Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/gsXwWJXn4nszR0ry0WOAXCMle_c.roa
File: gsXwWJXn4nszR0ry0WOAXCMle_c.roa (raw, json)
Hash identifier: rOLHDYUDMzDuZCX9Fzj6v1SRSRSz4vHrq8T3oqOy4bI=
Subject key identifier: 82:C5:F0:58:95:E7:E2:7B:33:47:4A:F2:D1:63:80:5C:23:25:7B:F7
Certificate issuer: /CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Certificate serial: 01991404359CBD6962DE94A011617CC05456
Authority key identifier: BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/gsXwWJXn4nszR0ry0WOAXCMle_c.roa
Signing time: Thu 04 Sep 2025 09:17:24 +0000
ROA not before: Thu 04 Sep 2025 09:17:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 194.246.36.0/24 maxlen: 24
194.246.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 03:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:14:04:35:9c:bd:69:62:de:94:a0:11:61:7c:c0:54:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba4d0e69ab769f65bb2b155bdfa83a7186eeac44
Validity
Not Before: Sep 4 09:17:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82c5f05895e7e27b33474af2d163805c23257bf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:fa:40:66:b6:49:59:19:2d:d3:ab:ef:72:c0:
ae:e3:54:84:9a:4f:a8:9c:c5:4f:42:fb:0c:d7:f7:
df:a8:58:24:90:3f:a8:ad:b2:92:9f:f0:d4:79:e6:
1a:2e:fa:16:07:7a:4e:76:a6:ed:8a:5c:98:46:d8:
92:2b:9c:05:8b:cc:84:1e:e5:c5:c4:52:30:c8:8b:
91:2c:5c:f6:09:88:6c:ae:3f:fa:af:a8:b7:21:a5:
2e:10:48:04:ff:ba:08:1e:ec:df:6c:8f:4e:63:bb:
c1:98:70:c1:ee:5b:46:b7:46:ce:ee:86:78:80:dc:
ed:3d:55:11:70:38:2c:91:df:80:1f:22:ac:cb:78:
68:3f:82:45:ab:77:c6:0e:36:4f:2a:7d:5b:cb:0e:
56:56:c2:29:24:74:46:9d:a0:15:b4:ef:27:a0:ee:
c1:94:da:4d:e5:4e:2e:ed:94:7d:75:ad:fa:89:a1:
fa:a8:8a:c4:7e:c5:f5:68:37:5e:d0:5a:33:5f:d8:
83:0b:d6:5c:61:01:e2:b8:f8:f1:1f:18:99:fe:90:
14:d0:2d:b9:d4:64:27:b6:88:8c:b6:98:b9:34:61:
48:01:93:00:95:93:ee:8b:0e:52:45:01:e9:51:4e:
8d:fc:6e:70:0b:00:12:5c:bc:37:a9:37:bc:a4:04:
f9:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:C5:F0:58:95:E7:E2:7B:33:47:4A:F2:D1:63:80:5C:23:25:7B:F7
X509v3 Authority Key Identifier:
keyid:BA:4D:0E:69:AB:76:9F:65:BB:2B:15:5B:DF:A8:3A:71:86:EE:AC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uk0Oaat2n2W7KxVb36g6cYburEQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/gsXwWJXn4nszR0ry0WOAXCMle_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/3d6d6c-f58d-42e6-b688-8eff3fd3c48a/1/uk0Oaat2n2W7KxVb36g6cYburEQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.246.36.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:b5:d1:2a:e5:06:e5:54:48:be:e4:06:09:30:22:75:b0:ab:
ba:c8:e8:e9:89:83:c0:ae:e4:de:54:9e:06:b4:50:d1:16:e9:
33:25:95:ce:a0:e1:49:0e:05:97:1f:80:85:d0:46:68:89:d3:
82:ea:df:59:0c:5d:65:d3:23:65:d1:a6:1a:a5:85:6e:bf:f3:
5d:51:81:be:ab:b0:80:7f:ee:d6:70:fe:40:96:c1:01:bd:a9:
22:28:b1:a1:0d:f4:b0:c8:6f:1f:98:89:80:79:4d:4f:7b:57:
9e:0f:31:c5:11:57:e6:a4:11:6b:d7:4b:64:9c:04:d3:6a:29:
e5:e2:e5:de:76:d9:39:40:4c:9b:93:4b:a0:58:2e:5a:10:82:
1b:da:ae:24:d9:56:e0:3f:1e:5f:c8:7f:50:8f:93:49:44:31:
68:07:8c:b4:af:b8:76:a0:bb:ce:3a:17:72:c8:b8:e8:82:02:
53:4d:1c:92:01:26:b6:a2:94:3c:dd:de:67:d5:0e:1a:47:ef:
d0:e5:0e:b0:27:fb:c5:5f:3e:aa:79:a9:57:ad:87:4a:47:91:
06:57:e2:af:66:a6:d3:4f:6d:1b:81:ae:07:8b:13:05:59:4e:
07:3b:70:2f:c4:ff:71:59:2d:a1:39:a3:a2:0e:6e:bf:47:e0:
8c:85:21:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZkUBDWcvWli3pSgEWF8wFRWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNGQwZTY5YWI3NjlmNjViYjJiMTU1YmRmYTgzYTcxODZl
ZWFjNDQwHhcNMjUwOTA0MDkxNzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmM1ZjA1ODk1ZTdlMjdiMzM0NzRhZjJkMTYzODA1YzIzMjU3YmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6vpAZrZJWRkt06vvcsCu41SEmk+o
nMVPQvsM1/ffqFgkkD+orbKSn/DUeeYaLvoWB3pOdqbtilyYRtiSK5wFi8yEHuXF
xFIwyIuRLFz2CYhsrj/6r6i3IaUuEEgE/7oIHuzfbI9OY7vBmHDB7ltGt0bO7oZ4
gNztPVURcDgskd+AHyKsy3hoP4JFq3fGDjZPKn1byw5WVsIpJHRGnaAVtO8noO7B
lNpN5U4u7ZR9da36iaH6qIrEfsX1aDde0FozX9iDC9ZcYQHiuPjxHxiZ/pAU0C25
1GQntoiMtpi5NGFIAZMAlZPuiw5SRQHpUU6N/G5wCwASXLw3qTe8pAT54QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFILF8FiV5+J7M0dK8tFjgFwjJXv3MB8GA1UdIwQY
MBaAFLpNDmmrdp9luysVW9+oOnGG7qxEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgt
OGVmZjNmZDNjNDhhLzEvZ3NYd1dKWG40bnN6UjByeTBXT0FYQ01sZV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8zZDZkNmMtZjU4ZC00MmU2LWI2ODgtOGVmZjNmZDNjNDhh
LzEvdWswT2FhdDJuMlc3S3hWYjM2ZzZjWWJ1ckVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwvYkMA0G
CSqGSIb3DQEBCwUAA4IBAQBOtdEq5QblVEi+5AYJMCJ1sKu6yOjpiYPAruTeVJ4G
tFDRFukzJZXOoOFJDgWXH4CF0EZoidOC6t9ZDF1l0yNl0aYapYVuv/NdUYG+q7CA
f+7WcP5AlsEBvakiKLGhDfSwyG8fmImAeU1Pe1eeDzHFEVfmpBFr10tknATTainl
4uXedtk5QEybk0ugWC5aEIIb2q4k2VbgPx5fyH9Qj5NJRDFoB4y0r7h2oLvOOhdy
yLjoggJTTRySASa2opQ83d5n1Q4aR+/Q5Q6wJ/vFXz6qealXrYdKR5EGV+KvZqbT
T20bga4HixMFWU4HO3AvxP9xWS2hOaOiDm6/R+CMhSFX
-----END CERTIFICATE-----
Generated at Wed Sep 17 09:54:51 2025 by rpki-client