Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/Fl2jGenKnA0BUtxUSthdz--uOV8.roa
File: Fl2jGenKnA0BUtxUSthdz--uOV8.roa (raw, json)
Hash identifier: kqQXqIucUTzP/77Y+W4OOsJofh0MCiecSiZ2fc/tf0Y=
Subject key identifier: 16:5D:A3:19:E9:CA:9C:0D:01:52:DC:54:4A:D8:5D:CF:EF:AE:39:5F
Certificate issuer: /CN=1a2a4bfd2c0c69765a8299ef74965f862a7148b7
Certificate serial: 01995B6E3D6E422F8D4B9F64B80D2BAFD408
Authority key identifier: 1A:2A:4B:FD:2C:0C:69:76:5A:82:99:EF:74:96:5F:86:2A:71:48:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GipL_SwMaXZagpnvdJZfhipxSLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/Fl2jGenKnA0BUtxUSthdz--uOV8.roa
Signing time: Thu 18 Sep 2025 06:06:15 +0000
ROA not before: Thu 18 Sep 2025 06:06:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41176
IP address blocks: 89.108.0.0/18 maxlen: 18
89.108.26.0/23 maxlen: 23
89.108.26.0/24 maxlen: 24
89.108.27.0/24 maxlen: 24
89.108.28.0/24 maxlen: 24
89.108.29.0/24 maxlen: 24
89.108.30.0/24 maxlen: 24
89.108.60.0/22 maxlen: 22
185.20.152.0/22 maxlen: 22
185.20.152.0/24 maxlen: 24
188.117.64.0/18 maxlen: 18
188.117.72.0/22 maxlen: 22
188.117.76.0/22 maxlen: 22
188.117.76.0/24 maxlen: 24
188.117.77.0/24 maxlen: 24
188.117.78.0/24 maxlen: 24
188.117.80.0/23 maxlen: 23
188.117.80.0/24 maxlen: 24
188.117.81.0/24 maxlen: 24
188.117.82.0/24 maxlen: 24
188.117.84.0/22 maxlen: 22
188.117.84.0/24 maxlen: 24
188.117.85.0/24 maxlen: 24
188.117.86.0/24 maxlen: 24
188.117.87.0/24 maxlen: 24
188.117.93.0/24 maxlen: 24
188.117.96.0/21 maxlen: 21
188.117.100.0/23 maxlen: 23
188.117.104.0/24 maxlen: 24
188.117.107.0/24 maxlen: 24
188.117.108.0/24 maxlen: 24
188.117.109.0/24 maxlen: 24
188.117.116.0/24 maxlen: 24
188.117.117.0/24 maxlen: 24
188.117.124.0/24 maxlen: 24
212.76.64.0/19 maxlen: 19
212.76.64.0/24 maxlen: 24
212.76.68.0/24 maxlen: 24
212.76.69.0/24 maxlen: 24
212.76.70.0/24 maxlen: 24
212.76.73.0/24 maxlen: 24
212.76.83.0/24 maxlen: 24
212.76.85.0/24 maxlen: 24
212.76.88.0/24 maxlen: 24
212.76.95.0/24 maxlen: 24
213.236.32.0/19 maxlen: 19
213.236.35.0/24 maxlen: 24
213.236.36.0/24 maxlen: 24
213.236.37.0/24 maxlen: 24
213.236.38.0/24 maxlen: 24
213.236.39.0/24 maxlen: 24
213.236.41.0/24 maxlen: 24
213.236.48.0/24 maxlen: 24
213.236.53.0/24 maxlen: 24
213.236.56.0/21 maxlen: 21
213.236.56.0/22 maxlen: 22
213.236.59.0/24 maxlen: 24
213.236.60.0/22 maxlen: 22
213.236.60.0/24 maxlen: 24
213.236.62.0/24 maxlen: 24
2a02:d70::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/GipL_SwMaXZagpnvdJZfhipxSLc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/GipL_SwMaXZagpnvdJZfhipxSLc.mft
rsync://rpki.ripe.net/repository/DEFAULT/GipL_SwMaXZagpnvdJZfhipxSLc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 09:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5b:6e:3d:6e:42:2f:8d:4b:9f:64:b8:0d:2b:af:d4:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a2a4bfd2c0c69765a8299ef74965f862a7148b7
Validity
Not Before: Sep 18 06:06:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=165da319e9ca9c0d0152dc544ad85dcfefae395f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:13:da:6e:14:96:5b:c6:f1:ca:bb:5f:b7:05:
b9:1d:7d:f4:3a:81:19:d7:6a:95:a2:c1:54:99:4e:
98:c6:48:da:a5:8f:61:b4:8e:a6:29:1a:8e:48:c7:
b6:77:f2:de:04:1d:c1:bc:fe:f7:ff:6a:f4:99:4b:
fb:e5:8c:73:64:2e:27:ae:a2:0b:64:75:43:02:e3:
36:d4:ee:5e:25:45:fb:0e:89:e6:49:ee:86:51:77:
27:15:4e:9b:b5:a4:5b:11:c9:fa:79:0a:83:9e:9c:
74:89:80:1f:60:89:19:91:39:e5:b0:8b:7d:d6:af:
16:fa:02:a3:d1:4d:e9:d2:5d:4f:11:15:f7:9a:f7:
23:f4:ae:bc:ae:73:ef:f8:4b:b5:ef:5c:23:95:d9:
32:b7:a0:a1:b5:1d:40:17:67:6c:8a:32:87:15:f6:
59:fc:21:f1:ce:df:7f:62:6e:81:7f:6e:ef:bc:36:
e4:2a:10:9e:5e:2f:25:4e:2d:5a:f4:74:31:05:3f:
6b:16:09:5e:f6:d7:ee:e4:74:e8:05:14:57:44:24:
dd:9e:38:18:9c:76:16:0d:6f:84:05:91:6e:7b:33:
36:ab:18:fa:96:34:82:c2:fd:7a:1e:b0:fe:32:5f:
03:3b:68:e3:7f:8a:82:52:58:d0:8b:78:58:94:46:
69:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:5D:A3:19:E9:CA:9C:0D:01:52:DC:54:4A:D8:5D:CF:EF:AE:39:5F
X509v3 Authority Key Identifier:
keyid:1A:2A:4B:FD:2C:0C:69:76:5A:82:99:EF:74:96:5F:86:2A:71:48:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GipL_SwMaXZagpnvdJZfhipxSLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/Fl2jGenKnA0BUtxUSthdz--uOV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/677af8-853e-493b-8b85-bb70800c2a65/1/GipL_SwMaXZagpnvdJZfhipxSLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.108.0.0/18
185.20.152.0/22
188.117.64.0/18
212.76.64.0/19
213.236.32.0/19
IPv6:
2a02:d70::/32
Signature Algorithm: sha256WithRSAEncryption
af:35:a5:7f:67:91:e3:05:a4:2d:93:01:35:cc:7d:24:c5:a6:
c0:73:c6:fb:e0:1a:6c:a0:ab:00:cf:75:f7:34:35:26:56:f2:
05:31:86:dc:c0:21:08:c2:40:be:ff:72:e4:8b:bf:e6:c9:b9:
e8:45:19:67:c3:8f:4a:f2:e9:ad:c9:6e:ff:06:ff:08:47:d6:
8f:7b:4e:10:27:f6:a9:8e:36:81:f2:4f:2c:f8:d7:4e:78:4d:
a2:0c:fe:9c:6c:44:d3:96:5d:43:31:d4:10:17:b0:13:a9:1b:
d3:2e:5e:e6:9c:3e:90:cb:83:72:22:1a:c3:00:1d:f9:0a:be:
21:04:9e:da:1d:ad:c2:90:c0:22:e7:0d:53:bc:0e:9c:8e:c5:
62:69:bc:0e:07:07:b7:35:d4:4f:8e:e7:cb:fe:13:83:a1:be:
b9:99:57:24:60:e7:6b:63:3c:cb:c3:6d:9d:16:2d:2c:fd:ee:
da:bd:38:75:7c:87:d8:0d:43:51:24:5b:77:fa:47:31:66:ee:
f9:b4:12:9b:ae:ac:8c:ba:5e:79:1e:82:14:63:e1:ea:21:c1:
82:b7:ab:8d:cf:ac:16:17:42:3e:0e:48:ed:40:51:f2:2c:58:
77:14:12:2f:da:30:73:b3:97:60:8b:1d:5b:97:8b:fb:a7:4a:
e7:bb:2b:4d
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZlbbj1uQi+NS59kuA0rr9QIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMmE0YmZkMmMwYzY5NzY1YTgyOTllZjc0OTY1Zjg2MmE3
MTQ4YjcwHhcNMjUwOTE4MDYwNjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjVkYTMxOWU5Y2E5YzBkMDE1MmRjNTQ0YWQ4NWRjZmVmYWUzOTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7BPabhSWW8bxyrtftwW5HX30OoEZ
12qVosFUmU6YxkjapY9htI6mKRqOSMe2d/LeBB3BvP73/2r0mUv75YxzZC4nrqIL
ZHVDAuM21O5eJUX7DonmSe6GUXcnFU6btaRbEcn6eQqDnpx0iYAfYIkZkTnlsIt9
1q8W+gKj0U3p0l1PERX3mvcj9K68rnPv+Eu171wjldkyt6ChtR1AF2dsijKHFfZZ
/CHxzt9/Ym6Bf27vvDbkKhCeXi8lTi1a9HQxBT9rFgle9tfu5HToBRRXRCTdnjgY
nHYWDW+EBZFuezM2qxj6ljSCwv16HrD+Ml8DO2jjf4qCUljQi3hYlEZp/QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBZdoxnpypwNAVLcVErYXc/vrjlfMB8GA1UdIwQY
MBaAFBoqS/0sDGl2WoKZ73SWX4YqcUi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2lwTF9Td01hWFphZ3BudmRKWmZoaXB4U0xjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi82NzdhZjgtODUzZS00OTNiLThiODUt
YmI3MDgwMGMyYTY1LzEvRmwyakdlbktuQTBCVXR4VVN0aGR6LS11T1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi82NzdhZjgtODUzZS00OTNiLThiODUtYmI3MDgwMGMyYTY1
LzEvR2lwTF9Td01hWFphZ3BudmRKWmZoaXB4U0xjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQGWWwAAwQC
uRSYAwQGvHVAAwQF1ExAAwQF1ewgMA0EAgACMAcDBQAqAg1wMA0GCSqGSIb3DQEB
CwUAA4IBAQCvNaV/Z5HjBaQtkwE1zH0kxabAc8b74BpsoKsAz3X3NDUmVvIFMYbc
wCEIwkC+/3Lki7/mybnoRRlnw49K8umtyW7/Bv8IR9aPe04QJ/apjjaB8k8s+NdO
eE2iDP6cbETTll1DMdQQF7ATqRvTLl7mnD6Qy4NyIhrDAB35Cr4hBJ7aHa3CkMAi
5w1TvA6cjsViabwOBwe3NdRPjufL/hODob65mVckYOdrYzzLw22dFi0s/e7avTh1
fIfYDUNRJFt3+kcxZu75tBKbrqyMul55HoIUY+HqIcGCt6uNz6wWF0I+DkjtQFHy
LFh3FBIv2jBzs5dgix1bl4v7p0rnuytN
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:09:01 2025 by rpki-client