Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/GLpitTLoKfeAEOHv7sg-N2mDyyM.roa
File: GLpitTLoKfeAEOHv7sg-N2mDyyM.roa (raw, json)
Hash identifier: DLCIbqmbMU+kzJKE291B9CWch8SKbQOfjzg4SB+dJMs=
Subject key identifier: 18:BA:62:B5:32:E8:29:F7:80:10:E1:EF:EE:C8:3E:37:69:83:CB:23
Certificate issuer: /CN=1027a8a61299b80a3e71d1a981427ec00b849d17
Certificate serial: 019A2585971EBC91957E027A814E68153D23
Authority key identifier: 10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/GLpitTLoKfeAEOHv7sg-N2mDyyM.roa
Signing time: Mon 27 Oct 2025 11:55:03 +0000
ROA not before: Mon 27 Oct 2025 11:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8455
IP address blocks: 31.22.80.0/21 maxlen: 21
31.22.84.0/24 maxlen: 24
45.148.184.0/22 maxlen: 22
45.148.187.0/24 maxlen: 24
95.142.96.0/20 maxlen: 20
130.193.4.0/24 maxlen: 24
178.237.32.0/20 maxlen: 20
178.237.34.0/24 maxlen: 24
178.237.42.0/24 maxlen: 24
178.237.43.0/24 maxlen: 24
185.27.16.0/22 maxlen: 22
193.22.161.0/24 maxlen: 24
2a00:1188::/29 maxlen: 29
2a00:1188:8::/48 maxlen: 48
2a00:1188:9::/48 maxlen: 48
2a00:1188:b::/48 maxlen: 48
2a00:1188:c::/48 maxlen: 48
2a00:1188:d::/48 maxlen: 48
2a00:1188:13::/48 maxlen: 48
2a00:1188:19::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 11:55:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:25:85:97:1e:bc:91:95:7e:02:7a:81:4e:68:15:3d:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1027a8a61299b80a3e71d1a981427ec00b849d17
Validity
Not Before: Oct 27 11:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18ba62b532e829f78010e1efeec83e376983cb23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5e:19:7a:44:b6:a5:81:a2:78:04:ba:c5:7b:
2b:5c:53:91:cb:6f:a7:23:d9:a0:57:cc:d7:19:5d:
16:f5:02:94:1b:66:69:be:7a:6f:5f:1c:5c:50:0f:
0f:f7:a3:54:75:91:23:98:89:c2:a5:ee:6d:c9:f2:
92:10:3c:89:1f:92:67:66:ae:7b:11:35:16:42:66:
8b:1d:ab:6e:20:c7:79:61:52:c6:22:2b:f2:9f:2a:
79:0b:f0:a4:8c:1b:6f:41:dc:f8:70:d8:ad:cd:98:
dc:fb:30:7d:75:00:4d:d2:53:6f:0b:b2:49:79:7f:
8c:5c:b7:89:be:e4:8c:60:44:33:9e:52:16:fe:04:
87:12:89:76:0a:6b:d3:e0:ba:9e:f0:63:e5:c9:f8:
8e:54:c5:e5:c0:29:f1:a5:1c:29:4c:48:d3:70:06:
7e:ee:a6:5e:4e:d2:aa:d4:91:73:b6:d2:97:14:f0:
08:e0:64:04:7c:f4:1e:b5:2f:bd:2a:52:0d:57:9d:
28:70:5e:ad:42:67:9a:d7:b8:64:3c:d2:41:01:29:
84:7e:76:fd:fb:9f:d7:6f:be:a7:3e:db:5d:bf:ce:
38:f1:82:5a:07:18:5a:77:0b:b5:c1:8a:78:22:5b:
8d:8e:f9:ea:8b:01:bf:1a:1a:be:cf:44:82:55:ad:
4f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:BA:62:B5:32:E8:29:F7:80:10:E1:EF:EE:C8:3E:37:69:83:CB:23
X509v3 Authority Key Identifier:
keyid:10:27:A8:A6:12:99:B8:0A:3E:71:D1:A9:81:42:7E:C0:0B:84:9D:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ECeophKZuAo-cdGpgUJ-wAuEnRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/GLpitTLoKfeAEOHv7sg-N2mDyyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/ba9d13-8ca6-4577-a59c-9dd997eef4ef/1/ECeophKZuAo-cdGpgUJ-wAuEnRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.80.0/21
45.148.184.0/22
95.142.96.0/20
130.193.4.0/24
178.237.32.0/20
185.27.16.0/22
193.22.161.0/24
IPv6:
2a00:1188::/29
Signature Algorithm: sha256WithRSAEncryption
4e:e1:84:7d:3f:a1:f7:20:62:87:79:a4:f0:3e:6d:7f:23:5a:
62:c7:a4:c0:91:68:8b:fb:cd:e0:fe:4d:da:3d:a0:67:b5:aa:
c4:47:e1:01:18:3d:9b:15:eb:b0:c0:2e:bf:d6:cf:53:83:86:
c1:cd:9b:4c:ce:32:bd:81:ec:76:88:2d:92:f1:72:cf:60:b7:
12:50:2b:01:21:c3:d9:dd:f1:eb:a0:a5:69:95:e7:3d:dd:75:
65:bc:68:45:89:64:ca:e2:ab:f4:5f:fc:39:37:65:37:34:bb:
73:9d:2b:6f:a1:50:90:f7:51:63:1d:36:ea:43:07:bc:2c:34:
0e:fa:17:a7:33:cd:ff:0f:8b:7a:42:c8:a6:f1:19:e9:71:25:
be:87:4b:01:08:95:cd:59:46:94:a0:f4:91:15:67:00:e9:55:
b5:62:9b:94:40:3d:35:63:76:65:43:65:54:43:3c:90:f3:22:
be:9e:ea:9a:f5:7f:ed:00:bd:08:0d:cc:e6:07:61:27:d1:90:
d7:30:a0:81:96:59:1b:ec:34:41:3f:6d:36:84:88:ab:92:a0:
c5:61:5d:30:a9:57:27:b2:46:4c:00:a5:8f:74:e7:68:2e:70:
84:31:a2:cb:8e:fe:17:61:8c:36:fc:39:30:6c:2c:32:e3:aa:
c0:0c:c3:1d
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZolhZcevJGVfgJ6gU5oFT0jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMjdhOGE2MTI5OWI4MGEzZTcxZDFhOTgxNDI3ZWMwMGI4
NDlkMTcwHhcNMjUxMDI3MTE1NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGJhNjJiNTMyZTgyOWY3ODAxMGUxZWZlZWM4M2UzNzY5ODNjYjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkF4ZekS2pYGieAS6xXsrXFORy2+n
I9mgV8zXGV0W9QKUG2ZpvnpvXxxcUA8P96NUdZEjmInCpe5tyfKSEDyJH5JnZq57
ETUWQmaLHatuIMd5YVLGIivynyp5C/CkjBtvQdz4cNitzZjc+zB9dQBN0lNvC7JJ
eX+MXLeJvuSMYEQznlIW/gSHEol2CmvT4Lqe8GPlyfiOVMXlwCnxpRwpTEjTcAZ+
7qZeTtKq1JFzttKXFPAI4GQEfPQetS+9KlINV50ocF6tQmea17hkPNJBASmEfnb9
+5/Xb76nPttdv8448YJaBxhadwu1wYp4IluNjvnqiwG/Ghq+z0SCVa1PpwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFBi6YrUy6Cn3gBDh7+7IPjdpg8sjMB8GA1UdIwQY
MBaAFBAnqKYSmbgKPnHRqYFCfsALhJ0XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMt
OWRkOTk3ZWVmNGVmLzEvR0xwaXRUTG9LZmVBRU9IdjdzZy1OMm1EeXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9iYTlkMTMtOGNhNi00NTc3LWE1OWMtOWRkOTk3ZWVmNGVm
LzEvRUNlb3BoS1p1QW8tY2RHcGdVSi13QXVFblJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDHxZQAwQC
LZS4AwQEX45gAwQAgsEEAwQEsu0gAwQCuRsQAwQAwRahMA0EAgACMAcDBQMqABGI
MA0GCSqGSIb3DQEBCwUAA4IBAQBO4YR9P6H3IGKHeaTwPm1/I1pix6TAkWiL+83g
/k3aPaBntarER+EBGD2bFeuwwC6/1s9Tg4bBzZtMzjK9gex2iC2S8XLPYLcSUCsB
IcPZ3fHroKVplec93XVlvGhFiWTK4qv0X/w5N2U3NLtznStvoVCQ91FjHTbqQwe8
LDQO+henM83/D4t6Qsim8RnpcSW+h0sBCJXNWUaUoPSRFWcA6VW1YpuUQD01Y3Zl
Q2VUQzyQ8yK+nuqa9X/tAL0IDczmB2En0ZDXMKCBllkb7DRBP202hIirkqDFYV0w
qVcnskZMAKWPdOdoLnCEMaLLjv4XYYw2/DkwbCwy46rADMMd
-----END CERTIFICATE-----
Generated at Mon Oct 27 20:44:29 2025 by rpki-client