Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/gl_llPOwACIXYAY-1rKdgdSBNVM.roa
File: gl_llPOwACIXYAY-1rKdgdSBNVM.roa (raw, json)
Hash identifier: AmVI78SJGtAt4gackf6PFSPFBmJ9P08hik/TmySZJCw=
Subject key identifier: 82:5F:E5:94:F3:B0:00:22:17:60:06:3E:D6:B2:9D:81:D4:81:35:53
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 019841A42BC5673C23D68247901514446135
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/gl_llPOwACIXYAY-1rKdgdSBNVM.roa
Signing time: Fri 25 Jul 2025 12:52:14 +0000
ROA not before: Fri 25 Jul 2025 12:52:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200088
IP address blocks: 78.40.216.0/24 maxlen: 24
85.193.92.0/24 maxlen: 24
85.193.93.0/24 maxlen: 24
85.193.95.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
89.191.228.0/24 maxlen: 24
90.156.228.0/24 maxlen: 24
90.156.231.0/24 maxlen: 24
94.228.122.0/24 maxlen: 24
194.35.117.0/24 maxlen: 24
217.25.91.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
217.151.229.0/24 maxlen: 24
217.151.231.0/24 maxlen: 24
2a03:6f00:8::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.mft
rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:41:a4:2b:c5:67:3c:23:d6:82:47:90:15:14:44:61:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Jul 25 12:52:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=825fe594f3b000221760063ed6b29d81d4813553
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ef:18:cf:b2:e2:1f:ae:ed:c9:5d:f2:1e:56:
09:27:03:08:3a:f9:f6:ee:30:a9:c6:52:48:d2:81:
55:ae:39:79:ce:22:6e:ca:cf:d9:81:cb:a1:0c:8b:
44:a9:13:21:11:ad:08:50:17:78:27:23:2d:f8:62:
59:9b:cf:0e:b2:d5:71:ee:bb:11:0e:97:62:e2:ab:
9a:e0:12:e9:14:6a:7c:85:3a:74:f5:49:c6:39:5d:
78:35:9a:b8:85:49:4b:b6:fc:2d:a5:e6:ad:67:9c:
7e:45:cb:c9:bf:4f:dd:c2:61:a5:44:48:11:95:1a:
62:5d:e7:df:0e:ca:57:c7:92:55:4a:85:59:2e:d4:
0a:ec:ab:f3:1e:21:a8:da:1f:94:d4:80:47:63:50:
7a:e5:4c:77:77:bb:91:34:ca:e9:13:b2:e8:c3:62:
0d:f8:68:f7:f4:1b:75:af:f3:34:02:16:19:d8:94:
83:8c:a9:88:64:91:45:ec:e7:09:94:40:6c:e7:de:
63:d7:85:37:1a:b3:3b:36:c3:6b:69:3c:e6:7d:0b:
63:b2:e6:ce:d5:07:96:61:70:07:bc:ac:9e:a7:39:
76:75:52:ac:9e:05:68:c7:e6:4e:fc:f4:4d:87:f2:
42:96:b3:3e:6a:02:bf:e6:a7:6b:d2:47:ad:dc:d1:
c3:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:5F:E5:94:F3:B0:00:22:17:60:06:3E:D6:B2:9D:81:D4:81:35:53
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/gl_llPOwACIXYAY-1rKdgdSBNVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
85.193.92.0/23
85.193.95.0/24
87.249.50.0/24
89.191.228.0/24
90.156.228.0/24
90.156.231.0/24
94.228.122.0/24
194.35.117.0/24
217.25.91.0/24
217.25.95.0/24
217.151.229.0/24
217.151.231.0/24
IPv6:
2a03:6f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
5d:f4:62:d9:4b:84:a1:26:d8:01:c6:6a:d3:84:f1:7b:13:6c:
74:30:b4:74:d4:c8:7d:33:94:50:0c:de:55:2d:41:64:56:52:
7c:f9:61:71:3f:77:3f:5b:a1:a0:ae:58:48:5a:34:11:0a:11:
d4:5a:7d:69:b8:2f:b4:8f:16:4b:b3:10:a2:25:ca:c0:2d:70:
a4:2c:2d:19:12:66:fe:17:f2:d5:49:3d:5a:f9:b4:38:38:60:
d4:dd:04:2e:cd:32:fc:9c:21:f4:ff:9e:71:1c:9c:51:4c:cb:
87:33:40:a7:77:22:83:59:bd:7d:e2:18:0d:3b:6a:ee:06:f6:
d3:a1:b5:42:a2:82:e9:e2:81:80:b3:a5:e2:1e:3e:cc:4d:f5:
1d:86:4a:a7:7b:96:15:a4:43:6d:26:f2:ca:f1:c2:5b:fd:ec:
15:3b:2c:35:0c:96:6a:37:78:af:24:01:26:9d:29:73:bb:3b:
eb:75:5b:64:81:4b:2f:1c:af:b6:68:60:d0:bc:f8:ae:2b:64:
53:be:a2:25:2b:ff:d8:ea:24:b1:cc:f6:16:b4:05:c0:d4:ef:
c2:cd:61:9d:e9:f1:2d:95:17:6c:0d:ab:9b:ec:60:42:c4:71:
70:9b:39:87:49:24:3c:19:76:11:91:78:12:20:35:c2:cf:14:
b3:6a:76:e8
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZhBpCvFZzwj1oJHkBUURGE1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjUwNzI1MTI1MjE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjVmZTU5NGYzYjAwMDIyMTc2MDA2M2VkNmIyOWQ4MWQ0ODEzNTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+8Yz7LiH67tyV3yHlYJJwMIOvn2
7jCpxlJI0oFVrjl5ziJuys/ZgcuhDItEqRMhEa0IUBd4JyMt+GJZm88OstVx7rsR
Dpdi4qua4BLpFGp8hTp09UnGOV14NZq4hUlLtvwtpeatZ5x+RcvJv0/dwmGlREgR
lRpiXeffDspXx5JVSoVZLtQK7KvzHiGo2h+U1IBHY1B65Ux3d7uRNMrpE7Low2IN
+Gj39Bt1r/M0AhYZ2JSDjKmIZJFF7OcJlEBs595j14U3GrM7NsNraTzmfQtjsubO
1QeWYXAHvKyepzl2dVKsngVox+ZO/PRNh/JClrM+agK/5qdr0ket3NHDYQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFIJf5ZTzsAAiF2AGPtaynYHUgTVTMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvZ2xfbGxQT3dBQ0lYWUFZLTFyS2RnZFNCTlZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBUBAIAATBOAwQATijYAwQB
VcFcAwQAVcFfAwQAV/kyAwQAWb/kAwQAWpzkAwQAWpznAwQAXuR6AwQAwiN1AwQA
2RlbAwQA2RlfAwQA2ZflAwQA2ZfnMA8EAgACMAkDBwAqA28AAAgwDQYJKoZIhvcN
AQELBQADggEBAF30YtlLhKEm2AHGatOE8XsTbHQwtHTUyH0zlFAM3lUtQWRWUnz5
YXE/dz9boaCuWEhaNBEKEdRafWm4L7SPFkuzEKIlysAtcKQsLRkSZv4X8tVJPVr5
tDg4YNTdBC7NMvycIfT/nnEcnFFMy4czQKd3IoNZvX3iGA07au4G9tOhtUKiguni
gYCzpeIePsxN9R2GSqd7lhWkQ20m8srxwlv97BU7LDUMlmo3eK8kASadKXO7O+t1
W2SBSy8cr7ZoYNC8+K4rZFO+oiUr/9jqJLHM9ha0BcDU78LNYZ3p8S2VF2wNq5vs
YELEcXCbOYdJJDwZdhGReBIgNcLPFLNqdug=
-----END CERTIFICATE-----
Generated at Sat Jul 26 19:29:48 2025 by rpki-client