Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GTYI512u2R71akoVg2GB5sxQMME.roa
File: GTYI512u2R71akoVg2GB5sxQMME.roa (raw, json)
Hash identifier: ty4ENT/9//0Uv+6UOpnSOZvhIbwauoXPjFEvkKv5Xk4=
Subject key identifier: 19:36:08:E7:5D:AE:D9:1E:F5:6A:4A:15:83:61:81:E6:CC:50:30:C1
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019A3195AABB3CAB43176232630B81D6500A
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GTYI512u2R71akoVg2GB5sxQMME.roa
Signing time: Wed 29 Oct 2025 20:08:03 +0000
ROA not before: Wed 29 Oct 2025 20:08:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50053
IP address blocks: 45.90.236.0/24 maxlen: 24
185.121.13.0/24 maxlen: 24
185.121.14.0/24 maxlen: 24
185.202.207.0/24 maxlen: 24
185.232.204.0/24 maxlen: 24
185.236.24.0/24 maxlen: 24
185.239.141.0/24 maxlen: 24
185.239.142.0/24 maxlen: 24
185.250.181.0/24 maxlen: 24
185.254.158.0/24 maxlen: 24
193.17.182.0/24 maxlen: 24
194.48.140.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Nov 2025 01:29:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:31:95:aa:bb:3c:ab:43:17:62:32:63:0b:81:d6:50:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 29 20:08:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=193608e75daed91ef56a4a15836181e6cc5030c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:74:93:58:ae:00:9c:6a:75:c2:f7:09:ca:de:
86:d6:37:75:b0:b4:5f:6c:04:ed:fd:a5:ea:b0:b9:
54:14:d8:92:f0:14:9f:3b:09:a7:a4:1f:03:46:1e:
a8:77:67:73:20:a6:0b:61:0d:93:9d:34:1d:43:fb:
b5:b9:64:47:58:2b:ce:0c:d3:17:4f:11:64:e6:77:
d8:b4:d8:15:e8:84:44:22:ee:b9:d3:46:c4:fe:d4:
a7:d6:66:7d:47:ac:28:dc:c7:fc:cc:4f:41:a4:4c:
53:73:30:0e:9d:53:89:07:9f:c9:18:83:23:8b:d5:
a5:99:16:96:70:c3:d4:0f:6d:95:1a:c0:04:bb:44:
1c:ec:30:dc:9d:3b:a8:39:c1:9e:e3:4c:ab:9b:80:
0c:57:74:65:22:da:f8:32:03:5f:ef:9e:25:38:13:
9e:97:9d:3b:6d:c4:11:bf:be:a9:c3:3c:4b:39:ea:
bf:c6:cf:48:73:e2:b1:c7:70:16:2e:51:8a:31:3a:
2e:76:ee:dd:17:77:49:21:45:ca:c9:0e:b3:53:b2:
12:b4:c7:b9:de:61:e5:bb:c9:27:76:4a:d8:24:72:
d9:2b:01:27:d4:a2:44:e4:e5:a7:92:96:ac:79:ad:
10:9b:43:b4:b5:78:bb:21:eb:20:ea:7d:bb:b0:43:
52:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:36:08:E7:5D:AE:D9:1E:F5:6A:4A:15:83:61:81:E6:CC:50:30:C1
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GTYI512u2R71akoVg2GB5sxQMME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.236.0/24
185.121.13.0-185.121.14.255
185.202.207.0/24
185.232.204.0/24
185.236.24.0/24
185.239.141.0-185.239.142.255
185.250.181.0/24
185.254.158.0/24
193.17.182.0/24
194.48.140.0/23
Signature Algorithm: sha256WithRSAEncryption
60:b8:bb:3f:68:c7:de:7e:3a:af:b8:df:4a:03:97:e0:c6:09:
d7:1a:33:bd:94:a4:19:8b:43:1d:a8:b5:7e:3e:46:11:89:1b:
2c:be:10:34:a5:3b:48:54:44:bf:23:e4:92:61:ee:16:18:d9:
69:21:f5:06:8f:d3:64:d4:1a:c4:5c:ff:e2:cb:e1:3f:8b:02:
97:f2:1e:9d:48:8e:1e:fe:01:5e:83:90:b6:c3:7d:1f:21:7c:
fd:d1:3e:ef:9c:96:78:ae:48:c9:6b:e3:9e:5c:81:86:7c:8c:
1a:61:cb:7f:41:49:c8:c8:c0:09:21:86:ca:3a:80:51:fa:95:
4f:78:61:ff:f6:ea:ff:c8:d9:d1:85:d7:30:63:b9:42:6c:b3:
09:bf:73:66:2c:f8:e9:1e:28:de:24:23:1c:e3:c3:2f:63:15:
74:34:13:fb:ed:7b:de:3b:18:7e:f2:a7:5b:b5:73:1b:6d:17:
90:b2:1c:b4:33:df:d6:75:ba:cb:04:bd:52:c3:66:60:0c:0c:
04:33:4a:cb:bb:a1:bc:40:f1:fb:47:2c:f5:7d:11:13:42:65:
bd:25:ea:c3:06:ca:78:cd:87:c3:34:fb:d7:b8:90:12:ed:39:
6d:e4:30:fd:31:79:68:b0:b6:e6:99:73:ee:20:b6:47:f4:d0:
c3:7a:ae:04
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZoxlaq7PKtDF2IyYwuB1lAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUxMDI5MjAwODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTM2MDhlNzVkYWVkOTFlZjU2YTRhMTU4MzYxODFlNmNjNTAzMGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHSTWK4AnGp1wvcJyt6G1jd1sLRf
bATt/aXqsLlUFNiS8BSfOwmnpB8DRh6od2dzIKYLYQ2TnTQdQ/u1uWRHWCvODNMX
TxFk5nfYtNgV6IREIu6500bE/tSn1mZ9R6wo3Mf8zE9BpExTczAOnVOJB5/JGIMj
i9WlmRaWcMPUD22VGsAEu0Qc7DDcnTuoOcGe40yrm4AMV3RlItr4MgNf754lOBOe
l507bcQRv76pwzxLOeq/xs9Ic+Kxx3AWLlGKMToudu7dF3dJIUXKyQ6zU7IStMe5
3mHlu8kndkrYJHLZKwEn1KJE5OWnkpasea0Qm0O0tXi7Iesg6n27sENSmwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFBk2COddrtke9WpKFYNhgebMUDDBMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvR1RZSTUxMnUyUjcxYWtvVmcyR0I1c3hRTU1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQALVrsMAwD
BAC5eQ0DBAC5eQ4DBAC5ys8DBAC56MwDBAC57BgwDAMEALnvjQMEALnvjgMEALn6
tQMEALn+ngMEAMERtgMEAcIwjDANBgkqhkiG9w0BAQsFAAOCAQEAYLi7P2jH3n46
r7jfSgOX4MYJ1xozvZSkGYtDHai1fj5GEYkbLL4QNKU7SFREvyPkkmHuFhjZaSH1
Bo/TZNQaxFz/4svhP4sCl/IenUiOHv4BXoOQtsN9HyF8/dE+75yWeK5IyWvjnlyB
hnyMGmHLf0FJyMjACSGGyjqAUfqVT3hh//bq/8jZ0YXXMGO5QmyzCb9zZiz46R4o
3iQjHOPDL2MVdDQT++173jsYfvKnW7VzG20XkLIctDPf1nW6ywS9UsNmYAwMBDNK
y7uhvEDx+0cs9X0RE0JlvSXqwwbKeM2HwzT717iQEu05beQw/TF5aLC25plz7iC2
R/TQw3quBA==
-----END CERTIFICATE-----
Generated at Sun Nov 2 07:30:04 2025 by rpki-client