Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/GIpX64dJ6HZBn7pYOJNMhZ7z2Wk.roa
File: GIpX64dJ6HZBn7pYOJNMhZ7z2Wk.roa (raw, json)
Hash identifier: PjZLxgP6snPECokGBM26BsZLn+FL8XwBYAL6/1qDHeI=
Subject key identifier: 18:8A:57:EB:87:49:E8:76:41:9F:BA:58:38:93:4C:85:9E:F3:D9:69
Certificate issuer: /CN=27c8b427c313598a92e8d8ec60e2950da39fc2c9
Certificate serial: 0198A7A06992174DD7A592F66B74D71C8B82
Authority key identifier: 27:C8:B4:27:C3:13:59:8A:92:E8:D8:EC:60:E2:95:0D:A3:9F:C2:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/GIpX64dJ6HZBn7pYOJNMhZ7z2Wk.roa
Signing time: Thu 14 Aug 2025 08:09:24 +0000
ROA not before: Thu 14 Aug 2025 08:09:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199724
IP address blocks: 91.102.160.0/24 maxlen: 24
91.102.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/J8i0J8MTWYqS6NjsYOKVDaOfwsk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/J8i0J8MTWYqS6NjsYOKVDaOfwsk.mft
rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a7:a0:69:92:17:4d:d7:a5:92:f6:6b:74:d7:1c:8b:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27c8b427c313598a92e8d8ec60e2950da39fc2c9
Validity
Not Before: Aug 14 08:09:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=188a57eb8749e876419fba5838934c859ef3d969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:11:3c:ab:2d:cf:98:3f:ab:54:b3:ad:4d:57:
e8:c7:3a:6f:67:d1:41:00:33:92:55:1b:7e:35:9c:
fc:2a:11:45:20:13:0b:f7:dd:8d:3a:cb:26:85:f4:
8c:ca:7a:0a:34:3a:16:9b:18:d3:b5:aa:59:84:9e:
44:80:82:c2:bb:17:78:62:e4:4b:2d:1d:60:7f:bf:
17:86:6e:3b:f9:81:70:b2:80:13:82:11:a4:3c:c4:
01:3e:a1:a9:77:9a:7c:91:10:1d:1a:69:1b:61:a5:
ba:4e:12:a7:04:d9:ce:ba:9d:bc:a3:9a:52:38:d1:
0d:6b:a7:39:73:53:f9:55:84:0b:21:51:f8:ef:6f:
39:3b:e7:5b:62:03:66:48:63:77:57:8d:64:a9:c7:
e1:1d:6b:df:0a:2f:25:cd:07:ea:56:33:cb:f2:a5:
f0:bd:d9:48:6b:4e:96:e3:a3:11:b0:3a:fe:74:02:
0c:46:b9:87:5f:68:4f:09:92:bf:7a:77:a1:02:d4:
0e:07:34:a6:0d:3e:5a:78:e1:69:43:f4:72:3a:a9:
34:8d:aa:80:25:61:d8:f0:93:06:03:0a:d8:3d:df:
d2:51:51:ba:40:b8:2c:07:1c:7c:b8:0a:1c:7e:42:
42:a3:e7:96:63:0a:55:79:5a:a8:cf:56:34:35:a1:
9c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:8A:57:EB:87:49:E8:76:41:9F:BA:58:38:93:4C:85:9E:F3:D9:69
X509v3 Authority Key Identifier:
keyid:27:C8:B4:27:C3:13:59:8A:92:E8:D8:EC:60:E2:95:0D:A3:9F:C2:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J8i0J8MTWYqS6NjsYOKVDaOfwsk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/GIpX64dJ6HZBn7pYOJNMhZ7z2Wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/a7cdbf-da8e-4d43-bdc7-1c6ee44e11ad/1/J8i0J8MTWYqS6NjsYOKVDaOfwsk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.160.0/24
91.102.164.0/24
Signature Algorithm: sha256WithRSAEncryption
41:5d:02:3b:31:66:b2:ee:65:db:9e:52:19:bd:d0:48:aa:24:
6d:9d:87:6d:01:62:26:7a:b1:2e:26:7a:56:7d:d6:04:ae:61:
9d:10:4d:09:90:0b:95:f3:37:6d:91:eb:dc:eb:3b:fc:0f:2e:
22:bf:6e:0f:2d:36:a3:3e:e9:91:e8:3f:11:13:ee:21:a5:fb:
d2:3b:34:b7:ea:ac:ac:30:e0:ec:84:32:97:07:3f:6f:a0:b1:
3e:dc:7d:97:59:be:e4:28:1a:6a:aa:96:16:1d:3d:b3:bc:e0:
02:42:04:4d:3c:07:46:d6:aa:6e:9e:0a:55:be:2d:54:95:63:
ac:53:21:90:be:08:e9:4e:5b:3a:50:a4:16:6a:e0:be:9d:24:
9f:b1:e2:24:58:88:38:b6:80:d3:0a:12:49:39:00:e0:29:1d:
8f:fc:70:a8:97:42:c7:fb:1f:a6:7c:bf:36:4e:2e:55:37:a6:
7a:b8:36:73:1a:3e:38:28:31:94:86:c4:53:da:3b:bd:08:39:
c1:89:26:b9:0c:94:66:8b:7a:a2:98:3b:42:bd:f3:e7:e4:2f:
4b:6a:8b:cc:56:c7:c6:89:38:c0:a6:e2:35:30:1c:61:aa:9d:
f5:65:e5:58:1a:29:19:2e:e5:43:18:50:d9:a8:ea:08:f6:77:
a4:aa:69:6c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZinoGmSF03XpZL2a3TXHIuCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YzhiNDI3YzMxMzU5OGE5MmU4ZDhlYzYwZTI5NTBkYTM5
ZmMyYzkwHhcNMjUwODE0MDgwOTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODhhNTdlYjg3NDllODc2NDE5ZmJhNTgzODkzNGM4NTllZjNkOTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRE8qy3PmD+rVLOtTVfoxzpvZ9FB
ADOSVRt+NZz8KhFFIBML992NOssmhfSMynoKNDoWmxjTtapZhJ5EgILCuxd4YuRL
LR1gf78Xhm47+YFwsoATghGkPMQBPqGpd5p8kRAdGmkbYaW6ThKnBNnOup28o5pS
ONENa6c5c1P5VYQLIVH47285O+dbYgNmSGN3V41kqcfhHWvfCi8lzQfqVjPL8qXw
vdlIa06W46MRsDr+dAIMRrmHX2hPCZK/enehAtQOBzSmDT5aeOFpQ/RyOqk0jaqA
JWHY8JMGAwrYPd/SUVG6QLgsBxx8uAocfkJCo+eWYwpVeVqoz1Y0NaGcWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBiKV+uHSeh2QZ+6WDiTTIWe89lpMB8GA1UdIwQY
MBaAFCfItCfDE1mKkujY7GDilQ2jn8LJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjhpMEo4TVRXWXFTNk5qc1lPS1ZEYU9md3NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9hN2NkYmYtZGE4ZS00ZDQzLWJkYzct
MWM2ZWU0NGUxMWFkLzEvR0lwWDY0ZEo2SFpCbjdwWU9KTk1oWjd6MldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9hN2NkYmYtZGE4ZS00ZDQzLWJkYzctMWM2ZWU0NGUxMWFk
LzEvSjhpMEo4TVRXWXFTNk5qc1lPS1ZEYU9md3NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW2agAwQA
W2akMA0GCSqGSIb3DQEBCwUAA4IBAQBBXQI7MWay7mXbnlIZvdBIqiRtnYdtAWIm
erEuJnpWfdYErmGdEE0JkAuV8zdtkevc6zv8Dy4iv24PLTajPumR6D8RE+4hpfvS
OzS36qysMODshDKXBz9voLE+3H2XWb7kKBpqqpYWHT2zvOACQgRNPAdG1qpungpV
vi1UlWOsUyGQvgjpTls6UKQWauC+nSSfseIkWIg4toDTChJJOQDgKR2P/HCol0LH
+x+mfL82Ti5VN6Z6uDZzGj44KDGUhsRT2ju9CDnBiSa5DJRmi3qimDtCvfPn5C9L
aovMVsfGiTjApuI1MBxhqp31ZeVYGikZLuVDGFDZqOoI9nekqmls
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:44:38 2025 by rpki-client