Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/auJYqSGMRM2eh3GuPu73K0unOdU.roa
File: auJYqSGMRM2eh3GuPu73K0unOdU.roa (raw, json)
Hash identifier: GDejZaeuJKin43qGV5V9PEXLP2cVvsiS1K0IxA3fdMk=
Subject key identifier: 6A:E2:58:A9:21:8C:44:CD:9E:87:71:AE:3E:EE:F7:2B:4B:A7:39:D5
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 0199869961F5DB39BBE14C7125CA4DC8EB1D
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/auJYqSGMRM2eh3GuPu73K0unOdU.roa
Signing time: Fri 26 Sep 2025 15:17:02 +0000
ROA not before: Fri 26 Sep 2025 15:17:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39150
IP address blocks: 91.196.137.0/24 maxlen: 24
93.179.120.0/24 maxlen: 24
95.85.83.128/25 maxlen: 25
95.181.213.0/24 maxlen: 24
109.196.133.0/24 maxlen: 24
195.182.8.0/24 maxlen: 24
2a04:8680::/32 maxlen: 32
2a04:8681::/32 maxlen: 32
2a09:d5c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:86:99:61:f5:db:39:bb:e1:4c:71:25:ca:4d:c8:eb:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Sep 26 15:17:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ae258a9218c44cd9e8771ae3eeef72b4ba739d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:e3:d0:cb:59:5b:38:4e:5e:14:91:ba:06:ff:
0a:6c:52:20:f3:00:a5:7c:13:eb:70:95:4b:35:ca:
73:9b:fb:2f:5e:ce:21:ba:1e:44:95:0e:3f:65:02:
d1:3a:8a:48:be:73:57:c1:31:e4:ca:fa:fd:e9:e3:
13:3a:0c:b0:08:62:9a:71:79:c5:8a:dd:64:09:ef:
68:2a:49:14:f6:3b:75:04:33:8b:13:1e:1b:85:f4:
45:54:3c:1e:3a:35:44:07:bb:a8:76:14:9a:19:88:
8c:ab:fa:79:c5:7c:ad:00:29:a1:44:13:c6:5d:b7:
38:48:83:24:51:cf:ac:7a:79:a1:77:ce:eb:f4:8b:
68:5f:d2:45:0d:4e:b8:82:20:80:6d:37:22:ce:4e:
af:02:e9:78:8c:2d:92:04:65:f6:f0:87:a7:c3:12:
b4:bd:84:f6:98:e4:3d:c9:a6:d7:e8:6b:61:aa:c0:
d2:bb:05:d0:9d:15:f2:27:a3:1e:f3:61:42:a5:85:
30:06:4a:61:39:97:0f:17:58:2e:f5:11:7d:bc:36:
23:cb:02:a8:cd:4d:5f:43:d7:62:26:5f:91:f8:5e:
48:31:91:d7:73:17:26:7f:86:09:02:d6:f3:0d:b9:
6b:4e:43:00:4b:9b:8b:4d:3a:17:0d:a6:71:e3:29:
41:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:E2:58:A9:21:8C:44:CD:9E:87:71:AE:3E:EE:F7:2B:4B:A7:39:D5
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/auJYqSGMRM2eh3GuPu73K0unOdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.137.0/24
93.179.120.0/24
95.85.83.128/25
95.181.213.0/24
109.196.133.0/24
195.182.8.0/24
IPv6:
2a04:8680::/31
2a09:d5c0::/32
Signature Algorithm: sha256WithRSAEncryption
55:8d:3f:69:c8:03:eb:87:4e:22:24:d7:72:30:28:52:f5:d1:
52:93:07:a6:81:e2:f8:11:97:b2:76:dc:e1:d2:fc:6d:8b:59:
48:1a:3c:13:ed:76:f1:ab:fa:a1:e9:cc:39:d0:ff:33:41:32:
40:82:ea:63:8a:59:cb:13:91:49:a2:42:ea:e4:7a:30:ea:2e:
ae:e7:4d:bb:bc:0f:99:9a:5c:56:be:5e:7f:a3:0a:94:d2:41:
1e:b4:b2:54:f7:6c:68:46:94:28:6c:3e:bd:5f:7c:17:8a:89:
bd:c1:2c:d7:8b:81:2a:db:2b:f2:4d:3c:cf:5e:b5:cb:10:32:
81:17:c8:19:d8:3b:f4:86:48:09:db:88:05:28:f5:aa:95:e4:
55:d9:3b:10:f2:2f:41:1e:64:73:42:f0:13:11:f6:31:2d:06:
27:da:8c:ed:eb:6a:6d:7e:14:be:4a:f3:a8:cd:44:d5:dd:64:
ba:0e:2d:57:69:4c:07:e4:eb:d1:72:ed:e3:73:c6:b1:02:16:
61:d2:cc:6c:3e:73:d9:5d:e5:5c:11:85:38:9c:0b:1b:bd:8f:
79:72:d5:37:6b:e4:84:e3:5a:f3:6b:2f:ab:4b:58:8b:e0:22:
cc:11:b3:97:5d:c7:9c:4a:5f:56:89:87:63:31:ed:e8:e6:df:
25:9c:54:33
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZmGmWH12zm74UxxJcpNyOsdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjUwOTI2MTUxNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWUyNThhOTIxOGM0NGNkOWU4NzcxYWUzZWVlZjcyYjRiYTczOWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlOPQy1lbOE5eFJG6Bv8KbFIg8wCl
fBPrcJVLNcpzm/svXs4huh5ElQ4/ZQLROopIvnNXwTHkyvr96eMTOgywCGKacXnF
it1kCe9oKkkU9jt1BDOLEx4bhfRFVDweOjVEB7uodhSaGYiMq/p5xXytACmhRBPG
Xbc4SIMkUc+senmhd87r9ItoX9JFDU64giCAbTcizk6vAul4jC2SBGX28IenwxK0
vYT2mOQ9yabX6GthqsDSuwXQnRXyJ6Me82FCpYUwBkphOZcPF1gu9RF9vDYjywKo
zU1fQ9diJl+R+F5IMZHXcxcmf4YJAtbzDblrTkMAS5uLTToXDaZx4ylBWQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFGriWKkhjETNnodxrj7u9ytLpznVMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvYXVKWXFTR01STTJlaDNHdVB1NzNLMHVuT2RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzArBAIAATAlAwQAW8SJAwQA
XbN4AwUHX1VTgAMEAF+11QMEAG3EhQMEAMO2CDAUBAIAAjAOAwUBKgSGgAMFACoJ
1cAwDQYJKoZIhvcNAQELBQADggEBAFWNP2nIA+uHTiIk13IwKFL10VKTB6aB4vgR
l7J23OHS/G2LWUgaPBPtdvGr+qHpzDnQ/zNBMkCC6mOKWcsTkUmiQurkejDqLq7n
Tbu8D5maXFa+Xn+jCpTSQR60slT3bGhGlChsPr1ffBeKib3BLNeLgSrbK/JNPM9e
tcsQMoEXyBnYO/SGSAnbiAUo9aqV5FXZOxDyL0EeZHNC8BMR9jEtBifajO3ram1+
FL5K86jNRNXdZLoOLVdpTAfk69Fy7eNzxrECFmHSzGw+c9ld5VwRhTicCxu9j3ly
1Tdr5ITjWvNrL6tLWIvgIswRs5ddx5xKX1aJh2Mx7ejm3yWcVDM=
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:15 2025 by rpki-client