Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/2GK7KjijxkSp5rFI9ZFtp0atb8k.roa
File: 2GK7KjijxkSp5rFI9ZFtp0atb8k.roa (raw, json)
Hash identifier: wdEjqmgar3oUItYyi55t1/3r4eSEpgrdLi/xchL3smU=
Subject key identifier: D8:62:BB:2A:38:A3:C6:44:A9:E6:B1:48:F5:91:6D:A7:46:AD:6F:C9
Certificate issuer: /CN=c10285df5b039e0f04e2dfece28a5a8fbec6e938
Certificate serial: 019A0276AC94E91ECFEE94A4BD3E0A841A19
Authority key identifier: C1:02:85:DF:5B:03:9E:0F:04:E2:DF:EC:E2:8A:5A:8F:BE:C6:E9:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQKF31sDng8E4t_s4opaj77G6Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/2GK7KjijxkSp5rFI9ZFtp0atb8k.roa
Signing time: Mon 20 Oct 2025 16:32:03 +0000
ROA not before: Mon 20 Oct 2025 16:32:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59989
IP address blocks: 185.127.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/wQKF31sDng8E4t_s4opaj77G6Tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/wQKF31sDng8E4t_s4opaj77G6Tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/wQKF31sDng8E4t_s4opaj77G6Tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 19:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:76:ac:94:e9:1e:cf:ee:94:a4:bd:3e:0a:84:1a:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c10285df5b039e0f04e2dfece28a5a8fbec6e938
Validity
Not Before: Oct 20 16:32:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d862bb2a38a3c644a9e6b148f5916da746ad6fc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4b:39:98:43:49:1a:e4:78:d8:31:b7:f2:2d:
f7:0d:85:b2:7f:61:30:cb:10:7e:09:18:c0:fe:d2:
d3:3f:e5:80:aa:a9:fd:76:e2:ed:4b:1f:ed:90:d6:
51:7a:32:d3:98:c7:f6:7f:71:d3:07:82:c2:bc:26:
9a:fd:82:56:08:c4:9f:c3:68:58:56:e4:44:d8:58:
06:64:69:c5:54:80:ca:38:c8:01:29:e6:0c:95:0a:
4e:a4:1a:93:f2:6b:21:c4:ac:78:ec:5a:cf:32:e2:
1b:ec:4c:de:58:e1:9e:28:7b:ba:1f:fe:e7:d0:49:
48:3d:8f:8c:95:c2:c7:bb:52:d5:01:d1:12:0a:b5:
ec:02:88:76:4f:18:a2:8f:d5:c8:5e:b2:5a:75:ac:
4a:f5:fd:e7:28:69:9a:1a:b4:a3:00:33:24:c4:99:
bc:c5:4a:83:0b:3b:c5:85:15:de:58:df:de:32:78:
5a:14:31:50:dd:51:b9:43:49:83:d8:e0:e2:a8:60:
d5:ad:98:19:81:c9:ad:f8:58:43:02:a5:11:a8:8d:
be:e5:48:04:d5:ea:5d:b8:a1:94:38:45:66:b1:6b:
3b:5a:de:87:bd:30:59:60:5e:67:f4:7d:a8:08:37:
2f:da:31:98:ef:61:e5:9c:d3:e7:2f:d8:2a:aa:d7:
ce:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:62:BB:2A:38:A3:C6:44:A9:E6:B1:48:F5:91:6D:A7:46:AD:6F:C9
X509v3 Authority Key Identifier:
keyid:C1:02:85:DF:5B:03:9E:0F:04:E2:DF:EC:E2:8A:5A:8F:BE:C6:E9:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQKF31sDng8E4t_s4opaj77G6Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/2GK7KjijxkSp5rFI9ZFtp0atb8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/aebd42-07a3-4cb5-852e-52afc77ca18f/1/wQKF31sDng8E4t_s4opaj77G6Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.124.0/24
Signature Algorithm: sha256WithRSAEncryption
65:14:e2:0c:73:5f:32:93:2d:86:3a:b7:4c:c7:b8:6b:53:98:
c3:0a:78:26:b9:14:76:a2:12:89:a2:47:55:c3:ad:fa:78:93:
c0:ad:89:7f:d2:d3:f9:ab:c5:4f:aa:ce:3d:f7:aa:d4:ea:d2:
09:7b:a2:92:4a:d5:cb:07:10:dc:fa:37:f8:09:ec:b1:bb:ad:
dd:54:6f:bb:55:4f:4d:7a:6a:2d:cd:9d:29:d6:43:84:ba:75:
2e:b1:91:33:88:e0:65:83:cf:52:bb:25:de:17:50:0b:34:90:
78:a4:91:fc:79:51:45:50:1e:fa:6a:fa:e1:e6:86:da:75:f2:
5c:3b:2f:fe:b6:d2:f3:58:66:d4:65:2b:56:ae:94:56:98:29:
aa:21:02:23:65:c2:fe:31:2e:f5:fc:78:a0:c5:3f:79:13:11:
e9:81:1e:8a:8b:eb:9c:ad:12:b6:44:b9:61:94:b5:8f:6c:0c:
ce:f0:1b:12:1f:4f:ae:09:4e:a8:34:e4:e6:88:b4:6a:b2:c4:
bb:58:b0:c0:7a:ee:86:e1:9e:b7:ae:40:19:f9:cf:cd:17:de:
de:f0:0a:73:74:32:9b:17:1e:05:98:72:74:0d:e9:e2:62:b3:
57:28:b7:47:38:fc:5a:01:77:ba:b0:a2:c4:6e:38:82:9f:58:
1e:57:ff:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZoCdqyU6R7P7pSkvT4KhBoZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDI4NWRmNWIwMzllMGYwNGUyZGZlY2UyOGE1YThmYmVj
NmU5MzgwHhcNMjUxMDIwMTYzMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODYyYmIyYTM4YTNjNjQ0YTllNmIxNDhmNTkxNmRhNzQ2YWQ2ZmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0s5mENJGuR42DG38i33DYWyf2Ew
yxB+CRjA/tLTP+WAqqn9duLtSx/tkNZRejLTmMf2f3HTB4LCvCaa/YJWCMSfw2hY
VuRE2FgGZGnFVIDKOMgBKeYMlQpOpBqT8mshxKx47FrPMuIb7EzeWOGeKHu6H/7n
0ElIPY+MlcLHu1LVAdESCrXsAoh2Txiij9XIXrJadaxK9f3nKGmaGrSjADMkxJm8
xUqDCzvFhRXeWN/eMnhaFDFQ3VG5Q0mD2ODiqGDVrZgZgcmt+FhDAqURqI2+5UgE
1epduKGUOEVmsWs7Wt6HvTBZYF5n9H2oCDcv2jGY72HlnNPnL9gqqtfORQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNhiuyo4o8ZEqeaxSPWRbadGrW/JMB8GA1UdIwQY
MBaAFMEChd9bA54PBOLf7OKKWo++xuk4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FLRjMxc0RuZzhFNHRfczRvcGFqNzdHNlRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9hZWJkNDItMDdhMy00Y2I1LTg1MmUt
NTJhZmM3N2NhMThmLzEvMkdLN0tqaWp4a1NwNXJGSTlaRnRwMGF0YjhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9hZWJkNDItMDdhMy00Y2I1LTg1MmUtNTJhZmM3N2NhMThm
LzEvd1FLRjMxc0RuZzhFNHRfczRvcGFqNzdHNlRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuX98MA0G
CSqGSIb3DQEBCwUAA4IBAQBlFOIMc18yky2GOrdMx7hrU5jDCngmuRR2ohKJokdV
w636eJPArYl/0tP5q8VPqs4996rU6tIJe6KSStXLBxDc+jf4Ceyxu63dVG+7VU9N
emotzZ0p1kOEunUusZEziOBlg89SuyXeF1ALNJB4pJH8eVFFUB76avrh5obadfJc
Oy/+ttLzWGbUZStWrpRWmCmqIQIjZcL+MS71/HigxT95ExHpgR6Ki+ucrRK2RLlh
lLWPbAzO8BsSH0+uCU6oNOTmiLRqssS7WLDAeu6G4Z63rkAZ+c/NF97e8ApzdDKb
Fx4FmHJ0DeniYrNXKLdHOPxaAXe6sKLEbjiCn1geV/9o
-----END CERTIFICATE-----
Generated at Mon Oct 27 04:33:50 2025 by rpki-client