Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/gpxmpBKSRlxJbhTXj2ljKLoLY98.roa
File: gpxmpBKSRlxJbhTXj2ljKLoLY98.roa (raw, json)
Hash identifier: ZoAsNs3QEg3YCXPSplhPm5vvHec86X8GlWAXHSj/DDE=
Subject key identifier: 82:9C:66:A4:12:92:46:5C:49:6E:14:D7:8F:69:63:28:BA:0B:63:DF
Certificate issuer: /CN=374e2729b17369890a1512f643cd08e4ba2ff414
Certificate serial: 01997B8739F8446799B5AA774B5689ACF6F0
Authority key identifier: 37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/gpxmpBKSRlxJbhTXj2ljKLoLY98.roa
Signing time: Wed 24 Sep 2025 11:41:23 +0000
ROA not before: Wed 24 Sep 2025 11:41:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59651
IP address blocks: 77.243.88.0/22 maxlen: 24
178.20.213.0/24 maxlen: 24
178.20.214.0/24 maxlen: 24
178.20.215.0/24 maxlen: 24
185.101.20.0/23 maxlen: 24
194.26.129.0/24 maxlen: 24
194.104.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 Oct 2025 02:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7b:87:39:f8:44:67:99:b5:aa:77:4b:56:89:ac:f6:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374e2729b17369890a1512f643cd08e4ba2ff414
Validity
Not Before: Sep 24 11:41:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=829c66a41292465c496e14d78f696328ba0b63df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c8:cc:08:ef:54:ba:b2:b6:1d:c5:df:7e:48:
aa:18:35:71:a8:67:9f:39:a6:2d:fd:4c:ad:c2:f3:
df:41:a2:17:3d:92:d2:14:39:f9:a6:fd:e3:f2:43:
98:06:f8:9b:53:16:1c:b0:5f:68:27:97:29:a1:9c:
04:18:e8:64:df:d8:18:d6:c1:71:d2:eb:37:b2:32:
d3:0c:b2:2c:f4:05:f6:d5:35:0c:4d:7c:b5:d7:4f:
61:82:57:d2:39:58:ca:00:bd:57:81:df:68:b4:9d:
e2:dc:f9:99:79:5e:2a:86:6c:58:03:b2:06:61:0a:
24:26:d1:0d:8a:ee:fd:85:86:2b:f8:37:0b:2d:10:
22:bb:1f:19:07:2a:e1:96:80:dd:67:f4:ee:be:64:
13:9d:06:cc:66:4e:6a:ae:d6:97:2a:a3:88:ef:63:
24:61:19:ee:57:12:61:ca:a1:31:c3:3c:ee:90:1d:
b8:04:c3:b3:83:f9:1d:45:ee:8c:29:f3:9d:ac:6d:
e0:45:2e:03:64:92:d2:57:77:b6:a3:ca:04:3d:07:
96:53:cd:07:b1:93:4f:a7:f9:7f:92:b1:1f:42:9d:
24:81:c9:82:01:7d:f7:ab:b9:0a:ec:4a:70:4f:86:
1a:40:4d:df:7e:56:31:d2:e9:38:51:56:61:63:97:
d5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:9C:66:A4:12:92:46:5C:49:6E:14:D7:8F:69:63:28:BA:0B:63:DF
X509v3 Authority Key Identifier:
keyid:37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/gpxmpBKSRlxJbhTXj2ljKLoLY98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.243.88.0/22
178.20.213.0-178.20.215.255
185.101.20.0/23
194.26.129.0/24
194.104.128.0/24
Signature Algorithm: sha256WithRSAEncryption
85:b2:64:32:34:7e:3f:e6:fa:e8:8c:0f:58:c1:0e:c9:41:9f:
c3:e8:2e:ef:09:27:17:7a:df:42:88:ae:81:b6:3c:4f:aa:3b:
2f:4d:57:1a:76:1e:43:da:a6:99:dd:96:9e:98:78:74:49:09:
3c:1d:f3:a7:16:69:86:a1:a7:f6:9e:46:61:c6:03:1b:ae:52:
56:29:d5:1d:53:87:45:6e:9f:8b:d2:49:85:b4:d8:2e:e0:0c:
b9:7e:60:fd:63:b7:b4:34:36:46:17:46:c4:27:80:60:f3:d9:
3e:2e:d3:c3:a0:55:08:38:01:db:cb:03:96:38:1c:59:f0:e0:
d1:1f:6d:ba:b7:97:93:ff:25:58:ab:43:eb:5e:96:bd:dd:4c:
2f:54:63:17:ff:78:b8:e4:42:6d:27:20:56:58:c5:6f:77:90:
7d:9f:6c:10:12:d4:21:b7:41:a8:10:0e:b5:73:62:f8:3e:f4:
9a:3c:4a:2d:5a:c4:a3:88:d8:07:8e:21:ef:ef:43:09:fd:2b:
7a:a7:97:58:dd:7e:0f:95:17:98:90:96:97:9e:bf:d1:53:fc:
a4:6e:fa:0e:4c:02:1d:56:75:e4:63:6f:4f:5f:30:75:57:44:
06:61:04:8c:46:ab:1e:e2:1c:6a:b4:85:03:55:f3:f3:4b:7d:
71:ce:60:33
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZl7hzn4RGeZtap3S1aJrPbwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGUyNzI5YjE3MzY5ODkwYTE1MTJmNjQzY2QwOGU0YmEy
ZmY0MTQwHhcNMjUwOTI0MTE0MTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjljNjZhNDEyOTI0NjVjNDk2ZTE0ZDc4ZjY5NjMyOGJhMGI2M2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8jMCO9UurK2HcXffkiqGDVxqGef
OaYt/UytwvPfQaIXPZLSFDn5pv3j8kOYBvibUxYcsF9oJ5cpoZwEGOhk39gY1sFx
0us3sjLTDLIs9AX21TUMTXy1109hglfSOVjKAL1Xgd9otJ3i3PmZeV4qhmxYA7IG
YQokJtENiu79hYYr+DcLLRAiux8ZByrhloDdZ/TuvmQTnQbMZk5qrtaXKqOI72Mk
YRnuVxJhyqExwzzukB24BMOzg/kdRe6MKfOdrG3gRS4DZJLSV3e2o8oEPQeWU80H
sZNPp/l/krEfQp0kgcmCAX33q7kK7EpwT4YaQE3fflYx0uk4UVZhY5fVCQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIKcZqQSkkZcSW4U149pYyi6C2PfMB8GA1UdIwQY
MBaAFDdOJymxc2mJChUS9kPNCOS6L/QUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYt
Y2ZjNDZhNzZlYzc4LzEvZ3B4bXBCS1NSbHhKYmhUWGoybGpLTG9MWTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYtY2ZjNDZhNzZlYzc4
LzEvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCTfNYMAwD
BACyFNUDBAOyFNADBAG5ZRQDBADCGoEDBADCaIAwDQYJKoZIhvcNAQELBQADggEB
AIWyZDI0fj/m+uiMD1jBDslBn8PoLu8JJxd630KIroG2PE+qOy9NVxp2HkPappnd
lp6YeHRJCTwd86cWaYahp/aeRmHGAxuuUlYp1R1Th0Vun4vSSYW02C7gDLl+YP1j
t7Q0NkYXRsQngGDz2T4u08OgVQg4AdvLA5Y4HFnw4NEfbbq3l5P/JVirQ+telr3d
TC9UYxf/eLjkQm0nIFZYxW93kH2fbBAS1CG3QagQDrVzYvg+9Jo8Si1axKOI2AeO
Ie/vQwn9K3qnl1jdfg+VF5iQlpeev9FT/KRu+g5MAh1WdeRjb09fMHVXRAZhBIxG
qx7iHGq0hQNV8/NLfXHOYDM=
-----END CERTIFICATE-----
Generated at Sat Oct 11 10:36:41 2025 by rpki-client