Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/dcff3a-8d3d-47ce-a0e4-2f49efc5ccb0/1/GS5jwDpW5F6JeMWZm8DrRjluOmo.roa
File: GS5jwDpW5F6JeMWZm8DrRjluOmo.roa (raw, json)
Hash identifier: 3mTmFIv5ldZKVDBU/J8PsP8fY0NB4K7z+AUPdiPaiec=
Subject key identifier: 19:2E:63:C0:3A:56:E4:5E:89:78:C5:99:9B:C0:EB:46:39:6E:3A:6A
Certificate issuer: /CN=08357f5bee185fc61157086d5985485369b2acd2
Certificate serial: 0197EA39D82D0ED45DC85F56475B5253121B
Authority key identifier: 08:35:7F:5B:EE:18:5F:C6:11:57:08:6D:59:85:48:53:69:B2:AC:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDV_W-4YX8YRVwhtWYVIU2myrNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/dcff3a-8d3d-47ce-a0e4-2f49efc5ccb0/1/GS5jwDpW5F6JeMWZm8DrRjluOmo.roa
Signing time: Tue 08 Jul 2025 13:29:08 +0000
ROA not before: Tue 08 Jul 2025 13:29:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199980
IP address blocks: 45.85.208.0/22 maxlen: 22
45.143.72.0/22 maxlen: 22
81.161.108.0/22 maxlen: 22
185.144.244.0/22 maxlen: 22
193.105.178.0/24 maxlen: 24
195.211.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/dcff3a-8d3d-47ce-a0e4-2f49efc5ccb0/1/CDV_W-4YX8YRVwhtWYVIU2myrNI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/dcff3a-8d3d-47ce-a0e4-2f49efc5ccb0/1/CDV_W-4YX8YRVwhtWYVIU2myrNI.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDV_W-4YX8YRVwhtWYVIU2myrNI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 06:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ea:39:d8:2d:0e:d4:5d:c8:5f:56:47:5b:52:53:12:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08357f5bee185fc61157086d5985485369b2acd2
Validity
Not Before: Jul 8 13:29:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=192e63c03a56e45e8978c5999bc0eb46396e3a6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a8:6a:53:e8:c5:76:2d:94:41:74:d4:a1:d5:
2f:11:32:1f:42:34:38:c2:d4:d0:20:67:02:7a:d2:
82:3f:2b:ca:19:28:b7:ef:88:0e:85:84:8c:42:9f:
23:ec:e0:64:18:da:74:2e:ea:d7:b6:b8:2c:04:69:
05:fd:64:e4:8f:86:28:eb:87:85:bc:b6:79:19:b8:
4c:6f:04:e2:3a:5a:00:7f:3a:4b:07:77:2f:0b:e9:
2e:4f:4f:cd:98:8e:df:24:9d:c9:0e:44:0c:41:bb:
66:5a:48:70:3e:32:b3:1e:af:eb:8c:40:ac:9f:0d:
e6:5c:90:e5:a2:64:8a:b9:b2:27:54:d7:65:c1:d6:
ca:91:a0:90:ff:5c:c5:42:6b:26:c2:30:95:ae:fe:
7b:ae:a9:64:45:9f:76:1d:3a:aa:d9:5f:1e:74:c7:
b6:b4:91:df:35:d7:ec:b6:03:22:98:85:5a:c5:91:
68:19:eb:9b:df:68:39:45:6c:84:d7:7d:c0:51:1f:
ed:1b:d4:98:9a:fd:3b:87:eb:d9:6b:f0:68:03:df:
d7:fe:0d:59:34:41:1e:46:8c:5b:e8:b4:08:91:73:
6e:4a:de:12:54:95:91:bf:22:e1:5b:10:62:c4:9c:
02:f8:e3:be:d4:9a:d4:bc:80:61:af:22:dd:2b:ac:
c2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:2E:63:C0:3A:56:E4:5E:89:78:C5:99:9B:C0:EB:46:39:6E:3A:6A
X509v3 Authority Key Identifier:
keyid:08:35:7F:5B:EE:18:5F:C6:11:57:08:6D:59:85:48:53:69:B2:AC:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDV_W-4YX8YRVwhtWYVIU2myrNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/dcff3a-8d3d-47ce-a0e4-2f49efc5ccb0/1/GS5jwDpW5F6JeMWZm8DrRjluOmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/dcff3a-8d3d-47ce-a0e4-2f49efc5ccb0/1/CDV_W-4YX8YRVwhtWYVIU2myrNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.208.0/22
45.143.72.0/22
81.161.108.0/22
185.144.244.0/22
193.105.178.0/24
195.211.68.0/24
Signature Algorithm: sha256WithRSAEncryption
06:74:a9:aa:87:8d:96:e2:73:5c:49:3f:bc:ef:a5:e5:00:9f:
98:cc:58:42:7c:f1:3b:97:00:94:5f:eb:91:01:35:64:a6:23:
0f:12:7c:31:e4:68:6f:5f:b3:08:0e:9c:1a:3c:4b:6e:e8:54:
df:49:dd:6f:be:57:57:e7:0c:4a:97:09:1e:79:4c:43:87:f2:
00:14:9c:7e:ce:9e:e5:7d:94:8d:be:b6:1f:e1:6f:e9:52:bf:
0d:77:25:12:9c:07:c8:20:64:ad:0c:03:f6:b3:37:01:ee:64:
c9:8e:a1:55:f6:98:db:92:d1:b1:94:53:3a:b6:b3:bc:f4:ca:
98:cf:ea:0c:34:08:2c:6e:46:82:a7:ab:0c:20:a5:f7:97:56:
ee:4e:fe:2c:e9:23:ab:b8:51:db:a1:66:c1:21:be:b4:be:65:
9f:89:d5:e4:11:ef:59:03:cb:e8:f3:92:f0:27:f3:97:46:32:
2c:86:98:2d:ba:fa:21:c0:97:74:f5:9d:de:75:85:b2:7c:5e:
64:5f:c4:6a:5d:20:d1:c5:44:b9:5e:e7:3a:07:cf:d2:28:75:
1a:15:57:8a:cb:b4:a5:63:ab:d7:b0:0d:bb:ad:e4:89:dd:16:
c4:f7:49:d4:81:48:50:6d:9f:8c:3c:a7:4a:f1:18:03:46:2e:
98:44:0f:8f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZfqOdgtDtRdyF9WR1tSUxIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MzU3ZjViZWUxODVmYzYxMTU3MDg2ZDU5ODU0ODUzNjli
MmFjZDIwHhcNMjUwNzA4MTMyOTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTJlNjNjMDNhNTZlNDVlODk3OGM1OTk5YmMwZWI0NjM5NmUzYTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKhqU+jFdi2UQXTUodUvETIfQjQ4
wtTQIGcCetKCPyvKGSi374gOhYSMQp8j7OBkGNp0LurXtrgsBGkF/WTkj4Yo64eF
vLZ5GbhMbwTiOloAfzpLB3cvC+kuT0/NmI7fJJ3JDkQMQbtmWkhwPjKzHq/rjECs
nw3mXJDlomSKubInVNdlwdbKkaCQ/1zFQmsmwjCVrv57rqlkRZ92HTqq2V8edMe2
tJHfNdfstgMimIVaxZFoGeub32g5RWyE133AUR/tG9SYmv07h+vZa/BoA9/X/g1Z
NEEeRoxb6LQIkXNuSt4SVJWRvyLhWxBixJwC+OO+1JrUvIBhryLdK6zCuwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBkuY8A6VuReiXjFmZvA60Y5bjpqMB8GA1UdIwQY
MBaAFAg1f1vuGF/GEVcIbVmFSFNpsqzSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0RWX1ctNFlYOFlSVndodFdZVklVMm15ck5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9kY2ZmM2EtOGQzZC00N2NlLWEwZTQt
MmY0OWVmYzVjY2IwLzEvR1M1andEcFc1RjZKZU1XWm04RHJSamx1T21vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9kY2ZmM2EtOGQzZC00N2NlLWEwZTQtMmY0OWVmYzVjY2Iw
LzEvQ0RWX1ctNFlYOFlSVndodFdZVklVMm15ck5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLVXQAwQC
LY9IAwQCUaFsAwQCuZD0AwQAwWmyAwQAw9NEMA0GCSqGSIb3DQEBCwUAA4IBAQAG
dKmqh42W4nNcST+876XlAJ+YzFhCfPE7lwCUX+uRATVkpiMPEnwx5GhvX7MIDpwa
PEtu6FTfSd1vvldX5wxKlwkeeUxDh/IAFJx+zp7lfZSNvrYf4W/pUr8NdyUSnAfI
IGStDAP2szcB7mTJjqFV9pjbktGxlFM6trO89MqYz+oMNAgsbkaCp6sMIKX3l1bu
Tv4s6SOruFHboWbBIb60vmWfidXkEe9ZA8vo85LwJ/OXRjIshpgtuvohwJd09Z3e
dYWyfF5kX8RqXSDRxUS5Xuc6B8/SKHUaFVeKy7SlY6vXsA27reSJ3RbE90nUgUhQ
bZ+MPKdK8RgDRi6YRA+P
-----END CERTIFICATE-----
Generated at Sat Jul 26 15:48:01 2025 by rpki-client