Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/G7KAYOVH38LzKR-IdVTjVu7lIf8.roa
File: G7KAYOVH38LzKR-IdVTjVu7lIf8.roa (raw, json)
Hash identifier: rqzGBQKFeB6ICiFMYesDYx+/XfxqjQHtzlizZQdtLiE=
Subject key identifier: 1B:B2:80:60:E5:47:DF:C2:F3:29:1F:88:75:54:E3:56:EE:E5:21:FF
Certificate issuer: /CN=1808bf7fe48b057f9f2f3d5d1a6310fd9e14c571
Certificate serial: 0199333CE6F9F2C33C0D622F1B6188E94F47
Authority key identifier: 18:08:BF:7F:E4:8B:05:7F:9F:2F:3D:5D:1A:63:10:FD:9E:14:C5:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/G7KAYOVH38LzKR-IdVTjVu7lIf8.roa
Signing time: Wed 10 Sep 2025 10:47:33 +0000
ROA not before: Wed 10 Sep 2025 10:47:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 393406
IP address blocks: 5.42.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.mft
rsync://rpki.ripe.net/repository/DEFAULT/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 01:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:33:3c:e6:f9:f2:c3:3c:0d:62:2f:1b:61:88:e9:4f:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1808bf7fe48b057f9f2f3d5d1a6310fd9e14c571
Validity
Not Before: Sep 10 10:47:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bb28060e547dfc2f3291f887554e356eee521ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:6f:be:da:59:de:ea:08:a3:17:4d:5f:02:aa:
46:65:2f:59:b5:1e:c5:e7:40:3a:73:91:57:9a:a8:
a5:2b:ad:07:a9:65:79:18:a7:f6:c6:cd:00:b2:60:
c2:d2:86:6a:04:fb:93:34:08:5b:da:41:35:dd:5a:
47:cb:18:a8:a8:f9:a7:25:1d:0f:1f:55:93:86:1d:
fa:d0:2d:3f:cc:4a:65:9c:fe:a3:2a:cd:ff:51:fb:
39:dc:19:3c:4a:35:08:1f:0a:8d:4e:f7:90:4d:54:
53:6d:51:23:ee:3d:3f:44:3f:cf:d5:67:0b:41:7e:
7a:b2:f2:e8:eb:1c:c5:33:b9:68:4a:47:de:be:9b:
3c:bf:2a:96:0d:c5:cd:d5:a4:71:2b:40:83:2f:91:
3c:97:3d:9f:e4:c8:9e:39:29:fe:74:3f:b5:1f:7e:
46:3a:bc:3a:43:1f:ef:dd:d3:a5:fd:50:5b:df:6a:
1f:b0:d0:43:54:4c:c4:a2:f8:5f:c8:33:c8:1f:c2:
ca:83:3e:04:1e:7e:4d:c9:39:e9:55:5b:06:06:59:
0d:b5:1e:27:b0:db:5e:f4:9f:65:85:8f:f3:2f:41:
5b:03:5f:a0:24:9d:a3:86:d2:97:59:74:e1:24:a5:
41:f2:60:64:3a:ce:00:5b:7f:b6:bb:93:1a:ee:d8:
9f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:B2:80:60:E5:47:DF:C2:F3:29:1F:88:75:54:E3:56:EE:E5:21:FF
X509v3 Authority Key Identifier:
keyid:18:08:BF:7F:E4:8B:05:7F:9F:2F:3D:5D:1A:63:10:FD:9E:14:C5:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/G7KAYOVH38LzKR-IdVTjVu7lIf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/510c3b-f870-476b-a163-9d392eee0f66/1/GAi_f-SLBX-fLz1dGmMQ_Z4UxXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.203.0/24
Signature Algorithm: sha256WithRSAEncryption
c4:55:06:ce:a8:21:a7:75:3d:13:e4:7c:a8:c2:f3:89:f8:9e:
85:a0:8b:88:1e:5b:d4:cc:24:4e:e9:c7:71:c6:9f:2b:c3:ed:
f9:23:68:45:8c:37:2a:27:ce:3b:c0:42:c5:3d:ba:5e:0a:f3:
8d:71:db:97:24:07:ed:e2:76:1e:44:2c:42:88:f9:db:5d:67:
1f:84:4e:f8:3d:c8:f7:ae:39:0f:af:f7:07:1f:c7:f0:21:99:
c9:64:a2:44:01:65:9d:9c:41:d7:3f:b6:06:d4:8b:d5:50:a4:
d2:93:40:e7:b0:86:72:16:8f:16:21:28:e0:ad:fc:39:7e:a1:
ff:c8:69:4d:5f:57:d0:9a:f4:92:c0:41:fd:3c:6f:ce:9d:d2:
b5:46:ae:3d:f5:3d:55:48:50:6f:9c:ca:92:67:e0:b2:75:0f:
6f:e2:c8:9a:b4:61:08:cb:62:70:18:1a:48:6d:ec:1d:9e:a7:
e5:64:eb:a7:e1:e1:97:9e:40:e8:78:34:c0:64:1e:ba:3c:20:
5e:40:04:f5:35:e2:4e:78:46:26:bc:63:dc:19:ba:3a:32:bd:
55:d1:bf:74:8c:58:c7:de:42:91:77:0b:ea:7b:58:95:53:46:
38:c4:56:30:a7:b4:4a:1e:3f:07:9a:b8:fc:42:cc:b3:ef:79:
12:72:8c:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZkzPOb58sM8DWIvG2GI6U9HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MDhiZjdmZTQ4YjA1N2Y5ZjJmM2Q1ZDFhNjMxMGZkOWUx
NGM1NzEwHhcNMjUwOTEwMTA0NzMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmIyODA2MGU1NDdkZmMyZjMyOTFmODg3NTU0ZTM1NmVlZTUyMWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiG++2lne6gijF01fAqpGZS9ZtR7F
50A6c5FXmqilK60HqWV5GKf2xs0AsmDC0oZqBPuTNAhb2kE13VpHyxioqPmnJR0P
H1WThh360C0/zEplnP6jKs3/Ufs53Bk8SjUIHwqNTveQTVRTbVEj7j0/RD/P1WcL
QX56svLo6xzFM7loSkfevps8vyqWDcXN1aRxK0CDL5E8lz2f5MieOSn+dD+1H35G
Orw6Qx/v3dOl/VBb32ofsNBDVEzEovhfyDPIH8LKgz4EHn5NyTnpVVsGBlkNtR4n
sNte9J9lhY/zL0FbA1+gJJ2jhtKXWXThJKVB8mBkOs4AW3+2u5Ma7tif7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBuygGDlR9/C8ykfiHVU41bu5SH/MB8GA1UdIwQY
MBaAFBgIv3/kiwV/ny89XRpjEP2eFMVxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0FpX2YtU0xCWC1mTHoxZEdtTVFfWjRVeFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MTBjM2ItZjg3MC00NzZiLWExNjMt
OWQzOTJlZWUwZjY2LzEvRzdLQVlPVkgzOEx6S1ItSWRWVGpWdTdsSWY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MTBjM2ItZjg3MC00NzZiLWExNjMtOWQzOTJlZWUwZjY2
LzEvR0FpX2YtU0xCWC1mTHoxZEdtTVFfWjRVeFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSrLMA0G
CSqGSIb3DQEBCwUAA4IBAQDEVQbOqCGndT0T5HyowvOJ+J6FoIuIHlvUzCRO6cdx
xp8rw+35I2hFjDcqJ847wELFPbpeCvONcduXJAft4nYeRCxCiPnbXWcfhE74Pcj3
rjkPr/cHH8fwIZnJZKJEAWWdnEHXP7YG1IvVUKTSk0DnsIZyFo8WISjgrfw5fqH/
yGlNX1fQmvSSwEH9PG/OndK1Rq499T1VSFBvnMqSZ+CydQ9v4siatGEIy2JwGBpI
bewdnqflZOun4eGXnkDoeDTAZB66PCBeQAT1NeJOeEYmvGPcGbo6Mr1V0b90jFjH
3kKRdwvqe1iVU0Y4xFYwp7RKHj8Hmrj8Qsyz73kScowe
-----END CERTIFICATE-----
Generated at Fri Sep 19 10:00:03 2025 by rpki-client