Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/gJcVJ0djrH5rQDUfK1fCsLicbs0.roa
File: gJcVJ0djrH5rQDUfK1fCsLicbs0.roa (raw, json)
Hash identifier: FiBwswjBHp729mKlojR2ulY+J6meIBspX0VFQpsAgtk=
Subject key identifier: 80:97:15:27:47:63:AC:7E:6B:40:35:1F:2B:57:C2:B0:B8:9C:6E:CD
Certificate issuer: /CN=efa70cb849e3837451bd79af7dc7e035963e6043
Certificate serial: 0199ECBA75CBD833A25CD7CA4BAC766F1158
Authority key identifier: EF:A7:0C:B8:49:E3:83:74:51:BD:79:AF:7D:C7:E0:35:96:3E:60:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76cMuEnjg3RRvXmvfcfgNZY-YEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/gJcVJ0djrH5rQDUfK1fCsLicbs0.roa
Signing time: Thu 16 Oct 2025 11:14:26 +0000
ROA not before: Thu 16 Oct 2025 11:14:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34916
IP address blocks: 85.204.193.0/24 maxlen: 24
86.104.231.0/24 maxlen: 24
86.105.204.0/23 maxlen: 23
86.105.226.0/24 maxlen: 24
86.106.27.0/24 maxlen: 24
89.44.238.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/76cMuEnjg3RRvXmvfcfgNZY-YEM.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/76cMuEnjg3RRvXmvfcfgNZY-YEM.mft
rsync://rpki.ripe.net/repository/DEFAULT/76cMuEnjg3RRvXmvfcfgNZY-YEM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ec:ba:75:cb:d8:33:a2:5c:d7:ca:4b:ac:76:6f:11:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa70cb849e3837451bd79af7dc7e035963e6043
Validity
Not Before: Oct 16 11:14:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=809715274763ac7e6b40351f2b57c2b0b89c6ecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:76:b4:56:14:be:c1:3d:94:4d:f7:2b:07:e6:
87:f0:c7:74:39:81:38:15:74:c9:80:3f:3d:e5:08:
e8:5d:36:98:6f:cd:67:13:df:1d:38:9d:96:48:82:
c1:3d:77:4f:b1:4b:8e:34:5b:9d:34:79:57:ed:24:
92:1e:b9:09:dd:a4:79:46:27:2c:a3:e0:f7:fa:25:
12:30:19:20:34:e7:ff:83:ac:b3:c5:00:6d:4e:d5:
59:0f:41:f6:44:36:f8:3c:aa:df:c1:ca:d2:10:ad:
6e:19:46:9f:35:bf:57:cb:9a:98:92:9e:5e:3c:89:
59:c7:a3:bd:e5:21:00:dd:52:11:10:11:f6:c8:c3:
75:1e:f9:34:67:36:3a:1b:e6:b9:2f:d5:e6:b0:32:
84:71:b3:25:11:a1:61:84:a5:51:c3:aa:aa:6e:a1:
5a:69:90:af:63:f7:22:5e:6b:f7:2a:dc:5b:c1:27:
cb:0f:28:77:30:df:38:b0:49:ce:4e:71:0d:19:db:
c9:16:1a:00:75:1a:a2:57:a8:68:cf:2b:17:60:c7:
d6:4f:f8:14:f8:a8:db:15:6f:57:f3:fc:71:53:03:
3c:c7:bd:62:81:5c:87:17:3e:02:81:6c:97:92:79:
01:b4:d3:c2:b9:d0:a4:c0:0c:d6:3e:ca:2e:bd:54:
de:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:97:15:27:47:63:AC:7E:6B:40:35:1F:2B:57:C2:B0:B8:9C:6E:CD
X509v3 Authority Key Identifier:
keyid:EF:A7:0C:B8:49:E3:83:74:51:BD:79:AF:7D:C7:E0:35:96:3E:60:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76cMuEnjg3RRvXmvfcfgNZY-YEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/gJcVJ0djrH5rQDUfK1fCsLicbs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/76cMuEnjg3RRvXmvfcfgNZY-YEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.193.0/24
86.104.231.0/24
86.105.204.0/23
86.105.226.0/24
86.106.27.0/24
89.44.238.0/23
Signature Algorithm: sha256WithRSAEncryption
0f:51:75:46:96:69:8d:bc:e2:16:9b:19:7c:2e:df:e6:60:46:
e9:ac:25:9a:9e:0b:c7:f1:e1:a3:bf:64:43:a8:ba:92:4a:b2:
04:ea:43:50:48:95:94:0b:56:06:7b:d8:23:86:f7:e1:f7:99:
58:17:9a:7b:6d:c4:5f:e6:0b:96:25:2e:7b:9c:b2:3f:a8:ee:
7c:8c:c6:8f:ca:e5:9f:ac:a0:ab:1d:79:c2:e4:83:27:72:98:
95:c3:b6:e0:e2:5e:74:f9:8c:8e:7c:82:43:84:a1:da:2f:e9:
4a:b1:36:a1:16:f0:12:03:f7:b3:5d:84:00:51:2e:dc:56:87:
5c:f5:04:23:ab:0b:9f:e9:bb:2d:ac:cf:22:71:98:30:c6:fd:
25:f2:c1:54:89:8d:35:7e:fc:04:d4:0c:1f:d3:d9:60:91:d3:
88:98:77:36:4a:5d:49:79:d9:ae:0f:09:f6:a3:4d:bd:34:1e:
f8:b5:16:be:52:38:e8:ac:47:94:97:3a:e7:81:b3:2a:6f:f8:
83:30:e9:32:9e:cb:c5:24:be:65:ec:36:93:95:68:98:a6:19:
67:c2:25:7e:7e:ac:c6:24:21:66:f6:f9:8d:b4:07:d1:b3:fd:
49:c5:31:a4:d9:15:7a:6e:87:32:f1:a2:53:e0:8c:2c:1f:98:
96:c4:98:ab
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZnsunXL2DOiXNfKS6x2bxFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTcwY2I4NDllMzgzNzQ1MWJkNzlhZjdkYzdlMDM1OTYz
ZTYwNDMwHhcNMjUxMDE2MTExNDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDk3MTUyNzQ3NjNhYzdlNmI0MDM1MWYyYjU3YzJiMGI4OWM2ZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApna0VhS+wT2UTfcrB+aH8Md0OYE4
FXTJgD895QjoXTaYb81nE98dOJ2WSILBPXdPsUuONFudNHlX7SSSHrkJ3aR5Rics
o+D3+iUSMBkgNOf/g6yzxQBtTtVZD0H2RDb4PKrfwcrSEK1uGUafNb9Xy5qYkp5e
PIlZx6O95SEA3VIREBH2yMN1Hvk0ZzY6G+a5L9XmsDKEcbMlEaFhhKVRw6qqbqFa
aZCvY/ciXmv3KtxbwSfLDyh3MN84sEnOTnENGdvJFhoAdRqiV6hozysXYMfWT/gU
+KjbFW9X8/xxUwM8x71igVyHFz4CgWyXknkBtNPCudCkwAzWPsouvVTetQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFICXFSdHY6x+a0A1HytXwrC4nG7NMB8GA1UdIwQY
MBaAFO+nDLhJ44N0Ub15r33H4DWWPmBDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZjTXVFbmpnM1JSdlhtdmZjZmdOWlktWUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS82OTJiMWUtYzlmZS00M2UwLWI3MjIt
NTNhNjA0ODA3NjFkLzEvZ0pjVkowZGpySDVyUURVZksxZkNzTGljYnMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS82OTJiMWUtYzlmZS00M2UwLWI3MjItNTNhNjA0ODA3NjFk
LzEvNzZjTXVFbmpnM1JSdlhtdmZjZmdOWlktWUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVczBAwQA
VmjnAwQBVmnMAwQAVmniAwQAVmobAwQBWSzuMA0GCSqGSIb3DQEBCwUAA4IBAQAP
UXVGlmmNvOIWmxl8Lt/mYEbprCWangvH8eGjv2RDqLqSSrIE6kNQSJWUC1YGe9gj
hvfh95lYF5p7bcRf5guWJS57nLI/qO58jMaPyuWfrKCrHXnC5IMncpiVw7bg4l50
+YyOfIJDhKHaL+lKsTahFvASA/ezXYQAUS7cVodc9QQjqwuf6bstrM8icZgwxv0l
8sFUiY01fvwE1Awf09lgkdOImHc2Sl1JedmuDwn2o029NB74tRa+UjjorEeUlzrn
gbMqb/iDMOkynsvFJL5l7DaTlWiYphlnwiV+fqzGJCFm9vmNtAfRs/1JxTGk2RV6
bocy8aJT4IwsH5iWxJir
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:50:25 2025 by rpki-client