Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/gKcQPbKc9xRB9m72uRvMRQG6BHo.roa
File: gKcQPbKc9xRB9m72uRvMRQG6BHo.roa (raw, json)
Hash identifier: +cbbxBqBhRldpEx2i3m6GLLIpiEJXpAylE0wYpq6Ptc=
Subject key identifier: 80:A7:10:3D:B2:9C:F7:14:41:F6:6E:F6:B9:1B:CC:45:01:BA:04:7A
Certificate issuer: /CN=560190bdfb0a3f23b4411e7d748eddbbd09f8546
Certificate serial: 019831B77E2C8783A277A03403A3795B7155
Authority key identifier: 56:01:90:BD:FB:0A:3F:23:B4:41:1E:7D:74:8E:DD:BB:D0:9F:85:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VgGQvfsKPyO0QR59dI7du9CfhUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/gKcQPbKc9xRB9m72uRvMRQG6BHo.roa
Signing time: Tue 22 Jul 2025 10:39:25 +0000
ROA not before: Tue 22 Jul 2025 10:39:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 212.108.184.0/21 maxlen: 24
2a02:358:1000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/VgGQvfsKPyO0QR59dI7du9CfhUY.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/VgGQvfsKPyO0QR59dI7du9CfhUY.mft
rsync://rpki.ripe.net/repository/DEFAULT/VgGQvfsKPyO0QR59dI7du9CfhUY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Jul 2025 22:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:31:b7:7e:2c:87:83:a2:77:a0:34:03:a3:79:5b:71:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=560190bdfb0a3f23b4411e7d748eddbbd09f8546
Validity
Not Before: Jul 22 10:39:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80a7103db29cf71441f66ef6b91bcc4501ba047a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:6d:5f:a2:f9:e8:d7:25:03:5d:11:f3:90:fe:
45:ea:d1:e7:fe:fa:72:ed:da:1a:98:cc:8b:9c:e2:
14:e5:50:ad:0f:01:1e:28:30:b2:c4:90:e0:de:03:
ec:31:27:22:de:ad:67:cc:50:51:f4:ef:c6:3c:6a:
90:70:28:fd:bc:f8:53:f4:2f:ef:3d:d1:72:42:ea:
84:55:e1:0f:c7:52:a4:94:11:1e:df:15:2f:d9:dc:
07:99:e5:d2:8e:86:53:05:75:e7:0f:1c:70:5a:47:
6f:4e:2c:c6:8a:b3:d5:0c:a7:e4:1a:60:c3:43:83:
54:1c:91:5f:fc:60:63:de:2c:3e:46:77:e4:c8:0e:
44:9c:5b:c6:d6:dc:d2:d4:0c:b0:ba:f6:5d:d0:dc:
06:35:70:18:9f:37:f4:ef:9c:8d:b0:88:82:dd:c2:
de:b4:7c:f4:75:89:48:96:45:c8:3b:43:dd:15:48:
5e:eb:49:ca:64:db:33:6b:a5:be:3e:60:72:82:84:
80:8d:8b:40:55:4c:de:ad:71:2b:97:95:62:2e:a6:
a1:7f:d0:68:e6:54:f5:b3:8b:56:4f:dc:9e:2f:48:
2a:3c:8b:bc:13:6f:c8:8a:b7:4b:76:76:32:f5:c8:
f6:ac:69:41:8c:6d:fa:f2:50:0a:fa:8d:20:d5:75:
5d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A7:10:3D:B2:9C:F7:14:41:F6:6E:F6:B9:1B:CC:45:01:BA:04:7A
X509v3 Authority Key Identifier:
keyid:56:01:90:BD:FB:0A:3F:23:B4:41:1E:7D:74:8E:DD:BB:D0:9F:85:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VgGQvfsKPyO0QR59dI7du9CfhUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/gKcQPbKc9xRB9m72uRvMRQG6BHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b66c83-0d61-421f-b083-2b9fc41e0a80/1/VgGQvfsKPyO0QR59dI7du9CfhUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.108.184.0/21
IPv6:
2a02:358:1000::/36
Signature Algorithm: sha256WithRSAEncryption
48:cd:aa:b9:6c:7c:89:06:f4:41:22:a5:5a:a2:1b:da:c8:b1:
8c:4c:d6:42:86:6b:20:90:19:43:48:1c:0b:44:7e:bd:40:b0:
86:69:ee:a0:bf:9d:9e:9e:5f:ed:ae:36:5d:d4:b1:5d:fb:84:
e8:ec:21:05:74:77:f3:d6:e2:28:b0:01:3c:e3:e7:a9:67:98:
90:2b:2b:01:c9:be:f8:01:19:42:23:be:a8:10:fc:35:15:c4:
40:78:1c:2a:b4:b0:86:5c:dd:50:18:5c:46:55:e1:5d:e9:ed:
91:75:9a:8c:03:bd:46:c1:06:db:5f:fb:54:ba:df:81:d1:07:
52:13:ca:49:65:24:f1:68:7d:9b:86:ae:9b:f7:27:e7:76:3b:
6d:89:c7:d0:5c:7e:7a:77:ee:b0:24:15:30:35:f3:95:84:90:
b6:82:05:f8:98:83:53:e2:51:13:95:dd:5b:e7:a0:f4:11:9a:
4f:09:db:c5:5c:de:55:94:ee:e7:51:0d:8e:3b:b2:22:2a:1b:
78:d9:2d:a5:58:9e:04:e7:eb:d2:4f:60:c7:1d:51:c3:e0:df:
37:67:06:0f:37:8d:59:5f:5b:89:81:37:2c:2e:51:01:5d:1a:
5b:ee:f5:55:df:bb:f1:13:65:7b:2f:e2:58:04:44:ef:ee:4b:
17:4d:76:ee
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZgxt34sh4Oid6A0A6N5W3FVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2MDE5MGJkZmIwYTNmMjNiNDQxMWU3ZDc0OGVkZGJiZDA5
Zjg1NDYwHhcNMjUwNzIyMTAzOTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGE3MTAzZGIyOWNmNzE0NDFmNjZlZjZiOTFiY2M0NTAxYmEwNDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvG1fovno1yUDXRHzkP5F6tHn/vpy
7doamMyLnOIU5VCtDwEeKDCyxJDg3gPsMSci3q1nzFBR9O/GPGqQcCj9vPhT9C/v
PdFyQuqEVeEPx1KklBEe3xUv2dwHmeXSjoZTBXXnDxxwWkdvTizGirPVDKfkGmDD
Q4NUHJFf/GBj3iw+RnfkyA5EnFvG1tzS1AywuvZd0NwGNXAYnzf075yNsIiC3cLe
tHz0dYlIlkXIO0PdFUhe60nKZNsza6W+PmBygoSAjYtAVUzerXErl5ViLqahf9Bo
5lT1s4tWT9yeL0gqPIu8E2/IirdLdnYy9cj2rGlBjG368lAK+o0g1XVdlwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFICnED2ynPcUQfZu9rkbzEUBugR6MB8GA1UdIwQY
MBaAFFYBkL37Cj8jtEEefXSO3bvQn4VGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVmdHUXZmc0tQeU8wUVI1OWRJN2R1OUNmaFVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9iNjZjODMtMGQ2MS00MjFmLWIwODMt
MmI5ZmM0MWUwYTgwLzEvZ0tjUVBiS2M5eFJCOW03MnVSdk1SUUc2QkhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9iNjZjODMtMGQ2MS00MjFmLWIwODMtMmI5ZmM0MWUwYTgw
LzEvVmdHUXZmc0tQeU8wUVI1OWRJN2R1OUNmaFVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQD1Gy4MA4E
AgACMAgDBgQqAgNYEDANBgkqhkiG9w0BAQsFAAOCAQEASM2quWx8iQb0QSKlWqIb
2sixjEzWQoZrIJAZQ0gcC0R+vUCwhmnuoL+dnp5f7a42XdSxXfuE6OwhBXR389bi
KLABPOPnqWeYkCsrAcm++AEZQiO+qBD8NRXEQHgcKrSwhlzdUBhcRlXhXentkXWa
jAO9RsEG21/7VLrfgdEHUhPKSWUk8Wh9m4aum/cn53Y7bYnH0Fx+enfusCQVMDXz
lYSQtoIF+JiDU+JRE5XdW+eg9BGaTwnbxVzeVZTu51ENjjuyIiobeNktpVieBOfr
0k9gxx1Rw+DfN2cGDzeNWV9biYE3LC5RAV0aW+71Vd+78RNley/iWARE7+5LF012
7g==
-----END CERTIFICATE-----
Generated at Wed Jul 30 05:22:44 2025 by rpki-client