
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/jGH0zuu46Tv1DGmxFrsiA-wH_ns.roa
File: jGH0zuu46Tv1DGmxFrsiA-wH_ns.roa (raw, json)
Hash identifier: pzD5LkcY95jYgOd3J/To7SsZ3cs9FQTHeKJ7xcy8lLM=
Subject key identifier: 8C:61:F4:CE:EB:B8:E9:3B:F5:0C:69:B1:16:BB:22:03:EC:07:FE:7B
Certificate issuer: /CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10
Certificate serial: 0199F1C7ACEC1F77AE65FFEBF6ADE1A614FE
Authority key identifier: 5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/jGH0zuu46Tv1DGmxFrsiA-wH_ns.roa
Signing time: Fri 17 Oct 2025 10:46:58 +0000
ROA not before: Fri 17 Oct 2025 10:46:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199435
IP address blocks: 5.34.128.0/19 maxlen: 24
185.93.80.0/22 maxlen: 22
188.92.124.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.mft
rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 10:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f1:c7:ac:ec:1f:77:ae:65:ff:eb:f6:ad:e1:a6:14:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10
Validity
Not Before: Oct 17 10:46:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c61f4ceebb8e93bf50c69b116bb2203ec07fe7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:48:1a:1f:1b:9e:8c:c7:54:5d:d0:61:11:47:
d4:be:f4:12:5d:54:88:00:c1:d1:1a:ba:45:d4:67:
7b:25:89:7b:51:ec:0c:ea:ea:3d:34:74:82:93:7c:
a6:01:bf:22:02:38:86:24:93:d0:d6:5f:f1:90:a4:
33:90:71:4f:97:a6:a8:9c:30:8e:fb:61:dd:b7:0b:
7e:05:73:a2:e5:3f:54:ed:76:7b:fa:6c:7a:94:d3:
b7:fb:13:63:d2:ed:ba:d6:49:33:a0:cb:23:b7:88:
91:44:0e:df:78:9b:5f:1c:52:a8:40:83:3e:72:cf:
a3:93:c4:5e:d2:f0:b9:bc:53:ab:b3:58:1a:db:f7:
eb:99:3c:17:0c:08:6a:4f:45:31:74:30:5f:f4:a1:
53:6d:fb:44:16:7b:fc:d3:cc:90:bb:6f:5f:ae:1a:
43:60:01:7c:ff:d0:57:2a:8d:e9:28:21:31:af:6b:
a3:fe:f1:cb:47:b8:c9:d0:8b:27:01:10:cd:ff:08:
cc:07:72:30:0d:b4:6d:18:ab:c3:44:db:79:d2:ac:
5d:0a:77:e8:01:d1:bb:ee:96:fa:a4:ac:a3:56:d7:
f1:71:a6:14:6f:22:4c:ab:d2:37:62:a7:83:e1:7b:
94:98:61:0b:a0:3e:7a:0c:a3:9d:de:09:1e:73:b3:
cf:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:61:F4:CE:EB:B8:E9:3B:F5:0C:69:B1:16:BB:22:03:EC:07:FE:7B
X509v3 Authority Key Identifier:
keyid:5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/jGH0zuu46Tv1DGmxFrsiA-wH_ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.128.0/19
185.93.80.0/22
188.92.124.0/22
Signature Algorithm: sha256WithRSAEncryption
83:51:6d:bc:5a:bd:a7:a7:12:5b:6d:05:ff:55:5f:83:45:99:
21:65:f2:00:1f:82:ca:0c:53:7c:05:70:3d:7c:fb:2d:b7:a1:
6f:96:29:5c:b1:fd:3d:ff:00:ee:90:bc:c6:d4:6a:4d:e7:f9:
09:07:6e:2a:14:4a:09:48:4b:db:6b:99:45:d0:85:73:23:73:
fe:d1:63:f6:fe:33:d8:78:43:9e:13:e2:37:43:03:a1:46:da:
f9:dd:35:72:cf:8d:0d:ce:b2:c1:fd:79:27:e1:f2:6a:8f:09:
39:be:ee:4e:00:80:5c:ed:95:ed:5d:5a:bd:a7:7a:f2:42:60:
5a:fd:f2:d8:fe:e7:46:d8:82:7c:bb:49:2c:32:02:68:58:b9:
4f:6a:fb:ea:7e:20:36:70:7e:b0:a9:6b:e4:19:3d:3e:f2:e3:
27:87:4e:91:a3:43:fb:5b:bb:6b:b0:6c:27:27:69:e4:36:5c:
23:4a:52:52:94:63:76:25:8c:92:c9:e7:91:80:7b:21:dc:6e:
aa:0e:f2:ec:fa:8a:34:35:90:0e:90:40:d6:d1:5a:c7:35:b7:
b4:5d:89:2d:a4:be:f2:c5:96:16:2e:d5:58:4c:45:5c:8b:66:
66:fa:c3:34:2c:3d:1d:1a:ea:c7:24:e4:eb:d8:2c:3c:47:45:
25:94:e3:95
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZnxx6zsH3euZf/r9q3hphT+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhOTM5YjBjZWQzOGQ3NWNjNjNlZDUwZDZlNWNlNzJiYmI1
YjRiMTAwHhcNMjUxMDE3MTA0NjU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzYxZjRjZWViYjhlOTNiZjUwYzY5YjExNmJiMjIwM2VjMDdmZTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30gaHxuejMdUXdBhEUfUvvQSXVSI
AMHRGrpF1Gd7JYl7UewM6uo9NHSCk3ymAb8iAjiGJJPQ1l/xkKQzkHFPl6aonDCO
+2Hdtwt+BXOi5T9U7XZ7+mx6lNO3+xNj0u261kkzoMsjt4iRRA7feJtfHFKoQIM+
cs+jk8Re0vC5vFOrs1ga2/frmTwXDAhqT0UxdDBf9KFTbftEFnv808yQu29frhpD
YAF8/9BXKo3pKCExr2uj/vHLR7jJ0IsnARDN/wjMB3IwDbRtGKvDRNt50qxdCnfo
AdG77pb6pKyjVtfxcaYUbyJMq9I3YqeD4XuUmGELoD56DKOd3gkec7PPJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIxh9M7ruOk79QxpsRa7IgPsB/57MB8GA1UdIwQY
MBaAFFqTmwztONdcxj7VDW5c5yu7W0sQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgt
ZDYwYjNiNmNjYTZlLzEvakdIMHp1dTQ2VHYxREdteEZyc2lBLXdIX25zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgtZDYwYjNiNmNjYTZl
LzEvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFBSKAAwQC
uV1QAwQCvFx8MA0GCSqGSIb3DQEBCwUAA4IBAQCDUW28Wr2npxJbbQX/VV+DRZkh
ZfIAH4LKDFN8BXA9fPstt6Fvlilcsf09/wDukLzG1GpN5/kJB24qFEoJSEvba5lF
0IVzI3P+0WP2/jPYeEOeE+I3QwOhRtr53TVyz40NzrLB/Xkn4fJqjwk5vu5OAIBc
7ZXtXVq9p3ryQmBa/fLY/udG2IJ8u0ksMgJoWLlPavvqfiA2cH6wqWvkGT0+8uMn
h06Ro0P7W7trsGwnJ2nkNlwjSlJSlGN2JYySyeeRgHsh3G6qDvLs+oo0NZAOkEDW
0VrHNbe0XYktpL7yxZYWLtVYTEVci2Zm+sM0LD0dGurHJOTr2Cw8R0UllOOV
-----END CERTIFICATE-----
Generated at Mon Oct 20 17:32:37 2025 by rpki-client