Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gchn44JRTuDd880WIwbVtgXZUsU.roa
File: gchn44JRTuDd880WIwbVtgXZUsU.roa (raw, json)
Hash identifier: JI8XHT7Ed3+L0vajm6jq0SIoKJNRevXoKUe8F/HW81I=
Subject key identifier: 81:C8:67:E3:82:51:4E:E0:DD:F3:CD:16:23:06:D5:B6:05:D9:52:C5
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 0199BA466682C6567A8E1AA17F494B763319
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gchn44JRTuDd880WIwbVtgXZUsU.roa
Signing time: Mon 06 Oct 2025 16:06:39 +0000
ROA not before: Mon 06 Oct 2025 16:06:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61431
IP address blocks: 91.196.136.0/24 maxlen: 24
91.196.138.0/24 maxlen: 24
95.181.214.0/24 maxlen: 24
95.181.215.0/24 maxlen: 24
109.196.128.0/24 maxlen: 24
109.196.129.0/24 maxlen: 24
109.196.130.0/24 maxlen: 24
109.196.131.0/24 maxlen: 24
109.196.133.0/24 maxlen: 24
109.196.134.0/24 maxlen: 24
109.196.135.0/24 maxlen: 24
109.196.136.0/23 maxlen: 23
109.196.138.0/23 maxlen: 23
109.196.140.0/24 maxlen: 24
109.196.141.0/24 maxlen: 24
109.196.142.0/24 maxlen: 24
109.196.143.0/24 maxlen: 24
188.68.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ba:46:66:82:c6:56:7a:8e:1a:a1:7f:49:4b:76:33:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Oct 6 16:06:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81c867e382514ee0ddf3cd162306d5b605d952c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:dd:8d:52:b1:8d:a1:4d:46:7d:8f:4c:54:7a:
bf:6c:21:e7:1d:a3:59:fa:e5:dc:a5:67:88:c2:8c:
ca:17:6c:d8:a4:34:38:01:f2:8c:ae:c3:22:b7:16:
88:7f:f5:e2:a3:66:77:c8:c9:9f:4c:fd:37:e1:f9:
21:1f:73:67:8c:8c:3f:03:a1:5a:e7:4d:c8:b2:53:
80:d9:5e:58:dc:e9:6b:df:b3:ca:23:5c:a6:88:ac:
d1:a2:1c:54:c5:9f:ab:b6:8e:00:a9:ca:bd:3d:32:
98:aa:74:f8:b9:65:5f:d5:e3:34:65:7e:5e:f1:4b:
82:46:11:1b:43:4f:82:b8:f1:7e:24:15:cc:d9:50:
1d:a8:8f:72:f0:c9:7d:c1:35:17:40:45:41:0a:b9:
fc:47:00:18:49:32:bf:c1:08:a6:bf:69:ca:04:60:
95:3b:0f:7e:0d:59:8d:d0:db:64:b5:de:b6:da:25:
8c:8b:84:c7:82:53:53:81:f9:61:f4:93:7d:e6:79:
63:4d:4f:a8:b9:be:ad:8d:66:48:2b:40:b7:48:1c:
91:f6:30:74:d6:8f:56:d6:b9:c3:d1:03:33:3a:a2:
6b:a4:f4:50:3b:18:4c:f5:66:20:78:61:e7:f1:e4:
06:26:41:0b:a3:de:8c:f1:4b:6f:9b:74:92:80:ea:
ee:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:C8:67:E3:82:51:4E:E0:DD:F3:CD:16:23:06:D5:B6:05:D9:52:C5
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gchn44JRTuDd880WIwbVtgXZUsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.136.0/24
91.196.138.0/24
95.181.214.0/23
109.196.128.0/22
109.196.133.0-109.196.143.255
188.68.5.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:72:31:94:53:2f:09:17:5c:b8:24:aa:6f:7b:34:45:0e:d2:
f8:a3:70:6e:00:56:ff:4f:1b:3c:ba:85:fd:85:3c:1c:20:57:
75:66:34:71:31:15:86:3d:84:a5:37:e4:14:6d:ab:1c:4f:96:
31:d0:72:d7:4a:52:9a:47:81:82:a8:9d:76:a5:a5:9f:37:33:
ca:45:95:44:e0:c8:29:93:3c:a1:89:5a:56:3a:46:7c:07:2c:
26:8b:39:fc:2f:6d:c5:3e:0e:e8:e0:bb:ea:6f:a1:fd:68:fe:
49:ae:4c:29:01:7c:8c:1f:ca:71:25:71:2a:8a:81:4b:cc:59:
90:00:34:bb:95:61:c5:3c:6a:b6:06:ae:4d:22:2e:93:21:24:
b6:ef:a4:77:64:68:7e:0a:4c:17:2a:18:96:6f:d9:36:e2:29:
08:c6:7b:a2:ee:7f:15:15:f4:e6:f4:9e:47:01:c1:93:24:b5:
76:c7:cf:0b:63:3b:04:af:36:76:29:d5:6d:34:80:2f:b3:15:
f4:e4:f9:a2:89:6b:19:fd:96:27:2f:fe:bc:52:e7:48:ad:88:
5c:5d:a4:e5:54:d3:c5:34:1c:c5:c2:e7:75:00:f2:3b:90:e5:
a8:88:8f:f4:dd:28:1d:d2:3c:a1:db:cb:e5:00:0b:14:de:3f:
cd:4a:79:ef
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZm6RmaCxlZ6jhqhf0lLdjMZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjUxMDA2MTYwNjM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWM4NjdlMzgyNTE0ZWUwZGRmM2NkMTYyMzA2ZDViNjA1ZDk1MmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3N2NUrGNoU1GfY9MVHq/bCHnHaNZ
+uXcpWeIwozKF2zYpDQ4AfKMrsMitxaIf/Xio2Z3yMmfTP034fkhH3NnjIw/A6Fa
503IslOA2V5Y3Olr37PKI1ymiKzRohxUxZ+rto4Aqcq9PTKYqnT4uWVf1eM0ZX5e
8UuCRhEbQ0+CuPF+JBXM2VAdqI9y8Ml9wTUXQEVBCrn8RwAYSTK/wQimv2nKBGCV
Ow9+DVmN0Ntktd622iWMi4THglNTgflh9JN95nljTU+oub6tjWZIK0C3SByR9jB0
1o9W1rnD0QMzOqJrpPRQOxhM9WYgeGHn8eQGJkELo96M8Utvm3SSgOruNQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFIHIZ+OCUU7g3fPNFiMG1bYF2VLFMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvZ2NobjQ0SlJUdURkODgwV0l3YlZ0Z1haVXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAW8SIAwQA
W8SKAwQBX7XWAwQCbcSAMAwDBABtxIUDBARtxIADBAC8RAUwDQYJKoZIhvcNAQEL
BQADggEBAE9yMZRTLwkXXLgkqm97NEUO0vijcG4AVv9PGzy6hf2FPBwgV3VmNHEx
FYY9hKU35BRtqxxPljHQctdKUppHgYKonXalpZ83M8pFlUTgyCmTPKGJWlY6RnwH
LCaLOfwvbcU+Dujgu+pvof1o/kmuTCkBfIwfynElcSqKgUvMWZAANLuVYcU8arYG
rk0iLpMhJLbvpHdkaH4KTBcqGJZv2TbiKQjGe6LufxUV9Ob0nkcBwZMktXbHzwtj
OwSvNnYp1W00gC+zFfTk+aKJaxn9licv/rxS50itiFxdpOVU08U0HMXC53UA8juQ
5aiIj/TdKB3SPKHby+UACxTeP81Kee8=
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:20 2025 by rpki-client