Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GFCIEZHIebI8fnFfqqR5PYEZJtE.roa
File: GFCIEZHIebI8fnFfqqR5PYEZJtE.roa (raw, json)
Hash identifier: AiaguyQXDH/7fx5Wlfw2NKnJ0vJ9tZ/6YmfhbceR3xk=
Subject key identifier: 18:50:88:11:91:C8:79:B2:3C:7E:71:5F:AA:A4:79:3D:81:19:26:D1
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 01979C35882DE031AC27B12415A34DE2FFB1
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GFCIEZHIebI8fnFfqqR5PYEZJtE.roa
Signing time: Mon 23 Jun 2025 09:54:03 +0000
ROA not before: Mon 23 Jun 2025 09:54:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48716
IP address blocks: 77.240.38.0/23 maxlen: 24
77.243.80.0/23 maxlen: 24
78.40.108.0/23 maxlen: 24
82.115.40.0/22 maxlen: 24
85.202.194.0/23 maxlen: 24
89.219.32.0/22 maxlen: 24
91.147.92.0/22 maxlen: 22
91.147.92.0/24 maxlen: 24
91.147.93.0/24 maxlen: 24
91.147.94.0/24 maxlen: 24
91.147.95.0/24 maxlen: 24
91.147.104.0/22 maxlen: 24
91.201.214.0/23 maxlen: 24
91.215.136.0/22 maxlen: 24
91.215.136.0/24 maxlen: 24
91.215.137.0/24 maxlen: 32
91.215.139.0/24 maxlen: 32
94.247.128.0/21 maxlen: 24
109.233.108.0/22 maxlen: 32
185.4.180.0/22 maxlen: 24
185.22.64.0/22 maxlen: 24
185.35.222.0/23 maxlen: 24
185.102.72.0/22 maxlen: 24
185.146.0.0/22 maxlen: 24
194.32.140.0/22 maxlen: 24
194.39.64.0/22 maxlen: 24
194.39.64.0/23 maxlen: 24
194.39.66.0/24 maxlen: 24
194.39.67.0/24 maxlen: 24
194.110.54.0/23 maxlen: 24
195.49.208.0/21 maxlen: 21
195.49.209.0/24 maxlen: 24
195.49.210.0/23 maxlen: 23
195.49.210.0/24 maxlen: 24
195.49.211.0/24 maxlen: 24
195.49.212.0/22 maxlen: 22
195.49.212.0/24 maxlen: 24
195.49.213.0/24 maxlen: 24
195.49.214.0/24 maxlen: 24
195.49.215.0/24 maxlen: 24
195.93.152.0/23 maxlen: 24
195.210.46.0/23 maxlen: 24
2a00:5da0::/36 maxlen: 48
2a00:5da0:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.mft
rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 07:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9c:35:88:2d:e0:31:ac:27:b1:24:15:a3:4d:e2:ff:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: Jun 23 09:54:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1850881191c879b23c7e715faaa4793d811926d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:af:87:87:c7:2f:59:62:ff:2e:73:bc:2a:36:
e0:ce:01:6f:f4:0a:a0:f1:35:48:fd:47:45:64:4a:
bf:3d:55:9f:0c:d3:64:7c:95:6c:dd:57:4e:1e:4e:
e2:8d:e2:ce:14:58:72:97:7e:1b:67:47:a1:3e:f0:
d7:54:ce:f9:f9:08:96:c7:6e:1d:0d:a1:37:e1:df:
da:49:4e:8f:62:df:b3:9b:14:70:2f:49:e1:3e:bf:
2b:a0:3b:76:ab:28:eb:7c:15:44:b9:df:01:16:44:
66:c9:81:f7:6c:0b:84:d6:90:af:65:5a:4b:8f:8c:
bc:1d:26:b2:ec:53:44:f8:f3:18:90:08:98:94:b4:
3e:0e:f3:3a:b0:85:1f:bb:7b:72:1c:d1:c3:00:f9:
d8:89:e1:fd:c8:85:ea:d0:59:ff:32:4c:c3:ab:e4:
d3:b3:73:22:aa:6e:e6:a2:e0:a7:0b:66:2c:af:c7:
ba:52:23:9f:5c:f1:a2:c6:92:06:a7:b5:75:76:7d:
60:84:11:50:e6:dc:b7:e7:82:df:5a:c6:70:96:94:
0d:9b:c3:ff:28:75:52:e2:e7:49:75:de:db:12:b4:
8f:79:1c:77:ce:68:e0:61:9b:15:3b:10:d1:12:90:
86:75:b0:0a:2b:7d:fe:e8:50:63:91:0d:30:05:ce:
11:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:50:88:11:91:C8:79:B2:3C:7E:71:5F:AA:A4:79:3D:81:19:26:D1
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GFCIEZHIebI8fnFfqqR5PYEZJtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.38.0/23
77.243.80.0/23
78.40.108.0/23
82.115.40.0/22
85.202.194.0/23
89.219.32.0/22
91.147.92.0/22
91.147.104.0/22
91.201.214.0/23
91.215.136.0/22
94.247.128.0/21
109.233.108.0/22
185.4.180.0/22
185.22.64.0/22
185.35.222.0/23
185.102.72.0/22
185.146.0.0/22
194.32.140.0/22
194.39.64.0/22
194.110.54.0/23
195.49.208.0/21
195.93.152.0/23
195.210.46.0/23
IPv6:
2a00:5da0::/35
Signature Algorithm: sha256WithRSAEncryption
79:d0:02:9f:b6:0c:8a:1c:66:3b:16:98:75:d9:36:f5:e6:2c:
28:58:c0:7a:86:78:c5:bb:b3:80:7d:75:7e:c1:1f:08:31:d8:
b3:9c:64:c7:52:82:ad:86:40:3b:5c:8f:fa:a1:79:1e:7d:58:
14:0a:89:25:35:16:38:e0:a8:e6:a9:88:ce:7f:1f:dd:d6:9f:
5f:34:46:42:43:ac:48:0d:d4:6a:48:5a:d3:55:5e:52:73:25:
70:1a:f3:d7:b1:be:bb:e9:23:10:1d:8c:a5:77:d9:7e:ae:31:
87:85:e7:af:52:cc:bf:da:11:1f:c5:93:9f:f9:32:f1:2b:9b:
3e:a8:8e:4c:52:39:28:84:db:f4:69:32:52:2a:43:4d:e4:d5:
5d:60:5e:7d:8d:aa:f7:63:d9:1b:ed:88:6a:1c:f3:7c:4a:25:
e4:df:6f:88:91:40:76:07:f2:d7:e0:08:e5:6a:1a:e9:74:d6:
20:ab:13:8d:1c:40:61:a1:ec:67:19:b1:b2:64:97:6b:29:cb:
ba:44:63:76:cf:9c:cf:1d:da:07:7a:da:60:a1:6d:e8:95:ca:
8b:76:3c:bc:73:3d:cb:1c:1a:8e:fa:6d:a5:17:4c:10:65:97:
31:6d:f7:53:a3:0e:09:f1:e6:f6:46:27:48:b8:7b:44:86:ce:
cf:50:a9:b9
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZecNYgt4DGsJ7EkFaNN4v+xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDdiNTlkMjFlYTM2YjMwNjJmY2E4MGNlNzVjMTYxNmFm
NTExOWEwHhcNMjUwNjIzMDk1NDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODUwODgxMTkxYzg3OWIyM2M3ZTcxNWZhYWE0NzkzZDgxMTkyNmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6+Hh8cvWWL/LnO8KjbgzgFv9Aqg
8TVI/UdFZEq/PVWfDNNkfJVs3VdOHk7ijeLOFFhyl34bZ0ehPvDXVM75+QiWx24d
DaE34d/aSU6PYt+zmxRwL0nhPr8roDt2qyjrfBVEud8BFkRmyYH3bAuE1pCvZVpL
j4y8HSay7FNE+PMYkAiYlLQ+DvM6sIUfu3tyHNHDAPnYieH9yIXq0Fn/MkzDq+TT
s3Miqm7mouCnC2Ysr8e6UiOfXPGixpIGp7V1dn1ghBFQ5ty354LfWsZwlpQNm8P/
KHVS4udJdd7bErSPeRx3zmjgYZsVOxDREpCGdbAKK33+6FBjkQ0wBc4RowIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFBhQiBGRyHmyPH5xX6qkeT2BGSbRMB8GA1UdIwQY
MBaAFBhHtZ0h6jazBi/KgM51wWFq9RGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTIt
ZjkxYmI1MTc5MjE3LzEvR0ZDSUVaSEllYkk4Zm5GZnFxUjVQWUVaSnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTItZjkxYmI1MTc5MjE3
LzEvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBkQQCAAEwgYoDBAFN
8CYDBAFN81ADBAFOKGwDBAJScygDBAFVysIDBAJZ2yADBAJbk1wDBAJbk2gDBAFb
ydYDBAJb14gDBANe94ADBAJt6WwDBAK5BLQDBAK5FkADBAG5I94DBAK5ZkgDBAK5
kgADBALCIIwDBALCJ0ADBAHCbjYDBAPDMdADBAHDXZgDBAHD0i4wDgQCAAIwCAMG
BSoAXaAAMA0GCSqGSIb3DQEBCwUAA4IBAQB50AKftgyKHGY7Fph12Tb15iwoWMB6
hnjFu7OAfXV+wR8IMdiznGTHUoKthkA7XI/6oXkefVgUCoklNRY44KjmqYjOfx/d
1p9fNEZCQ6xIDdRqSFrTVV5ScyVwGvPXsb676SMQHYyld9l+rjGHheevUsy/2hEf
xZOf+TLxK5s+qI5MUjkohNv0aTJSKkNN5NVdYF59jar3Y9kb7YhqHPN8SiXk32+I
kUB2B/LX4AjlahrpdNYgqxONHEBhoexnGbGyZJdrKcu6RGN2z5zPHdoHetpgoW3o
lcqLdjy8cz3LHBqO+m2lF0wQZZcxbfdTow4J8eb2RidIuHtEhs7PUKm5
-----END CERTIFICATE-----
Generated at Mon Jun 30 15:04:19 2025 by rpki-client