Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/04a3c4-0d88-48e7-84de-54c2c0cab7c3/1/r_gNy_NosPTOUZDPM9v1Nr4pMtI.roa
File: r_gNy_NosPTOUZDPM9v1Nr4pMtI.roa (raw, json)
Hash identifier: rrscO3NmKjsybDb1fyB6oQll5WC+7i7OHcmPMCVOfDs=
Subject key identifier: AF:F8:0D:CB:F3:68:B0:F4:CE:51:90:CF:33:DB:F5:36:BE:29:32:D2
Certificate issuer: /CN=a5541609cd947bedfc99125840030108a3f141c1
Certificate serial: 0199578EBAA89E19E4D9540E6AE7A2D2C762
Authority key identifier: A5:54:16:09:CD:94:7B:ED:FC:99:12:58:40:03:01:08:A3:F1:41:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pVQWCc2Ue-38mRJYQAMBCKPxQcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/04a3c4-0d88-48e7-84de-54c2c0cab7c3/1/r_gNy_NosPTOUZDPM9v1Nr4pMtI.roa
Signing time: Wed 17 Sep 2025 12:03:15 +0000
ROA not before: Wed 17 Sep 2025 12:03:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16167
IP address blocks: 185.243.0.0/24 maxlen: 24
193.41.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/04a3c4-0d88-48e7-84de-54c2c0cab7c3/1/pVQWCc2Ue-38mRJYQAMBCKPxQcE.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/04a3c4-0d88-48e7-84de-54c2c0cab7c3/1/pVQWCc2Ue-38mRJYQAMBCKPxQcE.mft
rsync://rpki.ripe.net/repository/DEFAULT/pVQWCc2Ue-38mRJYQAMBCKPxQcE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:57:8e:ba:a8:9e:19:e4:d9:54:0e:6a:e7:a2:d2:c7:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5541609cd947bedfc99125840030108a3f141c1
Validity
Not Before: Sep 17 12:03:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aff80dcbf368b0f4ce5190cf33dbf536be2932d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c5:87:73:50:a5:49:bd:7b:54:8b:51:3c:34:
3a:91:78:6c:ac:93:fa:d3:33:7c:7a:33:ec:0d:7a:
2c:51:28:72:95:72:f9:f6:fa:f5:c5:b0:08:5f:04:
69:90:6f:cc:6e:fd:94:16:cd:ab:16:ed:0c:b3:92:
52:c6:b3:21:c5:15:ef:16:ad:51:91:6d:40:e1:55:
5b:af:85:dd:fb:95:ec:4d:94:08:62:92:c9:8a:af:
b5:3a:58:60:bc:0a:e8:95:0a:65:3f:29:c6:75:5c:
79:f2:3c:00:19:33:98:c9:ee:66:4c:8e:55:17:80:
ac:92:91:4a:ed:f8:7c:9d:1e:c5:93:fa:56:1c:9f:
c2:2b:9d:46:53:51:1d:da:cc:69:8f:cd:fa:04:07:
73:8d:85:51:81:cb:cd:d3:2b:dc:2f:d3:c5:80:f8:
06:f2:51:e3:9e:99:8b:10:82:03:8d:62:e5:cb:fe:
ad:55:54:77:c4:29:36:c9:be:f7:93:f7:f9:16:cd:
fd:a1:eb:11:25:e5:5b:6c:d1:21:15:2c:fa:a1:da:
6c:c8:dd:fb:c4:34:ed:2b:95:2d:91:0e:2a:52:20:
ae:33:26:a0:cf:c6:04:6f:22:43:a5:48:57:dc:24:
6d:9a:2b:d6:a5:75:f2:e3:3a:0d:0b:91:d0:10:74:
81:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:F8:0D:CB:F3:68:B0:F4:CE:51:90:CF:33:DB:F5:36:BE:29:32:D2
X509v3 Authority Key Identifier:
keyid:A5:54:16:09:CD:94:7B:ED:FC:99:12:58:40:03:01:08:A3:F1:41:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pVQWCc2Ue-38mRJYQAMBCKPxQcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/04a3c4-0d88-48e7-84de-54c2c0cab7c3/1/r_gNy_NosPTOUZDPM9v1Nr4pMtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/04a3c4-0d88-48e7-84de-54c2c0cab7c3/1/pVQWCc2Ue-38mRJYQAMBCKPxQcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.0.0/24
193.41.230.0/24
Signature Algorithm: sha256WithRSAEncryption
18:ae:5f:fc:19:03:cd:74:33:7f:f1:22:a1:45:f4:ae:98:d1:
e7:52:07:e3:fd:30:9e:b5:b5:ab:d8:36:c6:94:f0:fc:9f:16:
7e:00:29:53:0d:ec:51:6e:aa:85:a5:89:41:2b:b3:85:31:38:
a0:d9:50:5d:de:4b:c8:bf:de:45:40:c0:e5:cb:45:54:39:27:
65:e4:3e:a5:ad:ac:0e:15:f7:8d:29:f4:4b:7c:b9:93:ac:4f:
58:60:b0:a8:19:13:65:17:8b:25:8e:56:f8:3d:d7:45:4b:16:
f9:d3:65:01:e2:02:7a:8c:09:32:8a:29:2b:cc:28:be:f7:b3:
a7:bc:44:c2:8b:d4:f4:e9:f3:ae:04:50:96:96:b8:ef:38:bf:
c9:a3:f3:ef:87:e6:13:f1:20:fd:bd:c3:b4:3f:f1:73:13:44:
f3:94:3f:9b:d6:33:5a:44:41:3c:e5:18:80:96:8b:1c:f0:6e:
65:3f:f6:ea:f1:07:96:56:3c:87:cb:a3:16:22:ab:f1:ad:dd:
05:52:ab:94:d8:b9:9a:de:e6:79:31:27:15:04:6d:f8:28:d3:
a0:46:f4:b4:29:71:46:0e:5f:5d:02:e3:37:37:bb:d0:52:da:
f3:39:4e:f8:a4:6b:81:c3:74:cc:0b:ae:99:ab:3e:d3:1e:fe:
21:41:6f:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZlXjrqonhnk2VQOauei0sdiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NTQxNjA5Y2Q5NDdiZWRmYzk5MTI1ODQwMDMwMTA4YTNm
MTQxYzEwHhcNMjUwOTE3MTIwMzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmY4MGRjYmYzNjhiMGY0Y2U1MTkwY2YzM2RiZjUzNmJlMjkzMmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMWHc1ClSb17VItRPDQ6kXhsrJP6
0zN8ejPsDXosUShylXL59vr1xbAIXwRpkG/Mbv2UFs2rFu0Ms5JSxrMhxRXvFq1R
kW1A4VVbr4Xd+5XsTZQIYpLJiq+1OlhgvArolQplPynGdVx58jwAGTOYye5mTI5V
F4CskpFK7fh8nR7Fk/pWHJ/CK51GU1Ed2sxpj836BAdzjYVRgcvN0yvcL9PFgPgG
8lHjnpmLEIIDjWLly/6tVVR3xCk2yb73k/f5Fs39oesRJeVbbNEhFSz6odpsyN37
xDTtK5UtkQ4qUiCuMyagz8YEbyJDpUhX3CRtmivWpXXy4zoNC5HQEHSBZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK/4DcvzaLD0zlGQzzPb9Ta+KTLSMB8GA1UdIwQY
MBaAFKVUFgnNlHvt/JkSWEADAQij8UHBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFZRV0NjMlVlLTM4bVJKWVFBTUJDS1B4UWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8wNGEzYzQtMGQ4OC00OGU3LTg0ZGUt
NTRjMmMwY2FiN2MzLzEvcl9nTnlfTm9zUFRPVVpEUE05djFOcjRwTXRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8wNGEzYzQtMGQ4OC00OGU3LTg0ZGUtNTRjMmMwY2FiN2Mz
LzEvcFZRV0NjMlVlLTM4bVJKWVFBTUJDS1B4UWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAufMAAwQA
wSnmMA0GCSqGSIb3DQEBCwUAA4IBAQAYrl/8GQPNdDN/8SKhRfSumNHnUgfj/TCe
tbWr2DbGlPD8nxZ+AClTDexRbqqFpYlBK7OFMTig2VBd3kvIv95FQMDly0VUOSdl
5D6lrawOFfeNKfRLfLmTrE9YYLCoGRNlF4sljlb4PddFSxb502UB4gJ6jAkyiikr
zCi+97OnvETCi9T06fOuBFCWlrjvOL/Jo/Pvh+YT8SD9vcO0P/FzE0TzlD+b1jNa
REE85RiAlosc8G5lP/bq8QeWVjyHy6MWIqvxrd0FUquU2Lma3uZ5MScVBG34KNOg
RvS0KXFGDl9dAuM3N7vQUtrzOU74pGuBw3TMC66Zqz7THv4hQW83
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:25:31 2025 by rpki-client