Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/GpP5r4WkSN74p7sVTG-6zuswmdA.roa
File: GpP5r4WkSN74p7sVTG-6zuswmdA.roa (raw, json)
Hash identifier: nkHozPoirUKBHe9PfenpZSqm2rb/+IBtcInJmZIFLmU=
Subject key identifier: 1A:93:F9:AF:85:A4:48:DE:F8:A7:BB:15:4C:6F:BA:CE:EB:30:99:D0
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0197F507D309E16BCF9A4A0B232FB9612E68
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/GpP5r4WkSN74p7sVTG-6zuswmdA.roa
Signing time: Thu 10 Jul 2025 15:50:20 +0000
ROA not before: Thu 10 Jul 2025 15:50:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 79.172.193.0/24 maxlen: 24
79.172.254.0/24 maxlen: 24
87.229.11.0/24 maxlen: 24
87.229.37.0/24 maxlen: 24
87.229.80.0/23 maxlen: 24
87.229.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 05:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f5:07:d3:09:e1:6b:cf:9a:4a:0b:23:2f:b9:61:2e:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jul 10 15:50:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a93f9af85a448def8a7bb154c6fbaceeb3099d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:85:b3:1c:28:2b:4a:3a:dc:40:07:15:71:e6:
e8:ad:15:86:8b:a4:96:e7:d2:a2:2e:b9:43:18:a5:
45:c2:ad:ca:ca:f1:4f:7f:e6:65:da:84:03:6d:64:
25:52:d1:a3:6d:83:0e:82:43:81:ee:6a:58:a7:98:
e1:a2:5e:38:24:98:60:0a:fe:a9:17:05:83:aa:bf:
41:41:a3:29:fe:2b:90:02:ae:8e:14:04:2c:77:47:
d1:d9:1c:32:53:8c:cb:26:c4:cc:17:e6:4d:26:3f:
3d:c0:be:40:21:6b:b5:f2:74:3f:30:8e:2d:da:34:
90:56:66:a4:be:b2:d7:c0:11:e1:60:24:5a:ad:44:
31:a5:30:9e:45:20:e3:aa:49:e4:2c:0e:84:85:f4:
3c:1a:e2:c6:7b:b9:24:7b:9e:59:1b:4f:fc:e1:fe:
11:42:b8:ae:db:3c:67:f4:63:de:69:bc:c5:0a:08:
88:d6:7f:48:cb:6d:f6:89:d1:ff:fe:1d:b8:7b:a6:
de:74:18:f9:13:c4:4e:c6:bd:18:25:ae:bd:94:4f:
3a:bc:47:a4:9e:cd:e5:d0:f6:d6:2f:80:5b:27:bf:
0d:04:81:7f:a8:3b:8c:f7:39:8d:cc:17:e8:0e:ae:
f0:11:e0:71:c1:d5:3d:bb:5c:fc:a1:ac:a9:c3:f7:
76:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:93:F9:AF:85:A4:48:DE:F8:A7:BB:15:4C:6F:BA:CE:EB:30:99:D0
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/GpP5r4WkSN74p7sVTG-6zuswmdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.193.0/24
79.172.254.0/24
87.229.11.0/24
87.229.37.0/24
87.229.80.0/23
87.229.124.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:9c:fc:c1:6a:b9:5c:67:d0:23:94:6a:fb:4f:29:36:e9:24:
bd:66:f1:fb:2a:25:60:ab:8a:16:fa:c3:5c:44:ec:07:72:44:
cd:22:54:12:45:79:f7:23:9a:d0:13:4d:0a:dd:ee:ec:97:85:
f1:b3:e7:e9:8f:19:c0:5c:2c:9c:44:d8:64:8d:c3:71:ef:5c:
9a:67:aa:98:5c:cd:71:2f:e0:27:67:ba:4d:c2:67:0f:78:73:
d9:16:3c:0e:2c:8c:62:f0:cc:a2:94:48:d1:3a:df:d8:c0:79:
50:75:f5:9d:50:e1:92:6f:c2:cf:13:df:71:fb:f4:fc:cb:d7:
12:e5:db:51:af:7f:61:28:f1:72:f1:0d:b1:16:49:73:89:50:
2a:3b:f8:c0:fc:bc:77:42:4b:d4:fe:a9:bf:d6:99:53:7b:b5:
4a:f8:f7:2e:b7:0e:cb:05:4e:91:8a:71:7d:87:3f:fc:9b:28:
5c:53:89:5d:ae:42:78:2d:7f:53:57:20:57:ee:32:09:50:35:
e6:b8:f2:d2:39:7b:17:fd:96:ed:de:d9:06:7a:3b:0e:8b:3d:
0e:73:31:8c:ed:56:71:e2:90:d6:e3:4a:1f:65:38:c3:d5:e9:
17:d4:dd:5f:a2:9a:6f:1f:5b:c8:87:24:e1:1e:26:e2:a3:2b:
78:1e:8f:6d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZf1B9MJ4WvPmkoLIy+5YS5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNzEwMTU1MDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTkzZjlhZjg1YTQ0OGRlZjhhN2JiMTU0YzZmYmFjZWViMzA5OWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIWzHCgrSjrcQAcVceborRWGi6SW
59KiLrlDGKVFwq3KyvFPf+Zl2oQDbWQlUtGjbYMOgkOB7mpYp5jhol44JJhgCv6p
FwWDqr9BQaMp/iuQAq6OFAQsd0fR2RwyU4zLJsTMF+ZNJj89wL5AIWu18nQ/MI4t
2jSQVmakvrLXwBHhYCRarUQxpTCeRSDjqknkLA6EhfQ8GuLGe7kke55ZG0/84f4R
Qriu2zxn9GPeabzFCgiI1n9Iy232idH//h24e6bedBj5E8ROxr0YJa69lE86vEek
ns3l0PbWL4BbJ78NBIF/qDuM9zmNzBfoDq7wEeBxwdU9u1z8oaypw/d2AwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBqT+a+FpEje+Ke7FUxvus7rMJnQMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvR3BQNXI0V2tTTjc0cDdzVlRHLTZ6dXN3bWRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAT6zBAwQA
T6z+AwQAV+ULAwQAV+UlAwQBV+VQAwQBV+V8MA0GCSqGSIb3DQEBCwUAA4IBAQAc
nPzBarlcZ9AjlGr7Tyk26SS9ZvH7KiVgq4oW+sNcROwHckTNIlQSRXn3I5rQE00K
3e7sl4Xxs+fpjxnAXCycRNhkjcNx71yaZ6qYXM1xL+AnZ7pNwmcPeHPZFjwOLIxi
8MyilEjROt/YwHlQdfWdUOGSb8LPE99x+/T8y9cS5dtRr39hKPFy8Q2xFklziVAq
O/jA/Lx3QkvU/qm/1plTe7VK+Pcutw7LBU6RinF9hz/8myhcU4ldrkJ4LX9TVyBX
7jIJUDXmuPLSOXsX/Zbt3tkGejsOiz0OczGM7VZx4pDW40ofZTjD1ekX1N1foppv
H1vIhyThHibioyt4Ho9t
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:25:45 2025 by rpki-client