Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/GmOqxuEuN1Tfs3ZXyOClDKwDRnE.roa
File: GmOqxuEuN1Tfs3ZXyOClDKwDRnE.roa (raw, json)
Hash identifier: QX/Zhd0qnfiQCPmbJBJ0ddxx+7m2Y1ol1PkcycX6Xfw=
Subject key identifier: 1A:63:AA:C6:E1:2E:37:54:DF:B3:76:57:C8:E0:A5:0C:AC:03:46:71
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01991542D20217224B3011E74BBEB5CB9C06
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/GmOqxuEuN1Tfs3ZXyOClDKwDRnE.roa
Signing time: Thu 04 Sep 2025 15:05:24 +0000
ROA not before: Thu 04 Sep 2025 15:05:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43419
IP address blocks: 185.229.218.0/24 maxlen: 24
2a04:3a40:8000::/33 maxlen: 33
2a0a:e9c4::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 22:03:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:15:42:d2:02:17:22:4b:30:11:e7:4b:be:b5:cb:9c:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Sep 4 15:05:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a63aac6e12e3754dfb37657c8e0a50cac034671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:03:f1:af:9e:3d:63:80:2c:6d:b0:d5:45:d7:
e5:ec:76:bb:a1:6f:ca:ee:7e:73:90:4b:54:62:6b:
37:48:43:02:07:f0:a6:d2:28:0c:3b:63:e2:96:97:
6b:0d:cd:0f:c0:da:72:b4:e1:01:5e:72:6d:89:5f:
ce:9d:2d:0c:d5:4b:85:1a:0d:6b:00:ff:b8:1f:38:
ed:a2:3b:f9:e2:ef:00:70:f5:67:95:c4:a4:f6:2d:
3c:f2:bc:4f:48:16:f9:f7:a5:1a:33:72:fb:7d:f3:
31:f0:75:6e:54:68:58:da:a8:92:25:2b:73:16:aa:
23:77:00:34:11:d0:55:fc:e0:38:e6:bd:b3:a1:78:
45:a5:91:c1:c1:5a:4e:9b:ed:ad:9a:ac:23:da:51:
02:f8:2e:58:99:c5:26:2f:ea:2c:19:8a:03:81:e5:
e9:82:d9:0c:28:c1:31:07:2d:4e:a6:0d:7b:93:fd:
a6:7b:e5:fa:f9:a9:c9:bd:11:ff:40:dd:06:6e:f4:
aa:90:92:a4:be:7e:69:49:10:11:14:d6:bc:51:ce:
a0:ce:ed:0a:89:85:c2:b4:60:8e:87:bf:bd:9c:5f:
bf:05:cf:5a:ea:a6:83:5a:97:24:89:ed:45:3a:ef:
c4:40:dc:e3:a4:67:e6:e4:a6:70:c1:c7:e3:46:48:
a2:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:63:AA:C6:E1:2E:37:54:DF:B3:76:57:C8:E0:A5:0C:AC:03:46:71
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/GmOqxuEuN1Tfs3ZXyOClDKwDRnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.218.0/24
IPv6:
2a04:3a40:8000::/33
2a0a:e9c4::/32
Signature Algorithm: sha256WithRSAEncryption
c2:ae:53:78:44:48:bd:11:2b:72:0d:64:27:e8:bb:e5:94:56:
50:6a:28:24:7f:4f:49:16:c1:bd:a5:48:91:96:06:03:c9:b7:
00:20:4e:43:d2:3a:87:4f:2f:55:0e:6f:d3:53:45:ea:8d:ac:
55:36:1b:98:bc:10:9b:19:87:68:27:af:16:46:b4:61:8e:b8:
c6:4b:7e:28:75:e6:e7:f6:fc:12:75:d1:0a:31:39:54:0d:e2:
9f:a7:77:d5:54:ad:99:5b:49:c8:dd:04:df:c8:7e:25:91:69:
71:4a:bf:5f:b9:c4:9d:25:63:7c:12:0b:ee:59:c9:99:01:5d:
e3:8b:42:3f:94:c0:65:2a:f5:30:eb:50:5f:c6:3e:bf:0e:fa:
2b:d0:df:9d:62:38:6e:59:87:a3:4e:59:84:47:60:51:f0:81:
be:99:0b:9f:51:58:62:a9:79:ae:43:6d:2d:d6:24:9f:5e:b5:
a1:fd:c9:76:ab:28:a7:ab:6d:0f:62:18:b8:d5:08:c8:ca:30:
f7:10:40:90:8e:67:20:ea:a3:05:a7:38:a4:8d:6b:a3:d2:57:
aa:28:4d:dc:c5:ef:f9:39:b0:42:46:ed:fe:5f:2f:85:ba:6e:
aa:00:55:73:ac:72:ec:25:f3:fc:eb:bb:90:b0:86:bd:ad:90:
0a:bb:16:97
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZkVQtICFyJLMBHnS761y5wGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwOTA0MTUwNTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTYzYWFjNmUxMmUzNzU0ZGZiMzc2NTdjOGUwYTUwY2FjMDM0NjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwPxr549Y4AsbbDVRdfl7Ha7oW/K
7n5zkEtUYms3SEMCB/Cm0igMO2PilpdrDc0PwNpytOEBXnJtiV/OnS0M1UuFGg1r
AP+4Hzjtojv54u8AcPVnlcSk9i088rxPSBb596UaM3L7ffMx8HVuVGhY2qiSJStz
FqojdwA0EdBV/OA45r2zoXhFpZHBwVpOm+2tmqwj2lEC+C5YmcUmL+osGYoDgeXp
gtkMKMExBy1Opg17k/2me+X6+anJvRH/QN0GbvSqkJKkvn5pSRARFNa8Uc6gzu0K
iYXCtGCOh7+9nF+/Bc9a6qaDWpckie1FOu/EQNzjpGfm5KZwwcfjRkiibwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFBpjqsbhLjdU37N2V8jgpQysA0ZxMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvR21PcXh1RXVOMVRmczNaWHlPQ2xES3dEUm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAMBAIAATAGAwQAueXaMBUE
AgACMA8DBgcqBDpAgAMFACoK6cQwDQYJKoZIhvcNAQELBQADggEBAMKuU3hESL0R
K3INZCfou+WUVlBqKCR/T0kWwb2lSJGWBgPJtwAgTkPSOodPL1UOb9NTReqNrFU2
G5i8EJsZh2gnrxZGtGGOuMZLfih15uf2/BJ10QoxOVQN4p+nd9VUrZlbScjdBN/I
fiWRaXFKv1+5xJ0lY3wSC+5ZyZkBXeOLQj+UwGUq9TDrUF/GPr8O+ivQ351iOG5Z
h6NOWYRHYFHwgb6ZC59RWGKpea5DbS3WJJ9etaH9yXarKKerbQ9iGLjVCMjKMPcQ
QJCOZyDqowWnOKSNa6PSV6ooTdzF7/k5sEJG7f5fL4W6bqoAVXOscuwl8/zru5Cw
hr2tkAq7Fpc=
-----END CERTIFICATE-----
Generated at Tue Sep 9 08:03:40 2025 by rpki-client