Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/gR0xjod2kJMAOZDXkviUuaqPbyE.roa
File: gR0xjod2kJMAOZDXkviUuaqPbyE.roa (raw, json)
Hash identifier: g0iunyZcw6dyqneyw5niQPBQa/bLDUK2qwb16mDP+6Q=
Subject key identifier: 81:1D:31:8E:87:76:90:93:00:39:90:D7:92:F8:94:B9:AA:8F:6F:21
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019899934EEBCF8A0EDD659A07CBFA637568
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/gR0xjod2kJMAOZDXkviUuaqPbyE.roa
Signing time: Mon 11 Aug 2025 14:40:24 +0000
ROA not before: Mon 11 Aug 2025 14:40:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8928
IP address blocks: 212.222.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:99:93:4e:eb:cf:8a:0e:dd:65:9a:07:cb:fa:63:75:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Aug 11 14:40:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=811d318e87769093003990d792f894b9aa8f6f21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:36:41:b9:ed:2a:e0:5a:47:2b:87:b6:93:b6:
bc:95:ef:21:06:7a:93:7d:d4:9b:74:07:1e:cb:9e:
d2:4f:8a:12:a8:bd:09:81:5b:e3:14:95:e6:d5:9b:
6c:c9:4a:d6:bb:46:6f:d9:f6:6b:c0:d9:9b:af:3f:
4e:6a:a5:34:e8:3d:2c:26:83:dd:f3:da:64:9f:58:
2c:71:33:7a:ab:ba:f8:7b:cf:c1:e2:53:78:5d:41:
fb:41:8b:67:fb:1b:9b:d4:4e:1d:aa:22:28:a1:b8:
83:cb:49:3d:67:de:30:ca:ab:5e:30:bf:da:da:cd:
b7:01:d5:10:81:87:96:fc:eb:a8:59:0f:f5:bc:e7:
83:ef:17:ca:31:18:7b:d2:8c:28:46:a9:06:97:6a:
1b:c5:52:bd:ea:cf:68:7a:bf:00:eb:5e:fc:bf:0d:
c4:f6:41:62:77:34:69:46:66:e1:0b:21:c4:a7:40:
22:e0:41:8d:79:22:12:3c:e8:8c:37:47:ee:5e:f4:
1a:73:97:1f:6f:c6:1a:e3:ce:14:c3:03:ff:27:c9:
07:41:b6:c5:a9:8e:3b:51:d0:79:e4:b8:a3:19:3e:
67:b7:32:0c:57:0c:35:18:72:c1:02:52:3f:d8:3e:
8c:19:07:22:a8:c9:0b:f3:5f:02:17:22:09:76:35:
5c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:1D:31:8E:87:76:90:93:00:39:90:D7:92:F8:94:B9:AA:8F:6F:21
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/gR0xjod2kJMAOZDXkviUuaqPbyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.222.128.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:e1:b1:c8:de:4c:62:17:21:a9:57:02:34:6d:86:a5:8a:9b:
91:c2:a6:2c:63:5c:92:f9:b8:91:40:94:b9:89:32:a1:19:f8:
d4:9e:07:63:b0:15:24:9b:d2:de:66:92:ee:06:72:0d:b3:84:
7e:5c:64:ed:07:71:c4:d0:4c:3b:36:03:95:d7:36:f2:92:60:
90:86:1b:3a:d3:52:9e:83:f0:dd:ab:05:f0:22:4a:4b:e8:15:
3b:bf:f0:8c:f8:7d:68:65:b7:87:4d:f6:ae:87:c1:51:5e:a2:
fb:39:fa:2f:ab:40:1c:1f:cc:41:6f:f0:a2:9a:26:1c:a6:0f:
7f:8c:05:ed:d4:8f:ed:c0:3a:1f:73:55:a4:af:46:f2:0b:6e:
69:5f:9a:08:97:c5:eb:e4:bd:c5:6b:2d:96:b5:51:4c:aa:7e:
ac:35:e6:3a:c9:01:af:84:cf:42:98:59:fd:79:99:7b:b5:ed:
c6:73:09:69:50:0b:ac:e0:85:ef:29:06:38:66:4a:e0:08:e7:
2b:8d:6e:cd:83:f1:ab:f7:e8:d4:46:1c:22:d1:b3:45:93:1a:
f1:4d:0b:43:f1:7b:79:58:0f:8a:76:22:5d:0c:dc:e7:9e:ad:
54:2f:a8:e9:44:2a:19:36:fd:59:7f:4f:1d:8d:b4:b0:f1:c5:
17:ce:96:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZiZk07rz4oO3WWaB8v6Y3VoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwODExMTQ0MDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTFkMzE4ZTg3NzY5MDkzMDAzOTkwZDc5MmY4OTRiOWFhOGY2ZjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDZBue0q4FpHK4e2k7a8le8hBnqT
fdSbdAcey57ST4oSqL0JgVvjFJXm1ZtsyUrWu0Zv2fZrwNmbrz9OaqU06D0sJoPd
89pkn1gscTN6q7r4e8/B4lN4XUH7QYtn+xub1E4dqiIoobiDy0k9Z94wyqteML/a
2s23AdUQgYeW/OuoWQ/1vOeD7xfKMRh70owoRqkGl2obxVK96s9oer8A6178vw3E
9kFidzRpRmbhCyHEp0Ai4EGNeSISPOiMN0fuXvQac5cfb8Ya484UwwP/J8kHQbbF
qY47UdB55LijGT5ntzIMVww1GHLBAlI/2D6MGQciqMkL818CFyIJdjVcQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIEdMY6HdpCTADmQ15L4lLmqj28hMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvZ1IweGpvZDJrSk1BT1pEWGt2aVV1YXFQYnlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1N6AMA0G
CSqGSIb3DQEBCwUAA4IBAQDY4bHI3kxiFyGpVwI0bYalipuRwqYsY1yS+biRQJS5
iTKhGfjUngdjsBUkm9LeZpLuBnINs4R+XGTtB3HE0Ew7NgOV1zbykmCQhhs601Ke
g/DdqwXwIkpL6BU7v/CM+H1oZbeHTfauh8FRXqL7Ofovq0AcH8xBb/CimiYcpg9/
jAXt1I/twDofc1Wkr0byC25pX5oIl8Xr5L3Fay2WtVFMqn6sNeY6yQGvhM9CmFn9
eZl7te3GcwlpUAus4IXvKQY4ZkrgCOcrjW7Ng/Gr9+jURhwi0bNFkxrxTQtD8Xt5
WA+KdiJdDNznnq1UL6jpRCoZNv1Zf08djbSw8cUXzpbl
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:55:31 2025 by rpki-client