Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Yg0xRCHqnhYmjiNx6oNRFP72tKo.roa
File: Yg0xRCHqnhYmjiNx6oNRFP72tKo.roa (raw, json)
Hash identifier: U2ZJFAxea8x5PieO6AI5IvV4syg6DZNYleneasn39fs=
Subject key identifier: 62:0D:31:44:21:EA:9E:16:26:8E:23:71:EA:83:51:14:FE:F6:B4:AA
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019A163ACB55E2D34FB62854A6AA343AADBD
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Yg0xRCHqnhYmjiNx6oNRFP72tKo.roa
Signing time: Fri 24 Oct 2025 12:39:03 +0000
ROA not before: Fri 24 Oct 2025 12:39:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61400
IP address blocks: 185.39.205.0/24 maxlen: 24
2a09:6283::/32 maxlen: 32
2a10:4106::/32 maxlen: 32
2a12:1e80::/32 maxlen: 32
2a12:1e81::/32 maxlen: 32
2a12:1e82::/32 maxlen: 32
2a12:1e83::/32 maxlen: 32
2a12:1e84::/32 maxlen: 32
2a12:1e85::/32 maxlen: 32
2a12:1e86::/32 maxlen: 32
2a12:1e87::/32 maxlen: 32
2a12:c300::/30 maxlen: 30
2a12:c300::/32 maxlen: 32
2a12:c301::/32 maxlen: 32
2a12:c302::/32 maxlen: 32
2a12:c303::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 15:57:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:16:3a:cb:55:e2:d3:4f:b6:28:54:a6:aa:34:3a:ad:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Oct 24 12:39:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=620d314421ea9e16268e2371ea835114fef6b4aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:98:a7:05:20:5d:9e:bd:3a:4b:67:8e:09:be:
12:f6:e3:27:e9:9d:b9:0e:1f:fb:e7:6c:c0:09:a1:
f2:e7:66:78:54:22:74:e4:d8:e2:2b:90:b9:b8:9c:
51:a7:f8:7c:fa:7a:69:03:9a:00:5a:bc:de:6b:57:
fd:4e:35:d1:3a:33:9d:0c:66:58:56:bd:40:19:db:
97:dd:dc:dc:ab:9b:72:a2:80:d5:c9:98:44:9c:8a:
9f:8e:84:e2:9f:ea:af:12:50:85:e7:bb:82:0a:00:
5c:6a:77:c7:80:f1:54:d7:3a:af:0e:e3:8c:5d:97:
f9:b5:1e:54:fe:dd:be:58:7c:11:55:87:1c:67:0a:
b6:64:d9:b5:b0:32:36:25:f4:3d:61:42:7b:71:a3:
0a:a5:11:58:d7:98:aa:90:df:8a:e8:d2:31:6d:8f:
74:df:f9:7b:5b:34:1f:89:88:ac:fd:99:cc:1a:ef:
24:d8:47:6c:ce:91:8b:76:29:cf:27:04:67:f4:36:
36:55:cb:90:06:c1:d7:2d:32:5c:e0:db:44:0e:e3:
77:9b:10:2a:26:c0:71:52:4e:a3:19:b5:96:37:08:
8e:bd:d7:a6:02:cd:0b:df:91:be:60:c7:d9:b4:9c:
22:48:b8:5e:2c:31:d7:2c:db:be:54:dd:e9:d5:59:
d8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:0D:31:44:21:EA:9E:16:26:8E:23:71:EA:83:51:14:FE:F6:B4:AA
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/Yg0xRCHqnhYmjiNx6oNRFP72tKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.205.0/24
IPv6:
2a09:6283::/32
2a10:4106::/32
2a12:1e80::/29
2a12:c300::/30
Signature Algorithm: sha256WithRSAEncryption
d4:cb:a2:3f:c6:11:b3:c4:73:ad:8b:37:7f:77:c5:ba:e3:4c:
e2:7d:cf:12:28:db:33:d4:db:e4:8a:1c:84:06:30:36:28:0c:
88:d5:26:b6:d3:fb:c5:ef:63:47:78:b3:09:4b:50:0f:ab:fb:
2c:97:ac:17:19:f4:f5:73:f8:c3:22:ef:b2:fd:91:f0:ff:33:
ce:62:52:f9:fc:15:92:73:de:14:81:c3:07:b5:74:d1:40:7b:
0b:a1:a0:ed:b3:38:c7:ff:97:ce:4e:47:f3:0d:dc:ff:24:0a:
8f:3e:dc:cf:73:c4:b2:64:4d:98:9a:e4:44:81:4c:12:0e:9a:
2e:ab:bd:73:c8:f9:1b:68:43:52:3b:a2:f7:e0:11:c2:9e:2a:
5e:d5:8f:e3:86:73:d9:db:52:5c:f1:b4:29:2e:d7:2a:ef:36:
dc:10:f1:fb:06:38:21:17:4b:33:d9:c2:5c:79:76:61:62:00:
65:1d:d4:05:ad:22:be:e0:28:ac:0c:39:8e:3e:f9:6c:05:7e:
62:99:6d:d1:64:be:93:bb:5a:df:75:46:57:2f:90:30:4f:94:
75:29:e4:a3:27:a6:a6:06:b7:96:29:56:cf:81:7f:2e:24:09:
85:64:aa:03:56:05:2a:dc:22:cf:76:1c:16:77:4d:e7:24:cd:
1a:d4:c2:9b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZoWOstV4tNPtihUpqo0Oq29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUxMDI0MTIzOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjBkMzE0NDIxZWE5ZTE2MjY4ZTIzNzFlYTgzNTExNGZlZjZiNGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJinBSBdnr06S2eOCb4S9uMn6Z25
Dh/752zACaHy52Z4VCJ05NjiK5C5uJxRp/h8+nppA5oAWrzea1f9TjXROjOdDGZY
Vr1AGduX3dzcq5tyooDVyZhEnIqfjoTin+qvElCF57uCCgBcanfHgPFU1zqvDuOM
XZf5tR5U/t2+WHwRVYccZwq2ZNm1sDI2JfQ9YUJ7caMKpRFY15iqkN+K6NIxbY90
3/l7WzQfiYis/ZnMGu8k2EdszpGLdinPJwRn9DY2VcuQBsHXLTJc4NtEDuN3mxAq
JsBxUk6jGbWWNwiOvdemAs0L35G+YMfZtJwiSLheLDHXLNu+VN3p1VnYCQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGINMUQh6p4WJo4jceqDURT+9rSqMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvWWcweFJDSHFuaFltamlOeDZvTlJGUDcydEtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAMBAIAATAGAwQAuSfNMCIE
AgACMBwDBQAqCWKDAwUAKhBBBgMFAyoSHoADBQIqEsMAMA0GCSqGSIb3DQEBCwUA
A4IBAQDUy6I/xhGzxHOtizd/d8W640zifc8SKNsz1NvkihyEBjA2KAyI1Sa20/vF
72NHeLMJS1APq/ssl6wXGfT1c/jDIu+y/ZHw/zPOYlL5/BWSc94UgcMHtXTRQHsL
oaDtszjH/5fOTkfzDdz/JAqPPtzPc8SyZE2YmuREgUwSDpouq71zyPkbaENSO6L3
4BHCnipe1Y/jhnPZ21Jc8bQpLtcq7zbcEPH7BjghF0sz2cJceXZhYgBlHdQFrSK+
4CisDDmOPvlsBX5imW3RZL6Tu1rfdUZXL5AwT5R1KeSjJ6amBreWKVbPgX8uJAmF
ZKoDVgUq3CLPdhwWd03nJM0a1MKb
-----END CERTIFICATE-----
Generated at Tue Oct 28 01:01:56 2025 by rpki-client