Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/7b6110-8c4b-4af6-a7ca-2edfe25bb58a/1/ep1-GDUun8xcdGHEE_lWHZRloMg.roa
File: ep1-GDUun8xcdGHEE_lWHZRloMg.roa (raw, json)
Hash identifier: HiyP/TW6sZpVHtWLYDXWKIcePVBX2hkVKCTS2Lryhek=
Subject key identifier: 7A:9D:7E:18:35:2E:9F:CC:5C:74:61:C4:13:F9:56:1D:94:65:A0:C8
Certificate issuer: /CN=a0acca9c4fe9bf9edf3bc6e5cabc52838d93cb13
Certificate serial: 0199BE74A0B064DFEDF476A85E9870AD78EC
Authority key identifier: A0:AC:CA:9C:4F:E9:BF:9E:DF:3B:C6:E5:CA:BC:52:83:8D:93:CB:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKzKnE_pv57fO8blyrxSg42TyxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/7b6110-8c4b-4af6-a7ca-2edfe25bb58a/1/ep1-GDUun8xcdGHEE_lWHZRloMg.roa
Signing time: Tue 07 Oct 2025 11:35:38 +0000
ROA not before: Tue 07 Oct 2025 11:35:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 185.174.144.0/22 maxlen: 22
194.247.178.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/7b6110-8c4b-4af6-a7ca-2edfe25bb58a/1/oKzKnE_pv57fO8blyrxSg42TyxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/96/7b6110-8c4b-4af6-a7ca-2edfe25bb58a/1/oKzKnE_pv57fO8blyrxSg42TyxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKzKnE_pv57fO8blyrxSg42TyxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 05:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:be:74:a0:b0:64:df:ed:f4:76:a8:5e:98:70:ad:78:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0acca9c4fe9bf9edf3bc6e5cabc52838d93cb13
Validity
Not Before: Oct 7 11:35:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a9d7e18352e9fcc5c7461c413f9561d9465a0c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:13:e0:98:47:e1:91:85:33:43:d9:15:0f:2d:
e5:0a:e1:5b:7d:f8:7e:25:58:00:10:47:4c:0f:01:
e2:6a:a7:fa:55:d4:41:3e:ba:c6:65:07:00:ad:c8:
50:e7:06:ad:eb:ba:f9:fb:cb:17:c8:22:b9:0c:84:
a0:ad:b7:df:4d:65:80:8c:83:a6:f5:eb:20:f9:cc:
9b:6d:87:ed:57:0b:9f:d0:78:ff:c2:04:49:9b:9a:
36:44:6b:85:e2:f0:2f:79:90:5e:a5:5f:07:17:35:
f7:da:0b:c2:9a:34:05:28:0f:d8:b0:53:00:00:87:
97:49:81:db:03:e0:3e:61:b6:f8:81:1c:05:a4:22:
0d:61:5c:1e:a8:a7:99:74:fa:a2:1f:88:41:14:de:
ea:5e:c8:a1:3a:fe:8b:d2:b9:f4:1c:f5:2b:a5:b0:
1f:e1:0f:17:94:d0:a2:20:34:59:75:42:9a:49:2f:
6e:f5:43:19:5f:e1:4c:a8:36:31:2c:7b:81:b7:3b:
50:8a:d0:04:14:ce:5d:f9:9b:95:10:5e:25:7e:7f:
b9:5f:94:e3:89:c9:a1:5e:34:be:40:01:c9:d1:eb:
09:6b:d7:39:fa:a1:21:9e:7b:bc:12:8f:9e:f1:2e:
dd:4d:73:e5:b1:2a:da:be:86:27:ff:ab:8c:87:67:
a5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:9D:7E:18:35:2E:9F:CC:5C:74:61:C4:13:F9:56:1D:94:65:A0:C8
X509v3 Authority Key Identifier:
keyid:A0:AC:CA:9C:4F:E9:BF:9E:DF:3B:C6:E5:CA:BC:52:83:8D:93:CB:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKzKnE_pv57fO8blyrxSg42TyxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/7b6110-8c4b-4af6-a7ca-2edfe25bb58a/1/ep1-GDUun8xcdGHEE_lWHZRloMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/7b6110-8c4b-4af6-a7ca-2edfe25bb58a/1/oKzKnE_pv57fO8blyrxSg42TyxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.144.0/22
194.247.178.0/23
Signature Algorithm: sha256WithRSAEncryption
75:71:2a:5c:b2:06:e5:08:b0:31:0e:b2:7b:d0:eb:c5:1f:a1:
d6:c3:f7:b2:ab:ea:5e:5e:f7:db:59:e2:26:21:af:8a:f5:46:
87:05:82:f6:d3:12:87:ee:4c:e2:78:61:17:cf:5c:d6:9f:f8:
d9:11:cf:ec:a0:24:2f:18:1b:0a:f0:72:51:bd:02:c9:2f:17:
e4:d8:be:2c:ad:1a:1e:7e:8c:cb:ff:cd:fa:27:be:c2:a2:3b:
8e:bd:07:ed:56:13:27:2a:5b:29:9a:87:e9:c9:0e:40:c1:17:
5f:f3:ca:71:29:46:5b:b8:5c:d3:48:6e:93:e4:0a:69:56:10:
5d:7d:08:b4:58:d0:f2:55:da:45:ce:91:43:66:77:81:9a:65:
b5:f1:fe:b1:af:50:7e:9c:1f:42:e1:b6:0d:74:bb:b2:3f:26:
0b:f8:9c:67:ba:0c:3d:15:75:27:fb:a3:55:17:5d:36:36:23:
25:4e:25:f6:85:61:37:23:06:d6:e1:5f:0c:8c:33:71:9f:65:
35:cd:c5:db:63:19:a4:40:4e:01:51:00:8d:af:4e:ad:81:46:
b4:59:e7:fe:74:d7:53:f9:b5:be:9c:84:62:5b:23:6d:6e:1f:
35:c0:24:b0:b2:fe:64:07:4f:42:45:44:20:d3:4b:3e:b8:84:
99:d3:ad:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZm+dKCwZN/t9HaoXphwrXjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYWNjYTljNGZlOWJmOWVkZjNiYzZlNWNhYmM1MjgzOGQ5
M2NiMTMwHhcNMjUxMDA3MTEzNTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTlkN2UxODM1MmU5ZmNjNWM3NDYxYzQxM2Y5NTYxZDk0NjVhMGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthPgmEfhkYUzQ9kVDy3lCuFbffh+
JVgAEEdMDwHiaqf6VdRBPrrGZQcArchQ5wat67r5+8sXyCK5DISgrbffTWWAjIOm
9esg+cybbYftVwuf0Hj/wgRJm5o2RGuF4vAveZBepV8HFzX32gvCmjQFKA/YsFMA
AIeXSYHbA+A+Ybb4gRwFpCINYVweqKeZdPqiH4hBFN7qXsihOv6L0rn0HPUrpbAf
4Q8XlNCiIDRZdUKaSS9u9UMZX+FMqDYxLHuBtztQitAEFM5d+ZuVEF4lfn+5X5Tj
icmhXjS+QAHJ0esJa9c5+qEhnnu8Eo+e8S7dTXPlsSravoYn/6uMh2elBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHqdfhg1Lp/MXHRhxBP5Vh2UZaDIMB8GA1UdIwQY
MBaAFKCsypxP6b+e3zvG5cq8UoONk8sTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0t6S25FX3B2NTdmTzhibHlyeFNnNDJUeXhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni83YjYxMTAtOGM0Yi00YWY2LWE3Y2Et
MmVkZmUyNWJiNThhLzEvZXAxLUdEVXVuOHhjZEdIRUVfbFdIWlJsb01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni83YjYxMTAtOGM0Yi00YWY2LWE3Y2EtMmVkZmUyNWJiNThh
LzEvb0t6S25FX3B2NTdmTzhibHlyeFNnNDJUeXhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCua6QAwQB
wveyMA0GCSqGSIb3DQEBCwUAA4IBAQB1cSpcsgblCLAxDrJ70OvFH6HWw/eyq+pe
XvfbWeImIa+K9UaHBYL20xKH7kzieGEXz1zWn/jZEc/soCQvGBsK8HJRvQLJLxfk
2L4srRoefozL/836J77CojuOvQftVhMnKlspmofpyQ5AwRdf88pxKUZbuFzTSG6T
5AppVhBdfQi0WNDyVdpFzpFDZneBmmW18f6xr1B+nB9C4bYNdLuyPyYL+Jxnugw9
FXUn+6NVF102NiMlTiX2hWE3IwbW4V8MjDNxn2U1zcXbYxmkQE4BUQCNr06tgUa0
Wef+dNdT+bW+nIRiWyNtbh81wCSwsv5kB09CRUQg00s+uISZ062r
-----END CERTIFICATE-----
Generated at Wed Oct 8 12:01:35 2025 by rpki-client