Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/GRyGMSWpU5HpjCTFAMJk4pFWA6g.roa
File: GRyGMSWpU5HpjCTFAMJk4pFWA6g.roa (raw, json)
Hash identifier: mdhlz2LJpLEwf5bmqCY1gcealxxDmZBuLv0u4IVvNRw=
Subject key identifier: 19:1C:86:31:25:A9:53:91:E9:8C:24:C5:00:C2:64:E2:91:56:03:A8
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 01980EE77D5AEA54AD64F73949EAB898B1CF
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/GRyGMSWpU5HpjCTFAMJk4pFWA6g.roa
Signing time: Tue 15 Jul 2025 16:25:08 +0000
ROA not before: Tue 15 Jul 2025 16:25:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 45.128.20.0/22 maxlen: 24
46.183.210.0/23 maxlen: 24
46.183.212.0/22 maxlen: 24
82.97.196.0/23 maxlen: 24
82.97.199.0/24 maxlen: 24
85.204.241.0/24 maxlen: 24
89.38.106.0/23 maxlen: 24
89.39.214.0/24 maxlen: 24
91.238.148.0/23 maxlen: 24
103.218.252.0/24 maxlen: 24
136.242.96.0/19 maxlen: 24
176.223.168.0/22 maxlen: 24
185.77.250.0/23 maxlen: 24
188.211.250.0/24 maxlen: 24
188.211.251.0/24 maxlen: 24
188.212.131.0/24 maxlen: 24
188.214.89.0/24 maxlen: 24
188.215.233.0/24 maxlen: 24
188.241.59.0/24 maxlen: 24
188.241.127.0/24 maxlen: 24
188.241.128.0/22 maxlen: 24
188.241.132.0/23 maxlen: 24
193.37.200.0/22 maxlen: 24
193.169.8.0/23 maxlen: 24
193.192.52.0/23 maxlen: 24
193.239.172.0/23 maxlen: 24
193.239.246.0/23 maxlen: 24
194.24.234.0/23 maxlen: 24
194.88.134.0/23 maxlen: 24
194.135.26.0/24 maxlen: 24
194.135.27.0/24 maxlen: 24
194.135.132.0/23 maxlen: 24
194.246.106.0/23 maxlen: 24
195.2.196.0/23 maxlen: 24
195.13.48.0/23 maxlen: 24
195.34.80.0/23 maxlen: 24
195.93.140.0/23 maxlen: 24
195.128.188.0/23 maxlen: 24
195.133.208.0/23 maxlen: 24
195.135.192.0/23 maxlen: 24
195.189.250.0/23 maxlen: 24
195.210.44.0/23 maxlen: 24
195.254.140.0/23 maxlen: 24
203.168.136.0/21 maxlen: 24
203.168.144.0/20 maxlen: 24
207.45.0.0/21 maxlen: 24
207.45.24.0/21 maxlen: 24
213.159.10.0/23 maxlen: 24
213.159.12.0/23 maxlen: 24
222.167.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.mft
rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0e:e7:7d:5a:ea:54:ad:64:f7:39:49:ea:b8:98:b1:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Jul 15 16:25:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=191c863125a95391e98c24c500c264e2915603a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:49:06:fb:21:5e:2a:c6:95:92:59:15:c9:1f:
8d:d9:ca:cd:c6:e8:74:68:61:77:c8:53:81:de:de:
b7:1d:3d:2f:f1:9c:d1:0b:fc:fc:de:6b:52:21:f9:
55:d4:77:e2:36:da:15:38:73:68:4d:15:22:2d:27:
5f:70:df:27:d9:bd:a6:ca:88:88:af:e2:72:78:39:
fa:46:72:cb:b1:92:c7:63:da:c1:42:45:d9:63:a0:
27:f4:f0:d7:80:76:f4:67:f4:03:1a:36:86:10:08:
00:14:c2:eb:72:19:eb:ac:9f:d3:45:44:b5:cf:0f:
d8:40:24:d4:ad:b5:fb:fc:56:44:6e:c3:78:2c:31:
7c:75:11:9e:24:05:09:45:c3:31:d1:e7:36:36:b8:
89:c7:fb:17:1a:1b:1d:3b:37:ab:3b:24:d8:e8:60:
dd:4b:9b:a1:a9:5e:43:5e:45:98:f3:06:4d:5e:d0:
16:17:51:7d:26:4d:9c:b1:34:21:e6:ec:e4:12:9b:
cd:c7:d2:ea:ff:f1:86:6b:c4:55:36:51:bf:f3:ce:
4b:7a:ba:89:c0:51:5f:c5:6a:2c:08:1d:1d:3b:18:
1d:50:76:4d:aa:37:99:27:47:24:ad:1d:92:f0:e2:
8b:8f:1f:df:77:80:b9:91:d4:2c:98:dc:bc:69:df:
dc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:1C:86:31:25:A9:53:91:E9:8C:24:C5:00:C2:64:E2:91:56:03:A8
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/GRyGMSWpU5HpjCTFAMJk4pFWA6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.20.0/22
46.183.210.0-46.183.215.255
82.97.196.0/23
82.97.199.0/24
85.204.241.0/24
89.38.106.0/23
89.39.214.0/24
91.238.148.0/23
103.218.252.0/24
136.242.96.0/19
176.223.168.0/22
185.77.250.0/23
188.211.250.0/23
188.212.131.0/24
188.214.89.0/24
188.215.233.0/24
188.241.59.0/24
188.241.127.0-188.241.133.255
193.37.200.0/22
193.169.8.0/23
193.192.52.0/23
193.239.172.0/23
193.239.246.0/23
194.24.234.0/23
194.88.134.0/23
194.135.26.0/23
194.135.132.0/23
194.246.106.0/23
195.2.196.0/23
195.13.48.0/23
195.34.80.0/23
195.93.140.0/23
195.128.188.0/23
195.133.208.0/23
195.135.192.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
203.168.136.0-203.168.159.255
207.45.0.0/21
207.45.24.0/21
213.159.10.0-213.159.13.255
222.167.96.0/19
Signature Algorithm: sha256WithRSAEncryption
5e:83:d4:cb:62:26:2e:23:23:f6:a0:92:b9:e3:db:8e:36:4a:
40:fd:28:3d:77:32:76:2f:59:f9:44:f9:e9:76:bf:fb:63:68:
30:44:ef:d3:ed:a6:c2:d2:56:62:6f:dd:dc:bc:fb:22:75:c8:
1d:f3:ff:2e:a0:0e:b3:7d:52:19:9c:7c:4b:7a:47:f3:67:c8:
82:94:6b:a5:d6:a3:dc:b6:d6:42:8b:11:06:e2:00:a8:ca:86:
63:b5:a6:d8:3e:27:72:30:37:bd:2c:6a:e7:0d:f9:1c:d8:26:
e6:8b:6d:95:83:1d:ef:2f:ad:93:cf:8d:14:e6:7e:0a:91:ae:
ca:d0:be:b6:f0:97:9a:ad:a6:8e:f1:61:cc:05:67:56:6f:d4:
c0:54:04:bc:86:bb:13:c0:93:a5:1d:a0:bc:b3:99:47:1f:87:
76:00:35:7f:6f:41:47:20:6e:47:21:0e:5a:52:1b:dd:61:2a:
de:6e:3f:4f:ba:37:25:81:c8:59:5b:80:74:59:a5:ff:07:5f:
97:d7:be:28:c5:21:75:ed:5e:3f:71:75:dd:82:f5:a5:5f:d9:
0f:34:b6:f3:66:2f:be:bb:f1:d0:07:9e:20:7c:e4:18:aa:70:
2a:07:7d:c7:cf:6f:d1:85:f4:a9:fd:0c:01:5b:0b:79:05:34:
51:a9:05:ce
-----BEGIN CERTIFICATE-----
MIIGIzCCBQugAwIBAgISAZgO531a6lStZPc5Seq4mLHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjUwNzE1MTYyNTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTFjODYzMTI1YTk1MzkxZTk4YzI0YzUwMGMyNjRlMjkxNTYwM2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkkG+yFeKsaVklkVyR+N2crNxuh0
aGF3yFOB3t63HT0v8ZzRC/z83mtSIflV1HfiNtoVOHNoTRUiLSdfcN8n2b2myoiI
r+JyeDn6RnLLsZLHY9rBQkXZY6An9PDXgHb0Z/QDGjaGEAgAFMLrchnrrJ/TRUS1
zw/YQCTUrbX7/FZEbsN4LDF8dRGeJAUJRcMx0ec2NriJx/sXGhsdOzerOyTY6GDd
S5uhqV5DXkWY8wZNXtAWF1F9Jk2csTQh5uzkEpvNx9Lq//GGa8RVNlG/885LerqJ
wFFfxWosCB0dOxgdUHZNqjeZJ0ckrR2S8OKLjx/fd4C5kdQsmNy8ad/cvwIDAQAB
o4IDLzCCAyswHQYDVR0OBBYEFBkchjElqVOR6YwkxQDCZOKRVgOoMB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvR1J5R01TV3BVNUhwakNURkFNSms0cEZXQTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQwYIKwYBBQUHAQcBAf8EggEyMIIBLjCCASoEAgABMIIB
IgMEAi2AFDAMAwQBLrfSAwQDLrfQAwQBUmHEAwQAUmHHAwQAVczxAwQBWSZqAwQA
WSfWAwQBW+6UAwQAZ9r8AwQFiPJgAwQCsN+oAwQBuU36AwQBvNP6AwQAvNSDAwQA
vNZZAwQAvNfpAwQAvPE7MAwDBAC88X8DBAG88YQDBALBJcgDBAHBqQgDBAHBwDQD
BAHB76wDBAHB7/YDBAHCGOoDBAHCWIYDBAHChxoDBAHCh4QDBAHC9moDBAHDAsQD
BAHDDTADBAHDIlADBAHDXYwDBAHDgLwDBAHDhdADBAHDh8ADBAHDvfoDBAHD0iwD
BAHD/owwDAMEA8uoiAMEBcuogAMEA88tAAMEA88tGDAMAwQB1Z8KAwQB1Z8MAwQF
3qdgMA0GCSqGSIb3DQEBCwUAA4IBAQBeg9TLYiYuIyP2oJK549uONkpA/Sg9dzJ2
L1n5RPnpdr/7Y2gwRO/T7abC0lZib93cvPsidcgd8/8uoA6zfVIZnHxLekfzZ8iC
lGul1qPcttZCixEG4gCoyoZjtabYPidyMDe9LGrnDfkc2Cbmi22Vgx3vL62Tz40U
5n4Kka7K0L628JearaaO8WHMBWdWb9TAVAS8hrsTwJOlHaC8s5lHH4d2ADV/b0FH
IG5HIQ5aUhvdYSrebj9PujclgchZW4B0WaX/B1+X174oxSF17V4/cXXdgvWlX9kP
NLbzZi++u/HQB54gfOQYqnAqB33Hz2/RhfSp/QwBWwt5BTRRqQXO
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:25:25 2025 by rpki-client