Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/gJaJMZFu2Xun5us_hvLQ2sX0jTI.roa
File: gJaJMZFu2Xun5us_hvLQ2sX0jTI.roa (raw, json)
Hash identifier: z619KX2EhgVMmsrswd0EgoK+J2Yavf87i9QdahrdS84=
Subject key identifier: 80:96:89:31:91:6E:D9:7B:A7:E6:EB:3F:86:F2:D0:DA:C5:F4:8D:32
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 019946FFD63F0003304EA528BCC4F545BB1C
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/gJaJMZFu2Xun5us_hvLQ2sX0jTI.roa
Signing time: Sun 14 Sep 2025 06:53:15 +0000
ROA not before: Sun 14 Sep 2025 06:53:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 24
89.249.205.0/24 maxlen: 24
89.249.206.0/23 maxlen: 24
212.42.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.mft
rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 10:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:46:ff:d6:3f:00:03:30:4e:a5:28:bc:c4:f5:45:bb:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Sep 14 06:53:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=80968931916ed97ba7e6eb3f86f2d0dac5f48d32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:80:93:3e:40:e9:3a:55:71:83:70:b6:36:cd:
69:3c:a5:a0:77:23:14:e9:7b:cc:b9:d3:3d:a5:bb:
39:46:7a:9b:08:13:2a:b9:17:04:32:b3:9b:ad:1c:
08:60:d3:e3:55:16:44:9c:2b:84:3f:b4:71:8c:f1:
84:49:df:d9:5c:f6:28:bb:80:c9:52:ea:45:6c:22:
7c:c1:f4:40:7e:6d:a3:6f:6f:ca:fe:e1:aa:a4:03:
7a:4b:c2:7e:90:a8:67:c0:08:76:69:8e:3e:83:fe:
0a:0f:be:19:c3:91:51:c8:e8:14:0a:dd:35:39:46:
58:df:c0:a9:ba:45:9b:ef:57:b0:83:ee:45:44:df:
9c:38:78:5e:fd:61:3b:4b:d1:1d:9f:e8:72:ba:12:
51:06:88:10:f3:fb:b0:cf:8e:1e:6a:46:b3:be:41:
c3:78:b7:14:c6:ff:ea:84:82:c5:81:0b:d8:48:a7:
35:51:7f:6f:91:d8:eb:93:61:a8:6a:7d:f1:23:96:
2f:0d:65:74:3e:54:9b:6b:ab:17:0a:65:9a:22:67:
8b:fa:93:de:37:f3:c4:26:73:7d:9d:e7:49:56:0e:
b5:d6:2c:0e:31:af:40:ab:3a:da:ff:c1:36:a9:b9:
cc:58:62:47:71:1f:ad:55:03:14:90:d9:06:39:5b:
58:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:96:89:31:91:6E:D9:7B:A7:E6:EB:3F:86:F2:D0:DA:C5:F4:8D:32
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/gJaJMZFu2Xun5us_hvLQ2sX0jTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/21
89.249.205.0-89.249.207.255
212.42.192.0/20
Signature Algorithm: sha256WithRSAEncryption
73:a7:8d:e5:72:bd:d2:92:e2:09:fe:85:94:92:28:6b:ae:c7:
a9:f6:81:9c:57:9b:7c:b2:fe:9c:3f:b6:90:65:36:f1:5e:a8:
f0:3d:fa:74:aa:47:4a:fc:6d:91:45:5e:be:4b:83:25:39:1b:
29:11:24:01:92:5e:d9:b3:a7:bc:31:88:7d:de:c5:d8:02:29:
dd:e5:34:29:d6:6e:15:5a:42:7d:f0:41:90:60:65:47:43:9d:
32:cd:a3:9f:ed:e7:38:ec:16:ef:37:c9:c7:fc:9d:9e:06:21:
12:1b:82:f7:04:d2:da:19:2d:cd:6e:d6:32:fe:55:6c:fd:8a:
b2:95:1e:ae:6a:43:ba:a4:58:8b:e6:c9:20:44:f2:de:65:be:
02:90:c4:e4:56:95:4a:e5:6f:6b:9b:d3:26:e3:c5:51:43:7f:
01:8e:37:d2:88:0b:d3:3e:8b:f6:ef:ca:4f:6f:b8:ac:ca:ef:
cc:1b:9b:3a:a5:07:b2:17:54:6d:ff:60:97:bf:05:9b:3d:4a:
d3:3e:15:dc:2f:12:da:a8:73:f5:72:89:4e:7b:ad:f0:1e:38:
ea:c6:57:39:9b:f8:38:d4:9c:5b:e1:3a:b3:d6:40:70:89:66:
4b:5d:68:6e:61:fc:25:37:34:f0:0c:7e:90:bb:58:fe:af:93:
51:67:ab:55
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZlG/9Y/AAMwTqUovMT1RbscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjUwOTE0MDY1MzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDk2ODkzMTkxNmVkOTdiYTdlNmViM2Y4NmYyZDBkYWM1ZjQ4ZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYCTPkDpOlVxg3C2Ns1pPKWgdyMU
6XvMudM9pbs5RnqbCBMquRcEMrObrRwIYNPjVRZEnCuEP7RxjPGESd/ZXPYou4DJ
UupFbCJ8wfRAfm2jb2/K/uGqpAN6S8J+kKhnwAh2aY4+g/4KD74Zw5FRyOgUCt01
OUZY38CpukWb71ewg+5FRN+cOHhe/WE7S9Edn+hyuhJRBogQ8/uwz44eakazvkHD
eLcUxv/qhILFgQvYSKc1UX9vkdjrk2Goan3xI5YvDWV0PlSba6sXCmWaImeL+pPe
N/PEJnN9nedJVg611iwOMa9Aqzra/8E2qbnMWGJHcR+tVQMUkNkGOVtY9QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFICWiTGRbtl7p+brP4by0NrF9I0yMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvZ0phSk1aRnUyWHVuNXVzX2h2TFEyc1gwalRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDWfnAMAwD
BABZ+c0DBARZ+cADBATUKsAwDQYJKoZIhvcNAQELBQADggEBAHOnjeVyvdKS4gn+
hZSSKGuux6n2gZxXm3yy/pw/tpBlNvFeqPA9+nSqR0r8bZFFXr5LgyU5GykRJAGS
Xtmzp7wxiH3exdgCKd3lNCnWbhVaQn3wQZBgZUdDnTLNo5/t5zjsFu83ycf8nZ4G
IRIbgvcE0toZLc1u1jL+VWz9irKVHq5qQ7qkWIvmySBE8t5lvgKQxORWlUrlb2ub
0ybjxVFDfwGON9KIC9M+i/bvyk9vuKzK78wbmzqlB7IXVG3/YJe/BZs9StM+Fdwv
Etqoc/VyiU57rfAeOOrGVzmb+DjUnFvhOrPWQHCJZktdaG5h/CU3NPAMfpC7WP6v
k1Fnq1U=
-----END CERTIFICATE-----
Generated at Thu Sep 18 14:31:05 2025 by rpki-client