Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/GTwCdmzWA6QaEWyYwKO0fp9YsNw.roa
File: GTwCdmzWA6QaEWyYwKO0fp9YsNw.roa (raw, json)
Hash identifier: q4hcGqvhzh6uIbHfBuaV53eS+/uSJfnfNZEVM082vyA=
Subject key identifier: 19:3C:02:76:6C:D6:03:A4:1A:11:6C:98:C0:A3:B4:7E:9F:58:B0:DC
Certificate issuer: /CN=e215be4532e9588c40531a7f331eabfbf4770a5e
Certificate serial: 01991A6EA9DE0D9FC27C7D24E56F982E6CB4
Authority key identifier: E2:15:BE:45:32:E9:58:8C:40:53:1A:7F:33:1E:AB:FB:F4:77:0A:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/GTwCdmzWA6QaEWyYwKO0fp9YsNw.roa
Signing time: Fri 05 Sep 2025 15:11:24 +0000
ROA not before: Fri 05 Sep 2025 15:11:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50540
IP address blocks: 95.128.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1a:6e:a9:de:0d:9f:c2:7c:7d:24:e5:6f:98:2e:6c:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e215be4532e9588c40531a7f331eabfbf4770a5e
Validity
Not Before: Sep 5 15:11:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=193c02766cd603a41a116c98c0a3b47e9f58b0dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f8:b8:5c:09:fc:11:0d:b3:52:15:7d:7d:08:
c5:bc:39:de:5e:52:3f:52:07:0e:c9:43:25:26:05:
93:23:2f:70:9c:12:e7:92:40:1e:e3:0a:41:cc:44:
e0:cd:86:f7:47:0a:44:38:60:21:0b:f0:21:74:33:
f4:88:15:5b:81:b3:37:28:41:2e:c5:0b:48:ba:0c:
53:49:ed:a3:40:ef:01:09:54:4c:c1:0e:ca:07:f1:
82:3f:15:60:5d:b9:00:33:b0:ab:98:14:9a:d9:90:
3c:95:6a:d2:bc:a4:e9:38:6c:3c:b8:f0:f8:09:b2:
66:47:c8:24:77:c3:b4:c7:de:76:2c:0f:24:f1:30:
6d:7b:85:2e:d9:98:61:58:b3:ef:11:87:3c:bb:fb:
0a:39:8a:d8:db:60:c5:ae:2c:fd:4b:01:d1:97:7f:
b6:37:a4:87:78:e5:d8:4a:43:37:63:15:b8:ad:3d:
0e:70:7d:49:80:0d:18:e9:a5:2d:02:7d:3e:6b:b7:
31:85:cb:60:65:b2:33:d3:90:a3:79:ac:d0:ba:e6:
de:99:2d:bb:04:d7:90:05:5d:9a:2e:e1:e5:59:80:
d5:84:37:c1:4a:49:05:db:ab:9e:cb:44:27:e4:ef:
a1:19:34:63:80:8a:48:38:87:93:c9:5f:9c:9e:3f:
e2:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:3C:02:76:6C:D6:03:A4:1A:11:6C:98:C0:A3:B4:7E:9F:58:B0:DC
X509v3 Authority Key Identifier:
keyid:E2:15:BE:45:32:E9:58:8C:40:53:1A:7F:33:1E:AB:FB:F4:77:0A:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/GTwCdmzWA6QaEWyYwKO0fp9YsNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/4ee85e-22cb-42ed-9071-4651fd802737/1/4hW-RTLpWIxAUxp_Mx6r-_R3Cl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.59.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:20:89:7f:65:3f:d4:1c:6a:1b:7d:86:3c:1c:84:5e:d1:cf:
05:cd:f9:b0:95:33:76:c5:7f:84:a5:c7:27:1f:3a:82:df:bd:
ba:89:fb:fe:a1:f9:91:c1:0e:ca:b2:62:db:04:d4:4d:68:84:
19:5a:36:4c:23:1c:94:22:8b:3e:15:9d:43:7f:8f:02:11:20:
4d:86:87:7f:ab:4f:74:31:bc:68:ee:a3:5c:53:be:6b:3f:1c:
5f:81:bf:39:04:fb:58:e3:8f:88:ad:62:67:19:04:53:47:c9:
2f:59:56:db:22:51:5e:40:10:c2:30:d8:90:c7:8e:b6:a8:d9:
d9:4a:12:8f:01:71:7e:3b:f5:5f:62:b1:31:46:af:c3:76:46:
5a:87:63:ca:2a:39:25:6b:e3:b0:50:b1:65:ae:1c:15:1d:45:
64:d0:16:3c:bc:b5:ee:af:a1:42:fb:76:60:65:89:33:69:66:
c6:ac:eb:34:fc:11:a7:ec:9c:6e:4f:58:9a:fd:6a:ce:c0:ae:
39:13:a6:5f:8a:9c:23:8b:c5:ce:0b:70:f6:4e:63:a2:e4:8f:
51:c8:1e:7a:b5:87:fa:7e:ec:a6:03:d1:f5:71:34:be:5b:ab:
63:fb:58:ee:af:02:11:f7:18:2c:77:ee:72:29:f4:7b:c6:75:
20:d3:a4:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZkabqneDZ/CfH0k5W+YLmy0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyMTViZTQ1MzJlOTU4OGM0MDUzMWE3ZjMzMWVhYmZiZjQ3
NzBhNWUwHhcNMjUwOTA1MTUxMTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTNjMDI3NjZjZDYwM2E0MWExMTZjOThjMGEzYjQ3ZTlmNThiMGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPi4XAn8EQ2zUhV9fQjFvDneXlI/
UgcOyUMlJgWTIy9wnBLnkkAe4wpBzETgzYb3RwpEOGAhC/AhdDP0iBVbgbM3KEEu
xQtIugxTSe2jQO8BCVRMwQ7KB/GCPxVgXbkAM7CrmBSa2ZA8lWrSvKTpOGw8uPD4
CbJmR8gkd8O0x952LA8k8TBte4Uu2ZhhWLPvEYc8u/sKOYrY22DFriz9SwHRl3+2
N6SHeOXYSkM3YxW4rT0OcH1JgA0Y6aUtAn0+a7cxhctgZbIz05CjeazQuubemS27
BNeQBV2aLuHlWYDVhDfBSkkF26uey0Qn5O+hGTRjgIpIOIeTyV+cnj/iawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBk8AnZs1gOkGhFsmMCjtH6fWLDcMB8GA1UdIwQY
MBaAFOIVvkUy6ViMQFMafzMeq/v0dwpeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGhXLVJUTHBXSXhBVXhwX014NnItX1IzQ2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS80ZWU4NWUtMjJjYi00MmVkLTkwNzEt
NDY1MWZkODAyNzM3LzEvR1R3Q2RteldBNlFhRVd5WXdLTzBmcDlZc053LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS80ZWU4NWUtMjJjYi00MmVkLTkwNzEtNDY1MWZkODAyNzM3
LzEvNGhXLVJUTHBXSXhBVXhwX014NnItX1IzQ2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4A7MA0G
CSqGSIb3DQEBCwUAA4IBAQC9IIl/ZT/UHGobfYY8HIRe0c8FzfmwlTN2xX+Epccn
HzqC3726ifv+ofmRwQ7KsmLbBNRNaIQZWjZMIxyUIos+FZ1Df48CESBNhod/q090
Mbxo7qNcU75rPxxfgb85BPtY44+IrWJnGQRTR8kvWVbbIlFeQBDCMNiQx462qNnZ
ShKPAXF+O/VfYrExRq/DdkZah2PKKjkla+OwULFlrhwVHUVk0BY8vLXur6FC+3Zg
ZYkzaWbGrOs0/BGn7JxuT1ia/WrOwK45E6Zfipwji8XOC3D2TmOi5I9RyB56tYf6
fuymA9H1cTS+W6tj+1jurwIR9xgsd+5yKfR7xnUg06Sg
-----END CERTIFICATE-----
Generated at Mon Sep 8 08:38:47 2025 by rpki-client