Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/eed853-3b36-45ed-9533-b17c2affa30b/1/gPcTxlbf3arbuyi9zI7DRrews5w.roa
File: gPcTxlbf3arbuyi9zI7DRrews5w.roa (raw, json)
Hash identifier: PLKd6xzj3MbPH7j7KxVjpwNPtA1yOPfuOFe/zsglNlc=
Subject key identifier: 80:F7:13:C6:56:DF:DD:AA:DB:BB:28:BD:CC:8E:C3:46:B7:B0:B3:9C
Certificate issuer: /CN=ba0f864ba0fa204de93ac5aa84f728b6220c6f7c
Certificate serial: 0199328379973880F84552DFE32014D48AA4
Authority key identifier: BA:0F:86:4B:A0:FA:20:4D:E9:3A:C5:AA:84:F7:28:B6:22:0C:6F:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ug-GS6D6IE3pOsWqhPcotiIMb3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/eed853-3b36-45ed-9533-b17c2affa30b/1/gPcTxlbf3arbuyi9zI7DRrews5w.roa
Signing time: Wed 10 Sep 2025 07:25:01 +0000
ROA not before: Wed 10 Sep 2025 07:25:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201962
IP address blocks: 45.153.176.0/22 maxlen: 22
91.205.12.0/22 maxlen: 24
185.58.28.0/22 maxlen: 22
2a04:df80::/29 maxlen: 32
2a04:df80::/32 maxlen: 32
2a04:df81::/32 maxlen: 32
2a04:df82::/32 maxlen: 32
2a04:df83::/32 maxlen: 32
2a04:df84::/32 maxlen: 32
2a04:df85::/32 maxlen: 32
2a04:df86::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/eed853-3b36-45ed-9533-b17c2affa30b/1/ug-GS6D6IE3pOsWqhPcotiIMb3w.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/eed853-3b36-45ed-9533-b17c2affa30b/1/ug-GS6D6IE3pOsWqhPcotiIMb3w.mft
rsync://rpki.ripe.net/repository/DEFAULT/ug-GS6D6IE3pOsWqhPcotiIMb3w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:32:83:79:97:38:80:f8:45:52:df:e3:20:14:d4:8a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba0f864ba0fa204de93ac5aa84f728b6220c6f7c
Validity
Not Before: Sep 10 07:25:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80f713c656dfddaadbbb28bdcc8ec346b7b0b39c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ad:f7:eb:bc:95:c7:e6:7f:1e:c6:b4:e9:21:
03:cc:c8:36:27:3b:88:4d:ea:77:7d:2c:cf:fa:41:
13:38:a8:a3:a1:a1:6d:8b:bc:51:89:24:e5:e6:e8:
be:63:0a:ac:31:b4:91:46:29:4f:c2:f1:62:ea:04:
80:4b:e3:8d:d0:23:09:f9:6c:27:51:64:15:49:34:
93:cb:7b:2b:a5:66:a1:e3:60:85:c3:74:5c:2c:ec:
4c:b4:8d:2b:e3:13:4b:af:61:3c:18:c6:69:0d:65:
13:f0:2c:b4:18:41:59:e8:c7:50:8e:ee:cd:6c:16:
0d:61:bd:c0:c2:0e:65:65:b6:88:10:ba:c8:51:85:
34:15:f1:1e:5e:f2:b4:9b:13:b3:c4:a0:0b:c2:35:
48:73:b2:3d:ae:01:9d:45:e9:b4:4f:b9:7e:c2:4a:
5e:93:35:84:3c:76:57:1b:79:e3:b9:6c:19:01:22:
e3:36:6d:66:d6:71:78:96:a7:45:b5:d5:87:fe:6d:
47:1c:9b:19:85:70:de:6c:6e:69:e8:84:6d:ba:3e:
97:4c:1a:a8:6d:b4:7c:41:83:5c:86:5c:dc:f1:58:
55:31:5b:8a:cb:ff:15:f2:b5:ed:f3:b7:bb:68:13:
90:33:e2:32:6b:95:6e:7e:b3:bb:49:e3:6d:23:8b:
22:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:F7:13:C6:56:DF:DD:AA:DB:BB:28:BD:CC:8E:C3:46:B7:B0:B3:9C
X509v3 Authority Key Identifier:
keyid:BA:0F:86:4B:A0:FA:20:4D:E9:3A:C5:AA:84:F7:28:B6:22:0C:6F:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ug-GS6D6IE3pOsWqhPcotiIMb3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/eed853-3b36-45ed-9533-b17c2affa30b/1/gPcTxlbf3arbuyi9zI7DRrews5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/eed853-3b36-45ed-9533-b17c2affa30b/1/ug-GS6D6IE3pOsWqhPcotiIMb3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.176.0/22
91.205.12.0/22
185.58.28.0/22
IPv6:
2a04:df80::/29
Signature Algorithm: sha256WithRSAEncryption
b0:e3:91:a2:fe:ec:bd:de:86:c2:d3:72:75:0d:99:02:1a:c3:
1b:ec:67:a3:fd:db:f4:26:d0:80:6e:08:45:e8:23:9d:fc:df:
7a:b6:5e:11:32:42:35:3e:8b:d0:c0:38:cb:1b:80:8f:ea:18:
fe:55:39:d8:5c:7c:73:0b:ec:be:20:2d:47:8a:20:e4:b0:b0:
58:c1:e3:89:f8:c8:e3:b2:71:6d:1c:ae:65:65:ed:5b:e2:5e:
36:58:23:b2:27:af:83:a9:65:e0:a7:bd:7c:37:e3:12:02:fb:
80:50:ea:9e:18:5d:01:ca:7f:5f:20:f0:4e:fb:c9:b1:4d:75:
a6:c7:db:c6:6e:2f:13:e5:f5:c2:e9:36:54:a8:09:e1:2c:df:
ef:c2:a4:6b:f7:3b:c2:7d:3b:87:97:55:c1:d6:5e:6a:f0:8b:
52:4b:27:84:68:4c:fa:b5:fd:3e:c9:29:ff:b1:8c:92:8c:11:
2e:36:ce:8a:3d:6e:ab:ba:b2:62:50:02:dc:c6:15:01:71:ec:
2e:34:00:8a:36:fc:e1:60:23:e0:04:4d:ed:4f:2f:30:60:dd:
40:f1:b8:71:41:b2:90:b6:62:c3:4f:8e:b1:6b:79:42:8c:97:
ea:4b:70:87:3d:08:ce:2d:1c:c2:61:c1:bf:bb:aa:12:47:6a:
44:49:11:cb
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZkyg3mXOID4RVLf4yAU1IqkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhMGY4NjRiYTBmYTIwNGRlOTNhYzVhYTg0ZjcyOGI2MjIw
YzZmN2MwHhcNMjUwOTEwMDcyNTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGY3MTNjNjU2ZGZkZGFhZGJiYjI4YmRjYzhlYzM0NmI3YjBiMzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsq3367yVx+Z/Hsa06SEDzMg2JzuI
Tep3fSzP+kETOKijoaFti7xRiSTl5ui+YwqsMbSRRilPwvFi6gSAS+ON0CMJ+Wwn
UWQVSTSTy3srpWah42CFw3RcLOxMtI0r4xNLr2E8GMZpDWUT8Cy0GEFZ6MdQju7N
bBYNYb3Awg5lZbaIELrIUYU0FfEeXvK0mxOzxKALwjVIc7I9rgGdRem0T7l+wkpe
kzWEPHZXG3njuWwZASLjNm1m1nF4lqdFtdWH/m1HHJsZhXDebG5p6IRtuj6XTBqo
bbR8QYNchlzc8VhVMVuKy/8V8rXt87e7aBOQM+Iya5VufrO7SeNtI4sibwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFID3E8ZW392q27sovcyOw0a3sLOcMB8GA1UdIwQY
MBaAFLoPhkug+iBN6TrFqoT3KLYiDG98MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWctR1M2RDZJRTNwT3NXcWhQY290aUlNYjN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9lZWQ4NTMtM2IzNi00NWVkLTk1MzMt
YjE3YzJhZmZhMzBiLzEvZ1BjVHhsYmYzYXJidXlpOXpJN0RScmV3czV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9lZWQ4NTMtM2IzNi00NWVkLTk1MzMtYjE3YzJhZmZhMzBi
LzEvdWctR1M2RDZJRTNwT3NXcWhQY290aUlNYjN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLZmwAwQC
W80MAwQCuTocMA0EAgACMAcDBQMqBN+AMA0GCSqGSIb3DQEBCwUAA4IBAQCw45Gi
/uy93obC03J1DZkCGsMb7Gej/dv0JtCAbghF6COd/N96tl4RMkI1PovQwDjLG4CP
6hj+VTnYXHxzC+y+IC1HiiDksLBYweOJ+MjjsnFtHK5lZe1b4l42WCOyJ6+DqWXg
p718N+MSAvuAUOqeGF0Byn9fIPBO+8mxTXWmx9vGbi8T5fXC6TZUqAnhLN/vwqRr
9zvCfTuHl1XB1l5q8ItSSyeEaEz6tf0+ySn/sYySjBEuNs6KPW6rurJiUALcxhUB
cewuNACKNvzhYCPgBE3tTy8wYN1A8bhxQbKQtmLDT46xa3lCjJfqS3CHPQjOLRzC
YcG/u6oSR2pESRHL
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:36:26 2025 by rpki-client