Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/gGm8wU6PjR0-kKuHqRN7q_PcCXc.roa
File: gGm8wU6PjR0-kKuHqRN7q_PcCXc.roa (raw, json)
Hash identifier: +FUqo6oVVIQPQjfEDzVpjvPMMimpbMQ9HN9dZbS2tW0=
Subject key identifier: 80:69:BC:C1:4E:8F:8D:1D:3E:90:AB:87:A9:13:7B:AB:F3:DC:09:77
Certificate issuer: /CN=c2eafaa30b340ecf810a4cb9af3b51c702566598
Certificate serial: 0199F78E415082F4CA1B3507068000E66493
Authority key identifier: C2:EA:FA:A3:0B:34:0E:CF:81:0A:4C:B9:AF:3B:51:C7:02:56:65:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/gGm8wU6PjR0-kKuHqRN7q_PcCXc.roa
Signing time: Sat 18 Oct 2025 13:41:58 +0000
ROA not before: Sat 18 Oct 2025 13:41:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8410
IP address blocks: 194.0.120.0/22 maxlen: 22
194.0.120.0/24 maxlen: 24
194.0.121.0/24 maxlen: 24
194.0.122.0/24 maxlen: 24
194.0.123.0/24 maxlen: 24
194.55.161.0/24 maxlen: 24
194.55.163.0/24 maxlen: 24
194.55.168.0/24 maxlen: 24
194.55.171.0/24 maxlen: 24
195.140.180.0/22 maxlen: 22
195.140.180.0/24 maxlen: 24
195.140.181.0/24 maxlen: 24
195.140.182.0/24 maxlen: 24
195.140.183.0/24 maxlen: 24
212.15.32.0/21 maxlen: 21
212.15.32.0/24 maxlen: 24
212.15.33.0/24 maxlen: 24
212.15.34.0/24 maxlen: 24
212.15.35.0/24 maxlen: 24
212.15.36.0/24 maxlen: 24
212.15.37.0/24 maxlen: 24
212.15.38.0/24 maxlen: 24
212.15.39.0/24 maxlen: 24
212.15.40.0/24 maxlen: 24
212.15.41.0/24 maxlen: 24
212.15.43.0/24 maxlen: 24
212.15.44.0/24 maxlen: 24
212.15.45.0/24 maxlen: 24
212.15.46.0/24 maxlen: 24
212.15.48.0/24 maxlen: 24
212.15.52.0/24 maxlen: 24
212.15.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.mft
rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f7:8e:41:50:82:f4:ca:1b:35:07:06:80:00:e6:64:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2eafaa30b340ecf810a4cb9af3b51c702566598
Validity
Not Before: Oct 18 13:41:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8069bcc14e8f8d1d3e90ab87a9137babf3dc0977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1e:a2:47:88:08:ca:c1:e6:c3:5c:2e:11:d3:
6f:51:24:cf:d7:37:27:e5:f4:bc:9d:e7:85:10:4d:
b5:94:00:d4:c9:94:5f:63:9d:71:2c:f4:ab:6a:fc:
dc:05:f1:05:e0:74:2f:96:bd:72:4e:b0:86:cb:c2:
88:93:0f:cd:8a:4f:5a:ea:aa:75:1d:b2:cf:dc:7c:
52:38:37:5b:2e:da:39:c7:31:2b:68:24:b4:1d:fc:
39:96:ea:e3:3c:27:f1:a4:3a:d9:c4:65:a0:66:39:
70:2d:fc:a1:05:62:fb:3e:7a:54:01:4d:77:05:74:
84:35:82:12:e6:67:42:cd:d6:7a:3c:6f:f8:0c:bf:
90:de:cc:19:b4:40:70:61:28:70:bc:1f:15:3b:5d:
a3:b9:1c:b3:f8:a9:84:c2:6b:7d:42:7e:8f:9a:27:
e1:87:1b:bd:9a:a2:a9:f9:6c:ee:1c:4d:bd:7f:e0:
3b:22:fd:fa:13:0b:e5:5a:59:0b:e7:ea:a1:88:ad:
44:cf:da:b8:3c:a7:77:6e:d9:53:06:ca:a8:82:3b:
10:d4:cd:b8:a7:f6:05:8f:10:9a:81:74:dc:f2:87:
6a:00:58:75:e3:f8:44:34:f4:53:09:04:68:09:59:
00:b0:7f:7d:f6:34:3e:e1:2e:5b:48:cc:a3:ce:52:
3e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:69:BC:C1:4E:8F:8D:1D:3E:90:AB:87:A9:13:7B:AB:F3:DC:09:77
X509v3 Authority Key Identifier:
keyid:C2:EA:FA:A3:0B:34:0E:CF:81:0A:4C:B9:AF:3B:51:C7:02:56:65:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/gGm8wU6PjR0-kKuHqRN7q_PcCXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.120.0/22
194.55.161.0/24
194.55.163.0/24
194.55.168.0/24
194.55.171.0/24
195.140.180.0/22
212.15.32.0-212.15.41.255
212.15.43.0-212.15.46.255
212.15.48.0/24
212.15.52.0/23
Signature Algorithm: sha256WithRSAEncryption
53:47:e6:f8:04:b3:a0:c7:a7:b7:ee:cc:c0:c0:ae:1c:3a:d2:
65:5b:29:11:15:dd:52:50:dc:91:24:35:e3:76:04:30:f9:22:
2c:27:7a:6b:ac:65:1c:a6:7b:88:61:2e:b4:5b:e4:87:55:7b:
61:d6:42:3a:46:0e:7c:d7:2f:3b:bb:95:1b:41:81:0f:e3:b1:
ce:11:fd:ba:f0:1f:69:bc:27:f2:8d:bb:c9:df:00:00:f3:a1:
90:c1:4f:0a:1a:2b:6c:08:2e:29:b6:59:0e:5b:2f:80:0b:9e:
55:04:42:95:2f:8a:eb:ae:9c:41:cc:3d:76:a0:47:fe:d7:0f:
32:64:5e:79:69:cc:2a:e9:ef:5e:a3:0f:54:5a:81:cd:95:71:
e7:78:9f:a8:2a:19:95:e5:d7:ee:89:c0:05:59:99:8b:db:fb:
e5:d3:5e:e8:c5:be:f4:25:05:87:94:62:2c:7e:23:38:63:6f:
62:02:e2:b6:09:41:0a:89:77:4b:dd:bd:e4:2d:7a:44:9b:79:
c8:1a:3e:98:3c:97:df:fd:45:38:8e:40:af:96:5f:79:52:66:
9c:f0:93:ef:35:c8:af:06:a1:0b:d5:74:16:b3:de:63:fd:9c:
43:30:e2:c5:d0:a0:44:8f:b0:79:cb:a0:8e:df:ca:0f:92:18:
ba:a9:dc:d9
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZn3jkFQgvTKGzUHBoAA5mSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWFmYWEzMGIzNDBlY2Y4MTBhNGNiOWFmM2I1MWM3MDI1
NjY1OTgwHhcNMjUxMDE4MTM0MTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDY5YmNjMTRlOGY4ZDFkM2U5MGFiODdhOTEzN2JhYmYzZGMwOTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuR6iR4gIysHmw1wuEdNvUSTP1zcn
5fS8neeFEE21lADUyZRfY51xLPSravzcBfEF4HQvlr1yTrCGy8KIkw/Nik9a6qp1
HbLP3HxSODdbLto5xzEraCS0Hfw5lurjPCfxpDrZxGWgZjlwLfyhBWL7PnpUAU13
BXSENYIS5mdCzdZ6PG/4DL+Q3swZtEBwYShwvB8VO12juRyz+KmEwmt9Qn6Pmifh
hxu9mqKp+WzuHE29f+A7Iv36EwvlWlkL5+qhiK1Ez9q4PKd3btlTBsqogjsQ1M24
p/YFjxCagXTc8odqAFh14/hENPRTCQRoCVkAsH999jQ+4S5bSMyjzlI+4wIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFIBpvMFOj40dPpCrh6kTe6vz3Al3MB8GA1UdIwQY
MBaAFMLq+qMLNA7PgQpMua87UccCVmWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3VyNm93czBEcy1CQ2t5NXJ6dFJ4d0pXWlpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hMzRhMTYtZjg4MC00ODczLTg2OGIt
NWVjYWZkYTQ3MWY3LzEvZ0dtOHdVNlBqUjAta0t1SHFSTjdxX1BjQ1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9hMzRhMTYtZjg4MC00ODczLTg2OGItNWVjYWZkYTQ3MWY3
LzEvd3VyNm93czBEcy1CQ2t5NXJ6dFJ4d0pXWlpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQCwgB4AwQA
wjehAwQAwjejAwQAwjeoAwQAwjerAwQCw4y0MAwDBAXUDyADBAHUDygwDAMEANQP
KwMEANQPLgMEANQPMAMEAdQPNDANBgkqhkiG9w0BAQsFAAOCAQEAU0fm+ASzoMen
t+7MwMCuHDrSZVspERXdUlDckSQ143YEMPkiLCd6a6xlHKZ7iGEutFvkh1V7YdZC
OkYOfNcvO7uVG0GBD+OxzhH9uvAfabwn8o27yd8AAPOhkMFPChorbAguKbZZDlsv
gAueVQRClS+K666cQcw9dqBH/tcPMmReeWnMKunvXqMPVFqBzZVx53ifqCoZleXX
7onABVmZi9v75dNe6MW+9CUFh5RiLH4jOGNvYgLitglBCol3S9295C16RJt5yBo+
mDyX3/1FOI5Ar5ZfeVJmnPCT7zXIrwahC9V0FrPeY/2cQzDixdCgRI+wecugjt/K
D5IYuqnc2Q==
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:08:59 2025 by rpki-client