Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/GK6KWEAL4IJ-3alMh0OZ-Qj7rwg.roa
File: GK6KWEAL4IJ-3alMh0OZ-Qj7rwg.roa (raw, json)
Hash identifier: FRlSFkwovECQNUyK6QBWJtHHGLDTvf6vFXTNPjHtJPg=
Subject key identifier: 18:AE:8A:58:40:0B:E0:82:7E:DD:A9:4C:87:43:99:F9:08:FB:AF:08
Certificate issuer: /CN=98c1d03b49504d34465dc40a3d0f9086cacfdb8e
Certificate serial: 019999CCD84955605CB033D7A07C134CF99F
Authority key identifier: 98:C1:D0:3B:49:50:4D:34:46:5D:C4:0A:3D:0F:90:86:CA:CF:DB:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mMHQO0lQTTRGXcQKPQ-QhsrP244.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/GK6KWEAL4IJ-3alMh0OZ-Qj7rwg.roa
Signing time: Tue 30 Sep 2025 08:46:02 +0000
ROA not before: Tue 30 Sep 2025 08:46:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56655
IP address blocks: 45.88.200.0/24 maxlen: 24
45.88.201.0/24 maxlen: 24
45.88.202.0/24 maxlen: 24
151.216.56.0/21 maxlen: 21
185.14.97.0/24 maxlen: 24
185.125.168.0/22 maxlen: 22
185.181.60.0/22 maxlen: 22
185.243.216.0/24 maxlen: 24
185.243.217.0/24 maxlen: 24
185.243.218.0/24 maxlen: 24
193.200.221.0/24 maxlen: 24
193.200.229.0/24 maxlen: 24
193.200.238.0/24 maxlen: 24
193.243.189.0/24 maxlen: 24
194.32.107.0/24 maxlen: 24
194.110.207.0/24 maxlen: 24
195.16.73.0/24 maxlen: 24
198.140.141.0/24 maxlen: 24
2a03:94e0::/32 maxlen: 32
2a03:94e1::/32 maxlen: 32
2a03:94e2::/32 maxlen: 32
2a03:94e3::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/mMHQO0lQTTRGXcQKPQ-QhsrP244.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/mMHQO0lQTTRGXcQKPQ-QhsrP244.mft
rsync://rpki.ripe.net/repository/DEFAULT/mMHQO0lQTTRGXcQKPQ-QhsrP244.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:99:cc:d8:49:55:60:5c:b0:33:d7:a0:7c:13:4c:f9:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98c1d03b49504d34465dc40a3d0f9086cacfdb8e
Validity
Not Before: Sep 30 08:46:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18ae8a58400be0827edda94c874399f908fbaf08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:38:1a:d1:5f:61:6b:f9:d1:e8:1f:e3:cb:4e:
3c:69:5c:1f:49:b7:de:9a:35:f0:4b:fe:a5:9f:a7:
67:da:3f:68:45:8a:25:d7:e0:ad:ea:32:bb:f9:b1:
56:75:e1:80:70:f4:11:56:53:39:65:40:df:20:b5:
3d:90:27:3d:d5:56:b8:ac:fb:12:6f:69:4e:6c:b7:
d2:66:1b:8b:05:cd:2e:bc:93:99:53:48:84:20:ef:
64:c3:3d:a3:9b:a3:6c:c2:8b:a4:06:14:53:55:5f:
10:b2:4e:f3:f3:86:36:62:de:d1:46:e9:8a:f8:47:
91:0a:14:db:59:eb:3d:cf:35:cf:bb:04:51:43:d7:
2d:a6:55:4f:84:a0:56:f9:dd:0b:88:17:a1:8a:8e:
0e:72:13:3c:09:9f:82:43:2d:87:d2:bd:fe:b7:98:
7c:c1:de:b8:05:87:f0:37:cc:5a:9c:f6:0d:97:df:
0d:43:6a:f4:1e:21:06:e5:2e:02:7b:51:d3:60:b8:
49:8f:06:42:d7:d1:e6:43:e0:98:96:92:67:a8:2e:
bb:b0:3d:b2:d5:f4:60:a5:b5:0a:dc:03:5c:7c:4c:
10:00:ef:43:50:5d:97:d4:8b:8c:7f:13:60:7d:f4:
4d:33:bd:d5:7d:cf:dc:fc:8c:59:1d:8f:a2:c6:d7:
49:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:AE:8A:58:40:0B:E0:82:7E:DD:A9:4C:87:43:99:F9:08:FB:AF:08
X509v3 Authority Key Identifier:
keyid:98:C1:D0:3B:49:50:4D:34:46:5D:C4:0A:3D:0F:90:86:CA:CF:DB:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mMHQO0lQTTRGXcQKPQ-QhsrP244.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/GK6KWEAL4IJ-3alMh0OZ-Qj7rwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d6c257-f501-4796-aa61-c31bde510085/1/mMHQO0lQTTRGXcQKPQ-QhsrP244.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.200.0-45.88.202.255
151.216.56.0/21
185.14.97.0/24
185.125.168.0/22
185.181.60.0/22
185.243.216.0-185.243.218.255
193.200.221.0/24
193.200.229.0/24
193.200.238.0/24
193.243.189.0/24
194.32.107.0/24
194.110.207.0/24
195.16.73.0/24
198.140.141.0/24
IPv6:
2a03:94e0::/30
Signature Algorithm: sha256WithRSAEncryption
bb:5f:ee:22:d5:8e:8e:41:3b:4a:28:7c:d0:07:df:40:05:82:
9c:cf:3c:9a:fa:f7:c4:aa:29:ae:e9:7f:10:38:a0:ea:07:d6:
70:a8:9c:9f:0e:ff:0f:42:25:4c:e1:40:2a:06:a0:74:ae:3c:
ea:a6:5d:80:77:09:be:c8:1c:a9:ae:27:0b:48:cb:66:e1:9c:
4f:d0:bc:65:b9:25:9c:d0:cf:79:9f:8a:f6:33:5e:71:7f:e8:
c9:50:c4:96:27:cf:14:8b:68:b3:c7:63:40:af:f8:00:49:20:
83:32:5b:c4:e4:8a:d3:d1:de:4b:43:64:3f:97:ef:34:21:7c:
3c:fb:0f:01:a7:e4:6c:c6:04:4a:35:6a:fe:08:29:02:5a:98:
ff:14:14:0b:dc:43:d9:ac:df:8a:29:d4:b0:89:d4:40:fc:a9:
86:55:cf:e5:af:8a:57:86:25:e2:e1:74:02:54:6d:7d:3a:ae:
63:1b:cf:e1:cd:4d:c9:04:a7:ed:3c:48:ea:97:f4:77:9d:7c:
14:40:07:32:57:06:ab:ad:e3:bb:64:f8:76:2e:fa:49:5c:0b:
f1:40:38:74:cb:19:cd:96:b3:f9:4d:a6:44:eb:0d:c8:7a:fa:
e6:66:81:e0:29:87:c2:38:4f:99:b9:49:20:b7:37:83:18:b8:
3b:de:7c:e3
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAZmZzNhJVWBcsDPXoHwTTPmfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YzFkMDNiNDk1MDRkMzQ0NjVkYzQwYTNkMGY5MDg2Y2Fj
ZmRiOGUwHhcNMjUwOTMwMDg0NjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGFlOGE1ODQwMGJlMDgyN2VkZGE5NGM4NzQzOTlmOTA4ZmJhZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTga0V9ha/nR6B/jy048aVwfSbfe
mjXwS/6ln6dn2j9oRYol1+Ct6jK7+bFWdeGAcPQRVlM5ZUDfILU9kCc91Va4rPsS
b2lObLfSZhuLBc0uvJOZU0iEIO9kwz2jm6NswoukBhRTVV8Qsk7z84Y2Yt7RRumK
+EeRChTbWes9zzXPuwRRQ9ctplVPhKBW+d0LiBehio4OchM8CZ+CQy2H0r3+t5h8
wd64BYfwN8xanPYNl98NQ2r0HiEG5S4Ce1HTYLhJjwZC19HmQ+CYlpJnqC67sD2y
1fRgpbUK3ANcfEwQAO9DUF2X1IuMfxNgffRNM73Vfc/c/IxZHY+ixtdJmQIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFBiuilhAC+CCft2pTIdDmfkI+68IMB8GA1UdIwQY
MBaAFJjB0DtJUE00Rl3ECj0PkIbKz9uOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU1IUU8wbFFUVFJHWGNRS1BRLVFoc3JQMjQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9kNmMyNTctZjUwMS00Nzk2LWFhNjEt
YzMxYmRlNTEwMDg1LzEvR0s2S1dFQUw0SUotM2FsTWgwT1otUWo3cndnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9kNmMyNTctZjUwMS00Nzk2LWFhNjEtYzMxYmRlNTEwMDg1
LzEvbU1IUU8wbFFUVFJHWGNRS1BRLVFoc3JQMjQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswagQCAAEwZDAMAwQDLVjI
AwQALVjKAwQDl9g4AwQAuQ5hAwQCuX2oAwQCubU8MAwDBAO589gDBAC589oDBADB
yN0DBADByOUDBADByO4DBADB870DBADCIGsDBADCbs8DBADDEEkDBADGjI0wDQQC
AAIwBwMFAioDlOAwDQYJKoZIhvcNAQELBQADggEBALtf7iLVjo5BO0oofNAH30AF
gpzPPJr698SqKa7pfxA4oOoH1nConJ8O/w9CJUzhQCoGoHSuPOqmXYB3Cb7IHKmu
JwtIy2bhnE/QvGW5JZzQz3mfivYzXnF/6MlQxJYnzxSLaLPHY0Cv+ABJIIMyW8Tk
itPR3ktDZD+X7zQhfDz7DwGn5GzGBEo1av4IKQJamP8UFAvcQ9ms34op1LCJ1ED8
qYZVz+WvileGJeLhdAJUbX06rmMbz+HNTckEp+08SOqX9HedfBRABzJXBqut47tk
+HYu+klcC/FAOHTLGc2Ws/lNpkTrDch6+uZmgeAph8I4T5m5SSC3N4MYuDvefOM=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:57:53 2025 by rpki-client