Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/G4jepCncoOzlCnpnZ7cxE_Dx-eo.roa
File: G4jepCncoOzlCnpnZ7cxE_Dx-eo.roa (raw, json)
Hash identifier: LGsZV/1AkhKvUqqsgs+A2xdwU0JvTeOBXFcZUHaT2bc=
Subject key identifier: 1B:88:DE:A4:29:DC:A0:EC:E5:0A:7A:67:67:B7:31:13:F0:F1:F9:EA
Certificate issuer: /CN=374f6f3e3cb973bac8a43f6c0b806b3d11c9adc3
Certificate serial: 0198E8377135999A5D3C05C55BE88947563F
Authority key identifier: 37:4F:6F:3E:3C:B9:73:BA:C8:A4:3F:6C:0B:80:6B:3D:11:C9:AD:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/G4jepCncoOzlCnpnZ7cxE_Dx-eo.roa
Signing time: Tue 26 Aug 2025 21:10:04 +0000
ROA not before: Tue 26 Aug 2025 21:10:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215671
IP address blocks: 5.22.200.0/24 maxlen: 24
5.22.201.0/24 maxlen: 24
193.19.147.0/24 maxlen: 24
2a06:bd40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/N09vPjy5c7rIpD9sC4BrPRHJrcM.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/N09vPjy5c7rIpD9sC4BrPRHJrcM.mft
rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e8:37:71:35:99:9a:5d:3c:05:c5:5b:e8:89:47:56:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374f6f3e3cb973bac8a43f6c0b806b3d11c9adc3
Validity
Not Before: Aug 26 21:10:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b88dea429dca0ece50a7a6767b73113f0f1f9ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:9d:ea:d7:2e:8a:1b:17:96:c6:b4:7d:39:c7:
26:95:e1:f5:10:a2:b0:1b:6f:0f:f6:56:40:73:44:
24:0d:22:43:19:93:53:55:d1:79:83:b8:54:55:be:
69:9d:7a:4e:34:0c:ad:de:86:04:66:da:ea:b6:f6:
df:0f:ce:9b:54:24:fb:6c:21:7b:85:b4:a9:d6:72:
c8:34:81:7f:90:c1:c1:ce:4e:56:e9:44:6e:60:b0:
16:7d:95:35:22:2e:33:5b:5a:49:a6:64:2c:a6:af:
d2:30:7b:24:09:da:9e:d2:2e:cf:24:65:90:16:2b:
c5:51:e4:4a:d0:83:33:4f:bc:fc:e4:92:0f:ba:f2:
6e:f1:be:78:b9:01:ee:88:16:48:fd:52:d0:f9:80:
ed:19:8c:6c:60:e5:fc:20:5a:f4:fc:62:09:18:d0:
4d:49:ea:33:52:79:bd:f8:92:b6:f2:2b:8b:d3:cf:
11:c2:32:99:14:b0:8a:79:5e:3e:0c:33:04:cb:61:
92:ee:7e:dc:3f:a5:e4:56:df:ed:d6:8e:bf:b0:4c:
9f:a0:a8:dd:64:71:98:04:9b:23:51:c6:ce:07:99:
d2:09:17:5d:55:46:89:7d:52:fc:36:7d:19:00:41:
25:f3:6f:61:a2:88:c6:65:85:fc:ae:d9:bd:17:ea:
fa:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:88:DE:A4:29:DC:A0:EC:E5:0A:7A:67:67:B7:31:13:F0:F1:F9:EA
X509v3 Authority Key Identifier:
keyid:37:4F:6F:3E:3C:B9:73:BA:C8:A4:3F:6C:0B:80:6B:3D:11:C9:AD:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/G4jepCncoOzlCnpnZ7cxE_Dx-eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/N09vPjy5c7rIpD9sC4BrPRHJrcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.200.0/23
193.19.147.0/24
IPv6:
2a06:bd40::/29
Signature Algorithm: sha256WithRSAEncryption
6b:d6:ae:d7:45:c5:43:18:70:c9:96:52:f7:9d:19:f7:15:c8:
6c:2f:3e:a4:46:27:a9:83:a5:83:2e:56:57:49:d4:54:92:74:
bd:0c:0e:6b:56:c0:42:97:87:a9:c9:46:d3:6f:2d:83:6d:2a:
33:ae:36:e2:c4:43:e2:66:e8:ac:b6:dd:3d:cd:67:47:b8:ad:
71:27:35:cb:ef:21:03:bd:c6:79:59:9a:08:e1:ba:0c:57:30:
15:bd:30:96:af:88:d1:46:01:3e:0a:99:04:e3:a9:c7:6d:12:
0d:b3:3a:5f:57:49:3f:1b:d9:40:13:31:2c:4e:b1:72:88:3c:
22:0a:c7:be:55:e0:ef:cb:bc:0b:16:68:0d:f0:02:63:c2:1a:
b1:50:47:29:d4:9e:95:8e:70:2d:84:5d:fd:7d:bf:76:65:73:
94:21:54:52:6f:13:85:fc:e4:5f:03:38:54:62:e8:07:d7:6e:
27:e1:7c:ed:97:6e:fb:1e:e9:88:f3:3d:f9:af:60:68:82:66:
65:f5:d5:39:38:45:5b:ae:40:b8:ef:d8:fd:37:17:f7:a9:f2:
43:d7:da:4f:f6:ac:04:d9:63:40:18:e4:69:12:02:6e:1e:df:
18:cb:6e:c7:df:37:80:10:8e:6d:f4:d2:20:22:9e:1b:3d:8c:
ce:41:f1:6d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZjoN3E1mZpdPAXFW+iJR1Y/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGY2ZjNlM2NiOTczYmFjOGE0M2Y2YzBiODA2YjNkMTFj
OWFkYzMwHhcNMjUwODI2MjExMDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjg4ZGVhNDI5ZGNhMGVjZTUwYTdhNjc2N2I3MzExM2YwZjFmOWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA153q1y6KGxeWxrR9OccmleH1EKKw
G28P9lZAc0QkDSJDGZNTVdF5g7hUVb5pnXpONAyt3oYEZtrqtvbfD86bVCT7bCF7
hbSp1nLINIF/kMHBzk5W6URuYLAWfZU1Ii4zW1pJpmQspq/SMHskCdqe0i7PJGWQ
FivFUeRK0IMzT7z85JIPuvJu8b54uQHuiBZI/VLQ+YDtGYxsYOX8IFr0/GIJGNBN
SeozUnm9+JK28iuL088RwjKZFLCKeV4+DDMEy2GS7n7cP6XkVt/t1o6/sEyfoKjd
ZHGYBJsjUcbOB5nSCRddVUaJfVL8Nn0ZAEEl829hoojGZYX8rtm9F+r6MQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBuI3qQp3KDs5Qp6Z2e3MRPw8fnqMB8GA1UdIwQY
MBaAFDdPbz48uXO6yKQ/bAuAaz0Rya3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjA5dlBqeTVjN3JJcEQ5c0M0QnJQUkhKcmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi84ZDExNjctMGM0ZC00ODhmLTlhODMt
YzAxNzdkZmRhODQ3LzEvRzRqZXBDbmNvT3psQ25wblo3Y3hFX0R4LWVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi84ZDExNjctMGM0ZC00ODhmLTlhODMtYzAxNzdkZmRhODQ3
LzEvTjA5dlBqeTVjN3JJcEQ5c0M0QnJQUkhKcmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBBRbIAwQA
wROTMA0EAgACMAcDBQMqBr1AMA0GCSqGSIb3DQEBCwUAA4IBAQBr1q7XRcVDGHDJ
llL3nRn3FchsLz6kRiepg6WDLlZXSdRUknS9DA5rVsBCl4epyUbTby2DbSozrjbi
xEPiZuistt09zWdHuK1xJzXL7yEDvcZ5WZoI4boMVzAVvTCWr4jRRgE+CpkE46nH
bRINszpfV0k/G9lAEzEsTrFyiDwiCse+VeDvy7wLFmgN8AJjwhqxUEcp1J6VjnAt
hF39fb92ZXOUIVRSbxOF/ORfAzhUYugH124n4Xztl277HumI8z35r2BogmZl9dU5
OEVbrkC479j9Nxf3qfJD19pP9qwE2WNAGORpEgJuHt8Yy27H3zeAEI5t9NIgIp4b
PYzOQfFt
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:58:17 2025 by rpki-client