Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/G-6qJAbYc1mXlsY2h-ViLS7Je-0.roa
File: G-6qJAbYc1mXlsY2h-ViLS7Je-0.roa (raw, json)
Hash identifier: XwKTSRhNczLWX76Yb7IP0/HJfhDx29EPeE3hdNZ4K+s=
Subject key identifier: 1B:EE:AA:24:06:D8:73:59:97:96:C6:36:87:E5:62:2D:2E:C9:7B:ED
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019A14D128EF1436553108E58BED4945C629
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/G-6qJAbYc1mXlsY2h-ViLS7Je-0.roa
Signing time: Fri 24 Oct 2025 06:04:03 +0000
ROA not before: Fri 24 Oct 2025 06:04:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 5.182.184.0/24 maxlen: 24
78.31.207.0/24 maxlen: 24
104.232.37.0/24 maxlen: 24
162.218.92.0/24 maxlen: 24
162.218.94.0/24 maxlen: 24
185.187.213.0/24 maxlen: 24
185.230.120.0/24 maxlen: 24
2a0a:8f40:31::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 Oct 2025 08:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:14:d1:28:ef:14:36:55:31:08:e5:8b:ed:49:45:c6:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Oct 24 06:04:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1beeaa2406d873599796c63687e5622d2ec97bed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:63:ef:5f:b2:c0:b7:9c:f4:29:a8:ae:63:08:
c0:6c:2d:e8:c7:71:d8:63:36:78:8f:6c:63:86:7e:
c8:c7:91:2a:3a:61:a9:a2:9e:19:31:14:3b:5d:b8:
b1:22:62:3f:0d:2c:d1:01:cc:b5:a0:5a:c7:1f:28:
6f:29:08:70:c1:1e:8f:17:2e:5b:ba:8c:09:de:96:
a8:b9:07:f4:c2:97:ce:d0:c5:ad:ed:ba:cb:a4:76:
07:96:4a:54:8e:f7:80:c4:4e:50:89:89:5d:0a:06:
3d:45:4f:7d:d7:44:63:f6:a0:f2:6d:c5:d7:34:a2:
53:c0:86:40:89:30:c9:f4:d7:26:c8:f7:b4:b7:77:
90:30:63:c6:ef:05:82:fd:4c:34:72:0c:75:8c:0f:
30:9b:1f:eb:ea:f0:9d:b1:f9:94:96:d5:58:bf:89:
2f:a4:cb:1f:de:be:46:2c:94:e1:1f:fe:e3:bb:68:
21:b9:6a:4c:42:5e:19:7a:d0:26:0b:f6:f1:2f:85:
42:d3:07:f0:44:67:65:73:31:68:f4:e1:f8:23:5f:
2f:98:9f:09:d0:1d:4e:85:45:83:ac:21:85:36:7f:
bf:19:27:7a:97:9b:c5:e4:e7:a9:de:99:4e:d0:36:
91:c1:00:11:04:74:5c:35:ef:29:92:50:98:cf:7f:
7b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:EE:AA:24:06:D8:73:59:97:96:C6:36:87:E5:62:2D:2E:C9:7B:ED
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/G-6qJAbYc1mXlsY2h-ViLS7Je-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.184.0/24
78.31.207.0/24
104.232.37.0/24
162.218.92.0/24
162.218.94.0/24
185.187.213.0/24
185.230.120.0/24
IPv6:
2a0a:8f40:31::/48
Signature Algorithm: sha256WithRSAEncryption
3a:4d:0b:d1:e8:b9:76:09:24:9a:39:16:60:d7:d7:b0:c9:26:
a9:cf:91:44:b8:43:ec:03:5f:1f:b1:0e:0a:1e:05:17:88:ad:
71:b8:bb:53:5f:b8:f0:9a:0f:81:f2:65:17:d9:e4:e1:5f:a9:
39:99:0a:8e:3d:d5:d5:a1:03:28:24:e4:5b:aa:70:ac:17:65:
47:2f:6b:cc:be:e1:7f:91:ab:18:08:f2:9e:02:f9:5c:ec:64:
12:8c:51:ae:f8:83:a0:1a:d1:45:cf:fc:a8:64:df:ac:e4:78:
67:83:e6:2b:06:51:1e:e6:20:a1:1d:04:00:d0:80:57:86:b6:
92:e2:32:ea:ef:83:ab:cb:12:4d:94:f3:90:ce:f4:1b:e7:8f:
7c:23:59:3b:3b:c5:b9:ce:11:5c:bd:dd:92:ba:35:6f:46:72:
03:6f:b2:7b:3c:b5:ba:d4:34:bd:b7:6d:de:5b:16:45:c4:04:
b9:9b:98:b6:70:c4:59:9b:9b:ce:db:5b:15:c2:d2:27:49:66:
18:ec:8f:06:be:e8:e6:08:27:08:96:5e:ed:b9:93:76:ec:33:
85:76:1e:54:3a:24:13:82:dc:1e:04:82:4f:b1:00:9a:a3:be:
da:03:95:24:f9:7a:d6:08:74:39:16:71:92:30:fb:2c:ee:38:
fb:62:1e:50
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZoU0SjvFDZVMQjli+1JRcYpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUxMDI0MDYwNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmVlYWEyNDA2ZDg3MzU5OTc5NmM2MzY4N2U1NjIyZDJlYzk3YmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WPvX7LAt5z0KaiuYwjAbC3ox3HY
YzZ4j2xjhn7Ix5EqOmGpop4ZMRQ7XbixImI/DSzRAcy1oFrHHyhvKQhwwR6PFy5b
uowJ3paouQf0wpfO0MWt7brLpHYHlkpUjveAxE5QiYldCgY9RU9910Rj9qDybcXX
NKJTwIZAiTDJ9NcmyPe0t3eQMGPG7wWC/Uw0cgx1jA8wmx/r6vCdsfmUltVYv4kv
pMsf3r5GLJThH/7ju2ghuWpMQl4ZetAmC/bxL4VC0wfwRGdlczFo9OH4I18vmJ8J
0B1OhUWDrCGFNn+/GSd6l5vF5Oep3plO0DaRwQARBHRcNe8pklCYz397HwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFBvuqiQG2HNZl5bGNoflYi0uyXvtMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvRy02cUpBYlljMW1YbHNZMmgtVmlMUzdKZS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQABba4AwQA
Th/PAwQAaOglAwQAotpcAwQAotpeAwQAubvVAwQAueZ4MA8EAgACMAkDBwAqCo9A
ADEwDQYJKoZIhvcNAQELBQADggEBADpNC9HouXYJJJo5FmDX17DJJqnPkUS4Q+wD
Xx+xDgoeBReIrXG4u1NfuPCaD4HyZRfZ5OFfqTmZCo491dWhAygk5FuqcKwXZUcv
a8y+4X+RqxgI8p4C+VzsZBKMUa74g6Aa0UXP/Khk36zkeGeD5isGUR7mIKEdBADQ
gFeGtpLiMurvg6vLEk2U85DO9Bvnj3wjWTs7xbnOEVy93ZK6NW9GcgNvsns8tbrU
NL23bd5bFkXEBLmbmLZwxFmbm87bWxXC0idJZhjsjwa+6OYIJwiWXu25k3bsM4V2
HlQ6JBOC3B4Egk+xAJqjvtoDlST5etYIdDkWcZIw+yzuOPtiHlA=
-----END CERTIFICATE-----
Generated at Wed Oct 29 14:54:57 2025 by rpki-client