Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/gJteTM5QMHW5wPl49IU_gIV507E.roa
File: gJteTM5QMHW5wPl49IU_gIV507E.roa (raw, json)
Hash identifier: XCSWumIAankP+Z2HvUJO+g0ggzGYq5l8sE0CZQXx1Ic=
Subject key identifier: 80:9B:5E:4C:CE:50:30:75:B9:C0:F9:78:F4:85:3F:80:85:79:D3:B1
Certificate issuer: /CN=83f8fd7493a2fe056222db41ed693083b50eccfb
Certificate serial: 019A01B753754DB14BE51682C0C03AD00223
Authority key identifier: 83:F8:FD:74:93:A2:FE:05:62:22:DB:41:ED:69:30:83:B5:0E:CC:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g_j9dJOi_gViIttB7Wkwg7UOzPs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/gJteTM5QMHW5wPl49IU_gIV507E.roa
Signing time: Mon 20 Oct 2025 13:03:03 +0000
ROA not before: Mon 20 Oct 2025 13:03:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214227
IP address blocks: 160.32.184.0/23 maxlen: 23
160.32.184.0/24 maxlen: 24
160.32.186.0/23 maxlen: 23
160.32.186.0/24 maxlen: 24
160.32.188.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/g_j9dJOi_gViIttB7Wkwg7UOzPs.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/g_j9dJOi_gViIttB7Wkwg7UOzPs.mft
rsync://rpki.ripe.net/repository/DEFAULT/g_j9dJOi_gViIttB7Wkwg7UOzPs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:b7:53:75:4d:b1:4b:e5:16:82:c0:c0:3a:d0:02:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83f8fd7493a2fe056222db41ed693083b50eccfb
Validity
Not Before: Oct 20 13:03:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=809b5e4cce503075b9c0f978f4853f808579d3b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1e:69:f7:ed:4a:99:96:71:3e:eb:3b:0e:8d:
2f:22:eb:db:34:e8:c1:92:37:0b:44:dc:f7:ae:df:
77:2f:a2:5e:15:d6:22:05:e7:c3:d4:af:1c:a1:f6:
b2:14:4f:c5:7c:bb:9e:d4:41:d2:f1:2a:a8:86:68:
82:06:56:da:30:e8:bf:26:c1:4a:28:15:85:1f:4a:
7c:d2:e0:21:65:4c:35:bf:d1:6a:25:14:58:09:7f:
81:81:c0:88:b6:6a:d6:54:ce:43:72:22:5e:37:50:
62:d6:0d:42:b0:b7:70:6d:e2:d6:3e:6b:45:18:24:
38:11:80:bd:88:da:aa:f2:9a:36:c0:1b:8d:3b:9e:
14:d6:9d:31:da:56:0f:a6:c7:7b:8c:94:cd:76:af:
8c:92:ca:29:88:03:17:05:a0:72:d3:61:5f:d8:be:
62:15:23:cc:ca:8d:b9:9f:d7:16:6e:c4:86:22:d4:
21:24:68:a2:bb:c8:3f:c1:98:83:0b:bf:2f:60:ed:
e3:46:4d:51:37:02:a5:3a:e2:42:f1:8c:c6:e3:96:
d8:61:0f:8c:81:5c:57:52:91:e1:07:c8:f8:1b:87:
60:b7:81:fe:3b:60:1f:65:2c:96:8f:b2:16:fc:53:
9a:8a:a6:e4:4e:b6:85:0d:15:cd:a5:e2:d8:8c:98:
e2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:9B:5E:4C:CE:50:30:75:B9:C0:F9:78:F4:85:3F:80:85:79:D3:B1
X509v3 Authority Key Identifier:
keyid:83:F8:FD:74:93:A2:FE:05:62:22:DB:41:ED:69:30:83:B5:0E:CC:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g_j9dJOi_gViIttB7Wkwg7UOzPs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/gJteTM5QMHW5wPl49IU_gIV507E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/12d6f2-f481-49fd-8f20-a043c230f30d/1/g_j9dJOi_gViIttB7Wkwg7UOzPs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.32.184.0-160.32.189.255
Signature Algorithm: sha256WithRSAEncryption
2f:25:8a:59:54:05:59:28:5b:9f:ce:e9:e9:ca:6e:91:26:06:
bd:b6:5a:ea:2a:62:eb:cb:ae:57:df:27:7a:93:7f:65:0a:c8:
df:bc:91:fe:60:f2:54:9c:d5:5b:78:bc:2c:a2:96:d2:80:bb:
9c:24:75:92:28:2f:0b:f0:5a:7d:22:19:1f:b8:4a:d8:94:dc:
7f:3c:c7:d8:66:07:d9:34:1d:f9:e3:32:4d:00:7e:c4:69:49:
c8:1f:dd:92:98:69:4a:30:52:c3:77:f3:55:dc:b9:01:d7:ec:
f2:ca:e7:8c:8a:bb:e6:56:53:19:23:de:b1:3c:d8:86:89:1c:
56:f1:59:89:d6:1f:95:d1:7e:59:f4:c5:b4:10:e9:ca:3f:05:
00:4e:85:ac:8e:52:3e:3d:e4:54:72:7b:b1:15:49:ee:ba:e2:
be:ce:b5:df:a3:73:74:04:a0:e8:84:51:1c:bf:da:07:19:a9:
ec:cb:99:22:97:60:50:6b:21:e7:20:b6:77:fb:6b:fb:cd:80:
ff:e2:53:4f:03:17:41:cf:f8:3c:fd:e3:e5:00:83:f2:6f:9e:
f8:a2:48:7b:39:60:31:da:df:7c:ad:be:fa:b1:e1:ed:93:55:
0c:ed:43:90:6f:0d:54:53:ea:89:4a:8e:5f:18:3e:8e:9c:01:
5a:f8:90:a7
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZoBt1N1TbFL5RaCwMA60AIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZjhmZDc0OTNhMmZlMDU2MjIyZGI0MWVkNjkzMDgzYjUw
ZWNjZmIwHhcNMjUxMDIwMTMwMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDliNWU0Y2NlNTAzMDc1YjljMGY5NzhmNDg1M2Y4MDg1NzlkM2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqB5p9+1KmZZxPus7Do0vIuvbNOjB
kjcLRNz3rt93L6JeFdYiBefD1K8cofayFE/FfLue1EHS8SqohmiCBlbaMOi/JsFK
KBWFH0p80uAhZUw1v9FqJRRYCX+BgcCItmrWVM5DciJeN1Bi1g1CsLdwbeLWPmtF
GCQ4EYC9iNqq8po2wBuNO54U1p0x2lYPpsd7jJTNdq+MksopiAMXBaBy02Ff2L5i
FSPMyo25n9cWbsSGItQhJGiiu8g/wZiDC78vYO3jRk1RNwKlOuJC8YzG45bYYQ+M
gVxXUpHhB8j4G4dgt4H+O2AfZSyWj7IW/FOaiqbkTraFDRXNpeLYjJjigQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFICbXkzOUDB1ucD5ePSFP4CFedOxMB8GA1UdIwQY
MBaAFIP4/XSTov4FYiLbQe1pMIO1Dsz7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ19qOWRKT2lfZ1ZpSXR0QjdXa3dnN1VPelBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8xMmQ2ZjItZjQ4MS00OWZkLThmMjAt
YTA0M2MyMzBmMzBkLzEvZ0p0ZVRNNVFNSFc1d1BsNDlJVV9nSVY1MDdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8xMmQ2ZjItZjQ4MS00OWZkLThmMjAtYTA0M2MyMzBmMzBk
LzEvZ19qOWRKT2lfZ1ZpSXR0QjdXa3dnN1VPelBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOgILgD
BAGgILwwDQYJKoZIhvcNAQELBQADggEBAC8lillUBVkoW5/O6enKbpEmBr22Wuoq
YuvLrlffJ3qTf2UKyN+8kf5g8lSc1Vt4vCyiltKAu5wkdZIoLwvwWn0iGR+4StiU
3H88x9hmB9k0HfnjMk0AfsRpScgf3ZKYaUowUsN381XcuQHX7PLK54yKu+ZWUxkj
3rE82IaJHFbxWYnWH5XRfln0xbQQ6co/BQBOhayOUj495FRye7EVSe664r7Otd+j
c3QEoOiEURy/2gcZqezLmSKXYFBrIecgtnf7a/vNgP/iU08DF0HP+Dz94+UAg/Jv
nviiSHs5YDHa33ytvvqx4e2TVQztQ5BvDVRT6olKjl8YPo6cAVr4kKc=
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:49:31 2025 by rpki-client