Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/gUZ0JLTnALDOscp3mLn_Kq5n0u0.roa
File: gUZ0JLTnALDOscp3mLn_Kq5n0u0.roa (raw, json)
Hash identifier: X76o+89Mv6jj5TDmR/n2CIB5GvyoRSZWze0xxjQVUMI=
Subject key identifier: 81:46:74:24:B4:E7:00:B0:CE:B1:CA:77:98:B9:FF:2A:AE:67:D2:ED
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0199F0EF9D55C9066ABA513185C19718422E
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/gUZ0JLTnALDOscp3mLn_Kq5n0u0.roa
Signing time: Fri 17 Oct 2025 06:50:59 +0000
ROA not before: Fri 17 Oct 2025 06:50:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.240.0/24 maxlen: 24
45.155.242.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.206.0/23 maxlen: 24
194.143.210.0/24 maxlen: 24
194.143.217.0/24 maxlen: 24
194.143.218.0/24 maxlen: 24
194.143.222.0/24 maxlen: 24
195.114.196.0/24 maxlen: 24
195.114.197.0/24 maxlen: 24
195.114.198.0/24 maxlen: 24
213.220.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f0:ef:9d:55:c9:06:6a:ba:51:31:85:c1:97:18:42:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Oct 17 06:50:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81467424b4e700b0ceb1ca7798b9ff2aae67d2ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:41:f0:0c:36:29:82:8f:a0:de:17:38:bf:a4:
23:09:f8:27:c9:39:df:d2:b8:0e:8a:7e:38:cf:f2:
f5:0d:14:e6:e5:cb:24:50:81:80:d3:e2:e5:d5:d7:
02:93:01:bf:b0:31:14:32:74:11:19:24:ff:bf:1b:
48:1c:93:a2:11:ed:88:95:97:bc:0c:5c:b6:3e:b0:
2a:6a:2a:90:fd:61:bb:38:0a:e1:ad:b5:9f:cc:15:
0e:eb:7a:46:7c:61:1a:0b:d9:78:3e:3c:fb:ea:79:
09:86:d1:b9:27:87:32:cb:32:6e:de:f5:55:06:74:
4f:9f:39:d4:cb:31:d7:ec:44:92:73:65:e1:3a:66:
66:a3:3f:5d:a8:a3:a9:bb:c1:c6:45:1b:18:1e:78:
7d:71:41:c0:47:1d:a2:18:c7:d1:57:0a:7f:fc:9a:
dd:ed:62:75:3c:c3:19:1c:ca:fe:1a:32:16:3f:41:
a1:24:11:99:50:84:05:89:f5:0c:9e:66:75:7e:7b:
2e:34:94:94:60:9d:c3:da:ef:3f:5f:95:16:ad:1e:
3c:fe:77:62:51:4a:eb:8e:d3:29:7c:36:f9:6e:dd:
70:b9:93:93:15:9f:10:90:60:b7:66:a3:f4:0c:3d:
c5:6a:e7:73:f5:f4:77:3b:ed:7f:cd:53:b0:06:50:
18:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:46:74:24:B4:E7:00:B0:CE:B1:CA:77:98:B9:FF:2A:AE:67:D2:ED
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/gUZ0JLTnALDOscp3mLn_Kq5n0u0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.240.0/24
45.155.242.0/24
194.143.205.0-194.143.207.255
194.143.210.0/24
194.143.217.0-194.143.218.255
194.143.222.0/24
195.114.196.0-195.114.198.255
213.220.62.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:58:51:78:06:75:90:0b:59:bc:bc:c8:42:d6:eb:dc:90:9c:
d5:94:ec:2d:7d:6c:fc:84:83:cb:54:a1:2f:c2:a6:12:11:d7:
d5:fa:d3:66:11:67:67:06:79:86:c2:d8:55:3d:76:9e:1f:38:
5a:ac:1f:f8:59:ca:1e:f0:85:cd:2c:b4:1a:90:08:4a:cc:e2:
26:f5:ca:be:bc:39:50:90:5c:4d:b2:6b:3d:90:da:8c:21:e8:
9d:8b:5b:c8:a7:9c:4a:a7:55:5a:ca:21:8e:69:a2:4a:8c:a5:
7f:2f:b2:b0:ce:b0:4d:51:c6:5a:ea:22:de:7f:e0:8e:6e:d0:
b1:43:61:1e:82:82:cc:8f:37:d2:4a:bb:d5:1d:60:5e:11:99:
9c:6e:8d:66:05:8f:60:3a:2d:9b:be:ab:47:05:ed:06:d1:5a:
5e:0e:2e:6f:41:a4:fb:a7:7b:9c:e3:12:be:8f:af:56:ff:d3:
7b:d0:9d:d8:ad:b2:1d:3b:f7:d6:a0:bd:e3:69:93:6f:f0:b1:
73:32:0b:13:7f:76:44:f8:1f:56:21:61:40:f1:f0:ad:5f:84:
63:2f:41:8b:7f:40:87:ec:71:26:ed:cb:f9:4c:96:60:e5:2f:
69:e9:c9:83:93:2b:33:2b:23:66:a1:f1:fc:73:6c:1f:77:e7:
dd:82:e1:19
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZnw751VyQZqulExhcGXGEIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUxMDE3MDY1MDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTQ2NzQyNGI0ZTcwMGIwY2ViMWNhNzc5OGI5ZmYyYWFlNjdkMmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00HwDDYpgo+g3hc4v6QjCfgnyTnf
0rgOin44z/L1DRTm5cskUIGA0+Ll1dcCkwG/sDEUMnQRGST/vxtIHJOiEe2IlZe8
DFy2PrAqaiqQ/WG7OArhrbWfzBUO63pGfGEaC9l4Pjz76nkJhtG5J4cyyzJu3vVV
BnRPnznUyzHX7ESSc2XhOmZmoz9dqKOpu8HGRRsYHnh9cUHARx2iGMfRVwp//Jrd
7WJ1PMMZHMr+GjIWP0GhJBGZUIQFifUMnmZ1fnsuNJSUYJ3D2u8/X5UWrR48/ndi
UUrrjtMpfDb5bt1wuZOTFZ8QkGC3ZqP0DD3Faudz9fR3O+1/zVOwBlAYpwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFIFGdCS05wCwzrHKd5i5/yquZ9LtMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvZ1VaMEpMVG5BTERPc2NwM21Mbl9LcTVuMHUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALZvwAwQA
LZvyMAwDBADCj80DBATCj8ADBADCj9IwDAMEAMKP2QMEAMKP2gMEAMKP3jAMAwQC
w3LEAwQAw3LGAwQA1dw+MA0GCSqGSIb3DQEBCwUAA4IBAQCiWFF4BnWQC1m8vMhC
1uvckJzVlOwtfWz8hIPLVKEvwqYSEdfV+tNmEWdnBnmGwthVPXaeHzharB/4Wcoe
8IXNLLQakAhKzOIm9cq+vDlQkFxNsms9kNqMIeidi1vIp5xKp1VayiGOaaJKjKV/
L7KwzrBNUcZa6iLef+CObtCxQ2EegoLMjzfSSrvVHWBeEZmcbo1mBY9gOi2bvqtH
Be0G0VpeDi5vQaT7p3uc4xK+j69W/9N70J3YrbIdO/fWoL3jaZNv8LFzMgsTf3ZE
+B9WIWFA8fCtX4RjL0GLf0CH7HEm7cv5TJZg5S9p6cmDkyszKyNmofH8c2wfd+fd
guEZ
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:41:26 2025 by rpki-client