oViCdSR9krLEGBJrXFCYvSpMojf555X7IlVKDFm
WH8voBZcVZI/k//kPVcNS6rcXVQ4VzUZiq9R7E49wAKQt+q2/cywqGDE+gnHuTXJ
7moJn9ugKxvUTNrBr7xbglZPy6eohwNL1xEDlfsG6A==
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:25:00 2025 by rpki-client