Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/G9INx3NyyQc7BAeJw3i2q8-1Dm4.roa
File: G9INx3NyyQc7BAeJw3i2q8-1Dm4.roa (raw, json)
Hash identifier: cnOT2ur9tW+32zJKD2GfjrC6aEJUkYxNW2hnZl5aLwM=
Subject key identifier: 1B:D2:0D:C7:73:72:C9:07:3B:04:07:89:C3:78:B6:AB:CF:B5:0E:6E
Certificate issuer: /CN=8da03e0d020efc944c1eebdaee5427d365b70076
Certificate serial: 019A21B0242DC83E183C3D05A4259DCD2EA7
Authority key identifier: 8D:A0:3E:0D:02:0E:FC:94:4C:1E:EB:DA:EE:54:27:D3:65:B7:00:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jaA-DQIO_JRMHuva7lQn02W3AHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/G9INx3NyyQc7BAeJw3i2q8-1Dm4.roa
Signing time: Sun 26 Oct 2025 18:03:03 +0000
ROA not before: Sun 26 Oct 2025 18:03:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202561
IP address blocks: 185.200.36.0/22 maxlen: 24
185.200.36.0/24 maxlen: 24
185.200.37.0/24 maxlen: 24
185.200.38.0/24 maxlen: 24
185.200.39.0/24 maxlen: 24
198.145.118.0/24 maxlen: 24
198.145.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/jaA-DQIO_JRMHuva7lQn02W3AHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/jaA-DQIO_JRMHuva7lQn02W3AHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/jaA-DQIO_JRMHuva7lQn02W3AHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 12:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:21:b0:24:2d:c8:3e:18:3c:3d:05:a4:25:9d:cd:2e:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8da03e0d020efc944c1eebdaee5427d365b70076
Validity
Not Before: Oct 26 18:03:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bd20dc77372c9073b040789c378b6abcfb50e6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b4:22:bd:5c:1e:5d:0c:c8:83:9d:12:46:98:
af:71:32:6d:49:3f:a0:eb:a0:c5:6c:0d:58:07:20:
b4:54:74:11:7c:a9:46:f0:5d:7c:63:d7:58:97:69:
03:62:65:9b:f2:cd:d5:98:cd:88:48:88:6f:e8:81:
e5:28:29:8a:51:38:86:14:38:a4:8f:44:49:31:35:
98:1f:4f:d3:26:67:12:9e:7d:bf:48:e6:62:a8:93:
bc:9c:4c:59:e7:bc:1f:9a:c2:fd:b7:ce:20:59:23:
25:19:97:86:2b:ea:99:7a:91:10:ae:2c:98:08:b9:
0c:cb:0b:45:cb:72:31:5f:59:f9:fb:d0:5b:d8:54:
d2:94:a3:f9:b0:90:16:45:76:9a:8b:42:a8:45:eb:
aa:84:a7:08:d5:24:4a:13:26:48:3b:7b:dc:13:87:
9f:98:c0:05:9d:ac:2c:79:3c:b4:b8:85:e5:2a:23:
15:e5:e6:c7:44:0d:9c:ea:43:70:c7:ef:b4:2f:7d:
ac:8c:31:3e:0b:e6:45:3c:13:c1:5c:51:d4:48:a5:
35:68:9c:44:55:5c:77:26:6c:6d:eb:5d:a7:59:88:
5c:82:4b:32:f6:dc:c6:01:99:84:ce:75:c5:41:89:
95:63:e6:3d:d8:12:52:d2:fb:00:8d:30:c3:0c:9b:
60:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D2:0D:C7:73:72:C9:07:3B:04:07:89:C3:78:B6:AB:CF:B5:0E:6E
X509v3 Authority Key Identifier:
keyid:8D:A0:3E:0D:02:0E:FC:94:4C:1E:EB:DA:EE:54:27:D3:65:B7:00:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jaA-DQIO_JRMHuva7lQn02W3AHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/G9INx3NyyQc7BAeJw3i2q8-1Dm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/562112-ad44-4d71-9cb9-fb7d7dca34a7/1/jaA-DQIO_JRMHuva7lQn02W3AHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.200.36.0/22
198.145.118.0/23
Signature Algorithm: sha256WithRSAEncryption
85:dc:ed:5e:ab:38:23:cc:ea:70:07:08:e4:bf:32:42:ca:42:
fc:4d:e2:95:ad:be:df:03:e2:60:5e:f1:52:ea:d6:03:1d:4c:
8b:4f:7d:fb:b3:87:a1:31:11:5a:43:2c:6c:d5:59:0c:b7:a7:
a3:d8:fb:f5:47:ba:d8:77:d0:49:1d:47:f5:a5:18:b6:60:03:
5b:ea:9c:6c:74:18:a8:66:11:16:af:af:88:c3:4d:53:f2:19:
0e:50:71:a7:e6:51:ea:fe:93:1f:d6:cc:59:53:24:84:df:54:
b6:89:49:a1:ab:98:9b:91:ba:61:f9:24:54:7e:1d:e8:3a:bd:
36:1b:ed:b9:a9:4d:c4:34:d3:13:5c:35:0e:3a:e8:9b:e7:45:
1a:dd:aa:e8:70:04:ce:a7:29:f9:6a:3c:5c:c9:df:43:b1:09:
1f:22:78:7d:14:5e:d7:70:e3:2e:20:a1:b5:d0:b8:88:df:97:
56:c9:29:18:23:1d:17:65:02:f7:61:0a:1e:be:db:13:1c:dd:
27:9c:92:66:53:0b:73:5f:25:1e:96:b6:42:e8:31:b1:22:be:
71:62:0c:70:7c:c6:77:b4:82:16:44:e4:ec:65:02:25:52:b7:
38:6d:00:43:44:6f:5e:08:ad:db:42:35:f8:9b:cb:9b:80:f0:
b4:3d:22:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZohsCQtyD4YPD0FpCWdzS6nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYTAzZTBkMDIwZWZjOTQ0YzFlZWJkYWVlNTQyN2QzNjVi
NzAwNzYwHhcNMjUxMDI2MTgwMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmQyMGRjNzczNzJjOTA3M2IwNDA3ODljMzc4YjZhYmNmYjUwZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7QivVweXQzIg50SRpivcTJtST+g
66DFbA1YByC0VHQRfKlG8F18Y9dYl2kDYmWb8s3VmM2ISIhv6IHlKCmKUTiGFDik
j0RJMTWYH0/TJmcSnn2/SOZiqJO8nExZ57wfmsL9t84gWSMlGZeGK+qZepEQriyY
CLkMywtFy3IxX1n5+9Bb2FTSlKP5sJAWRXaai0KoReuqhKcI1SRKEyZIO3vcE4ef
mMAFnawseTy0uIXlKiMV5ebHRA2c6kNwx++0L32sjDE+C+ZFPBPBXFHUSKU1aJxE
VVx3Jmxt612nWYhcgksy9tzGAZmEznXFQYmVY+Y92BJS0vsAjTDDDJtgDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBvSDcdzcskHOwQHicN4tqvPtQ5uMB8GA1UdIwQY
MBaAFI2gPg0CDvyUTB7r2u5UJ9NltwB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamFBLURRSU9fSlJNSHV2YTdsUW4wMlczQUhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS81NjIxMTItYWQ0NC00ZDcxLTljYjkt
ZmI3ZDdkY2EzNGE3LzEvRzlJTngzTnl5UWM3QkFlSnczaTJxOC0xRG00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS81NjIxMTItYWQ0NC00ZDcxLTljYjktZmI3ZDdkY2EzNGE3
LzEvamFBLURRSU9fSlJNSHV2YTdsUW4wMlczQUhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCucgkAwQB
xpF2MA0GCSqGSIb3DQEBCwUAA4IBAQCF3O1eqzgjzOpwBwjkvzJCykL8TeKVrb7f
A+JgXvFS6tYDHUyLT337s4ehMRFaQyxs1VkMt6ej2Pv1R7rYd9BJHUf1pRi2YANb
6pxsdBioZhEWr6+Iw01T8hkOUHGn5lHq/pMf1sxZUySE31S2iUmhq5ibkbph+SRU
fh3oOr02G+25qU3ENNMTXDUOOuib50Ua3arocATOpyn5ajxcyd9DsQkfInh9FF7X
cOMuIKG10LiI35dWySkYIx0XZQL3YQoevtsTHN0nnJJmUwtzXyUelrZC6DGxIr5x
YgxwfMZ3tIIWROTsZQIlUrc4bQBDRG9eCK3bQjX4m8ubgPC0PSKY
-----END CERTIFICATE-----
Generated at Mon Oct 27 17:48:13 2025 by rpki-client