Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/lB0Y2eWw2fGl9D9NoUITBeh5ifY.roa
File: lB0Y2eWw2fGl9D9NoUITBeh5ifY.roa (raw, json)
Hash identifier: cMwnQErfZS+RI9A5SCPbtMwp8CRjpQ5GBhjM47lkuFs=
Subject key identifier: 94:1D:18:D9:E5:B0:D9:F1:A5:F4:3F:4D:A1:42:13:05:E8:79:89:F6
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 019A17DB5C6044F7AE847C93CEE1F2331FF1
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/lB0Y2eWw2fGl9D9NoUITBeh5ifY.roa
Signing time: Fri 24 Oct 2025 20:14:03 +0000
ROA not before: Fri 24 Oct 2025 20:14:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 77.47.156.0/22 maxlen: 24
77.47.243.0/24 maxlen: 24
195.178.140.0/23 maxlen: 24
212.111.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:17:db:5c:60:44:f7:ae:84:7c:93:ce:e1:f2:33:1f:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Oct 24 20:14:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=941d18d9e5b0d9f1a5f43f4da1421305e87989f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:52:e1:0e:06:89:7b:aa:ff:d5:4c:da:95:8e:
96:89:ac:61:fc:a9:bd:60:59:a5:eb:ab:8d:3b:5d:
e1:20:de:b1:9d:08:83:30:ac:e2:a1:40:b7:4b:91:
73:13:97:24:8a:cb:ec:c9:4e:1d:eb:4f:24:03:b0:
07:c4:ec:2a:84:a9:b9:93:89:34:bc:9e:c9:e4:86:
06:89:7e:47:84:0d:3a:3e:c3:de:f1:d6:bf:ff:bb:
b4:0c:aa:5d:2d:ec:cd:65:1d:1b:54:e3:6f:f5:62:
7d:2e:ff:97:7a:6a:1e:6a:e4:4e:d3:03:55:43:7a:
77:c1:f9:48:f0:aa:34:c9:97:1f:e1:54:62:9c:91:
2c:6a:8a:da:5a:e1:9a:18:52:4b:ee:23:73:9b:5c:
88:e1:bf:78:06:3c:53:87:2f:bf:07:f8:95:69:77:
ff:c0:55:7b:4c:01:09:7e:ef:ff:a3:a4:c8:77:c0:
11:6f:92:e8:96:8a:6b:f8:c1:d5:54:72:e7:a9:32:
46:17:fa:4b:1d:0e:83:2d:80:d3:00:80:17:51:0c:
36:a2:38:5f:54:99:29:db:5a:37:d7:b5:48:4e:62:
86:72:4e:c7:32:5a:f5:fc:7b:05:d4:c2:b2:01:2c:
bf:ff:21:e1:0f:bd:a6:35:35:5f:1d:d4:f4:76:24:
ff:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:1D:18:D9:E5:B0:D9:F1:A5:F4:3F:4D:A1:42:13:05:E8:79:89:F6
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/lB0Y2eWw2fGl9D9NoUITBeh5ifY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.156.0/22
77.47.243.0/24
195.178.140.0/23
212.111.220.0/22
Signature Algorithm: sha256WithRSAEncryption
27:a1:50:ff:9c:bf:76:32:07:70:97:f6:62:6f:5d:ad:35:93:
54:72:a8:4b:db:66:0c:27:a5:d3:d2:fd:57:06:9d:4a:74:49:
38:6d:80:ca:3b:dc:90:b5:57:67:f5:03:0d:33:4e:6c:27:cc:
cb:4a:7f:80:0a:09:2c:a6:48:be:cd:e5:00:85:2d:f6:ec:04:
34:bd:4c:37:17:18:a9:ac:ae:55:cb:38:d8:56:e5:22:d3:ee:
87:0f:c3:da:2e:a8:ae:ae:0d:c1:0a:6c:8a:bd:21:2e:cd:e3:
cd:05:a4:e4:e5:6f:49:d1:06:74:56:7a:fc:15:0f:36:cf:f7:
50:a4:01:a6:de:26:13:52:15:e6:58:8b:65:6f:af:bf:fa:9b:
8e:16:93:f8:0b:a7:f7:a2:57:4a:3a:3c:63:e6:3c:11:fe:10:
6b:83:88:a1:e0:33:29:5a:cb:7f:52:50:01:e0:51:07:e2:1a:
e5:79:7f:74:02:75:70:25:8d:a0:fd:8b:be:60:ec:3c:49:b2:
bb:02:16:73:8f:ad:4c:da:58:da:2f:83:b6:f6:34:0b:c8:85:
f0:5d:e4:66:4e:05:c2:36:48:3b:71:a9:9d:19:0f:af:ec:ad:
3a:c0:5b:31:03:d0:3e:f5:2e:87:d1:88:37:6a:4e:65:a9:3d:
5a:b9:88:06
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZoX21xgRPeuhHyTzuHyMx/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjUxMDI0MjAxNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDFkMThkOWU1YjBkOWYxYTVmNDNmNGRhMTQyMTMwNWU4Nzk4OWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVLhDgaJe6r/1UzalY6Wiaxh/Km9
YFml66uNO13hIN6xnQiDMKzioUC3S5FzE5ckisvsyU4d608kA7AHxOwqhKm5k4k0
vJ7J5IYGiX5HhA06PsPe8da//7u0DKpdLezNZR0bVONv9WJ9Lv+XemoeauRO0wNV
Q3p3wflI8Ko0yZcf4VRinJEsaoraWuGaGFJL7iNzm1yI4b94BjxThy+/B/iVaXf/
wFV7TAEJfu//o6TId8ARb5Lolopr+MHVVHLnqTJGF/pLHQ6DLYDTAIAXUQw2ojhf
VJkp21o317VITmKGck7HMlr1/HsF1MKyASy//yHhD72mNTVfHdT0diT/CQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJQdGNnlsNnxpfQ/TaFCEwXoeYn2MB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvbEIwWTJlV3cyZkdsOUQ5Tm9VSVRCZWg1aWZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCTS+cAwQA
TS/zAwQBw7KMAwQC1G/cMA0GCSqGSIb3DQEBCwUAA4IBAQAnoVD/nL92Mgdwl/Zi
b12tNZNUcqhL22YMJ6XT0v1XBp1KdEk4bYDKO9yQtVdn9QMNM05sJ8zLSn+ACgks
pki+zeUAhS327AQ0vUw3FxiprK5VyzjYVuUi0+6HD8PaLqiurg3BCmyKvSEuzePN
BaTk5W9J0QZ0Vnr8FQ82z/dQpAGm3iYTUhXmWItlb6+/+puOFpP4C6f3oldKOjxj
5jwR/hBrg4ih4DMpWst/UlAB4FEH4hrleX90AnVwJY2g/Yu+YOw8SbK7AhZzj61M
2ljaL4O29jQLyIXwXeRmTgXCNkg7camdGQ+v7K06wFsxA9A+9S6H0Yg3ak5lqT1a
uYgG
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:12:25 2025 by rpki-client