Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/GNCSCL1A69c-2LgbusKDr8P-HCA.roa
File: GNCSCL1A69c-2LgbusKDr8P-HCA.roa (raw, json)
Hash identifier: QezJGuY+HuavTnAz9wcZ75GKOyiiIHLjidHdvwMDFAM=
Subject key identifier: 18:D0:92:08:BD:40:EB:D7:3E:D8:B8:1B:BA:C2:83:AF:C3:FE:1C:20
Certificate issuer: /CN=74aebc154a56c83025cbd8641a9ac315cb551c06
Certificate serial: 0197A145481267C22A98AC86F11B801A5FE9
Authority key identifier: 74:AE:BC:15:4A:56:C8:30:25:CB:D8:64:1A:9A:C3:15:CB:55:1C:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dK68FUpWyDAly9hkGprDFctVHAY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/GNCSCL1A69c-2LgbusKDr8P-HCA.roa
Signing time: Tue 24 Jun 2025 09:29:21 +0000
ROA not before: Tue 24 Jun 2025 09:29:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 45.15.21.0/24 maxlen: 24
194.53.136.0/24 maxlen: 24
194.53.137.0/24 maxlen: 24
194.53.139.0/24 maxlen: 24
2a0e:1d80:6::/48 maxlen: 48
2a0e:1d80:8::/48 maxlen: 48
2a0e:1d80:9::/48 maxlen: 48
2a0e:1d80:10::/48 maxlen: 48
2a0e:1d80:11::/48 maxlen: 48
2a0e:1d80:12::/48 maxlen: 48
2a0e:1d80:13::/48 maxlen: 48
2a0e:1d80:14::/48 maxlen: 48
2a0e:1d80:15::/48 maxlen: 48
2a0e:1d80:117::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/dK68FUpWyDAly9hkGprDFctVHAY.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/dK68FUpWyDAly9hkGprDFctVHAY.mft
rsync://rpki.ripe.net/repository/DEFAULT/dK68FUpWyDAly9hkGprDFctVHAY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 15:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a1:45:48:12:67:c2:2a:98:ac:86:f1:1b:80:1a:5f:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74aebc154a56c83025cbd8641a9ac315cb551c06
Validity
Not Before: Jun 24 09:29:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18d09208bd40ebd73ed8b81bbac283afc3fe1c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:04:de:ec:42:5c:61:5a:45:fa:06:c1:e2:1d:
77:7e:94:f5:b2:00:64:76:fe:ab:4c:45:e5:61:ec:
a5:6b:53:72:68:15:5b:3e:31:97:d1:67:4e:c4:b7:
bc:1a:1b:a3:61:6e:58:c9:6a:d5:57:ad:2f:04:d9:
ba:50:02:d5:e1:03:27:05:b0:b4:90:f0:8d:90:1a:
0c:d1:74:3c:35:d0:2c:1d:1c:50:c2:d6:ee:98:11:
a4:d1:17:bd:a7:a1:b7:e2:16:5a:14:c1:0b:a8:e1:
45:5a:42:2a:4f:14:a5:19:bf:a9:ae:19:0d:3c:fe:
33:fc:45:56:92:71:00:af:91:79:2e:20:0e:6a:ad:
80:c8:21:65:fc:c0:4d:24:28:37:9a:5f:6d:1a:36:
57:2e:ff:6a:a2:c7:bf:a4:dc:65:84:2f:f7:c2:18:
7b:44:ea:62:20:cf:a7:8c:27:25:fc:86:5c:fc:f1:
54:76:61:02:f3:3a:d8:8d:ab:f3:06:cb:89:63:35:
a2:68:a7:be:2b:17:5f:fa:10:13:cd:ce:01:e9:06:
ba:cb:05:8c:1a:10:98:f9:9a:61:f2:38:20:6d:47:
3b:8d:25:14:75:d3:49:75:9b:65:74:38:38:ae:63:
16:df:ed:df:2b:06:ac:c5:3b:42:b6:77:99:bb:35:
fc:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D0:92:08:BD:40:EB:D7:3E:D8:B8:1B:BA:C2:83:AF:C3:FE:1C:20
X509v3 Authority Key Identifier:
keyid:74:AE:BC:15:4A:56:C8:30:25:CB:D8:64:1A:9A:C3:15:CB:55:1C:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dK68FUpWyDAly9hkGprDFctVHAY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/GNCSCL1A69c-2LgbusKDr8P-HCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/6de7a0-4073-4272-bf44-07a1d65548ba/1/dK68FUpWyDAly9hkGprDFctVHAY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.21.0/24
194.53.136.0/23
194.53.139.0/24
IPv6:
2a0e:1d80:6::/48
2a0e:1d80:8::/47
2a0e:1d80:10::-2a0e:1d80:15:ffff:ffff:ffff:ffff:ffff
2a0e:1d80:117::/64
Signature Algorithm: sha256WithRSAEncryption
47:f0:65:a6:ae:fb:8c:ca:27:c3:a4:6b:29:ee:2e:04:46:6f:
19:4c:fe:f3:51:f8:47:32:99:ef:70:bd:97:ad:1f:c1:94:b5:
7b:c9:36:4d:5e:e7:a3:b4:e8:85:dc:06:77:2f:04:88:97:06:
9c:34:11:57:89:34:79:3a:fa:32:2b:37:86:1f:12:c3:36:fd:
e4:c5:e1:3e:27:1c:2f:76:b8:d3:91:78:95:74:4b:90:d7:51:
fa:ce:b0:e7:59:90:7a:b0:6e:3b:0c:8c:bc:b1:e4:e5:94:94:
b5:43:c7:e7:bc:dd:d1:ab:c9:ad:84:7b:9a:9b:c5:db:5a:ea:
6d:37:37:c2:ef:a5:ab:98:27:01:fd:34:f8:3e:50:ec:f8:28:
9d:dc:a9:af:45:b1:a9:c3:ed:bb:f0:fd:98:d8:f4:c3:41:ba:
2d:40:ee:61:2d:e4:40:20:0c:f7:82:a6:cf:3a:03:cb:55:35:
e4:1b:9f:dd:0c:ea:22:1d:e9:9f:f4:e7:83:c3:fd:41:ff:19:
f2:05:61:40:0d:54:75:d7:57:17:87:fe:76:b5:12:e2:e5:10:
3c:62:3e:c5:31:d4:98:40:d5:47:93:40:09:96:9a:1c:d8:28:
98:d7:9d:a9:19:e3:08:0e:1d:48:63:53:b8:3b:89:89:44:3b:
f5:c3:88:40
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZehRUgSZ8IqmKyG8RuAGl/pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YWViYzE1NGE1NmM4MzAyNWNiZDg2NDFhOWFjMzE1Y2I1
NTFjMDYwHhcNMjUwNjI0MDkyOTIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGQwOTIwOGJkNDBlYmQ3M2VkOGI4MWJiYWMyODNhZmMzZmUxYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgTe7EJcYVpF+gbB4h13fpT1sgBk
dv6rTEXlYeyla1NyaBVbPjGX0WdOxLe8GhujYW5YyWrVV60vBNm6UALV4QMnBbC0
kPCNkBoM0XQ8NdAsHRxQwtbumBGk0Re9p6G34hZaFMELqOFFWkIqTxSlGb+prhkN
PP4z/EVWknEAr5F5LiAOaq2AyCFl/MBNJCg3ml9tGjZXLv9qose/pNxlhC/3whh7
ROpiIM+njCcl/IZc/PFUdmEC8zrYjavzBsuJYzWiaKe+Kxdf+hATzc4B6Qa6ywWM
GhCY+Zph8jggbUc7jSUUddNJdZtldDg4rmMW3+3fKwasxTtCtneZuzX8kQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFBjQkgi9QOvXPti4G7rCg6/D/hwgMB8GA1UdIwQY
MBaAFHSuvBVKVsgwJcvYZBqawxXLVRwGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEs2OEZVcFd5REFseTloa0dwckRGY3RWSEFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy82ZGU3YTAtNDA3My00MjcyLWJmNDQt
MDdhMWQ2NTU0OGJhLzEvR05DU0NMMUE2OWMtMkxnYnVzS0RyOFAtSENBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy82ZGU3YTAtNDA3My00MjcyLWJmNDQtMDdhMWQ2NTU0OGJh
LzEvZEs2OEZVcFd5REFseTloa0dwckRGY3RWSEFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzAYBAIAATASAwQALQ8VAwQB
wjWIAwQAwjWLMDcEAgACMDEDBwAqDh2AAAYDBwEqDh2AAAgwEgMHBCoOHYAAEAMH
ASoOHYAAFAMJACoOHYABFwAAMA0GCSqGSIb3DQEBCwUAA4IBAQBH8GWmrvuMyifD
pGsp7i4ERm8ZTP7zUfhHMpnvcL2XrR/BlLV7yTZNXuejtOiF3AZ3LwSIlwacNBFX
iTR5OvoyKzeGHxLDNv3kxeE+JxwvdrjTkXiVdEuQ11H6zrDnWZB6sG47DIy8seTl
lJS1Q8fnvN3Rq8mthHuam8XbWuptNzfC76WrmCcB/TT4PlDs+Cid3KmvRbGpw+27
8P2Y2PTDQbotQO5hLeRAIAz3gqbPOgPLVTXkG5/dDOoiHemf9OeDw/1B/xnyBWFA
DVR111cXh/52tRLi5RA8Yj7FMdSYQNVHk0AJlpoc2CiY152pGeMIDh1IY1O4O4mJ
RDv1w4hA
-----END CERTIFICATE-----
Generated at Wed Jul 2 21:44:28 2025 by rpki-client