Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/gG0DNUP64NYeP7QJN-nJ3HYb71o.roa
File: gG0DNUP64NYeP7QJN-nJ3HYb71o.roa (raw, json)
Hash identifier: TdYqV2WNRnqL2XDaa0pYRnVh8SMGr720PVd0f0ZigsI=
Subject key identifier: 80:6D:03:35:43:FA:E0:D6:1E:3F:B4:09:37:E9:C9:DC:76:1B:EF:5A
Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Certificate serial: 0199DF1E229C79B42A69A848CD4E77710945
Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/gG0DNUP64NYeP7QJN-nJ3HYb71o.roa
Signing time: Mon 13 Oct 2025 19:48:38 +0000
ROA not before: Mon 13 Oct 2025 19:48:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201917
IP address blocks: 37.25.128.0/17 maxlen: 24
45.144.96.0/22 maxlen: 24
46.108.0.0/16 maxlen: 24
46.190.128.0/17 maxlen: 24
47.73.0.0/16 maxlen: 24
47.73.25.0/24 maxlen: 24
47.73.31.0/24 maxlen: 24
47.73.81.0/24 maxlen: 24
47.73.85.0/24 maxlen: 24
47.73.86.0/24 maxlen: 24
47.73.114.0/24 maxlen: 24
47.73.146.0/24 maxlen: 24
47.73.214.0/24 maxlen: 24
47.73.250.0/24 maxlen: 24
139.47.192.0/18 maxlen: 24
195.232.128.0/17 maxlen: 24
195.233.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft
rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:df:1e:22:9c:79:b4:2a:69:a8:48:cd:4e:77:71:09:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2
Validity
Not Before: Oct 13 19:48:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=806d033543fae0d61e3fb40937e9c9dc761bef5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bc:b8:d4:a8:1d:ba:a8:a4:11:1c:f9:61:41:
b8:ba:19:ff:2e:94:7b:3c:e1:9a:85:b7:38:49:28:
5b:36:7d:e0:8d:c0:1d:6a:70:86:a7:fa:27:3a:b3:
d7:07:a5:a3:ce:74:7e:fe:00:3a:c0:2c:d5:cd:19:
99:0d:52:ac:63:2f:d8:65:98:23:28:7d:12:af:56:
80:6a:98:65:c8:1c:44:ce:de:08:3a:bf:f5:29:cc:
11:31:57:67:61:4b:34:c2:6d:59:ff:af:ef:4b:70:
a0:86:50:df:07:b1:36:88:6f:ce:a4:4d:59:d4:db:
da:9c:fb:2d:14:3f:a1:d0:55:c5:d9:27:59:a8:93:
30:3b:fe:f5:e1:e5:03:fc:71:61:16:61:99:49:97:
77:e8:79:87:12:f1:f5:89:27:ba:08:31:07:0c:d7:
27:5f:f0:76:51:ce:a7:57:00:88:81:73:45:74:87:
65:5d:4b:17:66:88:9e:fb:ca:02:cd:68:75:4f:ad:
8b:0e:4d:29:ef:33:06:22:a1:b7:03:91:5d:f3:6e:
aa:07:20:d8:ec:f6:17:8b:41:6e:0b:83:48:32:36:
38:b3:f6:b1:0c:1b:3a:4f:f4:62:0d:00:8e:10:2f:
11:c5:88:3c:43:fd:4a:5f:e3:09:05:ea:dc:96:53:
f6:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:6D:03:35:43:FA:E0:D6:1E:3F:B4:09:37:E9:C9:DC:76:1B:EF:5A
X509v3 Authority Key Identifier:
keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/gG0DNUP64NYeP7QJN-nJ3HYb71o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.25.128.0/17
45.144.96.0/22
46.108.0.0/16
46.190.128.0/17
47.73.0.0/16
139.47.192.0/18
195.232.128.0-195.233.255.255
Signature Algorithm: sha256WithRSAEncryption
b1:cc:2c:e2:fe:a2:5b:2d:ec:9a:71:ae:42:e5:ee:68:e1:da:
89:bd:e6:04:a0:4c:a6:7a:78:81:fe:72:f4:3e:a2:15:bd:66:
6f:a5:34:a8:9c:d2:45:66:16:37:21:23:0d:4a:13:d8:0c:53:
13:75:ed:d9:e2:f2:61:7f:9a:88:c3:31:8a:5e:c6:f3:6f:84:
d9:d9:38:55:a0:8e:17:81:b9:ed:53:eb:47:65:e6:c5:33:0f:
71:c8:04:d0:e5:75:74:3d:e0:0e:fd:0c:cf:06:f3:e3:74:19:
11:68:50:99:bb:f3:a3:7a:4c:ff:b5:b0:0d:a8:d8:61:d9:3c:
6e:c9:50:ba:27:05:87:a0:f8:ab:9d:fb:2d:a1:c7:43:9f:a8:
0a:11:66:17:e0:dd:2c:7f:3e:9a:c8:1f:2c:9c:59:0d:2a:00:
ca:5f:cc:11:db:86:36:79:27:ac:ea:d7:8e:32:18:c7:94:38:
76:4a:dd:42:36:bd:da:c9:d9:d1:20:64:39:9a:10:07:78:93:
15:31:5b:d4:64:55:f6:01:71:6e:21:00:62:c2:33:b4:78:49:
0e:4d:d3:01:b1:28:0d:3d:f3:43:26:cd:1d:89:f0:f3:d3:4c:
70:88:b9:12:7d:73:21:4b:da:a9:ae:b2:1d:14:4d:d6:3c:c4:
06:94:e8:04
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZnfHiKcebQqaahIzU53cQlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3
NTE1ZDIwHhcNMjUxMDEzMTk0ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDZkMDMzNTQzZmFlMGQ2MWUzZmI0MDkzN2U5YzlkYzc2MWJlZjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwry41KgduqikERz5YUG4uhn/LpR7
POGahbc4SShbNn3gjcAdanCGp/onOrPXB6WjznR+/gA6wCzVzRmZDVKsYy/YZZgj
KH0Sr1aAaphlyBxEzt4IOr/1KcwRMVdnYUs0wm1Z/6/vS3CghlDfB7E2iG/OpE1Z
1NvanPstFD+h0FXF2SdZqJMwO/714eUD/HFhFmGZSZd36HmHEvH1iSe6CDEHDNcn
X/B2Uc6nVwCIgXNFdIdlXUsXZoie+8oCzWh1T62LDk0p7zMGIqG3A5Fd826qByDY
7PYXi0FuC4NIMjY4s/axDBs6T/RiDQCOEC8RxYg8Q/1KX+MJBercllP27QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFIBtAzVD+uDWHj+0CTfpydx2G+9aMB8GA1UdIwQY
MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt
ZWVjNWQ1MGVmYTk0LzEvZ0cwRE5VUDY0TlllUDdRSk4tbkozSFliNzFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0
LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAATAvAwQHJRmAAwQC
LZBgAwMALmwDBAcuvoADAwAvSQMEBosvwDALAwQHw+iAAwMBw+gwDQYJKoZIhvcN
AQELBQADggEBALHMLOL+olst7JpxrkLl7mjh2om95gSgTKZ6eIH+cvQ+ohW9Zm+l
NKic0kVmFjchIw1KE9gMUxN17dni8mF/mojDMYpexvNvhNnZOFWgjheBue1T60dl
5sUzD3HIBNDldXQ94A79DM8G8+N0GRFoUJm786N6TP+1sA2o2GHZPG7JULonBYeg
+Kud+y2hx0OfqAoRZhfg3Sx/PprIHyycWQ0qAMpfzBHbhjZ5J6zq144yGMeUOHZK
3UI2vdrJ2dEgZDmaEAd4kxUxW9RkVfYBcW4hAGLCM7R4SQ5N0wGxKA0980MmzR2J
8PPTTHCIuRJ9cyFL2qmush0UTdY8xAaU6AQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:51 2025 by rpki-client