Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/gqM1N0ZQ-XZrHoXllsjPyqQZwmA.roa
File: gqM1N0ZQ-XZrHoXllsjPyqQZwmA.roa (raw, json)
Hash identifier: 3GIQJuS1dOGbuGKQpBOSwooyzL34OTD5i/iljjhX6Fw=
Subject key identifier: 82:A3:35:37:46:50:F9:76:6B:1E:85:E5:96:C8:CF:CA:A4:19:C2:60
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019976D9B7E790B28ED3A46E6A7EFB24D61D
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/gqM1N0ZQ-XZrHoXllsjPyqQZwmA.roa
Signing time: Tue 23 Sep 2025 13:53:23 +0000
ROA not before: Tue 23 Sep 2025 13:53:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57169
IP address blocks: 192.36.38.0/24 maxlen: 24
192.36.39.0/24 maxlen: 24
192.36.41.0/24 maxlen: 24
192.36.56.0/24 maxlen: 24
192.36.61.0/24 maxlen: 24
192.71.26.0/24 maxlen: 24
192.71.233.0/24 maxlen: 24
192.71.247.0/24 maxlen: 24
192.71.249.0/24 maxlen: 24
192.121.16.0/24 maxlen: 24
192.121.17.0/24 maxlen: 24
192.121.163.0/24 maxlen: 24
192.121.170.0/24 maxlen: 24
192.121.171.0/24 maxlen: 24
193.235.147.0/24 maxlen: 24
194.14.208.0/24 maxlen: 24
194.68.225.0/24 maxlen: 24
194.71.107.0/24 maxlen: 24
194.71.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:76:d9:b7:e7:90:b2:8e:d3:a4:6e:6a:7e:fb:24:d6:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Sep 23 13:53:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82a335374650f9766b1e85e596c8cfcaa419c260
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b0:da:3b:b3:0b:47:f1:14:d7:b3:05:a6:20:
d8:7c:f0:7d:69:e7:54:9c:6d:ea:c9:09:69:f4:3f:
aa:17:81:69:8e:14:d6:34:f3:b1:7a:f4:a3:89:52:
ae:6c:56:7d:bb:bd:d3:88:c6:d2:03:4a:b8:52:f3:
19:19:a8:77:50:a1:5c:ed:28:a4:49:be:f5:db:ce:
99:69:51:8a:dd:f5:40:15:0e:4d:a2:d4:3a:2c:73:
f1:33:b8:40:f8:e0:83:52:23:e8:0b:f0:6d:74:9a:
26:e7:6a:8b:5a:64:2a:d8:62:ea:6f:35:6b:13:91:
b0:93:47:27:10:fd:c1:fa:5b:3d:bc:11:0f:8e:7c:
e2:fd:cb:5c:21:8a:a8:a9:86:bc:c6:67:9b:ca:80:
58:4f:50:63:e6:34:ba:a0:fb:ae:d3:2c:58:98:7c:
9b:c3:96:9d:4a:00:19:7c:89:66:c0:df:ca:c5:00:
4f:50:57:37:1e:da:ef:e2:2b:10:59:ba:05:4a:63:
91:cc:5d:47:fb:f2:7f:b2:9d:86:ab:15:7c:3e:fd:
23:cd:18:98:b3:86:65:37:6f:4d:4c:0a:64:1a:f7:
ef:5e:04:32:0a:70:15:3d:55:9d:e6:77:f2:9a:97:
0a:92:eb:a2:0d:b5:23:f8:b4:9c:8b:e7:2b:98:84:
fa:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:A3:35:37:46:50:F9:76:6B:1E:85:E5:96:C8:CF:CA:A4:19:C2:60
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/gqM1N0ZQ-XZrHoXllsjPyqQZwmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.38.0/23
192.36.41.0/24
192.36.56.0/24
192.36.61.0/24
192.71.26.0/24
192.71.233.0/24
192.71.247.0/24
192.71.249.0/24
192.121.16.0/23
192.121.163.0/24
192.121.170.0/23
193.235.147.0/24
194.14.208.0/24
194.68.225.0/24
194.71.107.0/24
194.71.227.0/24
Signature Algorithm: sha256WithRSAEncryption
02:c4:c3:ba:9e:e6:00:88:70:4e:fb:2a:cb:44:3b:8b:bc:84:
52:4f:ec:e4:21:76:76:e9:42:20:01:5b:5b:69:dc:d7:e9:6a:
50:ee:b4:c1:46:6a:2e:53:61:36:5c:c1:76:5b:56:4d:73:07:
6f:e1:47:b1:01:91:16:b1:18:6c:7b:53:ad:45:c0:9d:90:e1:
67:d6:04:58:b5:84:c6:48:c7:3a:c8:47:16:33:71:8b:dd:eb:
72:1f:a2:b2:46:b3:6d:ec:59:ff:26:3e:26:7f:cf:ad:f8:52:
00:19:86:c0:d1:74:ea:a4:54:61:fc:63:4d:0e:9f:17:a3:3a:
cd:05:b0:03:ce:5e:69:4e:2c:20:9d:cb:67:da:db:9f:fc:7f:
5d:ac:12:f3:cb:2e:cb:24:2d:f3:f9:bb:99:02:2b:f3:c4:68:
00:66:09:47:85:18:a1:11:b4:9d:4d:83:6b:da:05:80:75:e3:
74:91:f0:6d:6a:cd:c7:02:5e:94:d0:a4:ab:76:86:d7:e3:a8:
42:26:34:7d:b2:5a:2a:d8:b4:da:43:7c:f4:ff:93:7c:ac:08:
d8:8b:0d:31:a5:8c:ac:68:b5:bd:e7:c9:f8:3b:57:65:0e:15:
84:5b:6c:af:b7:96:13:a1:ee:e3:24:0d:4e:82:4f:d8:e8:4d:
02:3a:a0:62
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZl22bfnkLKO06Ruan77JNYdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwOTIzMTM1MzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmEzMzUzNzQ2NTBmOTc2NmIxZTg1ZTU5NmM4Y2ZjYWE0MTljMjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbDaO7MLR/EU17MFpiDYfPB9aedU
nG3qyQlp9D+qF4FpjhTWNPOxevSjiVKubFZ9u73TiMbSA0q4UvMZGah3UKFc7Sik
Sb71286ZaVGK3fVAFQ5NotQ6LHPxM7hA+OCDUiPoC/BtdJom52qLWmQq2GLqbzVr
E5Gwk0cnEP3B+ls9vBEPjnzi/ctcIYqoqYa8xmebyoBYT1Bj5jS6oPuu0yxYmHyb
w5adSgAZfIlmwN/KxQBPUFc3Htrv4isQWboFSmORzF1H+/J/sp2GqxV8Pv0jzRiY
s4ZlN29NTApkGvfvXgQyCnAVPVWd5nfympcKkuuiDbUj+LSci+crmIT6nQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFIKjNTdGUPl2ax6F5ZbIz8qkGcJgMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvZ3FNMU4wWlEtWFpySG9YbGxzalB5cVFad21BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQBwCQmAwQA
wCQpAwQAwCQ4AwQAwCQ9AwQAwEcaAwQAwEfpAwQAwEf3AwQAwEf5AwQBwHkQAwQA
wHmjAwQBwHmqAwQAweuTAwQAwg7QAwQAwkThAwQAwkdrAwQAwkfjMA0GCSqGSIb3
DQEBCwUAA4IBAQACxMO6nuYAiHBO+yrLRDuLvIRST+zkIXZ26UIgAVtbadzX6WpQ
7rTBRmouU2E2XMF2W1ZNcwdv4UexAZEWsRhse1OtRcCdkOFn1gRYtYTGSMc6yEcW
M3GL3etyH6KyRrNt7Fn/Jj4mf8+t+FIAGYbA0XTqpFRh/GNNDp8XozrNBbADzl5p
Tiwgnctn2tuf/H9drBLzyy7LJC3z+buZAivzxGgAZglHhRihEbSdTYNr2gWAdeN0
kfBtas3HAl6U0KSrdobX46hCJjR9sloq2LTaQ3z0/5N8rAjYiw0xpYysaLW958n4
O1dlDhWEW2yvt5YToe7jJA1Ogk/Y6E0COqBi
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:58:17 2025 by rpki-client