Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/gp9nHU_cukvMULZAvDnIuT6ptiM.roa
File: gp9nHU_cukvMULZAvDnIuT6ptiM.roa (raw, json)
Hash identifier: 7wIfWYcUlSAbfRukKEeXPASEhd8fL4WRrL0l2D1YuTg=
Subject key identifier: 82:9F:67:1D:4F:DC:BA:4B:CC:50:B6:40:BC:39:C8:B9:3E:A9:B6:23
Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Certificate serial: 0199996AE2899C7B7339FE43A1723FE08B71
Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/gp9nHU_cukvMULZAvDnIuT6ptiM.roa
Signing time: Tue 30 Sep 2025 06:59:02 +0000
ROA not before: Tue 30 Sep 2025 06:59:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207050
IP address blocks: 79.143.132.0/22 maxlen: 22
79.143.132.0/24 maxlen: 24
79.143.135.0/24 maxlen: 24
92.119.20.0/22 maxlen: 22
185.59.48.0/22 maxlen: 22
185.59.50.0/24 maxlen: 24
185.124.104.0/22 maxlen: 22
185.124.104.0/24 maxlen: 24
185.124.105.0/24 maxlen: 24
193.160.84.0/22 maxlen: 22
2a04:e2c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.mft
rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:99:6a:e2:89:9c:7b:73:39:fe:43:a1:72:3f:e0:8b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Validity
Not Before: Sep 30 06:59:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=829f671d4fdcba4bcc50b640bc39c8b93ea9b623
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:6e:2d:69:36:31:bc:b1:ad:e3:0e:f4:1d:d1:
58:70:96:c9:a1:c8:6c:98:d3:47:32:9c:39:8d:ef:
e6:9c:32:e5:ad:ba:bf:7d:47:d6:ce:29:3f:68:97:
87:d3:5f:ba:c1:f2:30:31:e3:0b:f3:38:19:39:c0:
da:b9:be:ba:9b:ab:e5:b5:1a:cd:16:d6:e7:36:57:
4e:db:10:a8:ec:65:e1:70:7e:a9:1c:1d:b8:c9:fe:
c8:16:91:0c:d4:c5:b4:9b:a7:83:f6:da:1c:6a:d4:
e8:65:47:1a:e4:c0:c0:3b:c6:a6:c6:53:2e:e1:34:
37:36:be:15:96:eb:32:17:7d:46:17:27:55:bb:95:
7d:b2:64:9b:d8:2a:d2:96:fa:38:cc:6a:48:ea:de:
ce:03:58:0d:71:2a:fe:c1:32:20:e8:d8:1a:52:dc:
22:51:e8:9a:52:50:ad:b4:2c:00:b0:e0:47:60:7e:
b5:35:69:73:21:39:ab:6e:f0:95:90:c5:95:43:75:
fd:29:b9:c9:64:38:c7:4a:78:73:df:e0:cb:cd:fd:
c3:88:82:8d:8b:aa:83:d6:51:b4:d6:89:97:a2:e1:
b0:b1:d1:ea:2d:fd:5e:58:f4:b4:51:7f:50:82:00:
6a:42:17:31:a8:c4:55:94:09:87:d3:bc:1c:20:4f:
15:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:9F:67:1D:4F:DC:BA:4B:CC:50:B6:40:BC:39:C8:B9:3E:A9:B6:23
X509v3 Authority Key Identifier:
keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/gp9nHU_cukvMULZAvDnIuT6ptiM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.143.132.0/22
92.119.20.0/22
185.59.48.0/22
185.124.104.0/22
193.160.84.0/22
IPv6:
2a04:e2c0::/29
Signature Algorithm: sha256WithRSAEncryption
92:b4:45:30:3e:03:6e:fa:19:7d:99:ae:88:f4:78:e0:96:1c:
d7:6c:99:a9:de:8c:52:09:0e:33:d2:b8:05:29:c3:59:74:f2:
f4:94:4f:7b:52:54:a5:17:8b:c8:31:65:59:6e:1a:ed:0a:d4:
3f:f0:dc:ed:6e:2e:fa:03:9f:d6:d2:92:30:2a:78:2a:d2:4b:
0f:bc:5b:51:93:54:8c:41:98:f3:b8:51:ee:97:3f:dc:14:13:
6b:0a:99:05:61:9a:56:7c:1a:f6:30:2a:00:b4:5c:6b:0c:bd:
8f:58:b3:52:72:e8:07:54:90:8d:1d:80:13:6a:38:40:52:1c:
b2:c8:38:a2:5b:63:d6:ab:be:af:00:be:c3:52:e3:88:dc:22:
0f:09:b3:98:1a:13:e9:51:3a:4a:80:1d:ec:61:be:b3:82:d7:
19:73:b0:5f:d7:22:11:49:6d:31:7f:7b:2e:1e:8e:6b:02:c5:
28:7d:94:fb:af:8f:14:9e:7b:32:35:fd:70:de:77:f4:11:40:
e7:b7:42:e6:f5:2e:a3:c2:ee:cc:d4:7f:05:7f:3f:ff:e2:ae:
ba:42:6a:8f:78:90:e2:09:a4:99:6c:6b:29:ce:f3:a9:b0:fe:
4a:ec:da:d9:99:19:ba:aa:e2:0c:5f:f7:49:ca:1c:a4:8a:de:
8b:42:c5:15
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZmZauKJnHtzOf5DoXI/4ItxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOTRhNDI1NTk1ZTkyM2M0YjUzYjljMDAwYWE4ZjE5YWQ5
MjNmMjAwHhcNMjUwOTMwMDY1OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjlmNjcxZDRmZGNiYTRiY2M1MGI2NDBiYzM5YzhiOTNlYTliNjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsW4taTYxvLGt4w70HdFYcJbJochs
mNNHMpw5je/mnDLlrbq/fUfWzik/aJeH01+6wfIwMeML8zgZOcDaub66m6vltRrN
FtbnNldO2xCo7GXhcH6pHB24yf7IFpEM1MW0m6eD9tocatToZUca5MDAO8amxlMu
4TQ3Nr4VlusyF31GFydVu5V9smSb2CrSlvo4zGpI6t7OA1gNcSr+wTIg6NgaUtwi
UeiaUlCttCwAsOBHYH61NWlzITmrbvCVkMWVQ3X9KbnJZDjHSnhz3+DLzf3DiIKN
i6qD1lG01omXouGwsdHqLf1eWPS0UX9QggBqQhcxqMRVlAmH07wcIE8VCwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIKfZx1P3LpLzFC2QLw5yLk+qbYjMB8GA1UdIwQY
MBaAFHCUpCVZXpI8S1O5wACqjxmtkj8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUt
Nzc3MzczZTYwNTVlLzEvZ3A5bkhVX2N1a3ZNVUxaQXZEbkl1VDZwdGlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUtNzc3MzczZTYwNTVl
LzEvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCT4+EAwQC
XHcUAwQCuTswAwQCuXxoAwQCwaBUMA0EAgACMAcDBQMqBOLAMA0GCSqGSIb3DQEB
CwUAA4IBAQCStEUwPgNu+hl9ma6I9HjglhzXbJmp3oxSCQ4z0rgFKcNZdPL0lE97
UlSlF4vIMWVZbhrtCtQ/8Nztbi76A5/W0pIwKngq0ksPvFtRk1SMQZjzuFHulz/c
FBNrCpkFYZpWfBr2MCoAtFxrDL2PWLNScugHVJCNHYATajhAUhyyyDiiW2PWq76v
AL7DUuOI3CIPCbOYGhPpUTpKgB3sYb6zgtcZc7Bf1yIRSW0xf3suHo5rAsUofZT7
r48UnnsyNf1w3nf0EUDnt0Lm9S6jwu7M1H8Ffz//4q66QmqPeJDiCaSZbGspzvOp
sP5K7NrZmRm6quIMX/dJyhykit6LQsUV
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:02 2025 by rpki-client