
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/d0abd0-b114-4e3a-ae59-e21763c672fa/1/ghNDZNJhpYP_Htc1Wek-L5R4BeI.roa
File: ghNDZNJhpYP_Htc1Wek-L5R4BeI.roa (raw, json)
Hash identifier: R8J6wlPRCV7dUDvscKB1CZV2169wkfxGRLHSAdA+H2w=
Subject key identifier: 82:13:43:64:D2:61:A5:83:FF:1E:D7:35:59:E9:3E:2F:94:78:05:E2
Certificate issuer: /CN=706745ad92353da8a80cb2e0d229d68c2ef53db2
Certificate serial: 01995C8B1821153C09238903333CC1B02641
Authority key identifier: 70:67:45:AD:92:35:3D:A8:A8:0C:B2:E0:D2:29:D6:8C:2E:F5:3D:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cGdFrZI1PaioDLLg0inWjC71PbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/d0abd0-b114-4e3a-ae59-e21763c672fa/1/ghNDZNJhpYP_Htc1Wek-L5R4BeI.roa
Signing time: Thu 18 Sep 2025 11:17:23 +0000
ROA not before: Thu 18 Sep 2025 11:17:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13335
IP address blocks: 185.133.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/d0abd0-b114-4e3a-ae59-e21763c672fa/1/cGdFrZI1PaioDLLg0inWjC71PbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/d0abd0-b114-4e3a-ae59-e21763c672fa/1/cGdFrZI1PaioDLLg0inWjC71PbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/cGdFrZI1PaioDLLg0inWjC71PbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5c:8b:18:21:15:3c:09:23:89:03:33:3c:c1:b0:26:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=706745ad92353da8a80cb2e0d229d68c2ef53db2
Validity
Not Before: Sep 18 11:17:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82134364d261a583ff1ed73559e93e2f947805e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:57:89:5f:ee:88:b6:51:bf:24:04:51:59:ef:
fa:37:dc:77:22:b0:af:b4:de:42:bf:af:f3:66:30:
0e:82:a4:9b:60:8d:92:59:69:a6:51:f8:cf:2c:f9:
59:96:f3:f6:85:59:08:ec:cf:89:bd:57:76:85:be:
ef:33:c2:f3:07:98:3e:b1:e9:0c:5f:5e:25:1e:d1:
ae:45:84:d5:16:ce:01:4c:5b:e9:82:5b:33:f9:39:
a4:ff:c3:a8:65:b3:00:d9:c7:be:d3:ef:a1:3d:b3:
f9:22:f4:08:53:b3:f3:13:13:6d:aa:af:39:87:52:
91:aa:92:33:7a:bc:6e:49:d3:c2:5c:8e:62:03:6b:
ec:c7:e2:bb:8e:6b:f3:98:18:f9:03:c9:19:26:f9:
b6:6f:f0:10:f9:49:b1:cd:06:08:4b:b6:cc:4f:ed:
46:49:17:7e:db:9e:11:1b:92:95:23:af:36:62:1c:
a3:d4:13:55:62:25:e2:28:33:66:b5:23:6f:fb:69:
2f:82:f7:b3:7b:e7:4d:61:8b:f3:f3:f5:a8:f6:10:
87:14:3c:10:1d:03:83:78:37:ec:4e:a6:24:7b:9a:
5b:ae:e4:2d:0c:64:99:9c:b2:04:ef:0d:56:b7:60:
91:28:af:ad:9a:ff:8c:73:9e:53:a3:10:78:5f:82:
67:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:13:43:64:D2:61:A5:83:FF:1E:D7:35:59:E9:3E:2F:94:78:05:E2
X509v3 Authority Key Identifier:
keyid:70:67:45:AD:92:35:3D:A8:A8:0C:B2:E0:D2:29:D6:8C:2E:F5:3D:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cGdFrZI1PaioDLLg0inWjC71PbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d0abd0-b114-4e3a-ae59-e21763c672fa/1/ghNDZNJhpYP_Htc1Wek-L5R4BeI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/d0abd0-b114-4e3a-ae59-e21763c672fa/1/cGdFrZI1PaioDLLg0inWjC71PbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.172.0/24
Signature Algorithm: sha256WithRSAEncryption
35:7c:2e:ac:43:3e:85:7c:e8:ae:a8:88:29:31:a7:a2:c3:7b:
a7:a8:b6:eb:4b:27:17:31:5b:42:6a:96:fc:28:1f:4e:ae:93:
ab:bb:e3:0c:bd:60:0f:cc:92:c2:5a:4d:a2:aa:50:78:f3:48:
b3:ed:7f:4f:cb:5f:e7:6e:07:06:5d:7c:d9:61:28:ab:20:d0:
25:b0:b2:0c:49:f5:2c:c6:da:2c:2e:9f:87:47:e1:b2:0f:fa:
62:45:06:1e:59:3e:13:7f:d6:c5:23:aa:cd:62:bc:36:c7:3b:
6b:7d:90:19:6d:53:4a:b3:88:70:fd:ce:bf:b6:fc:44:f2:0e:
8c:eb:33:32:17:f9:84:80:e4:7e:18:95:29:04:fb:fe:3b:5b:
1d:0c:50:c6:df:32:76:40:ec:2c:28:e8:9a:51:cd:50:f2:1b:
ab:36:54:97:90:f4:6d:34:a3:45:8e:9e:60:97:3e:1a:7d:5b:
25:c6:3a:53:c9:5f:de:bb:e2:da:8a:76:ae:1e:fd:17:bc:4e:
66:4b:44:70:4d:b0:d2:33:80:b2:57:d8:1b:2a:71:2c:52:c6:
60:87:cf:1f:75:ed:2c:da:37:a2:a7:ea:14:82:44:03:75:b8:
80:41:3f:9f:56:e2:ea:e4:dc:e9:25:36:4e:b9:a8:31:88:f1:
2a:16:e6:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZlcixghFTwJI4kDMzzBsCZBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNjc0NWFkOTIzNTNkYThhODBjYjJlMGQyMjlkNjhjMmVm
NTNkYjIwHhcNMjUwOTE4MTExNzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjEzNDM2NGQyNjFhNTgzZmYxZWQ3MzU1OWU5M2UyZjk0NzgwNWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+VeJX+6ItlG/JARRWe/6N9x3IrCv
tN5Cv6/zZjAOgqSbYI2SWWmmUfjPLPlZlvP2hVkI7M+JvVd2hb7vM8LzB5g+sekM
X14lHtGuRYTVFs4BTFvpglsz+Tmk/8OoZbMA2ce+0++hPbP5IvQIU7PzExNtqq85
h1KRqpIzerxuSdPCXI5iA2vsx+K7jmvzmBj5A8kZJvm2b/AQ+UmxzQYIS7bMT+1G
SRd+254RG5KVI682Yhyj1BNVYiXiKDNmtSNv+2kvgveze+dNYYvz8/Wo9hCHFDwQ
HQODeDfsTqYke5pbruQtDGSZnLIE7w1Wt2CRKK+tmv+Mc55ToxB4X4JnjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIITQ2TSYaWD/x7XNVnpPi+UeAXiMB8GA1UdIwQY
MBaAFHBnRa2SNT2oqAyy4NIp1owu9T2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0dkRnJaSTFQYWlvRExMZzBpbldqQzcxUGJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9kMGFiZDAtYjExNC00ZTNhLWFlNTkt
ZTIxNzYzYzY3MmZhLzEvZ2hORFpOSmhwWVBfSHRjMVdlay1MNVI0QmVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9kMGFiZDAtYjExNC00ZTNhLWFlNTktZTIxNzYzYzY3MmZh
LzEvY0dkRnJaSTFQYWlvRExMZzBpbldqQzcxUGJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYWsMA0G
CSqGSIb3DQEBCwUAA4IBAQA1fC6sQz6FfOiuqIgpMaeiw3unqLbrSycXMVtCapb8
KB9OrpOru+MMvWAPzJLCWk2iqlB480iz7X9Py1/nbgcGXXzZYSirINAlsLIMSfUs
xtosLp+HR+GyD/piRQYeWT4Tf9bFI6rNYrw2xztrfZAZbVNKs4hw/c6/tvxE8g6M
6zMyF/mEgOR+GJUpBPv+O1sdDFDG3zJ2QOwsKOiaUc1Q8hurNlSXkPRtNKNFjp5g
lz4afVslxjpTyV/eu+LainauHv0XvE5mS0RwTbDSM4CyV9gbKnEsUsZgh88fde0s
2jeip+oUgkQDdbiAQT+fVuLq5NzpJTZOuagxiPEqFuYe
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:10:14 2025 by rpki-client