Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/gHFXL6cSzjd7fbeTO7sS_QqIXdU.roa
File: gHFXL6cSzjd7fbeTO7sS_QqIXdU.roa (raw, json)
Hash identifier: pj747sQSsuNB7MsQ4fj/AYdj8RHMk1Ww0TVPu39LsRU=
Subject key identifier: 80:71:57:2F:A7:12:CE:37:7B:7D:B7:93:3B:BB:12:FD:0A:88:5D:D5
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 019809B19307E8BA9E22F7136733152718A1
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/gHFXL6cSzjd7fbeTO7sS_QqIXdU.roa
Signing time: Mon 14 Jul 2025 16:08:08 +0000
ROA not before: Mon 14 Jul 2025 16:08:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209641
IP address blocks: 46.243.7.0/24 maxlen: 24
91.200.12.0/24 maxlen: 24
92.62.119.0/24 maxlen: 24
94.232.248.0/24 maxlen: 24
95.81.114.0/24 maxlen: 24
95.81.115.0/24 maxlen: 24
95.81.120.0/24 maxlen: 24
109.69.60.0/24 maxlen: 24
2a06:ddc0::/29 maxlen: 29
2a0b:8040::/29 maxlen: 29
2a0c:f642::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:b1:93:07:e8:ba:9e:22:f7:13:67:33:15:27:18:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Jul 14 16:08:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8071572fa712ce377b7db7933bbb12fd0a885dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:72:88:36:a5:75:ba:5f:5e:30:18:c5:0a:39:
ee:82:72:a6:7f:fc:57:b7:bd:3c:75:01:69:7a:db:
a7:20:cd:f4:c1:cc:67:7c:11:48:c4:2c:d0:f8:aa:
12:e0:18:bf:09:bc:b9:f7:2b:a2:cc:f1:a6:1e:88:
79:4a:a8:d7:05:c7:7e:ad:81:3c:89:57:9c:12:fd:
7f:ba:83:4f:cf:51:6a:81:77:09:6a:1b:70:10:44:
40:a9:51:9d:4e:19:e9:d3:f8:42:2d:68:7f:e1:96:
9a:90:6a:71:92:b9:27:92:1b:1b:12:6f:da:d2:57:
1f:f9:fc:c1:f4:32:a6:0b:5c:46:94:6d:ed:52:1b:
fb:33:fd:ae:0b:b8:61:a6:a5:ef:07:5b:9f:77:d8:
d0:c1:10:42:39:1e:b7:f5:76:f8:e9:0c:9d:ed:c6:
bd:c1:05:b0:f2:6a:43:60:2d:cb:30:fa:7c:dc:b3:
64:0f:5e:04:36:d4:10:90:27:30:19:24:34:6d:d2:
7b:f6:89:fe:e3:55:5c:7b:be:67:a7:88:15:52:5d:
08:10:cc:4e:45:ab:84:75:74:af:d6:a6:19:7c:7f:
60:fd:50:ca:b2:8a:ff:58:bb:fb:87:cc:9f:80:1e:
9d:11:a2:56:5e:c1:85:52:53:4e:98:3e:bf:7b:84:
00:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:71:57:2F:A7:12:CE:37:7B:7D:B7:93:3B:BB:12:FD:0A:88:5D:D5
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/gHFXL6cSzjd7fbeTO7sS_QqIXdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.7.0/24
91.200.12.0/24
92.62.119.0/24
94.232.248.0/24
95.81.114.0/23
95.81.120.0/24
109.69.60.0/24
IPv6:
2a06:ddc0::/29
2a0b:8040::/29
2a0c:f642::/32
Signature Algorithm: sha256WithRSAEncryption
ab:5d:88:12:00:d2:67:8e:9a:cf:d9:3a:ad:a2:e4:8a:b0:cf:
15:64:e5:2b:00:6f:7d:d0:26:3d:68:b7:e7:ce:46:d8:6a:32:
3d:08:fb:1b:27:bc:0a:7a:da:05:09:4a:49:f7:c6:30:85:97:
d0:f4:91:b1:a2:0c:03:dc:b3:7e:cd:41:6c:12:4a:73:fd:49:
b9:78:0e:ea:68:55:38:e9:5e:a5:85:7b:c7:57:d0:9b:7e:03:
fa:2e:3f:10:ea:e7:e9:77:fe:26:92:be:c2:3a:97:51:ad:82:
4d:89:f4:5a:d4:db:cd:c0:c6:00:2e:fc:46:c4:72:bb:6b:0c:
2d:c0:d4:2b:39:5a:5e:bd:ab:f5:ed:5b:22:35:13:d7:85:fd:
51:8e:08:ce:a7:e1:81:ca:2a:94:f6:7d:ff:30:d5:d8:5e:d4:
25:05:f8:d8:b8:43:00:3f:36:f9:b4:b0:e6:02:d0:9b:ad:15:
6e:2c:f9:d3:5e:f4:2d:ae:b9:cb:fc:b7:fa:7f:f1:c8:34:d1:
c4:fa:72:14:54:9e:22:e3:bc:12:c1:27:66:84:bd:06:d8:e1:
b8:da:3f:8c:03:a1:e4:98:d2:51:98:e8:69:bb:c7:6d:e1:34:
e5:fa:03:3d:5e:90:0d:f6:cc:7d:99:52:b2:1c:c5:d9:35:bf:
ed:17:c8:4f
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZgJsZMH6LqeIvcTZzMVJxihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUwNzE0MTYwODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDcxNTcyZmE3MTJjZTM3N2I3ZGI3OTMzYmJiMTJmZDBhODg1ZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHKINqV1ul9eMBjFCjnugnKmf/xX
t708dQFpetunIM30wcxnfBFIxCzQ+KoS4Bi/Cby59yuizPGmHoh5SqjXBcd+rYE8
iVecEv1/uoNPz1FqgXcJahtwEERAqVGdThnp0/hCLWh/4ZaakGpxkrknkhsbEm/a
0lcf+fzB9DKmC1xGlG3tUhv7M/2uC7hhpqXvB1ufd9jQwRBCOR639Xb46Qyd7ca9
wQWw8mpDYC3LMPp83LNkD14ENtQQkCcwGSQ0bdJ79on+41Vce75np4gVUl0IEMxO
RauEdXSv1qYZfH9g/VDKsor/WLv7h8yfgB6dEaJWXsGFUlNOmD6/e4QAoQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFIBxVy+nEs43e323kzu7Ev0KiF3VMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvZ0hGWEw2Y1N6amQ3ZmJlVE83c1NfUXFJWGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAwBAIAATAqAwQALvMHAwQA
W8gMAwQAXD53AwQAXuj4AwQBX1FyAwQAX1F4AwQAbUU8MBsEAgACMBUDBQMqBt3A
AwUDKguAQAMFACoM9kIwDQYJKoZIhvcNAQELBQADggEBAKtdiBIA0meOms/ZOq2i
5IqwzxVk5SsAb33QJj1ot+fORthqMj0I+xsnvAp62gUJSkn3xjCFl9D0kbGiDAPc
s37NQWwSSnP9Sbl4DupoVTjpXqWFe8dX0Jt+A/ouPxDq5+l3/iaSvsI6l1Gtgk2J
9FrU283AxgAu/EbEcrtrDC3A1Cs5Wl69q/XtWyI1E9eF/VGOCM6n4YHKKpT2ff8w
1dhe1CUF+Ni4QwA/Nvm0sOYC0JutFW4s+dNe9C2uucv8t/p/8cg00cT6chRUniLj
vBLBJ2aEvQbY4bjaP4wDoeSY0lGY6Gm7x23hNOX6Az1ekA32zH2ZUrIcxdk1v+0X
yE8=
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:30:35 2025 by rpki-client