Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/GgSeZqBtPbDTA-VVXf9e6AoPvUg.roa
File: GgSeZqBtPbDTA-VVXf9e6AoPvUg.roa (raw, json)
Hash identifier: LXq0XhZj1SmNEFSwc+aRkKJHZ0BEOQodJpp7/CVQB0M=
Subject key identifier: 1A:04:9E:66:A0:6D:3D:B0:D3:03:E5:55:5D:FF:5E:E8:0A:0F:BD:48
Certificate issuer: /CN=6a8edda2f21c885fbe67286218b8318d6ad23896
Certificate serial: 01995E018B9170A916C017BF8427B10C4FE9
Authority key identifier: 6A:8E:DD:A2:F2:1C:88:5F:BE:67:28:62:18:B8:31:8D:6A:D2:38:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ao7dovIciF--ZyhiGLgxjWrSOJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/GgSeZqBtPbDTA-VVXf9e6AoPvUg.roa
Signing time: Thu 18 Sep 2025 18:06:23 +0000
ROA not before: Thu 18 Sep 2025 18:06:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198193
IP address blocks: 91.216.73.0/24 maxlen: 24
91.216.77.0/24 maxlen: 24
91.216.100.0/24 maxlen: 24
91.216.122.0/24 maxlen: 24
185.91.192.0/22 maxlen: 24
185.104.164.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/ao7dovIciF--ZyhiGLgxjWrSOJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/ao7dovIciF--ZyhiGLgxjWrSOJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ao7dovIciF--ZyhiGLgxjWrSOJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5e:01:8b:91:70:a9:16:c0:17:bf:84:27:b1:0c:4f:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a8edda2f21c885fbe67286218b8318d6ad23896
Validity
Not Before: Sep 18 18:06:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a049e66a06d3db0d303e5555dff5ee80a0fbd48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2e:87:3f:3e:67:75:d3:8c:30:b5:af:34:0c:
8a:f7:56:64:fe:bf:cb:7d:c8:ef:b7:ac:72:5c:28:
c8:2c:3b:1f:f3:14:fc:ca:86:cd:6c:da:dd:1c:97:
5b:fd:8a:9d:2c:4e:61:a0:d7:4e:fc:34:c3:04:06:
e5:a5:bb:42:e2:42:f5:ba:0a:64:2e:76:2a:20:9e:
68:0d:a1:24:fe:5e:4d:51:5a:a8:5a:95:5d:91:f4:
e3:64:97:71:34:55:8d:b4:f0:e0:21:fe:8e:2a:a1:
0d:a1:99:cd:17:03:6f:dc:ee:47:9b:82:01:91:ab:
17:fc:bb:49:45:dd:96:c5:da:25:83:ae:55:aa:1f:
64:f3:31:b1:c2:fa:3b:bb:59:11:68:6e:4e:d2:5c:
d8:fd:bb:ea:67:74:23:61:34:8c:d1:27:df:bb:a3:
c6:6a:37:be:c6:c6:70:05:01:10:07:8a:54:0e:87:
ee:d6:10:9e:ea:ac:12:5f:b5:1f:8b:1f:e3:75:58:
1d:3d:ab:33:a9:91:59:45:5c:ec:48:12:4d:11:f2:
f6:1a:37:06:4a:88:51:5a:60:de:89:02:61:3d:2b:
90:b3:96:f2:34:f8:cd:ae:24:73:cb:b8:1b:5c:92:
63:a6:b1:b2:a1:21:72:e8:4e:62:d4:08:4b:aa:4c:
b0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:04:9E:66:A0:6D:3D:B0:D3:03:E5:55:5D:FF:5E:E8:0A:0F:BD:48
X509v3 Authority Key Identifier:
keyid:6A:8E:DD:A2:F2:1C:88:5F:BE:67:28:62:18:B8:31:8D:6A:D2:38:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ao7dovIciF--ZyhiGLgxjWrSOJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/GgSeZqBtPbDTA-VVXf9e6AoPvUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/6db797-a3d3-4241-903a-0c66840198d0/1/ao7dovIciF--ZyhiGLgxjWrSOJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.73.0/24
91.216.77.0/24
91.216.100.0/24
91.216.122.0/24
185.91.192.0/22
185.104.164.0/22
Signature Algorithm: sha256WithRSAEncryption
90:5c:2f:20:a6:02:2f:43:30:92:c0:ed:09:4c:5e:e3:8f:2c:
8f:a8:e3:f8:db:b1:c8:17:e9:52:b8:0b:4c:c0:70:15:0a:bf:
ee:66:60:bd:3a:3b:33:7b:b2:c9:26:93:5f:0c:9e:45:91:dc:
fa:6d:12:d7:5b:67:00:d2:4a:7e:db:26:f3:e3:09:6d:58:89:
e7:31:50:de:c2:cd:34:d7:0b:6d:3e:fc:99:d9:2d:09:6b:7d:
6c:df:c8:ba:a2:eb:55:92:44:45:f2:41:e6:13:cc:87:6e:f5:
29:48:fd:56:3d:2a:d5:2b:ad:cb:88:62:51:ff:12:fc:cc:e7:
a2:51:af:57:3c:4a:bd:7e:99:9b:5f:1d:82:3c:e0:76:af:b0:
77:6c:01:b3:d0:c2:1c:b2:9f:f0:b8:f0:93:74:63:af:18:5d:
d8:4f:1f:1d:d3:fc:b2:ed:66:4a:70:96:a2:20:cd:24:0f:9d:
33:ea:d7:b6:06:a7:b1:43:73:8f:b8:ed:0e:e7:e8:32:08:49:
c1:56:14:7c:79:29:ff:bd:ba:f0:4b:59:3c:c4:fc:13:0c:b1:
8e:40:15:53:ea:b6:28:51:f8:d6:7c:c8:a9:41:f8:e1:3b:7d:
27:a7:c9:5f:f7:67:b0:11:a1:4c:b9:67:6d:a7:b3:0a:f7:22:
de:4a:5f:a7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZleAYuRcKkWwBe/hCexDE/pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOGVkZGEyZjIxYzg4NWZiZTY3Mjg2MjE4YjgzMThkNmFk
MjM4OTYwHhcNMjUwOTE4MTgwNjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTA0OWU2NmEwNmQzZGIwZDMwM2U1NTU1ZGZmNWVlODBhMGZiZDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlC6HPz5nddOMMLWvNAyK91Zk/r/L
fcjvt6xyXCjILDsf8xT8yobNbNrdHJdb/YqdLE5hoNdO/DTDBAblpbtC4kL1ugpk
LnYqIJ5oDaEk/l5NUVqoWpVdkfTjZJdxNFWNtPDgIf6OKqENoZnNFwNv3O5Hm4IB
kasX/LtJRd2Wxdolg65Vqh9k8zGxwvo7u1kRaG5O0lzY/bvqZ3QjYTSM0Sffu6PG
aje+xsZwBQEQB4pUDofu1hCe6qwSX7Ufix/jdVgdPaszqZFZRVzsSBJNEfL2GjcG
SohRWmDeiQJhPSuQs5byNPjNriRzy7gbXJJjprGyoSFy6E5i1AhLqkywsQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBoEnmagbT2w0wPlVV3/XugKD71IMB8GA1UdIwQY
MBaAFGqO3aLyHIhfvmcoYhi4MY1q0jiWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW83ZG92SWNpRi0tWnloaUdMZ3hqV3JTT0pZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS82ZGI3OTctYTNkMy00MjQxLTkwM2Et
MGM2Njg0MDE5OGQwLzEvR2dTZVpxQnRQYkRUQS1WVlhmOWU2QW9QdlVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS82ZGI3OTctYTNkMy00MjQxLTkwM2EtMGM2Njg0MDE5OGQw
LzEvYW83ZG92SWNpRi0tWnloaUdMZ3hqV3JTT0pZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW9hJAwQA
W9hNAwQAW9hkAwQAW9h6AwQCuVvAAwQCuWikMA0GCSqGSIb3DQEBCwUAA4IBAQCQ
XC8gpgIvQzCSwO0JTF7jjyyPqOP427HIF+lSuAtMwHAVCr/uZmC9Ojsze7LJJpNf
DJ5Fkdz6bRLXW2cA0kp+2ybz4wltWInnMVDews001wttPvyZ2S0Ja31s38i6outV
kkRF8kHmE8yHbvUpSP1WPSrVK63LiGJR/xL8zOeiUa9XPEq9fpmbXx2CPOB2r7B3
bAGz0MIcsp/wuPCTdGOvGF3YTx8d0/yy7WZKcJaiIM0kD50z6te2BqexQ3OPuO0O
5+gyCEnBVhR8eSn/vbrwS1k8xPwTDLGOQBVT6rYoUfjWfMipQfjhO30np8lf92ew
EaFMuWdtp7MK9yLeSl+n
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:55:35 2025 by rpki-client