Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/GC2fUhJtpGiIy6nXthLEtb9MorE.roa
File: GC2fUhJtpGiIy6nXthLEtb9MorE.roa (raw, json)
Hash identifier: 8oMyUkGR/URTk8edfVhTNfkw0imO34fPPaRjx31D8Rs=
Subject key identifier: 18:2D:9F:52:12:6D:A4:68:88:CB:A9:D7:B6:12:C4:B5:BF:4C:A2:B1
Certificate issuer: /CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Certificate serial: 0199E23F38CB3D4795D1810829BAF614E565
Authority key identifier: AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/GC2fUhJtpGiIy6nXthLEtb9MorE.roa
Signing time: Tue 14 Oct 2025 10:23:38 +0000
ROA not before: Tue 14 Oct 2025 10:23:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58327
IP address blocks: 5.252.252.0/22 maxlen: 24
81.172.103.0/24 maxlen: 24
81.172.104.0/21 maxlen: 24
89.150.32.0/24 maxlen: 24
89.150.37.0/24 maxlen: 24
89.150.39.0/24 maxlen: 24
89.150.42.0/24 maxlen: 24
94.101.124.0/22 maxlen: 24
176.120.168.0/21 maxlen: 24
185.74.193.0/24 maxlen: 24
185.74.194.0/23 maxlen: 24
185.74.194.0/24 maxlen: 24
185.74.195.0/24 maxlen: 24
185.194.25.0/24 maxlen: 24
185.221.191.0/24 maxlen: 24
185.224.93.0/24 maxlen: 24
185.224.94.0/23 maxlen: 24
185.224.94.0/24 maxlen: 24
185.224.95.0/24 maxlen: 24
185.226.228.0/24 maxlen: 24
185.230.144.0/24 maxlen: 24
185.232.135.0/24 maxlen: 24
185.239.4.0/22 maxlen: 24
188.212.32.0/23 maxlen: 24
193.242.188.0/23 maxlen: 24
2a09:4e40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.mft
rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e2:3f:38:cb:3d:47:95:d1:81:08:29:ba:f6:14:e5:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab83e64f72dd5889fb13dc218c683f6e2facf5b2
Validity
Not Before: Oct 14 10:23:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=182d9f52126da46888cba9d7b612c4b5bf4ca2b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:05:38:c2:0f:e9:28:1a:cc:66:d8:2c:97:88:
19:26:92:c5:57:12:f3:d4:27:39:e9:fc:06:6c:bc:
c4:ba:c8:04:dc:89:25:bf:21:b3:d7:b3:f8:a9:2b:
ed:da:d8:9f:54:f2:70:34:01:f0:27:e5:1b:d5:dc:
fe:de:db:2c:1b:05:02:87:f9:7e:ae:90:e5:d4:17:
23:b7:9e:04:07:11:2f:36:87:68:f3:b6:0a:25:b6:
c4:8e:80:0c:8f:30:3a:4f:e9:6b:1c:ec:ab:3c:71:
73:14:a6:cb:b0:0c:e4:29:ba:72:21:4f:a5:19:ce:
3f:b7:b8:3c:4f:83:93:38:db:b8:56:71:2c:31:dd:
89:96:38:aa:2b:c7:2c:1e:d1:7f:87:a0:22:d8:ef:
8f:c5:f0:02:36:58:f1:09:79:0b:ac:2b:bd:c7:69:
0f:d6:61:4f:04:23:75:1a:5c:0e:0f:0e:07:33:7f:
57:76:e5:2c:f0:f6:e7:02:3e:35:49:0c:3b:54:8c:
1e:3b:2e:e2:0d:3f:3b:b6:2b:01:56:1e:b9:28:54:
df:7b:e5:88:5b:11:63:2f:cc:45:0d:91:ea:af:53:
98:6a:6b:f8:fc:49:ae:6e:8a:d6:38:96:76:f7:9d:
c0:02:99:b5:41:73:13:ea:fd:fd:04:99:06:db:27:
dc:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:2D:9F:52:12:6D:A4:68:88:CB:A9:D7:B6:12:C4:B5:BF:4C:A2:B1
X509v3 Authority Key Identifier:
keyid:AB:83:E6:4F:72:DD:58:89:FB:13:DC:21:8C:68:3F:6E:2F:AC:F5:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q4PmT3LdWIn7E9whjGg_bi-s9bI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/GC2fUhJtpGiIy6nXthLEtb9MorE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/9d66fc-31d4-4ab1-8eae-541f48924952/1/q4PmT3LdWIn7E9whjGg_bi-s9bI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.252.0/22
81.172.103.0-81.172.111.255
89.150.32.0/24
89.150.37.0/24
89.150.39.0/24
89.150.42.0/24
94.101.124.0/22
176.120.168.0/21
185.74.193.0-185.74.195.255
185.194.25.0/24
185.221.191.0/24
185.224.93.0-185.224.95.255
185.226.228.0/24
185.230.144.0/24
185.232.135.0/24
185.239.4.0/22
188.212.32.0/23
193.242.188.0/23
IPv6:
2a09:4e40::/29
Signature Algorithm: sha256WithRSAEncryption
a4:bc:30:42:1a:00:24:d6:b1:56:cd:79:3f:1a:5e:59:dc:bd:
08:12:96:bd:06:ae:64:f8:41:18:f5:c5:68:d9:87:7b:a3:29:
e4:d1:cf:70:4f:23:97:07:0d:d3:77:25:1d:c1:62:61:b3:6b:
6d:f5:61:60:34:7c:e3:13:d3:f6:e7:71:40:2a:4f:7b:f7:38:
99:da:be:ce:89:b4:9d:f5:4a:7a:c7:87:89:52:04:cd:d8:da:
59:91:43:d5:1e:20:ed:13:40:0c:41:55:30:b8:eb:32:9a:b3:
c7:b6:e7:b5:5c:f3:80:90:ee:77:de:b2:f8:a2:c8:68:bd:da:
ac:55:73:d5:6b:9a:19:19:bd:c4:88:65:9f:a5:d9:ec:52:64:
72:73:93:9c:c8:51:8d:ad:ac:51:4b:53:e4:48:ac:51:7b:21:
20:23:e9:63:0c:ee:87:ea:e2:f3:ef:73:0b:f5:ca:0c:9b:c9:
e0:23:b4:b4:68:85:d5:ce:8d:c5:6e:e7:27:ce:33:2f:62:5b:
60:54:5b:16:b1:0a:97:86:20:ed:3f:0b:b3:97:c5:b4:5e:59:
f6:8e:85:2d:24:9b:fc:56:a6:fb:30:24:81:62:ff:fe:9d:15:
d6:ba:7a:f2:2e:dc:0b:1b:12:b1:48:2e:73:0b:ee:5c:ba:33:
60:08:92:17
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAZniPzjLPUeV0YEIKbr2FOVlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiODNlNjRmNzJkZDU4ODlmYjEzZGMyMThjNjgzZjZlMmZh
Y2Y1YjIwHhcNMjUxMDE0MTAyMzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODJkOWY1MjEyNmRhNDY4ODhjYmE5ZDdiNjEyYzRiNWJmNGNhMmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwU4wg/pKBrMZtgsl4gZJpLFVxLz
1Cc56fwGbLzEusgE3IklvyGz17P4qSvt2tifVPJwNAHwJ+Ub1dz+3tssGwUCh/l+
rpDl1Bcjt54EBxEvNodo87YKJbbEjoAMjzA6T+lrHOyrPHFzFKbLsAzkKbpyIU+l
Gc4/t7g8T4OTONu4VnEsMd2JljiqK8csHtF/h6Ai2O+PxfACNljxCXkLrCu9x2kP
1mFPBCN1GlwODw4HM39XduUs8PbnAj41SQw7VIweOy7iDT87tisBVh65KFTfe+WI
WxFjL8xFDZHqr1OYamv4/EmuborWOJZ2953AApm1QXMT6v39BJkG2yfcSwIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFBgtn1ISbaRoiMup17YSxLW/TKKxMB8GA1UdIwQY
MBaAFKuD5k9y3ViJ+xPcIYxoP24vrPWyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUt
NTQxZjQ4OTI0OTUyLzEvR0MyZlVoSnRwR2lJeTZuWHRoTEV0YjlNb3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS85ZDY2ZmMtMzFkNC00YWIxLThlYWUtNTQxZjQ4OTI0OTUy
LzEvcTRQbVQzTGRXSW43RTl3aGpHZ19iaS1zOWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBiwQCAAEwgYQDBAIF
/PwwDAMEAFGsZwMEBFGsYAMEAFmWIAMEAFmWJQMEAFmWJwMEAFmWKgMEAl5lfAME
A7B4qDAMAwQAuUrBAwQCuUrAAwQAucIZAwQAud2/MAwDBAC54F0DBAW54EADBAC5
4uQDBAC55pADBAC56IcDBAK57wQDBAG81CADBAHB8rwwDQQCAAIwBwMFAyoJTkAw
DQYJKoZIhvcNAQELBQADggEBAKS8MEIaACTWsVbNeT8aXlncvQgSlr0GrmT4QRj1
xWjZh3ujKeTRz3BPI5cHDdN3JR3BYmGza231YWA0fOMT0/bncUAqT3v3OJnavs6J
tJ31SnrHh4lSBM3Y2lmRQ9UeIO0TQAxBVTC46zKas8e257Vc84CQ7nfesviiyGi9
2qxVc9VrmhkZvcSIZZ+l2exSZHJzk5zIUY2trFFLU+RIrFF7ISAj6WMM7ofq4vPv
cwv1ygybyeAjtLRohdXOjcVu5yfOMy9iW2BUWxaxCpeGIO0/C7OXxbReWfaOhS0k
m/xWpvswJIFi//6dFda6evIu3AsbErFILnML7ly6M2AIkhc=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:27:20 2025 by rpki-client