Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/GNzsCq9UcoPEjNUJsHvqEaDTmhI.roa
File: GNzsCq9UcoPEjNUJsHvqEaDTmhI.roa (raw, json)
Hash identifier: UUPKwITy6fppL/i4iIfPQtQ+oEwY++MmCUS8CWuHxoc=
Subject key identifier: 18:DC:EC:0A:AF:54:72:83:C4:8C:D5:09:B0:7B:EA:11:A0:D3:9A:12
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 019A067AD0AD9F800ED439E651F79C47F3FC
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/GNzsCq9UcoPEjNUJsHvqEaDTmhI.roa
Signing time: Tue 21 Oct 2025 11:15:03 +0000
ROA not before: Tue 21 Oct 2025 11:15:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41039
IP address blocks: 5.153.176.0/23 maxlen: 23
5.153.178.0/24 maxlen: 24
5.153.179.0/24 maxlen: 24
5.153.181.0/24 maxlen: 24
5.153.184.0/24 maxlen: 24
5.153.185.0/24 maxlen: 24
5.153.186.0/24 maxlen: 24
5.153.187.0/24 maxlen: 24
5.153.188.0/24 maxlen: 24
92.242.96.0/19 maxlen: 24
92.242.110.0/23 maxlen: 24
92.242.110.0/24 maxlen: 24
128.0.93.0/24 maxlen: 24
195.184.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.mft
rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 13:57:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:06:7a:d0:ad:9f:80:0e:d4:39:e6:51:f7:9c:47:f3:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: Oct 21 11:15:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18dcec0aaf547283c48cd509b07bea11a0d39a12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:43:4d:d6:fd:9c:30:1a:5c:bd:53:54:9b:fa:
02:a5:fb:5d:63:39:4a:f7:72:f2:aa:a1:ed:3f:2f:
cc:28:03:18:b4:89:ac:78:f6:43:76:06:03:58:90:
91:b4:a1:50:9d:7a:b9:51:b2:eb:2d:8f:9e:17:5d:
5d:af:86:b9:41:f3:56:a7:56:e4:8f:08:d2:bb:fc:
70:87:c7:35:b7:f9:60:40:78:14:9e:4e:b3:8a:8d:
78:c7:39:e0:12:d3:21:6c:6d:ed:a3:c3:9d:91:37:
28:f6:6f:43:1f:41:c2:80:b4:42:b5:9d:9e:d9:c7:
ee:05:49:2b:af:16:c6:1b:0b:47:8e:32:4d:d0:20:
1f:f8:fd:33:27:49:99:a2:c1:45:57:a3:85:da:be:
47:33:25:12:fd:33:9e:e7:a0:d6:2d:f6:30:e7:1c:
64:63:2f:4b:fa:9b:56:f3:d8:08:ac:a7:74:fd:76:
25:e6:66:2b:d1:bb:d3:74:a9:19:5f:c6:f0:11:7a:
5b:40:90:72:6f:e0:0e:bc:27:1f:0e:10:2f:bb:e5:
60:1a:74:c9:90:c8:86:ec:01:80:9d:e7:a7:7a:16:
da:5c:1e:02:6c:51:63:a4:a7:8e:ff:91:da:0b:60:
3e:d8:df:89:c2:df:07:59:01:15:1b:fd:da:9d:d6:
87:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:DC:EC:0A:AF:54:72:83:C4:8C:D5:09:B0:7B:EA:11:A0:D3:9A:12
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/GNzsCq9UcoPEjNUJsHvqEaDTmhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.176.0/22
5.153.181.0/24
5.153.184.0-5.153.188.255
92.242.96.0/19
128.0.93.0/24
195.184.192.0/19
Signature Algorithm: sha256WithRSAEncryption
50:1f:fe:fa:3d:d0:48:fe:5c:2d:69:23:06:bd:bc:bd:ea:65:
5f:a4:1d:0b:aa:4a:1a:44:f6:9b:3a:bb:60:7a:e0:be:3f:e3:
64:66:94:6a:30:94:84:52:85:a9:2a:2d:1e:a1:ba:f4:e3:8d:
96:1a:e8:10:e6:8c:f5:8d:3a:f0:07:5a:20:7f:c5:e1:e4:98:
5f:91:42:55:da:32:5c:82:88:fb:ed:40:69:13:71:a9:ee:a6:
ae:c0:f1:09:28:f8:9e:81:4b:59:46:42:05:ef:b7:89:db:e2:
9f:bb:ff:89:a4:c1:10:63:41:70:a3:6e:93:a4:95:82:ab:d4:
29:fe:44:33:89:18:90:dd:8a:43:ec:f6:10:25:58:ce:9f:9a:
bd:d0:dc:bf:fc:73:fd:a4:91:79:17:4d:4a:3d:24:a5:48:67:
55:45:73:41:4d:fa:40:cd:f8:1b:5d:b5:c8:7c:0a:28:46:b8:
3f:b5:3d:a4:34:d7:44:9b:2e:cd:7b:58:5e:11:cb:8d:c4:61:
db:75:10:3e:12:7f:04:4f:dd:7c:24:84:07:11:a8:46:b4:5f:
17:bd:64:66:c3:5a:38:74:6b:26:a7:d8:74:48:04:63:3b:71:
15:47:b9:26:b7:5c:7f:ef:e5:cb:70:70:ce:ef:0c:13:a3:77:
62:83:3a:85
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZoGetCtn4AO1DnmUfecR/P8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx
ZGRhMTYwHhcNMjUxMDIxMTExNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGRjZWMwYWFmNTQ3MjgzYzQ4Y2Q1MDliMDdiZWExMWEwZDM5YTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArENN1v2cMBpcvVNUm/oCpftdYzlK
93LyqqHtPy/MKAMYtImsePZDdgYDWJCRtKFQnXq5UbLrLY+eF11dr4a5QfNWp1bk
jwjSu/xwh8c1t/lgQHgUnk6zio14xzngEtMhbG3to8OdkTco9m9DH0HCgLRCtZ2e
2cfuBUkrrxbGGwtHjjJN0CAf+P0zJ0mZosFFV6OF2r5HMyUS/TOe56DWLfYw5xxk
Yy9L+ptW89gIrKd0/XYl5mYr0bvTdKkZX8bwEXpbQJByb+AOvCcfDhAvu+VgGnTJ
kMiG7AGAneenehbaXB4CbFFjpKeO/5HaC2A+2N+Jwt8HWQEVG/3andaHkwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFBjc7AqvVHKDxIzVCbB76hGg05oSMB8GA1UdIwQY
MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt
ZmVlOGYzNzkwNTY3LzEvR056c0NxOVVjb1BFak5VSnNIdnFFYURUbWhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3
LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCBZmwAwQA
BZm1MAwDBAMFmbgDBAAFmbwDBAVc8mADBACAAF0DBAXDuMAwDQYJKoZIhvcNAQEL
BQADggEBAFAf/vo90Ej+XC1pIwa9vL3qZV+kHQuqShpE9ps6u2B64L4/42RmlGow
lIRShakqLR6huvTjjZYa6BDmjPWNOvAHWiB/xeHkmF+RQlXaMlyCiPvtQGkTcanu
pq7A8Qko+J6BS1lGQgXvt4nb4p+7/4mkwRBjQXCjbpOklYKr1Cn+RDOJGJDdikPs
9hAlWM6fmr3Q3L/8c/2kkXkXTUo9JKVIZ1VFc0FN+kDN+Btdtch8CihGuD+1PaQ0
10SbLs17WF4Ry43EYdt1ED4SfwRP3XwkhAcRqEa0Xxe9ZGbDWjh0ayan2HRIBGM7
cRVHuSa3XH/v5ctwcM7vDBOjd2KDOoU=
-----END CERTIFICATE-----
Generated at Tue Oct 28 15:58:57 2025 by rpki-client