Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/gnq-AR8Xd72mcm6lbFMDArBc5CM.roa
File: gnq-AR8Xd72mcm6lbFMDArBc5CM.roa (raw, json)
Hash identifier: 9S2hc504KDha1WUQXHo7oEPqtD/gvge/SWCBJIRS81w=
Subject key identifier: 82:7A:BE:01:1F:17:77:BD:A6:72:6E:A5:6C:53:03:02:B0:5C:E4:23
Certificate issuer: /CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Certificate serial: 019A1015C0684F624A6520048B4317B47A3C
Authority key identifier: EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/gnq-AR8Xd72mcm6lbFMDArBc5CM.roa
Signing time: Thu 23 Oct 2025 08:00:52 +0000
ROA not before: Thu 23 Oct 2025 08:00:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211908
IP address blocks: 93.180.216.0/21 maxlen: 24
185.254.12.0/22 maxlen: 24
199.74.188.0/22 maxlen: 24
199.74.190.0/24 maxlen: 24
2a0b:1880::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 11:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:10:15:c0:68:4f:62:4a:65:20:04:8b:43:17:b4:7a:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Validity
Not Before: Oct 23 08:00:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=827abe011f1777bda6726ea56c530302b05ce423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4f:7d:e1:22:cf:d3:b5:5a:5f:25:2f:0c:17:
b7:b8:b5:63:3a:77:d5:d5:43:aa:14:01:cf:1b:74:
e4:a2:6d:82:a9:ff:05:d6:3b:ee:07:ad:41:6d:88:
98:01:c9:7b:5e:b8:74:e4:b4:e5:96:18:8a:71:03:
c1:67:dc:8a:ee:af:89:63:56:e9:bb:9b:4e:46:6f:
92:ee:8a:0f:3e:4d:93:78:b8:01:53:50:c2:1d:dc:
f6:41:0d:bf:08:c0:0a:1e:70:15:4a:09:1d:4a:d2:
de:89:85:3a:96:9e:24:cd:69:fd:51:5c:85:d2:d2:
24:aa:06:0c:b9:63:7e:e0:15:f8:50:bb:60:cd:1c:
c4:bb:29:52:35:45:7d:88:80:3e:e8:77:43:18:0b:
5e:c5:bc:96:6b:af:67:ca:74:4d:4b:b6:5a:77:e1:
6b:31:76:6e:8c:7b:87:bb:3f:b0:e7:5a:5d:c2:29:
04:cb:46:a7:ee:c4:14:ed:58:cd:f9:35:8d:ae:70:
00:7e:ee:7e:50:cd:a3:be:15:a7:5b:c6:01:bd:99:
7b:da:11:af:4e:e3:1e:a6:90:ff:2c:60:95:3e:b4:
81:09:69:fe:52:4b:59:10:71:c4:dd:b0:f8:a0:03:
f3:72:71:ad:14:29:a7:9a:56:b6:8d:91:07:9d:57:
c0:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:7A:BE:01:1F:17:77:BD:A6:72:6E:A5:6C:53:03:02:B0:5C:E4:23
X509v3 Authority Key Identifier:
keyid:EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/gnq-AR8Xd72mcm6lbFMDArBc5CM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.216.0/21
185.254.12.0/22
199.74.188.0/22
IPv6:
2a0b:1880::/29
Signature Algorithm: sha256WithRSAEncryption
43:9e:40:0b:c1:6f:2d:20:73:c0:3e:64:1d:e0:81:cf:01:20:
d3:36:fa:e5:b3:99:8b:33:46:76:bd:7f:7f:be:a5:4b:11:46:
b7:30:8b:5f:11:3f:0b:97:6c:11:5e:57:33:17:72:7a:23:a3:
c0:17:22:5e:38:3e:91:12:4a:9c:ea:a2:47:5e:75:b2:ff:71:
14:3c:b2:d7:94:bc:01:fa:15:ce:da:78:f5:e6:56:0e:fa:9c:
01:86:41:9c:6f:1b:46:1c:62:9e:6f:45:e3:90:1a:63:2a:24:
80:23:da:df:8d:34:a4:c3:81:ae:91:ad:08:6a:e4:e5:1a:0a:
6f:76:1f:f9:85:c1:7c:1e:ba:ea:d5:a2:6e:d1:66:d5:85:41:
7a:7c:d1:5a:1f:d0:4c:49:60:22:b8:06:be:11:b3:ea:56:33:
78:54:fe:f3:a1:1d:29:73:02:dc:e2:d5:d8:10:dd:a8:a6:1a:
27:1b:c9:9b:97:d8:b5:84:af:64:b3:7e:0e:a7:60:db:ac:bc:
af:47:07:f2:d4:17:4e:f1:6d:9d:7c:7b:ad:af:60:ea:c8:f0:
31:9d:61:7f:62:e7:ff:97:8d:a8:d8:9d:27:d5:4c:5c:29:92:
9a:1a:05:d1:b0:8e:3f:84:53:fa:da:83:85:b7:69:3f:71:28:
fc:dc:fb:e5
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZoQFcBoT2JKZSAEi0MXtHo8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTRkOWU0MWVhNWUyZDE2MWI3YzRjZGIyZTQ3MDJjNGYy
NDhlMTQwHhcNMjUxMDIzMDgwMDUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjdhYmUwMTFmMTc3N2JkYTY3MjZlYTU2YzUzMDMwMmIwNWNlNDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0994SLP07VaXyUvDBe3uLVjOnfV
1UOqFAHPG3Tkom2Cqf8F1jvuB61BbYiYAcl7Xrh05LTllhiKcQPBZ9yK7q+JY1bp
u5tORm+S7ooPPk2TeLgBU1DCHdz2QQ2/CMAKHnAVSgkdStLeiYU6lp4kzWn9UVyF
0tIkqgYMuWN+4BX4ULtgzRzEuylSNUV9iIA+6HdDGAtexbyWa69nynRNS7Zad+Fr
MXZujHuHuz+w51pdwikEy0an7sQU7VjN+TWNrnAAfu5+UM2jvhWnW8YBvZl72hGv
TuMeppD/LGCVPrSBCWn+UktZEHHE3bD4oAPzcnGtFCmnmla2jZEHnVfAowIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIJ6vgEfF3e9pnJupWxTAwKwXOQjMB8GA1UdIwQY
MBaAFO9U2eQepeLRYbfEzbLkcCxPJI4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzIt
ZmJjNmZjYjVlN2E2LzEvZ25xLUFSOFhkNzJtY202bGJGTURBckJjNUNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzItZmJjNmZjYjVlN2E2
LzEvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXbTYAwQC
uf4MAwQCx0q8MA0EAgACMAcDBQMqCxiAMA0GCSqGSIb3DQEBCwUAA4IBAQBDnkAL
wW8tIHPAPmQd4IHPASDTNvrls5mLM0Z2vX9/vqVLEUa3MItfET8Ll2wRXlczF3J6
I6PAFyJeOD6REkqc6qJHXnWy/3EUPLLXlLwB+hXO2nj15lYO+pwBhkGcbxtGHGKe
b0XjkBpjKiSAI9rfjTSkw4Guka0IauTlGgpvdh/5hcF8Hrrq1aJu0WbVhUF6fNFa
H9BMSWAiuAa+EbPqVjN4VP7zoR0pcwLc4tXYEN2ophonG8mbl9i1hK9ks34Op2Db
rLyvRwfy1BdO8W2dfHutr2DqyPAxnWF/Yuf/l42o2J0n1UxcKZKaGgXRsI4/hFP6
2oOFt2k/cSj83Pvl
-----END CERTIFICATE-----
Generated at Mon Oct 27 19:01:17 2025 by rpki-client