Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/gePsgMm1SXrgosAl9EBGRbblOJY.roa
File: gePsgMm1SXrgosAl9EBGRbblOJY.roa (raw, json)
Hash identifier: oh2vSEtXqPjZczOQ5pTX784c3RYOTBDe5sYQaczr//U=
Subject key identifier: 81:E3:EC:80:C9:B5:49:7A:E0:A2:C0:25:F4:40:46:45:B6:E5:38:96
Certificate issuer: /CN=050e3b7dfbd59910fe527cc7e29af64d53806c91
Certificate serial: 0198092A130F37BF76FFD87597BC15673FBF
Authority key identifier: 05:0E:3B:7D:FB:D5:99:10:FE:52:7C:C7:E2:9A:F6:4D:53:80:6C:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQ47ffvVmRD-UnzH4pr2TVOAbJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/gePsgMm1SXrgosAl9EBGRbblOJY.roa
Signing time: Mon 14 Jul 2025 13:40:08 +0000
ROA not before: Mon 14 Jul 2025 13:40:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31117
IP address blocks: 87.244.192.0/18 maxlen: 18
185.171.140.0/22 maxlen: 22
212.37.64.0/19 maxlen: 19
217.119.112.0/20 maxlen: 20
2a01:328::/29 maxlen: 29
2a01:328::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/BQ47ffvVmRD-UnzH4pr2TVOAbJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/BQ47ffvVmRD-UnzH4pr2TVOAbJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/BQ47ffvVmRD-UnzH4pr2TVOAbJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:2a:13:0f:37:bf:76:ff:d8:75:97:bc:15:67:3f:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=050e3b7dfbd59910fe527cc7e29af64d53806c91
Validity
Not Before: Jul 14 13:40:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81e3ec80c9b5497ae0a2c025f4404645b6e53896
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c5:bc:68:ab:72:af:d1:70:99:1c:53:f2:4e:
c5:86:e8:ae:bb:d9:d3:fd:bb:4f:38:2f:0c:98:d9:
66:f4:5b:54:a3:ad:ee:6a:a4:ed:be:6f:e4:92:5f:
30:61:c0:76:72:47:cd:3c:0d:0d:b6:50:bf:1c:0b:
57:c7:de:22:1f:f7:10:64:36:ec:87:ce:e6:4a:d1:
38:e8:f0:8e:b8:68:a8:b3:06:ae:d6:cd:8a:cd:b4:
79:73:7c:d7:b0:4e:ee:4d:39:2d:8e:50:f8:fe:53:
ea:4b:61:e6:67:ea:5b:f5:4e:66:69:2a:a3:8a:a9:
8f:21:06:97:e1:8e:8f:11:24:c0:92:8c:4b:39:0b:
94:60:11:6f:0e:d3:fc:41:30:4b:17:74:1b:a4:02:
80:ef:10:37:29:76:f2:22:47:4a:7e:40:a9:27:ec:
2b:bc:0b:a1:30:d0:66:07:0b:0b:b5:d6:cc:4d:ad:
4e:49:48:e7:bc:c6:ea:5b:c7:a8:82:47:37:ec:59:
4b:04:5f:28:ed:02:d8:eb:a5:ae:36:0d:f8:2d:e4:
36:b0:6c:3a:54:c3:c4:93:24:cd:f6:2d:3a:c6:4e:
23:38:25:bc:3d:8a:ec:38:a6:12:ed:37:4c:1e:70:
7c:46:d7:2f:a3:f5:81:67:36:f8:66:f6:34:00:a7:
eb:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:E3:EC:80:C9:B5:49:7A:E0:A2:C0:25:F4:40:46:45:B6:E5:38:96
X509v3 Authority Key Identifier:
keyid:05:0E:3B:7D:FB:D5:99:10:FE:52:7C:C7:E2:9A:F6:4D:53:80:6C:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQ47ffvVmRD-UnzH4pr2TVOAbJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/gePsgMm1SXrgosAl9EBGRbblOJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/BQ47ffvVmRD-UnzH4pr2TVOAbJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.244.192.0/18
185.171.140.0/22
212.37.64.0/19
217.119.112.0/20
IPv6:
2a01:328::/29
Signature Algorithm: sha256WithRSAEncryption
7c:60:94:d9:1e:71:5a:34:3a:9d:6d:85:df:37:13:46:df:80:
80:ce:45:9b:e9:2a:23:22:e0:16:5f:0e:4e:5c:34:f9:64:13:
41:fe:da:91:40:d6:b8:74:31:ae:b4:45:9f:b5:e6:a9:e4:16:
78:35:36:c1:07:83:65:7c:34:ef:a1:46:87:d3:02:1b:85:e4:
72:d8:43:23:cd:27:02:41:59:84:a2:b8:f0:25:bd:98:e5:48:
17:4c:d1:3c:15:3f:8b:7b:32:3d:7d:57:e0:53:a4:5e:43:55:
f6:e3:bd:5f:f3:c7:2c:86:86:f4:8e:31:aa:37:1f:7b:32:2f:
9a:45:59:57:e0:c8:43:8c:0a:fc:61:7b:49:ab:3c:c3:52:66:
ad:0f:ca:91:ee:3c:75:21:2d:bd:9b:47:44:b6:79:11:23:bb:
8b:b0:ff:46:44:ac:3e:5f:b1:5f:2e:81:20:ad:1f:f2:3c:e8:
a0:d5:1c:1b:70:12:03:7e:92:9e:9d:49:72:82:be:d1:d8:2c:
06:94:e8:64:37:b9:ef:22:d9:e6:78:58:88:0b:a8:59:38:7d:
f0:5d:93:be:26:33:c2:56:dd:a6:57:57:fd:ed:de:89:d8:27:
e2:22:aa:7c:8a:be:ac:8b:48:70:01:bc:b1:1b:d6:33:3d:4e:
ae:b3:9c:7c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZgJKhMPN792/9h1l7wVZz+/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MGUzYjdkZmJkNTk5MTBmZTUyN2NjN2UyOWFmNjRkNTM4
MDZjOTEwHhcNMjUwNzE0MTM0MDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWUzZWM4MGM5YjU0OTdhZTBhMmMwMjVmNDQwNDY0NWI2ZTUzODk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8W8aKtyr9FwmRxT8k7Fhuiuu9nT
/btPOC8MmNlm9FtUo63uaqTtvm/kkl8wYcB2ckfNPA0NtlC/HAtXx94iH/cQZDbs
h87mStE46PCOuGioswau1s2KzbR5c3zXsE7uTTktjlD4/lPqS2HmZ+pb9U5maSqj
iqmPIQaX4Y6PESTAkoxLOQuUYBFvDtP8QTBLF3QbpAKA7xA3KXbyIkdKfkCpJ+wr
vAuhMNBmBwsLtdbMTa1OSUjnvMbqW8eogkc37FlLBF8o7QLY66WuNg34LeQ2sGw6
VMPEkyTN9i06xk4jOCW8PYrsOKYS7TdMHnB8Rtcvo/WBZzb4ZvY0AKfrZwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIHj7IDJtUl64KLAJfRARkW25TiWMB8GA1UdIwQY
MBaAFAUOO3371ZkQ/lJ8x+Ka9k1TgGyRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlE0N2ZmdlZtUkQtVW56SDRwcjJUVk9BYkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85ZDk2MGMtZTIzNC00YTA1LWFiYTIt
NGE4Nzc5ZTQ3OGM2LzEvZ2VQc2dNbTFTWHJnb3NBbDlFQkdSYmJsT0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85ZDk2MGMtZTIzNC00YTA1LWFiYTItNGE4Nzc5ZTQ3OGM2
LzEvQlE0N2ZmdlZtUkQtVW56SDRwcjJUVk9BYkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGV/TAAwQC
uauMAwQF1CVAAwQE2XdwMA0EAgACMAcDBQMqAQMoMA0GCSqGSIb3DQEBCwUAA4IB
AQB8YJTZHnFaNDqdbYXfNxNG34CAzkWb6SojIuAWXw5OXDT5ZBNB/tqRQNa4dDGu
tEWfteap5BZ4NTbBB4NlfDTvoUaH0wIbheRy2EMjzScCQVmEorjwJb2Y5UgXTNE8
FT+LezI9fVfgU6ReQ1X2471f88cshob0jjGqNx97Mi+aRVlX4MhDjAr8YXtJqzzD
UmatD8qR7jx1IS29m0dEtnkRI7uLsP9GRKw+X7FfLoEgrR/yPOig1RwbcBIDfpKe
nUlygr7R2CwGlOhkN7nvItnmeFiIC6hZOH3wXZO+JjPCVt2mV1f97d6J2CfiIqp8
ir6si0hwAbyxG9YzPU6us5x8
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:20:13 2025 by rpki-client