Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/69409e-1ec4-489d-b61f-a19cc8a76d04/1/GZLylFIePve8mzqKp098f5zxTUw.roa
File: GZLylFIePve8mzqKp098f5zxTUw.roa (raw, json)
Hash identifier: r5z9AFc8wnJRnVScCietCsc10ck15u9ra9fsksqINjA=
Subject key identifier: 19:92:F2:94:52:1E:3E:F7:BC:9B:3A:8A:A7:4F:7C:7F:9C:F1:4D:4C
Certificate issuer: /CN=b0b56d10ccad9d69c01856be0afaa17ec682acbf
Certificate serial: 01999C692FDD3DA2639B2FE928E7FB00DAF8
Authority key identifier: B0:B5:6D:10:CC:AD:9D:69:C0:18:56:BE:0A:FA:A1:7E:C6:82:AC:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sLVtEMytnWnAGFa-CvqhfsaCrL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/69409e-1ec4-489d-b61f-a19cc8a76d04/1/GZLylFIePve8mzqKp098f5zxTUw.roa
Signing time: Tue 30 Sep 2025 20:56:03 +0000
ROA not before: Tue 30 Sep 2025 20:56:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216422
IP address blocks: 158.94.216.0/24 maxlen: 24
176.97.219.0/24 maxlen: 24
217.11.164.0/24 maxlen: 24
217.11.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/69409e-1ec4-489d-b61f-a19cc8a76d04/1/sLVtEMytnWnAGFa-CvqhfsaCrL8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/69409e-1ec4-489d-b61f-a19cc8a76d04/1/sLVtEMytnWnAGFa-CvqhfsaCrL8.mft
rsync://rpki.ripe.net/repository/DEFAULT/sLVtEMytnWnAGFa-CvqhfsaCrL8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 20:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9c:69:2f:dd:3d:a2:63:9b:2f:e9:28:e7:fb:00:da:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0b56d10ccad9d69c01856be0afaa17ec682acbf
Validity
Not Before: Sep 30 20:56:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1992f294521e3ef7bc9b3a8aa74f7c7f9cf14d4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9e:b6:4d:c9:e6:7d:d6:04:ad:23:93:f8:6b:
f2:29:de:d0:1f:35:91:25:2a:fa:1d:30:75:ce:d9:
4c:9c:3c:32:7f:e4:95:37:9e:d3:cf:0e:3f:22:d6:
49:54:05:9f:68:c6:9d:7b:8d:87:a0:fa:53:f6:bb:
9e:13:84:4a:a7:0a:83:4f:f4:cf:e4:53:df:3b:aa:
ff:29:c4:a9:51:39:85:cc:6b:85:0d:55:e5:55:11:
23:39:e9:aa:f3:e6:b7:9a:b2:c0:f7:ca:38:4c:0a:
83:46:cb:20:ac:62:2f:ee:69:c5:84:4c:b2:ee:3f:
31:fd:08:d8:87:76:51:44:14:af:4d:fc:ab:44:0b:
37:df:35:4f:ea:44:4b:52:c8:45:2e:94:11:99:64:
c2:48:80:57:64:88:ac:18:7d:48:bf:d6:de:b8:86:
fc:ec:f4:d4:bc:38:54:3a:42:10:86:b4:96:e3:8d:
59:69:91:16:a7:2c:2c:ce:c3:6b:5b:94:88:dc:4a:
26:0b:bc:7c:db:f1:20:28:76:56:2d:fe:56:50:de:
82:b3:0e:ba:76:b4:3e:94:32:32:f5:44:c4:60:85:
0f:0c:31:33:c7:64:a0:6e:62:b6:4a:7b:5e:6a:52:
59:08:7f:51:b2:dc:2e:6b:97:1d:5c:55:02:84:fd:
68:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:92:F2:94:52:1E:3E:F7:BC:9B:3A:8A:A7:4F:7C:7F:9C:F1:4D:4C
X509v3 Authority Key Identifier:
keyid:B0:B5:6D:10:CC:AD:9D:69:C0:18:56:BE:0A:FA:A1:7E:C6:82:AC:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sLVtEMytnWnAGFa-CvqhfsaCrL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/69409e-1ec4-489d-b61f-a19cc8a76d04/1/GZLylFIePve8mzqKp098f5zxTUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/69409e-1ec4-489d-b61f-a19cc8a76d04/1/sLVtEMytnWnAGFa-CvqhfsaCrL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.94.216.0/24
176.97.219.0/24
217.11.164.0/23
Signature Algorithm: sha256WithRSAEncryption
56:02:81:62:bd:85:2c:b7:8f:3a:46:9b:14:0c:9f:67:60:47:
3c:e8:af:47:c9:f3:8f:cd:b9:1d:16:b4:2f:80:52:9f:e5:0c:
41:87:5a:55:ca:a7:ac:3c:98:ce:45:97:26:62:ee:f9:f3:66:
74:74:a8:32:db:20:b7:4d:a0:d2:a5:83:0c:e5:5d:9c:83:15:
9c:6d:fe:8f:cd:64:04:5c:bb:0b:6e:cf:df:d5:f2:ef:2b:cb:
a0:19:92:e8:db:e2:c3:b6:6d:64:81:46:c7:2c:9c:48:a5:c7:
6f:01:e8:3c:38:6c:34:3d:34:05:6d:57:fd:3c:97:84:2f:f6:
4b:b8:5b:ff:bd:b9:b6:93:b1:1c:76:94:ac:8e:58:2c:77:c3:
ca:6e:ae:d1:3e:20:04:7b:07:11:72:d5:3e:5b:df:3e:0d:a7:
ef:cd:2b:2d:f2:f3:4a:be:b3:c4:97:c4:2c:0a:2d:35:5e:38:
bf:4b:9a:62:d8:b3:67:cb:fa:cf:99:32:5b:c2:ad:7c:79:19:
4c:84:11:b9:4f:30:be:73:31:c2:1a:af:21:6e:94:78:9d:39:
a8:8e:af:35:41:5c:6d:a0:03:11:7c:01:fb:94:21:51:8b:1b:
6e:74:d7:4d:af:ad:f4:25:dc:42:6c:8f:9e:cb:58:5b:a3:1e:
39:c9:0a:03
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZmcaS/dPaJjmy/pKOf7ANr4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYjU2ZDEwY2NhZDlkNjljMDE4NTZiZTBhZmFhMTdlYzY4
MmFjYmYwHhcNMjUwOTMwMjA1NjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTkyZjI5NDUyMWUzZWY3YmM5YjNhOGFhNzRmN2M3ZjljZjE0ZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ62TcnmfdYErSOT+GvyKd7QHzWR
JSr6HTB1ztlMnDwyf+SVN57Tzw4/ItZJVAWfaMade42HoPpT9rueE4RKpwqDT/TP
5FPfO6r/KcSpUTmFzGuFDVXlVREjOemq8+a3mrLA98o4TAqDRssgrGIv7mnFhEyy
7j8x/QjYh3ZRRBSvTfyrRAs33zVP6kRLUshFLpQRmWTCSIBXZIisGH1Iv9beuIb8
7PTUvDhUOkIQhrSW441ZaZEWpywszsNrW5SI3EomC7x82/EgKHZWLf5WUN6Csw66
drQ+lDIy9UTEYIUPDDEzx2SgbmK2SntealJZCH9Rstwua5cdXFUChP1oGQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBmS8pRSHj73vJs6iqdPfH+c8U1MMB8GA1UdIwQY
MBaAFLC1bRDMrZ1pwBhWvgr6oX7Ggqy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0xWdEVNeXRuV25BR0ZhLUN2cWhmc2FDckw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC82OTQwOWUtMWVjNC00ODlkLWI2MWYt
YTE5Y2M4YTc2ZDA0LzEvR1pMeWxGSWVQdmU4bXpxS3AwOThmNXp4VFV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC82OTQwOWUtMWVjNC00ODlkLWI2MWYtYTE5Y2M4YTc2ZDA0
LzEvc0xWdEVNeXRuV25BR0ZhLUN2cWhmc2FDckw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAnl7YAwQA
sGHbAwQB2QukMA0GCSqGSIb3DQEBCwUAA4IBAQBWAoFivYUst486RpsUDJ9nYEc8
6K9HyfOPzbkdFrQvgFKf5QxBh1pVyqesPJjORZcmYu7582Z0dKgy2yC3TaDSpYMM
5V2cgxWcbf6PzWQEXLsLbs/f1fLvK8ugGZLo2+LDtm1kgUbHLJxIpcdvAeg8OGw0
PTQFbVf9PJeEL/ZLuFv/vbm2k7EcdpSsjlgsd8PKbq7RPiAEewcRctU+W98+Dafv
zSst8vNKvrPEl8QsCi01Xji/S5pi2LNny/rPmTJbwq18eRlMhBG5TzC+czHCGq8h
bpR4nTmojq81QVxtoAMRfAH7lCFRixtudNdNr630JdxCbI+ey1hbox45yQoD
-----END CERTIFICATE-----
Generated at Tue Nov 4 05:26:42 2025 by rpki-client