Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/gKrWuls_yaAj_2uKWgRsKnBJLAc.roa
File: gKrWuls_yaAj_2uKWgRsKnBJLAc.roa (raw, json)
Hash identifier: 5hm6a22R5gdWEHU5rkBuRp3sLMWMwNnGUW81bM1dalw=
Subject key identifier: 80:AA:D6:BA:5B:3F:C9:A0:23:FF:6B:8A:5A:04:6C:2A:70:49:2C:07
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0198E5D69EC3F743916CD35D9051A8B80847
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/gKrWuls_yaAj_2uKWgRsKnBJLAc.roa
Signing time: Tue 26 Aug 2025 10:05:04 +0000
ROA not before: Tue 26 Aug 2025 10:05:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 62.84.16.0/20 maxlen: 20
79.135.141.0/24 maxlen: 24
80.81.47.0/24 maxlen: 24
83.223.131.0/24 maxlen: 24
83.223.138.0/24 maxlen: 24
83.223.140.0/24 maxlen: 24
83.223.152.0/24 maxlen: 24
83.223.156.0/24 maxlen: 24
83.223.158.0/24 maxlen: 24
85.254.12.0/24 maxlen: 24
85.254.13.0/24 maxlen: 24
85.254.14.0/24 maxlen: 24
85.254.15.0/24 maxlen: 24
85.254.41.0/24 maxlen: 24
85.254.46.0/24 maxlen: 24
85.254.63.0/24 maxlen: 24
85.254.117.0/24 maxlen: 24
85.254.118.0/23 maxlen: 23
91.190.37.0/24 maxlen: 24
159.148.143.0/24 maxlen: 24
185.176.116.0/24 maxlen: 24
185.176.119.0/24 maxlen: 24
217.24.64.0/20 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 23:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e5:d6:9e:c3:f7:43:91:6c:d3:5d:90:51:a8:b8:08:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Aug 26 10:05:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80aad6ba5b3fc9a023ff6b8a5a046c2a70492c07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:dc:da:bf:54:39:c4:fc:ce:f3:a6:88:cb:e5:
78:d4:0c:1a:4d:6a:ef:2a:95:72:41:72:1e:93:8e:
c7:56:18:23:2b:39:fe:b2:74:d8:86:61:57:54:5a:
03:fd:50:2b:34:88:75:1b:3c:33:4c:18:fa:2e:ab:
4b:a0:89:29:44:a2:6e:73:05:78:37:8d:5c:b9:17:
94:fb:bc:28:cd:8d:92:3c:40:18:4e:7c:e8:29:fc:
a1:74:6f:70:92:f9:6e:7a:78:a6:a8:0c:ae:25:26:
e5:8f:16:dc:b9:e1:51:06:58:1a:7f:15:cd:c1:4c:
eb:fe:d9:77:9f:82:17:e8:a7:b0:4e:a1:0f:33:c6:
14:10:b7:e7:5b:bb:ba:07:be:b5:11:c1:82:a8:8d:
21:da:98:f5:ad:6f:66:a2:d0:35:3e:3c:e4:4d:3b:
f1:0b:8d:3f:44:b1:4d:17:82:b1:81:50:e5:e0:f7:
3c:09:a0:59:d3:97:9d:81:04:46:fa:44:43:aa:83:
18:99:eb:cb:27:bc:5c:fa:20:68:ff:f6:cd:a6:0b:
17:66:0e:cc:f1:3e:89:3d:9a:bf:89:ed:1c:f3:d2:
26:01:aa:f6:82:35:3a:61:21:41:c6:be:2d:83:bf:
94:22:7e:90:55:8e:3d:75:fd:6d:38:f2:fb:12:98:
8c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:AA:D6:BA:5B:3F:C9:A0:23:FF:6B:8A:5A:04:6C:2A:70:49:2C:07
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/gKrWuls_yaAj_2uKWgRsKnBJLAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.84.16.0/20
79.135.141.0/24
80.81.47.0/24
83.223.131.0/24
83.223.138.0/24
83.223.140.0/24
83.223.152.0/24
83.223.156.0/24
83.223.158.0/24
85.254.12.0/22
85.254.41.0/24
85.254.46.0/24
85.254.63.0/24
85.254.117.0-85.254.119.255
91.190.37.0/24
159.148.143.0/24
185.176.116.0/24
185.176.119.0/24
217.24.64.0/20
Signature Algorithm: sha256WithRSAEncryption
aa:5c:c4:65:85:56:f0:6a:3b:8c:e0:c9:75:f7:d3:66:38:1c:
0e:c2:7c:8c:f8:cb:4e:6c:3d:c6:c4:6e:01:79:ba:e5:c7:d6:
6c:6f:be:16:f3:66:d4:e9:1f:83:a8:7d:94:a3:ef:50:bc:8a:
95:9c:97:a3:6f:01:c4:a2:e7:ba:bc:69:c5:ca:8d:d6:d7:46:
6e:7f:07:0f:1d:bf:f9:60:1f:79:38:3b:f1:e0:67:3e:6c:b1:
82:27:92:33:7d:d2:9a:82:dd:8b:54:0f:c7:30:49:5b:39:47:
a8:f6:52:a7:cb:34:6f:a7:ad:0c:3b:50:2d:01:09:ed:2b:c1:
2b:ef:68:81:96:20:6e:22:94:6e:73:d6:4a:94:a9:d2:d6:79:
b6:12:3f:e6:25:79:8d:72:9a:30:69:e4:d6:f1:67:43:ae:ed:
48:bd:61:e8:e3:40:17:b7:f8:a4:61:a0:4a:99:9a:77:50:f5:
3a:13:2a:71:aa:b1:fc:53:18:f8:e7:fe:7d:44:f1:7f:0f:f6:
97:16:6a:23:78:fb:8d:e8:ab:93:f6:18:fc:87:21:30:06:03:
da:6a:a8:ca:72:82:e0:fd:f5:0f:2f:92:93:a5:e9:4d:92:1b:
2f:20:11:86:5c:c4:ac:41:7c:8e:30:5d:98:a1:4d:8f:9f:3a:
3c:76:be:bc
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZjl1p7D90ORbNNdkFGouAhHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwODI2MTAwNTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGFhZDZiYTViM2ZjOWEwMjNmZjZiOGE1YTA0NmMyYTcwNDkyYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7dzav1Q5xPzO86aIy+V41AwaTWrv
KpVyQXIek47HVhgjKzn+snTYhmFXVFoD/VArNIh1GzwzTBj6LqtLoIkpRKJucwV4
N41cuReU+7wozY2SPEAYTnzoKfyhdG9wkvluenimqAyuJSbljxbcueFRBlgafxXN
wUzr/tl3n4IX6KewTqEPM8YUELfnW7u6B761EcGCqI0h2pj1rW9motA1PjzkTTvx
C40/RLFNF4KxgVDl4Pc8CaBZ05edgQRG+kRDqoMYmevLJ7xc+iBo//bNpgsXZg7M
8T6JPZq/ie0c89ImAar2gjU6YSFBxr4tg7+UIn6QVY49df1tOPL7EpiMHwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFICq1rpbP8mgI/9riloEbCpwSSwHMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvZ0tyV3Vsc195YUFqXzJ1S1dnUnNLbkJKTEFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEBD5U
EAMEAE+HjQMEAFBRLwMEAFPfgwMEAFPfigMEAFPfjAMEAFPfmAMEAFPfnAMEAFPf
ngMEAlX+DAMEAFX+KQMEAFX+LgMEAFX+PzAMAwQAVf51AwQDVf5wAwQAW74lAwQA
n5SPAwQAubB0AwQAubB3AwQE2RhAMA0GCSqGSIb3DQEBCwUAA4IBAQCqXMRlhVbw
ajuM4Ml199NmOBwOwnyM+MtObD3GxG4Bebrlx9Zsb74W82bU6R+DqH2Uo+9QvIqV
nJejbwHEoue6vGnFyo3W10ZufwcPHb/5YB95ODvx4Gc+bLGCJ5IzfdKagt2LVA/H
MElbOUeo9lKnyzRvp60MO1AtAQntK8Er72iBliBuIpRuc9ZKlKnS1nm2Ej/mJXmN
cpowaeTW8WdDru1IvWHo40AXt/ikYaBKmZp3UPU6EypxqrH8Uxj45/59RPF/D/aX
FmojePuN6KuT9hj8hyEwBgPaaqjKcoLg/fUPL5KTpelNkhsvIBGGXMSsQXyOMF2Y
oU2Pnzo8dr68
-----END CERTIFICATE-----
Generated at Sat Sep 6 07:01:04 2025 by rpki-client