Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/g0-0qeR0lc1LsLxknNYR3dnvEBA.roa
File: g0-0qeR0lc1LsLxknNYR3dnvEBA.roa (raw, json)
Hash identifier: EXsDcqkvYGuTEAGM2nI2WIcOnpMXlYj8og8Md2Id59Q=
Subject key identifier: 83:4F:B4:A9:E4:74:95:CD:4B:B0:BC:64:9C:D6:11:DD:D9:EF:10:10
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 0199DF1C4E06597E7230346FE78DC0663DBD
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/g0-0qeR0lc1LsLxknNYR3dnvEBA.roa
Signing time: Mon 13 Oct 2025 19:46:38 +0000
ROA not before: Mon 13 Oct 2025 19:46:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1273
IP address blocks: 46.108.0.0/16 maxlen: 24
46.190.128.0/17 maxlen: 24
46.190.137.0/24 maxlen: 24
46.190.254.0/24 maxlen: 24
47.73.0.0/16 maxlen: 24
47.73.182.0/24 maxlen: 24
47.73.183.0/24 maxlen: 24
47.73.184.0/24 maxlen: 24
47.73.239.0/24 maxlen: 24
47.73.240.0/22 maxlen: 22
62.213.128.0/23 maxlen: 24
62.213.156.0/22 maxlen: 24
85.205.0.0/16 maxlen: 24
139.47.192.0/18 maxlen: 24
195.233.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft
rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:df:1c:4e:06:59:7e:72:30:34:6f:e7:8d:c0:66:3d:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Oct 13 19:46:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=834fb4a9e47495cd4bb0bc649cd611ddd9ef1010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:be:50:71:bf:e0:e9:c2:c1:52:12:38:a7:98:
9a:1c:5c:97:60:cc:f8:23:6c:95:40:ac:85:bc:64:
b3:b6:d4:aa:89:2d:f7:c5:6f:9b:2a:77:57:85:3f:
dd:e2:e9:2f:d1:a3:92:a5:5f:d6:d8:43:75:81:01:
75:f2:e8:8e:42:dc:a8:e9:5b:6f:36:6a:2b:52:1d:
2f:79:28:b8:1e:3e:53:4c:86:6c:c5:1f:8d:37:3c:
8f:dc:fe:f5:84:4c:58:d8:9a:23:d3:0e:ed:ec:38:
92:a0:ba:ed:72:10:4d:8f:ed:d9:2b:01:9d:53:78:
94:e6:67:4e:dd:66:0e:4b:2b:4e:dd:98:8d:a9:f8:
4e:be:e1:ed:64:c5:25:ff:41:59:ba:0a:a6:8f:dd:
c6:ba:2f:79:af:58:02:78:2b:82:2c:b5:22:2d:b7:
12:3e:24:76:84:ae:34:e0:3b:26:08:a0:d3:6f:02:
ac:70:e4:14:84:c6:f7:90:43:0a:d3:c4:03:e3:95:
00:ba:3f:f4:e6:ed:1f:6f:5f:f3:9b:21:71:47:af:
65:94:b4:7a:20:72:b2:3f:65:cd:3f:ad:76:d0:95:
91:9d:f7:2c:04:bc:85:78:86:4e:3d:8c:af:8b:91:
48:84:65:6a:dc:1a:51:9f:5e:fd:32:d4:d1:e0:b5:
f4:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:4F:B4:A9:E4:74:95:CD:4B:B0:BC:64:9C:D6:11:DD:D9:EF:10:10
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/g0-0qeR0lc1LsLxknNYR3dnvEBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.108.0.0/16
46.190.128.0/17
47.73.0.0/16
62.213.128.0/23
62.213.156.0/22
85.205.0.0/16
139.47.192.0/18
195.233.0.0/16
Signature Algorithm: sha256WithRSAEncryption
23:7e:30:af:d6:89:7e:52:b3:81:d7:b6:b9:0d:e0:2d:2e:04:
bb:ef:e4:7e:ba:27:72:52:9c:e1:71:3a:a5:73:88:3e:94:42:
73:e0:ee:81:18:29:a2:79:f4:90:ec:fa:62:0b:c1:ce:63:7f:
98:97:a2:f4:e1:72:6e:89:0f:7e:a3:47:1f:07:ef:2e:d2:16:
ae:b3:1c:b2:c4:fc:c4:63:5d:49:b1:6d:ef:53:88:70:46:6e:
86:5f:d4:be:74:da:eb:a1:1b:09:be:c3:f9:ac:43:00:ab:21:
46:4b:62:9f:86:2e:3c:41:3c:f3:c3:56:27:95:81:17:49:9b:
4b:a7:b1:83:f4:99:61:4e:15:59:c7:da:56:5d:bb:33:3c:2b:
7c:fd:ac:79:00:f4:f2:1a:31:c2:54:4f:52:14:e1:7f:ed:0f:
f2:67:f4:93:9d:a2:d5:c8:5b:93:78:3b:65:17:11:72:c8:1e:
fb:d0:7f:1c:ed:dc:e3:b3:db:c5:01:8b:4d:58:62:4e:f1:78:
e2:ad:cc:87:9b:76:87:93:4c:c6:70:7e:6e:06:4e:a2:dd:83:
71:fd:09:64:17:97:ef:bf:4b:2b:49:48:f1:4b:f1:4d:39:9c:
b4:9f:10:45:50:0b:cf:11:cc:62:52:6e:fe:bb:5d:2b:85:90:
10:6d:b3:4b
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZnfHE4GWX5yMDRv543AZj29MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjUxMDEzMTk0NjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzRmYjRhOWU0NzQ5NWNkNGJiMGJjNjQ5Y2Q2MTFkZGQ5ZWYxMDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAob5Qcb/g6cLBUhI4p5iaHFyXYMz4
I2yVQKyFvGSzttSqiS33xW+bKndXhT/d4ukv0aOSpV/W2EN1gQF18uiOQtyo6Vtv
NmorUh0veSi4Hj5TTIZsxR+NNzyP3P71hExY2Joj0w7t7DiSoLrtchBNj+3ZKwGd
U3iU5mdO3WYOSytO3ZiNqfhOvuHtZMUl/0FZugqmj93Gui95r1gCeCuCLLUiLbcS
PiR2hK404DsmCKDTbwKscOQUhMb3kEMK08QD45UAuj/05u0fb1/zmyFxR69llLR6
IHKyP2XNP6120JWRnfcsBLyFeIZOPYyvi5FIhGVq3BpRn179MtTR4LX0gQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFINPtKnkdJXNS7C8ZJzWEd3Z7xAQMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvZzAtMHFlUjBsYzFMc0x4a25OWVIzZG52RUJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwMALmwDBAcu
voADAwAvSQMEAT7VgAMEAj7VnAMDAFXNAwQGiy/AAwMAw+kwDQYJKoZIhvcNAQEL
BQADggEBACN+MK/WiX5Ss4HXtrkN4C0uBLvv5H66J3JSnOFxOqVziD6UQnPg7oEY
KaJ59JDs+mILwc5jf5iXovThcm6JD36jRx8H7y7SFq6zHLLE/MRjXUmxbe9TiHBG
boZf1L502uuhGwm+w/msQwCrIUZLYp+GLjxBPPPDVieVgRdJm0unsYP0mWFOFVnH
2lZduzM8K3z9rHkA9PIaMcJUT1IU4X/tD/Jn9JOdotXIW5N4O2UXEXLIHvvQfxzt
3OOz28UBi01YYk7xeOKtzIebdoeTTMZwfm4GTqLdg3H9CWQXl++/SytJSPFL8U05
nLSfEEVQC88RzGJSbv67XSuFkBBts0s=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:52 2025 by rpki-client