Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/c7caf3-eb08-4556-a5b7-fc6e77884054/1/g8C52r-HgjcOKaKK01GccaiLGqY.roa
File: g8C52r-HgjcOKaKK01GccaiLGqY.roa (raw, json)
Hash identifier: yFMdULn9+zrpJgeM+fVWlj0c0e8CtPQGd00H0hnJUEs=
Subject key identifier: 83:C0:B9:DA:BF:87:82:37:0E:29:A2:8A:D3:51:9C:71:A8:8B:1A:A6
Certificate issuer: /CN=b464b4523a8972b9e2f46a4f4a1634e97027aedf
Certificate serial: 0198139908AD73BE5DC2B25CA36BFF15726A
Authority key identifier: B4:64:B4:52:3A:89:72:B9:E2:F4:6A:4F:4A:16:34:E9:70:27:AE:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGS0UjqJcrni9GpPShY06XAnrt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/c7caf3-eb08-4556-a5b7-fc6e77884054/1/g8C52r-HgjcOKaKK01GccaiLGqY.roa
Signing time: Wed 16 Jul 2025 14:17:33 +0000
ROA not before: Wed 16 Jul 2025 14:17:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199373
IP address blocks: 5.61.113.0/24 maxlen: 24
5.61.115.0/24 maxlen: 24
5.61.117.0/24 maxlen: 24
5.61.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/c7caf3-eb08-4556-a5b7-fc6e77884054/1/tGS0UjqJcrni9GpPShY06XAnrt8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/c7caf3-eb08-4556-a5b7-fc6e77884054/1/tGS0UjqJcrni9GpPShY06XAnrt8.mft
rsync://rpki.ripe.net/repository/DEFAULT/tGS0UjqJcrni9GpPShY06XAnrt8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:13:99:08:ad:73:be:5d:c2:b2:5c:a3:6b:ff:15:72:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b464b4523a8972b9e2f46a4f4a1634e97027aedf
Validity
Not Before: Jul 16 14:17:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=83c0b9dabf8782370e29a28ad3519c71a88b1aa6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:26:73:a6:0a:f6:6c:4d:03:ed:6b:61:5c:42:
58:c2:0f:71:a0:bc:41:7f:7e:6c:67:80:79:1c:56:
9e:4b:f8:5a:ac:09:76:ee:14:54:13:6d:7f:89:da:
ce:aa:24:cc:43:20:cf:68:39:ff:04:49:19:57:31:
d1:41:f0:df:57:33:53:ae:b5:f9:c8:bf:e4:b5:18:
dc:6d:d1:fc:4b:7f:8e:a0:13:21:3f:cb:20:ab:53:
ad:4c:9b:1a:c5:6b:f0:6b:b3:75:5a:f5:e8:b2:0b:
41:c0:0b:7a:87:8b:69:f5:44:23:69:31:74:a3:df:
77:0e:84:27:17:4b:f6:30:b8:99:7b:f1:2e:2b:0e:
ea:86:23:83:8d:37:7e:01:f0:f9:a6:cd:11:ea:1c:
78:85:9c:6a:6b:18:92:16:fe:a9:de:b1:97:f5:55:
d1:f3:17:f2:91:a7:61:1c:51:ee:a7:ca:28:5d:0c:
76:c5:9e:b5:d0:0c:5d:e3:ed:bc:50:4a:17:5c:15:
78:1a:57:11:50:59:27:cc:d9:43:35:37:d0:0f:82:
3c:69:72:37:18:40:0d:ef:d0:1b:ef:71:8b:db:1f:
0f:b7:78:8c:7e:2c:cf:b0:da:fd:a1:6f:c2:29:f4:
8d:a8:13:ee:ff:c0:35:7d:f5:67:13:05:29:ba:ba:
fe:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:C0:B9:DA:BF:87:82:37:0E:29:A2:8A:D3:51:9C:71:A8:8B:1A:A6
X509v3 Authority Key Identifier:
keyid:B4:64:B4:52:3A:89:72:B9:E2:F4:6A:4F:4A:16:34:E9:70:27:AE:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGS0UjqJcrni9GpPShY06XAnrt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/c7caf3-eb08-4556-a5b7-fc6e77884054/1/g8C52r-HgjcOKaKK01GccaiLGqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/c7caf3-eb08-4556-a5b7-fc6e77884054/1/tGS0UjqJcrni9GpPShY06XAnrt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.113.0/24
5.61.115.0/24
5.61.117.0/24
5.61.119.0/24
Signature Algorithm: sha256WithRSAEncryption
68:1e:b3:1e:8f:82:46:62:c8:4f:e3:30:09:8d:fa:a3:e7:a7:
50:97:ed:8c:7c:02:62:df:bf:e6:86:08:2d:31:2a:c8:ca:2b:
6d:fb:75:52:a1:42:f1:6b:1f:28:61:be:2d:5e:e8:85:8a:39:
1b:55:3f:80:d0:f7:dc:e4:f6:40:ac:bd:4f:0b:5a:fe:11:0e:
8b:43:55:8a:ee:89:09:0f:42:7d:08:61:e9:88:4b:30:1e:1b:
22:66:22:f5:45:29:cf:20:cf:82:15:02:c4:3c:7e:00:a3:44:
2d:63:a1:3b:61:67:6d:2e:dd:4e:a3:ac:6f:cc:86:c5:15:cd:
5c:3b:3d:f1:54:de:4c:ab:a4:8a:10:c2:9e:91:a0:d0:56:3a:
b8:08:6b:66:8b:43:dd:73:1b:4e:77:b7:0a:76:c8:81:a4:bd:
85:c2:7a:bc:ce:ce:18:67:4f:89:ce:57:f7:aa:6d:48:e1:62:
0d:3d:f9:13:c7:15:ed:7d:87:6d:df:12:9a:b6:b4:9b:0c:2d:
5a:d5:46:de:f3:1e:d1:d7:c3:79:96:6c:90:9a:9f:98:5a:08:
97:fc:1f:90:d8:95:1b:3f:10:5f:58:1b:26:a1:00:e3:5e:e7:
3e:0c:0c:69:27:82:7a:92:79:8f:17:51:c9:23:70:44:6e:32:
23:11:05:40
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZgTmQitc75dwrJco2v/FXJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjRiNDUyM2E4OTcyYjllMmY0NmE0ZjRhMTYzNGU5NzAy
N2FlZGYwHhcNMjUwNzE2MTQxNzMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2MwYjlkYWJmODc4MjM3MGUyOWEyOGFkMzUxOWM3MWE4OGIxYWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSZzpgr2bE0D7WthXEJYwg9xoLxB
f35sZ4B5HFaeS/harAl27hRUE21/idrOqiTMQyDPaDn/BEkZVzHRQfDfVzNTrrX5
yL/ktRjcbdH8S3+OoBMhP8sgq1OtTJsaxWvwa7N1WvXosgtBwAt6h4tp9UQjaTF0
o993DoQnF0v2MLiZe/EuKw7qhiODjTd+AfD5ps0R6hx4hZxqaxiSFv6p3rGX9VXR
8xfykadhHFHup8ooXQx2xZ610Axd4+28UEoXXBV4GlcRUFknzNlDNTfQD4I8aXI3
GEAN79Ab73GL2x8Pt3iMfizPsNr9oW/CKfSNqBPu/8A1ffVnEwUpurr+1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIPAudq/h4I3DimiitNRnHGoixqmMB8GA1UdIwQY
MBaAFLRktFI6iXK54vRqT0oWNOlwJ67fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdTMFVqcUpjcm5pOUdwUFNoWTA2WEFucnQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9jN2NhZjMtZWIwOC00NTU2LWE1Yjct
ZmM2ZTc3ODg0MDU0LzEvZzhDNTJyLUhnamNPS2FLSzAxR2NjYWlMR3FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9jN2NhZjMtZWIwOC00NTU2LWE1YjctZmM2ZTc3ODg0MDU0
LzEvdEdTMFVqcUpjcm5pOUdwUFNoWTA2WEFucnQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABT1xAwQA
BT1zAwQABT11AwQABT13MA0GCSqGSIb3DQEBCwUAA4IBAQBoHrMej4JGYshP4zAJ
jfqj56dQl+2MfAJi37/mhggtMSrIyitt+3VSoULxax8oYb4tXuiFijkbVT+A0Pfc
5PZArL1PC1r+EQ6LQ1WK7okJD0J9CGHpiEswHhsiZiL1RSnPIM+CFQLEPH4Ao0Qt
Y6E7YWdtLt1Oo6xvzIbFFc1cOz3xVN5Mq6SKEMKekaDQVjq4CGtmi0PdcxtOd7cK
dsiBpL2Fwnq8zs4YZ0+Jzlf3qm1I4WINPfkTxxXtfYdt3xKatrSbDC1a1Ube8x7R
18N5lmyQmp+YWgiX/B+Q2JUbPxBfWBsmoQDjXuc+DAxpJ4J6knmPF1HJI3BEbjIj
EQVA
-----END CERTIFICATE-----
Generated at Sun Jul 27 04:54:33 2025 by rpki-client