Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/GhuWyLVOMNHxmFtEArmLaJYowk4.roa
File: GhuWyLVOMNHxmFtEArmLaJYowk4.roa (raw, json)
Hash identifier: Ywh/XerdCYDMoWXCvI6EJekE/VduBkzUPrWkloYwW84=
Subject key identifier: 1A:1B:96:C8:B5:4E:30:D1:F1:98:5B:44:02:B9:8B:68:96:28:C2:4E
Certificate issuer: /CN=5975d519de239cf164cb94a6660c2530ceaef254
Certificate serial: 01990A19A3AF9EAE93CDDBDEE94F29F17BAC
Authority key identifier: 59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/GhuWyLVOMNHxmFtEArmLaJYowk4.roa
Signing time: Tue 02 Sep 2025 11:04:36 +0000
ROA not before: Tue 02 Sep 2025 11:04:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207144
IP address blocks: 85.11.128.0/24 maxlen: 24
85.11.129.0/24 maxlen: 24
85.11.130.0/24 maxlen: 24
85.11.131.0/24 maxlen: 24
85.11.132.0/24 maxlen: 24
85.11.133.0/24 maxlen: 24
85.11.134.0/24 maxlen: 24
85.11.135.0/24 maxlen: 24
85.11.136.0/24 maxlen: 24
85.11.137.0/24 maxlen: 24
85.11.138.0/24 maxlen: 24
85.11.139.0/24 maxlen: 24
85.11.140.0/24 maxlen: 24
85.11.141.0/24 maxlen: 24
85.11.142.0/24 maxlen: 24
85.11.143.0/24 maxlen: 24
85.11.160.0/24 maxlen: 24
85.11.162.0/24 maxlen: 24
85.11.164.0/24 maxlen: 24
85.11.165.0/24 maxlen: 24
85.11.166.0/24 maxlen: 24
85.11.168.0/24 maxlen: 24
85.11.169.0/24 maxlen: 24
85.11.170.0/24 maxlen: 24
85.11.171.0/24 maxlen: 24
85.11.172.0/24 maxlen: 24
85.11.173.0/24 maxlen: 24
85.11.174.0/24 maxlen: 24
85.11.175.0/24 maxlen: 24
85.11.176.0/24 maxlen: 24
85.11.177.0/24 maxlen: 24
85.11.178.0/24 maxlen: 24
85.11.179.0/24 maxlen: 24
85.11.184.0/24 maxlen: 24
85.11.185.0/24 maxlen: 24
85.11.186.0/24 maxlen: 24
85.11.188.0/24 maxlen: 24
85.11.189.0/24 maxlen: 24
85.11.191.0/24 maxlen: 24
185.164.240.0/24 maxlen: 24
185.164.241.0/24 maxlen: 24
185.164.242.0/24 maxlen: 24
185.164.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 23:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0a:19:a3:af:9e:ae:93:cd:db:de:e9:4f:29:f1:7b:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5975d519de239cf164cb94a6660c2530ceaef254
Validity
Not Before: Sep 2 11:04:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a1b96c8b54e30d1f1985b4402b98b689628c24e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:99:d4:e0:42:19:2a:31:d0:9c:cb:00:f3:93:
e5:39:22:90:b7:f3:b4:15:3e:6b:96:11:c5:00:23:
35:26:29:50:ca:74:ef:ed:b1:65:e5:c7:0c:2e:3d:
4f:28:f3:92:cd:f3:83:88:02:c1:af:c0:1b:dc:85:
c2:3d:b6:c1:86:d0:0f:82:d8:02:de:30:b8:53:7d:
ff:85:27:fe:a1:7f:a8:ac:ba:75:34:02:37:65:ac:
b1:cd:56:56:56:09:52:ee:0e:30:70:fc:6b:5f:28:
8e:df:1a:f6:53:08:5a:a2:bb:5f:9c:bd:b0:db:22:
ac:be:11:a2:7a:ac:42:04:bc:c8:d4:75:93:77:13:
5c:75:ac:05:b1:e0:73:b8:0b:88:3a:98:8d:55:f4:
22:ad:85:d4:0c:2e:ad:ab:8d:2c:7e:56:68:eb:3c:
46:3f:1a:5b:35:80:b8:b1:4f:a8:a8:3c:ff:a3:c7:
d2:e0:b9:2c:1b:23:00:f5:fc:37:1c:ac:b4:03:6e:
9c:f3:34:42:5d:13:75:28:67:4d:9a:85:19:fa:93:
b2:0d:96:88:33:bd:31:49:32:56:d3:b2:fd:04:77:
55:0c:66:da:f7:3c:a6:25:43:9f:94:7d:cd:8e:73:
87:93:d4:50:fe:ec:45:82:e8:cd:8d:6a:eb:af:c6:
ad:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:1B:96:C8:B5:4E:30:D1:F1:98:5B:44:02:B9:8B:68:96:28:C2:4E
X509v3 Authority Key Identifier:
keyid:59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/GhuWyLVOMNHxmFtEArmLaJYowk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.11.128.0/20
85.11.160.0/24
85.11.162.0/24
85.11.164.0-85.11.166.255
85.11.168.0-85.11.179.255
85.11.184.0-85.11.186.255
85.11.188.0/23
85.11.191.0/24
185.164.240.0/22
Signature Algorithm: sha256WithRSAEncryption
c3:55:40:20:67:f5:6c:eb:4a:84:23:01:71:13:54:40:57:b8:
7a:80:1e:09:d1:f2:a4:bc:57:17:3e:2e:f2:78:ce:92:4b:0e:
fc:f4:aa:bc:f8:39:9d:1c:c4:08:29:26:85:8e:ad:b1:9a:f7:
e5:23:75:68:66:6b:72:46:4e:71:e4:d3:b6:d4:0d:f5:fa:ec:
bd:34:ae:87:c5:d7:62:c7:63:ca:58:02:8b:b2:db:e4:14:66:
69:59:cd:f3:19:f8:07:7b:b2:ed:30:27:fc:6f:50:c5:35:c5:
86:eb:76:0c:86:37:6a:63:a0:b9:70:a4:0a:81:46:02:5c:f8:
a4:7f:0b:28:f4:ed:80:b1:0e:7b:fd:60:bc:a1:9d:f4:fa:6a:
61:0b:bb:23:a1:ce:12:08:88:c2:ba:29:b8:bb:8a:e9:c6:79:
1a:ec:72:bb:6b:11:34:9c:34:66:ca:03:ce:0f:d1:17:e4:29:
94:c7:40:67:a0:f1:3f:a3:19:e6:0b:10:7e:71:d1:af:f9:c3:
07:e1:7f:e7:ce:ca:c8:c2:fa:5c:01:77:1f:54:41:b2:bf:64:
1b:05:b2:47:b4:e8:b3:bc:7d:e0:7e:ad:45:01:bb:e6:7c:89:
98:47:93:77:6d:d0:e4:e6:d9:26:19:ba:bb:d7:3a:38:f9:02:
3f:45:b3:fd
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZkKGaOvnq6Tzdve6U8p8XusMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NzVkNTE5ZGUyMzljZjE2NGNiOTRhNjY2MGMyNTMwY2Vh
ZWYyNTQwHhcNMjUwOTAyMTEwNDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTFiOTZjOGI1NGUzMGQxZjE5ODViNDQwMmI5OGI2ODk2MjhjMjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJnU4EIZKjHQnMsA85PlOSKQt/O0
FT5rlhHFACM1JilQynTv7bFl5ccMLj1PKPOSzfODiALBr8Ab3IXCPbbBhtAPgtgC
3jC4U33/hSf+oX+orLp1NAI3ZayxzVZWVglS7g4wcPxrXyiO3xr2UwhaortfnL2w
2yKsvhGieqxCBLzI1HWTdxNcdawFseBzuAuIOpiNVfQirYXUDC6tq40sflZo6zxG
PxpbNYC4sU+oqDz/o8fS4LksGyMA9fw3HKy0A26c8zRCXRN1KGdNmoUZ+pOyDZaI
M70xSTJW07L9BHdVDGba9zymJUOflH3NjnOHk9RQ/uxFgujNjWrrr8atgwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFBoblsi1TjDR8ZhbRAK5i2iWKMJOMB8GA1UdIwQY
MBaAFFl11RneI5zxZMuUpmYMJTDOrvJUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUt
MmNjNjc1NzI2OTc1LzEvR2h1V3lMVk9NTkh4bUZ0RUFybUxhSllvd2s0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUtMmNjNjc1NzI2OTc1
LzEvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQEVQuAAwQA
VQugAwQAVQuiMAwDBAJVC6QDBABVC6YwDAMEA1ULqAMEAlULsDAMAwQDVQu4AwQA
VQu6AwQBVQu8AwQAVQu/AwQCuaTwMA0GCSqGSIb3DQEBCwUAA4IBAQDDVUAgZ/Vs
60qEIwFxE1RAV7h6gB4J0fKkvFcXPi7yeM6SSw789Kq8+DmdHMQIKSaFjq2xmvfl
I3VoZmtyRk5x5NO21A31+uy9NK6Hxddix2PKWAKLstvkFGZpWc3zGfgHe7LtMCf8
b1DFNcWG63YMhjdqY6C5cKQKgUYCXPikfwso9O2AsQ57/WC8oZ30+mphC7sjoc4S
CIjCuim4u4rpxnka7HK7axE0nDRmygPOD9EX5CmUx0BnoPE/oxnmCxB+cdGv+cMH
4X/nzsrIwvpcAXcfVEGyv2QbBbJHtOizvH3gfq1FAbvmfImYR5N3bdDk5tkmGbq7
1zo4+QI/RbP9
-----END CERTIFICATE-----
Generated at Tue Sep 9 07:52:22 2025 by rpki-client