Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/748111-0e10-4792-9b1b-da780cfb99a4/1/ga4DK68qwsMkTd-ni1B6iXRQTdQ.roa
File: ga4DK68qwsMkTd-ni1B6iXRQTdQ.roa (raw, json)
Hash identifier: H3sXkj62Xj83aypXZVaDV2Gzb10/TmB5L1/CDA3jxj0=
Subject key identifier: 81:AE:03:2B:AF:2A:C2:C3:24:4D:DF:A7:8B:50:7A:89:74:50:4D:D4
Certificate issuer: /CN=aa734ef5ae21c0e897fa186447184ec9ad4ae29d
Certificate serial: 0198D0A5331BB6A1EED0971E51E19BE60F48
Authority key identifier: AA:73:4E:F5:AE:21:C0:E8:97:FA:18:64:47:18:4E:C9:AD:4A:E2:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnNO9a4hwOiX-hhkRxhOya1K4p0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/748111-0e10-4792-9b1b-da780cfb99a4/1/ga4DK68qwsMkTd-ni1B6iXRQTdQ.roa
Signing time: Fri 22 Aug 2025 07:19:04 +0000
ROA not before: Fri 22 Aug 2025 07:19:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 92.62.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/748111-0e10-4792-9b1b-da780cfb99a4/1/qnNO9a4hwOiX-hhkRxhOya1K4p0.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/748111-0e10-4792-9b1b-da780cfb99a4/1/qnNO9a4hwOiX-hhkRxhOya1K4p0.mft
rsync://rpki.ripe.net/repository/DEFAULT/qnNO9a4hwOiX-hhkRxhOya1K4p0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 19:02:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d0:a5:33:1b:b6:a1:ee:d0:97:1e:51:e1:9b:e6:0f:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa734ef5ae21c0e897fa186447184ec9ad4ae29d
Validity
Not Before: Aug 22 07:19:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81ae032baf2ac2c3244ddfa78b507a8974504dd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:d0:65:b5:e1:02:42:94:f4:1b:5b:5b:62:53:
46:f0:8c:b6:d6:78:57:dd:5d:e2:5c:18:ca:14:44:
23:53:03:eb:cd:81:ef:6a:31:26:6a:02:2a:ad:b1:
5c:e8:b3:f7:6a:d6:74:a3:c9:ee:32:6a:27:ce:af:
58:bd:39:cd:ba:79:68:9d:f1:84:4d:e2:5c:cc:65:
ec:1d:29:05:81:3c:82:e3:73:08:3b:ad:01:66:53:
20:93:4a:fb:43:2d:3c:cc:69:a1:aa:9e:48:ba:cc:
2a:fd:8e:10:33:fd:f5:85:2f:ce:4b:7f:9a:67:ae:
7f:c6:23:e2:58:73:7a:14:11:75:bc:db:94:88:90:
0f:11:19:9f:ca:14:6e:8a:ad:eb:ea:9e:ca:d6:96:
16:4b:90:2e:8c:1f:e6:66:70:bd:45:af:b9:43:2e:
de:f4:a6:d9:f0:a4:db:cf:41:bd:ed:d1:09:36:3c:
8c:52:63:25:ae:12:2b:a3:0d:07:cd:b4:6a:2c:31:
14:ba:e2:6e:c5:ff:74:3e:09:15:79:cf:05:f8:84:
c6:6a:f8:ff:f7:d6:61:dd:09:36:b1:03:01:9a:af:
c6:12:53:7e:d3:f9:08:cc:55:a5:a3:a6:a1:c4:5c:
0b:3a:95:a5:f6:79:db:fb:1f:88:97:dd:3c:ca:c8:
fc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:AE:03:2B:AF:2A:C2:C3:24:4D:DF:A7:8B:50:7A:89:74:50:4D:D4
X509v3 Authority Key Identifier:
keyid:AA:73:4E:F5:AE:21:C0:E8:97:FA:18:64:47:18:4E:C9:AD:4A:E2:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnNO9a4hwOiX-hhkRxhOya1K4p0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/748111-0e10-4792-9b1b-da780cfb99a4/1/ga4DK68qwsMkTd-ni1B6iXRQTdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/748111-0e10-4792-9b1b-da780cfb99a4/1/qnNO9a4hwOiX-hhkRxhOya1K4p0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.62.117.0/24
Signature Algorithm: sha256WithRSAEncryption
51:6b:07:00:bc:08:d7:67:78:f7:7d:91:fe:d9:9a:07:d4:ad:
09:a7:36:45:01:3f:cb:5c:68:1e:f0:07:7c:e1:58:fb:6f:af:
4b:9e:1b:65:a4:c5:a7:f0:b0:5f:fc:c8:65:79:fb:05:2c:47:
23:9a:f9:a0:05:bc:25:d6:10:11:e1:36:db:e1:0c:40:2f:b2:
4f:c5:fc:d9:23:9a:75:ba:17:63:34:73:e6:f1:d4:d3:0f:62:
12:00:2c:81:42:84:67:e9:0e:59:1c:2f:c8:e4:e6:10:e5:ab:
b0:3a:db:db:64:c2:50:b3:e6:9d:9c:7e:3e:c3:b1:50:8d:b3:
66:d6:92:80:69:e4:40:38:b3:83:77:41:2f:be:4b:c8:41:75:
e9:e8:96:9e:57:b3:9d:2d:c6:4f:86:b3:f1:fd:2a:63:d2:ea:
08:2c:5f:b3:df:0c:59:de:f5:ce:7f:f4:81:5c:fa:7a:3f:18:
fb:d3:c6:b4:9b:4a:04:71:29:2a:e3:e8:e7:64:9d:4c:81:07:
67:c3:f0:c7:f7:07:de:96:13:31:42:49:8e:7d:5c:fb:7c:73:
ca:d4:5a:ca:76:27:89:3d:49:06:d9:8c:3c:84:a1:1b:5f:cb:
72:fb:26:d8:1f:26:dc:d7:6b:db:9b:b8:c6:c1:93:b6:df:59:
7a:7f:61:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjQpTMbtqHu0JceUeGb5g9IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNzM0ZWY1YWUyMWMwZTg5N2ZhMTg2NDQ3MTg0ZWM5YWQ0
YWUyOWQwHhcNMjUwODIyMDcxOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWFlMDMyYmFmMmFjMmMzMjQ0ZGRmYTc4YjUwN2E4OTc0NTA0ZGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+dBlteECQpT0G1tbYlNG8Iy21nhX
3V3iXBjKFEQjUwPrzYHvajEmagIqrbFc6LP3atZ0o8nuMmonzq9YvTnNunlonfGE
TeJczGXsHSkFgTyC43MIO60BZlMgk0r7Qy08zGmhqp5Iuswq/Y4QM/31hS/OS3+a
Z65/xiPiWHN6FBF1vNuUiJAPERmfyhRuiq3r6p7K1pYWS5AujB/mZnC9Ra+5Qy7e
9KbZ8KTbz0G97dEJNjyMUmMlrhIrow0HzbRqLDEUuuJuxf90PgkVec8F+ITGavj/
99Zh3Qk2sQMBmq/GElN+0/kIzFWlo6ahxFwLOpWl9nnb+x+Il908ysj8VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIGuAyuvKsLDJE3fp4tQeol0UE3UMB8GA1UdIwQY
MBaAFKpzTvWuIcDol/oYZEcYTsmtSuKdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW5OTzlhNGh3T2lYLWhoa1J4aE95YTFLNHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS83NDgxMTEtMGUxMC00NzkyLTliMWIt
ZGE3ODBjZmI5OWE0LzEvZ2E0REs2OHF3c01rVGQtbmkxQjZpWFJRVGRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS83NDgxMTEtMGUxMC00NzkyLTliMWItZGE3ODBjZmI5OWE0
LzEvcW5OTzlhNGh3T2lYLWhoa1J4aE95YTFLNHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXD51MA0G
CSqGSIb3DQEBCwUAA4IBAQBRawcAvAjXZ3j3fZH+2ZoH1K0JpzZFAT/LXGge8Ad8
4Vj7b69LnhtlpMWn8LBf/MhlefsFLEcjmvmgBbwl1hAR4Tbb4QxAL7JPxfzZI5p1
uhdjNHPm8dTTD2ISACyBQoRn6Q5ZHC/I5OYQ5auwOtvbZMJQs+adnH4+w7FQjbNm
1pKAaeRAOLODd0EvvkvIQXXp6JaeV7OdLcZPhrPx/Spj0uoILF+z3wxZ3vXOf/SB
XPp6Pxj708a0m0oEcSkq4+jnZJ1MgQdnw/DH9wfelhMxQkmOfVz7fHPK1FrKdieJ
PUkG2Yw8hKEbX8ty+ybYHybc12vbm7jGwZO231l6f2Ew
-----END CERTIFICATE-----
Generated at Sun Aug 24 05:03:06 2025 by rpki-client