Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/g7lGHV-1_6YLUG-EIHcKuVMeEvA.roa
File: g7lGHV-1_6YLUG-EIHcKuVMeEvA.roa (raw, json)
Hash identifier: vuw6Cb62Uo/aOsqmXFznBzd1y3zPSLM1hJbb48SnJE4=
Subject key identifier: 83:B9:46:1D:5F:B5:FF:A6:0B:50:6F:84:20:77:0A:B9:53:1E:12:F0
Certificate issuer: /CN=f57331288d908dd762e4b56f003b448f01881d24
Certificate serial: 01989E75EAAE2A82068F9F31F8E3C4EE5510
Authority key identifier: F5:73:31:28:8D:90:8D:D7:62:E4:B5:6F:00:3B:44:8F:01:88:1D:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XMxKI2Qjddi5LVvADtEjwGIHSQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/g7lGHV-1_6YLUG-EIHcKuVMeEvA.roa
Signing time: Tue 12 Aug 2025 13:26:24 +0000
ROA not before: Tue 12 Aug 2025 13:26:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42244
IP address blocks: 185.191.196.0/22 maxlen: 22
185.191.196.0/24 maxlen: 24
185.191.197.0/24 maxlen: 24
185.191.198.0/24 maxlen: 24
185.191.199.0/24 maxlen: 24
2a0a:2540::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/9XMxKI2Qjddi5LVvADtEjwGIHSQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/9XMxKI2Qjddi5LVvADtEjwGIHSQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/9XMxKI2Qjddi5LVvADtEjwGIHSQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9e:75:ea:ae:2a:82:06:8f:9f:31:f8:e3:c4:ee:55:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f57331288d908dd762e4b56f003b448f01881d24
Validity
Not Before: Aug 12 13:26:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83b9461d5fb5ffa60b506f8420770ab9531e12f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:6a:03:a3:ce:56:1a:1d:ed:c4:27:c3:f3:1c:
e9:30:24:20:cf:a7:5a:84:ab:bd:e2:d5:38:e7:e2:
9f:0c:4b:59:77:db:72:e8:9f:57:4a:ef:9d:20:6c:
aa:53:c5:26:30:a7:8a:81:8f:9c:9a:12:2a:8d:dc:
87:8a:af:36:6d:37:17:ff:13:06:f1:17:cd:24:3a:
be:b1:dc:ad:60:3d:e4:55:5d:e3:80:57:a0:6e:8b:
89:74:ec:15:75:63:bb:c5:bd:00:54:c5:3f:69:55:
00:d5:f1:a7:0b:c5:67:13:c1:7e:7c:ca:14:3c:38:
4a:17:6a:c1:25:2b:da:8a:e9:14:fa:ee:01:8c:c3:
42:93:10:5d:fa:e3:98:11:84:b4:0c:88:57:ea:38:
b6:1e:e5:eb:95:72:e6:24:4c:4d:fb:a3:de:03:66:
3e:4f:6a:36:86:da:f3:ed:47:a2:38:0b:e2:14:c2:
5a:e6:c1:70:e9:28:5e:50:f4:89:dc:c5:44:48:68:
90:5c:ac:48:8d:b9:12:7d:4e:a0:eb:f4:53:7a:32:
c7:80:03:0c:4b:f3:b6:ba:5d:92:53:b9:6e:24:76:
16:97:77:da:16:d1:32:e7:1a:8b:ff:22:5d:ae:c5:
80:28:ab:78:a7:f8:5b:15:f0:31:97:76:5e:36:2c:
78:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:B9:46:1D:5F:B5:FF:A6:0B:50:6F:84:20:77:0A:B9:53:1E:12:F0
X509v3 Authority Key Identifier:
keyid:F5:73:31:28:8D:90:8D:D7:62:E4:B5:6F:00:3B:44:8F:01:88:1D:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XMxKI2Qjddi5LVvADtEjwGIHSQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/g7lGHV-1_6YLUG-EIHcKuVMeEvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5abb3a-b1b6-4d70-b098-8aea1f68b79b/1/9XMxKI2Qjddi5LVvADtEjwGIHSQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.196.0/22
IPv6:
2a0a:2540::/29
Signature Algorithm: sha256WithRSAEncryption
08:fb:1d:f5:5c:0e:70:a3:70:47:09:f1:2a:c8:55:05:02:c4:
a5:d2:b4:f5:ce:02:cf:e4:15:5c:c2:43:6e:95:e6:1d:1f:ce:
b9:ac:b6:9d:fc:a5:f0:19:30:28:f0:8b:f8:59:87:fa:bd:c4:
3e:b0:16:73:d4:28:6b:cd:99:ba:b7:a6:c5:1d:17:ba:b1:7c:
96:4a:6e:ba:ab:83:ae:f5:3c:9d:e9:a0:66:1c:80:f1:9a:ba:
b4:50:9e:16:dd:e3:a2:12:58:1c:5e:c9:af:e0:50:ea:dd:10:
a3:84:c3:7d:6b:fe:82:12:ee:40:ba:c2:c5:9c:d4:d1:2c:0b:
c8:c2:9a:34:97:84:17:7c:76:be:4a:9b:3c:0d:42:95:23:9e:
3c:42:68:2f:d2:e6:c6:4c:67:92:0d:2b:07:c0:8c:74:9d:f8:
ef:94:fd:a5:17:a1:6e:70:34:4f:a1:9f:5d:37:1f:a9:c2:dd:
b5:d0:15:48:2e:ba:11:65:5b:42:26:86:17:ae:bc:0b:8e:3a:
43:75:16:57:58:57:da:8e:fe:f6:80:fd:85:db:4d:46:97:91:
0a:d8:51:6d:3e:a1:c4:1a:f5:2d:33:6d:8f:d4:4f:68:e6:cd:
9a:de:8d:d7:4d:c0:9d:2e:f3:84:71:dc:2f:ea:7a:8a:06:75:
a5:b4:60:d6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZiedequKoIGj58x+OPE7lUQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NzMzMTI4OGQ5MDhkZDc2MmU0YjU2ZjAwM2I0NDhmMDE4
ODFkMjQwHhcNMjUwODEyMTMyNjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2I5NDYxZDVmYjVmZmE2MGI1MDZmODQyMDc3MGFiOTUzMWUxMmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42oDo85WGh3txCfD8xzpMCQgz6da
hKu94tU45+KfDEtZd9ty6J9XSu+dIGyqU8UmMKeKgY+cmhIqjdyHiq82bTcX/xMG
8RfNJDq+sdytYD3kVV3jgFegbouJdOwVdWO7xb0AVMU/aVUA1fGnC8VnE8F+fMoU
PDhKF2rBJSvaiukU+u4BjMNCkxBd+uOYEYS0DIhX6ji2HuXrlXLmJExN+6PeA2Y+
T2o2htrz7UeiOAviFMJa5sFw6SheUPSJ3MVESGiQXKxIjbkSfU6g6/RTejLHgAMM
S/O2ul2SU7luJHYWl3faFtEy5xqL/yJdrsWAKKt4p/hbFfAxl3ZeNix42wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIO5Rh1ftf+mC1BvhCB3CrlTHhLwMB8GA1UdIwQY
MBaAFPVzMSiNkI3XYuS1bwA7RI8BiB0kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhNeEtJMlFqZGRpNUxWdkFEdEVqd0dJSFNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81YWJiM2EtYjFiNi00ZDcwLWIwOTgt
OGFlYTFmNjhiNzliLzEvZzdsR0hWLTFfNllMVUctRUlIY0t1Vk1lRXZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy81YWJiM2EtYjFiNi00ZDcwLWIwOTgtOGFlYTFmNjhiNzli
LzEvOVhNeEtJMlFqZGRpNUxWdkFEdEVqd0dJSFNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCub/EMA0E
AgACMAcDBQMqCiVAMA0GCSqGSIb3DQEBCwUAA4IBAQAI+x31XA5wo3BHCfEqyFUF
AsSl0rT1zgLP5BVcwkNuleYdH865rLad/KXwGTAo8Iv4WYf6vcQ+sBZz1ChrzZm6
t6bFHRe6sXyWSm66q4Ou9Tyd6aBmHIDxmrq0UJ4W3eOiElgcXsmv4FDq3RCjhMN9
a/6CEu5AusLFnNTRLAvIwpo0l4QXfHa+Sps8DUKVI548Qmgv0ubGTGeSDSsHwIx0
nfjvlP2lF6FucDRPoZ9dNx+pwt210BVILroRZVtCJoYXrrwLjjpDdRZXWFfajv72
gP2F201Gl5EK2FFtPqHEGvUtM22P1E9o5s2a3o3XTcCdLvOEcdwv6nqKBnWltGDW
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:20:39 2025 by rpki-client