Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/GJCUY3nrgNM2NDxV-O0zUbUykYY.roa
File: GJCUY3nrgNM2NDxV-O0zUbUykYY.roa (raw, json)
Hash identifier: EJV3m3TtsYZ5PvcDYBP3yPbAO1evED39x6o2hDg8w7A=
Subject key identifier: 18:90:94:63:79:EB:80:D3:36:34:3C:55:F8:ED:33:51:B5:32:91:86
Certificate issuer: /CN=da0589dce63981870a1850906c8c2d1d96740096
Certificate serial: 0198C258EC13B6259B04EF0053A78DA3CF5B
Authority key identifier: DA:05:89:DC:E6:39:81:87:0A:18:50:90:6C:8C:2D:1D:96:74:00:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/GJCUY3nrgNM2NDxV-O0zUbUykYY.roa
Signing time: Tue 19 Aug 2025 12:41:04 +0000
ROA not before: Tue 19 Aug 2025 12:41:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8309
IP address blocks: 2a13:7505:8002::/48 maxlen: 48
2a13:7506:1002::/48 maxlen: 48
2a13:7506:9002::/48 maxlen: 48
2a13:7506:9003::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c2:58:ec:13:b6:25:9b:04:ef:00:53:a7:8d:a3:cf:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0589dce63981870a1850906c8c2d1d96740096
Validity
Not Before: Aug 19 12:41:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1890946379eb80d336343c55f8ed3351b5329186
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:45:62:52:0b:1e:99:2c:75:74:7d:85:c1:d1:
fe:21:af:47:d8:8a:ae:bb:bc:fe:43:4e:a0:4f:15:
a5:17:41:46:93:84:3d:aa:c5:ed:e9:ae:06:c1:48:
29:a5:47:fd:23:49:f0:fd:d1:f0:7e:40:c9:c0:5d:
95:c2:bd:87:b8:ee:d4:23:36:8b:5c:4f:a0:90:ea:
24:2f:2c:ab:ea:10:96:01:95:24:1e:27:1c:d2:4e:
b2:df:98:ac:9d:64:54:9d:56:8a:9d:b1:f7:e1:bf:
9a:46:aa:48:f0:fa:71:1a:6f:44:95:9f:60:13:11:
63:a3:ca:c2:c9:46:35:f9:26:35:b8:5c:4a:86:91:
b6:28:71:3e:14:99:f2:5c:12:bb:79:34:69:ad:c3:
52:24:e8:96:d1:04:93:5c:60:ff:c3:33:8b:68:fb:
1e:8c:c7:6d:8e:dd:13:1d:bd:84:92:fa:cf:6d:ea:
cc:ea:fe:9c:28:c2:34:19:1f:90:b9:e3:27:41:9b:
8b:25:8b:f0:4d:54:f4:b6:53:89:94:89:30:f4:07:
6d:0c:f5:4f:31:1f:75:69:be:24:5a:9b:33:0f:0d:
fb:54:5f:9b:73:7c:9c:d4:b2:1f:70:d6:24:f9:a6:
37:d5:3c:4e:1d:14:0f:30:b8:5e:0f:8a:3b:a1:b3:
7a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:90:94:63:79:EB:80:D3:36:34:3C:55:F8:ED:33:51:B5:32:91:86
X509v3 Authority Key Identifier:
keyid:DA:05:89:DC:E6:39:81:87:0A:18:50:90:6C:8C:2D:1D:96:74:00:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/GJCUY3nrgNM2NDxV-O0zUbUykYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:7505:8002::/48
2a13:7506:1002::/48
2a13:7506:9002::/47
Signature Algorithm: sha256WithRSAEncryption
98:c9:6b:c4:90:47:ee:26:51:11:3c:57:5c:90:b2:22:ec:01:
da:b1:f9:91:1f:7b:5f:77:4d:85:2d:43:7d:bc:ad:17:7a:14:
4c:c2:e6:a7:f7:70:f6:22:30:bd:d3:40:b0:20:90:70:88:cb:
9c:e4:f7:fe:99:aa:42:fa:ed:77:67:d5:47:3c:88:78:85:e5:
23:87:ba:eb:5c:6e:f8:8b:51:80:26:72:67:dc:2e:fd:af:f2:
dd:be:24:b1:ac:91:77:69:b7:8e:1c:2e:b9:fb:a8:84:8a:56:
b1:28:f8:53:c3:fc:26:2f:db:a0:89:83:fa:d4:70:ce:cc:e5:
d2:e2:e9:37:25:11:12:dd:8d:b3:a9:04:8f:04:31:8a:fd:a9:
b0:ca:a1:d6:a0:03:3c:ca:c2:5b:91:1b:4b:9f:91:be:9d:66:
00:7f:38:bf:40:75:27:fd:0d:48:55:45:7a:ca:66:aa:db:a2:
57:e5:ac:96:32:c6:63:62:4a:a4:cd:a0:57:34:89:18:07:eb:
41:64:f2:c9:c1:81:19:51:08:3f:a7:13:1d:63:a2:bd:f2:63:
e4:a9:13:c4:ea:2f:96:a4:57:7b:e1:ab:8d:9e:35:6f:4f:de:
19:2a:b4:06:b4:4b:da:b0:56:9f:25:0f:63:28:0f:d4:a7:a2:
5b:2f:6f:ca
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZjCWOwTtiWbBO8AU6eNo89bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDU4OWRjZTYzOTgxODcwYTE4NTA5MDZjOGMyZDFkOTY3
NDAwOTYwHhcNMjUwODE5MTI0MTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODkwOTQ2Mzc5ZWI4MGQzMzYzNDNjNTVmOGVkMzM1MWI1MzI5MTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwEViUgsemSx1dH2FwdH+Ia9H2Iqu
u7z+Q06gTxWlF0FGk4Q9qsXt6a4GwUgppUf9I0nw/dHwfkDJwF2Vwr2HuO7UIzaL
XE+gkOokLyyr6hCWAZUkHicc0k6y35isnWRUnVaKnbH34b+aRqpI8PpxGm9ElZ9g
ExFjo8rCyUY1+SY1uFxKhpG2KHE+FJnyXBK7eTRprcNSJOiW0QSTXGD/wzOLaPse
jMdtjt0THb2EkvrPberM6v6cKMI0GR+QueMnQZuLJYvwTVT0tlOJlIkw9AdtDPVP
MR91ab4kWpszDw37VF+bc3yc1LIfcNYk+aY31TxOHRQPMLheD4o7obN6iwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBiQlGN564DTNjQ8VfjtM1G1MpGGMB8GA1UdIwQY
MBaAFNoFidzmOYGHChhQkGyMLR2WdACWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdXSjNPWTVnWWNLR0ZDUWJJd3RIWlowQUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC82MzI2YmItYmEzMy00MzM5LWI4YzYt
MTRlM2MyMDE3OTY5LzEvR0pDVVkzbnJnTk0yTkR4Vi1PMHpVYlV5a1lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC82MzI2YmItYmEzMy00MzM5LWI4YzYtMTRlM2MyMDE3OTY5
LzEvMmdXSjNPWTVnWWNLR0ZDUWJJd3RIWlowQUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKhN1BYAC
AwcAKhN1BhACAwcBKhN1BpACMA0GCSqGSIb3DQEBCwUAA4IBAQCYyWvEkEfuJlER
PFdckLIi7AHasfmRH3tfd02FLUN9vK0XehRMwuan93D2IjC900CwIJBwiMuc5Pf+
mapC+u13Z9VHPIh4heUjh7rrXG74i1GAJnJn3C79r/LdviSxrJF3abeOHC65+6iE
ilaxKPhTw/wmL9ugiYP61HDOzOXS4uk3JRES3Y2zqQSPBDGK/amwyqHWoAM8ysJb
kRtLn5G+nWYAfzi/QHUn/Q1IVUV6ymaq26JX5ayWMsZjYkqkzaBXNIkYB+tBZPLJ
wYEZUQg/pxMdY6K98mPkqRPE6i+WpFd74auNnjVvT94ZKrQGtEvasFafJQ9jKA/U
p6JbL2/K
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:34:58 2025 by rpki-client