Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/bebe6d-16b3-4b02-b205-a783413099d3/1/kGMgS3TZAvAnMocHteWjBFNWR8o.roa
File: kGMgS3TZAvAnMocHteWjBFNWR8o.roa (raw, json)
Hash identifier: afji4OUij4JCrNG8nVCGeIIObZ0hGW3nPREv67Wh4m4=
Subject key identifier: 90:63:20:4B:74:D9:02:F0:27:32:87:07:B5:E5:A3:04:53:56:47:CA
Certificate issuer: /CN=9e3533d662c3f0d6bb1e692f3fab6d7ba3824c28
Certificate serial: 0199CCE75C0B227AEE14EB9B7B91B0A5925C
Authority key identifier: 9E:35:33:D6:62:C3:F0:D6:BB:1E:69:2F:3F:AB:6D:7B:A3:82:4C:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/njUz1mLD8Na7HmkvP6tte6OCTCg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/bebe6d-16b3-4b02-b205-a783413099d3/1/kGMgS3TZAvAnMocHteWjBFNWR8o.roa
Signing time: Fri 10 Oct 2025 06:55:38 +0000
ROA not before: Fri 10 Oct 2025 06:55:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 193.34.48.0/24 maxlen: 24
193.34.49.0/24 maxlen: 24
193.34.51.0/24 maxlen: 24
195.13.61.0/24 maxlen: 24
195.13.62.0/24 maxlen: 24
195.13.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/bebe6d-16b3-4b02-b205-a783413099d3/1/njUz1mLD8Na7HmkvP6tte6OCTCg.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/bebe6d-16b3-4b02-b205-a783413099d3/1/njUz1mLD8Na7HmkvP6tte6OCTCg.mft
rsync://rpki.ripe.net/repository/DEFAULT/njUz1mLD8Na7HmkvP6tte6OCTCg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:cc:e7:5c:0b:22:7a:ee:14:eb:9b:7b:91:b0:a5:92:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e3533d662c3f0d6bb1e692f3fab6d7ba3824c28
Validity
Not Before: Oct 10 06:55:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9063204b74d902f027328707b5e5a304535647ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:80:a9:c6:a3:ba:11:01:89:e1:d6:80:54:ae:
80:fa:f4:8d:90:57:f5:95:3f:65:7e:ff:bc:47:e8:
ec:c9:b7:77:3d:ce:a0:8b:20:be:b4:12:57:a8:1b:
88:8b:d5:06:7d:10:a9:8b:7f:ac:c9:6a:e9:51:28:
9f:17:aa:2d:b6:d8:22:66:2e:db:1c:91:06:53:8e:
0b:d0:00:90:26:5a:11:2a:76:42:83:9c:68:23:9b:
23:6a:fa:0e:10:02:12:19:d3:04:08:a7:c2:82:21:
5a:fa:d2:5c:b4:6f:f4:78:28:58:0e:85:c5:98:ed:
2e:37:a9:e1:63:49:5f:e3:47:27:d4:15:bb:65:87:
29:b9:7b:0a:7f:a3:03:3f:e3:9b:5d:fc:56:33:e0:
20:75:a4:f0:da:57:db:d4:43:58:29:4e:80:2e:17:
73:3b:0c:3c:34:64:e2:3a:79:9d:cd:06:6d:32:ed:
69:60:f7:0d:f8:29:c9:89:51:a7:4f:65:0a:cb:ac:
19:cd:82:54:8f:ce:65:e9:4a:dd:71:e4:7c:18:2a:
c7:6f:ba:2c:15:fb:9a:86:1c:a9:7e:66:90:1d:1e:
d6:1b:ad:de:6d:76:ab:ec:e4:ff:98:c5:31:bb:24:
b1:4b:e4:6a:86:f7:2f:c4:8c:bf:f7:9c:d1:12:68:
dc:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:63:20:4B:74:D9:02:F0:27:32:87:07:B5:E5:A3:04:53:56:47:CA
X509v3 Authority Key Identifier:
keyid:9E:35:33:D6:62:C3:F0:D6:BB:1E:69:2F:3F:AB:6D:7B:A3:82:4C:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/njUz1mLD8Na7HmkvP6tte6OCTCg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/bebe6d-16b3-4b02-b205-a783413099d3/1/kGMgS3TZAvAnMocHteWjBFNWR8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/bebe6d-16b3-4b02-b205-a783413099d3/1/njUz1mLD8Na7HmkvP6tte6OCTCg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.48.0/23
193.34.51.0/24
195.13.61.0-195.13.63.255
Signature Algorithm: sha256WithRSAEncryption
03:24:82:ae:50:22:3b:67:4c:fa:e3:b4:03:fe:ad:80:0a:0b:
9a:c7:8e:c0:19:e3:bb:7f:98:f7:d3:51:cb:aa:c8:93:4c:84:
ae:86:f4:e3:b6:cc:8a:b6:62:20:c6:2f:db:b4:78:10:cb:92:
a6:96:da:df:63:ce:fa:3f:ee:db:54:44:1e:30:8c:dc:63:63:
a5:24:2d:cc:f4:ce:14:cb:e7:cf:8a:88:60:8e:70:e2:59:04:
31:84:e1:33:90:62:79:d4:87:5e:18:29:04:f9:d7:fe:00:50:
7f:56:7a:0d:0a:30:56:99:48:5c:db:ab:b4:98:0d:16:0c:bb:
4e:55:af:8c:ad:e0:0e:68:b6:7f:b1:66:b1:93:c5:9a:bc:85:
f3:e6:b5:e2:82:ee:d3:66:44:c0:5f:cb:3f:87:b4:84:f6:b2:
d2:59:fa:db:55:51:58:de:aa:33:a0:85:67:6c:b0:0a:68:fb:
fa:d3:f0:b9:3e:1c:4a:b5:97:c0:be:cb:3f:82:fb:7d:10:94:
37:81:f8:d6:a3:11:aa:f0:31:0a:39:cd:4a:98:45:cb:da:6f:
74:27:e1:ad:c3:5e:2a:b0:7a:1b:7b:9d:39:c1:4b:f3:96:2f:
24:d9:6e:39:dc:8a:f2:27:df:7b:84:92:80:a8:95:b5:ad:21:
c2:0e:17:38
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZnM51wLInruFOube5GwpZJcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMzUzM2Q2NjJjM2YwZDZiYjFlNjkyZjNmYWI2ZDdiYTM4
MjRjMjgwHhcNMjUxMDEwMDY1NTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDYzMjA0Yjc0ZDkwMmYwMjczMjg3MDdiNWU1YTMwNDUzNTY0N2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYCpxqO6EQGJ4daAVK6A+vSNkFf1
lT9lfv+8R+jsybd3Pc6giyC+tBJXqBuIi9UGfRCpi3+syWrpUSifF6otttgiZi7b
HJEGU44L0ACQJloRKnZCg5xoI5sjavoOEAISGdMECKfCgiFa+tJctG/0eChYDoXF
mO0uN6nhY0lf40cn1BW7ZYcpuXsKf6MDP+ObXfxWM+AgdaTw2lfb1ENYKU6ALhdz
Oww8NGTiOnmdzQZtMu1pYPcN+CnJiVGnT2UKy6wZzYJUj85l6UrdceR8GCrHb7os
FfuahhypfmaQHR7WG63ebXar7OT/mMUxuySxS+RqhvcvxIy/95zREmjcfwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFJBjIEt02QLwJzKHB7XlowRTVkfKMB8GA1UdIwQY
MBaAFJ41M9Ziw/DWux5pLz+rbXujgkwoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmpVejFtTEQ4TmE3SG1rdlA2dHRlNk9DVENnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9iZWJlNmQtMTZiMy00YjAyLWIyMDUt
YTc4MzQxMzA5OWQzLzEva0dNZ1MzVFpBdkFuTW9jSHRlV2pCRk5XUjhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9iZWJlNmQtMTZiMy00YjAyLWIyMDUtYTc4MzQxMzA5OWQz
LzEvbmpVejFtTEQ4TmE3SG1rdlA2dHRlNk9DVENnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBwSIwAwQA
wSIzMAwDBADDDT0DBAbDDQAwDQYJKoZIhvcNAQELBQADggEBAAMkgq5QIjtnTPrj
tAP+rYAKC5rHjsAZ47t/mPfTUcuqyJNMhK6G9OO2zIq2YiDGL9u0eBDLkqaW2t9j
zvo/7ttURB4wjNxjY6UkLcz0zhTL58+KiGCOcOJZBDGE4TOQYnnUh14YKQT51/4A
UH9Weg0KMFaZSFzbq7SYDRYMu05Vr4yt4A5otn+xZrGTxZq8hfPmteKC7tNmRMBf
yz+HtIT2stJZ+ttVUVjeqjOghWdssApo+/rT8Lk+HEq1l8C+yz+C+30QlDeB+Naj
EarwMQo5zUqYRcvab3Qn4a3DXiqweht7nTnBS/OWLyTZbjncivIn33uEkoColbWt
IcIOFzg=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:57:53 2025 by rpki-client