Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/GuJTwzm1i-7D4adjm8mULrOYaq0.roa
File: GuJTwzm1i-7D4adjm8mULrOYaq0.roa (raw, json)
Hash identifier: 3r4T03hLrzWk88lcCqTjdcMIjI0BRSFG1+Vy7MM2Txw=
Subject key identifier: 1A:E2:53:C3:39:B5:8B:EE:C3:E1:A7:63:9B:C9:94:2E:B3:98:6A:AD
Certificate issuer: /CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Certificate serial: 01991BA6DB784CE68A0B7AAFC74DEFD1201A
Authority key identifier: 63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/GuJTwzm1i-7D4adjm8mULrOYaq0.roa
Signing time: Fri 05 Sep 2025 20:52:23 +0000
ROA not before: Fri 05 Sep 2025 20:52:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206174
IP address blocks: 2a11:c440::/32 maxlen: 32
2a11:c545::/32 maxlen: 32
2a11:c546::/32 maxlen: 32
2a11:e7c0::/32 maxlen: 32
2a11:e7c5::/32 maxlen: 32
2a12:4500::/29 maxlen: 29
2a12:5580::/29 maxlen: 29
2a12:8801::/32 maxlen: 32
2a12:9700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.mft
rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 11:14:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1b:a6:db:78:4c:e6:8a:0b:7a:af:c7:4d:ef:d1:20:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=632cd87feabe407522e06553f2eb05a0c1602fbf
Validity
Not Before: Sep 5 20:52:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ae253c339b58beec3e1a7639bc9942eb3986aad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:86:02:0f:4f:39:1d:8e:ca:21:1b:32:34:68:
6a:92:ca:89:90:91:53:86:1e:e1:9c:2a:97:c2:17:
45:84:dc:d5:43:27:cb:f1:00:e4:a4:39:a3:1c:94:
ee:33:10:4c:f4:7f:15:eb:7a:a8:f1:f1:3a:4b:79:
99:7a:c1:2e:89:d3:41:c1:19:f8:65:1e:98:db:f0:
74:28:0b:b5:68:16:7b:ce:0c:97:d5:3f:eb:6d:a3:
b7:bd:6f:dc:a5:cc:aa:6e:74:68:fc:f3:82:96:7d:
e5:29:cd:23:a2:ff:c4:81:26:36:fc:ee:b9:cf:cf:
39:71:6e:68:0c:3a:63:40:86:be:32:f6:83:02:4f:
a8:62:71:82:a0:03:74:e2:58:89:0b:7c:4f:00:44:
28:75:5c:48:51:c5:1d:0f:04:a8:5b:a3:03:a3:75:
b1:6d:66:2c:2c:95:a9:7f:36:13:07:d6:47:a3:ad:
a0:65:76:c9:42:5a:52:b8:23:a2:a3:f7:0e:ef:1c:
9a:ac:26:5c:05:75:82:aa:39:68:90:7b:28:e7:52:
2f:a1:09:01:e3:59:19:ca:c7:a6:be:80:69:f4:d2:
33:ad:b7:a4:7b:60:e4:f0:a3:69:d2:3a:96:7f:9f:
c9:ce:03:c3:c7:dc:27:3c:7f:02:b0:ef:f2:f5:1c:
cb:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E2:53:C3:39:B5:8B:EE:C3:E1:A7:63:9B:C9:94:2E:B3:98:6A:AD
X509v3 Authority Key Identifier:
keyid:63:2C:D8:7F:EA:BE:40:75:22:E0:65:53:F2:EB:05:A0:C1:60:2F:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YyzYf-q-QHUi4GVT8usFoMFgL78.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/GuJTwzm1i-7D4adjm8mULrOYaq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fddf47-ff64-447a-b98f-55104173b180/1/YyzYf-q-QHUi4GVT8usFoMFgL78.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:c440::/32
2a11:c545::-2a11:c546:ffff:ffff:ffff:ffff:ffff:ffff
2a11:e7c0::/32
2a11:e7c5::/32
2a12:4500::/29
2a12:5580::/29
2a12:8801::/32
2a12:9700::/29
Signature Algorithm: sha256WithRSAEncryption
76:69:6b:dd:e1:72:58:7f:7e:f5:a4:64:9b:cd:b4:3d:78:93:
60:12:86:28:2b:44:6c:d0:33:65:7f:eb:d6:85:c3:13:e3:eb:
73:3b:e5:21:7f:69:6d:47:2b:82:a2:94:a8:85:c9:88:8a:49:
52:5b:17:96:44:77:ab:d7:17:48:98:c6:30:bb:f4:fc:52:7a:
05:be:a5:a1:2f:65:ab:9e:7e:ad:52:87:27:be:11:88:9f:a2:
96:e7:9d:3d:4d:5e:b6:6d:65:21:13:a8:01:8b:f7:5e:9c:7e:
ad:c3:cf:99:9f:e9:1f:71:d3:c2:64:a0:9e:38:db:64:e1:f8:
f4:50:61:e6:38:10:2b:b4:aa:2d:65:37:e1:d3:4c:98:ac:8d:
1e:89:72:2a:f6:b6:3f:d1:6f:e4:4d:52:57:f5:b7:2c:47:7a:
48:e9:a7:99:47:4a:73:17:7a:1e:c3:d4:b0:83:68:97:5a:d5:
38:0e:e7:2c:39:1d:34:62:ba:83:b9:76:4b:5e:74:00:0c:da:
64:43:6e:6a:99:8e:46:11:d9:04:70:95:c7:1e:14:67:3d:55:
f9:75:0e:b8:27:8f:da:63:70:4a:2f:35:20:d9:76:28:fc:35:
dc:1a:b7:f5:50:74:69:22:ab:e9:ee:ff:f2:c4:79:d8:61:b3:
82:cf:39:80
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZkbptt4TOaKC3qvx03v0SAaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzMmNkODdmZWFiZTQwNzUyMmUwNjU1M2YyZWIwNWEwYzE2
MDJmYmYwHhcNMjUwOTA1MjA1MjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWUyNTNjMzM5YjU4YmVlYzNlMWE3NjM5YmM5OTQyZWIzOTg2YWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4YCD085HY7KIRsyNGhqksqJkJFT
hh7hnCqXwhdFhNzVQyfL8QDkpDmjHJTuMxBM9H8V63qo8fE6S3mZesEuidNBwRn4
ZR6Y2/B0KAu1aBZ7zgyX1T/rbaO3vW/cpcyqbnRo/POCln3lKc0jov/EgSY2/O65
z885cW5oDDpjQIa+MvaDAk+oYnGCoAN04liJC3xPAEQodVxIUcUdDwSoW6MDo3Wx
bWYsLJWpfzYTB9ZHo62gZXbJQlpSuCOio/cO7xyarCZcBXWCqjlokHso51IvoQkB
41kZysemvoBp9NIzrbeke2Dk8KNp0jqWf5/JzgPDx9wnPH8CsO/y9RzLxwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFBriU8M5tYvuw+GnY5vJlC6zmGqtMB8GA1UdIwQY
MBaAFGMs2H/qvkB1IuBlU/LrBaDBYC+/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYt
NTUxMDQxNzNiMTgwLzEvR3VKVHd6bTFpLTdENGFkam04bVVMck9ZYXEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mZGRmNDctZmY2NC00NDdhLWI5OGYtNTUxMDQxNzNiMTgw
LzEvWXl6WWYtcS1RSFVpNEdWVDh1c0ZvTUZnTDc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTBHBAIAAjBBAwUAKhHEQDAO
AwUAKhHFRQMFACoRxUYDBQAqEefAAwUAKhHnxQMFAyoSRQADBQMqElWAAwUAKhKI
AQMFAyoSlwAwDQYJKoZIhvcNAQELBQADggEBAHZpa93hclh/fvWkZJvNtD14k2AS
higrRGzQM2V/69aFwxPj63M75SF/aW1HK4KilKiFyYiKSVJbF5ZEd6vXF0iYxjC7
9PxSegW+paEvZauefq1Shye+EYifopbnnT1NXrZtZSETqAGL916cfq3Dz5mf6R9x
08JkoJ4422Th+PRQYeY4ECu0qi1lN+HTTJisjR6Jcir2tj/Rb+RNUlf1tyxHekjp
p5lHSnMXeh7D1LCDaJda1TgO5yw5HTRiuoO5dktedAAM2mRDbmqZjkYR2QRwlcce
FGc9Vfl1Drgnj9pjcEovNSDZdij8Ndwat/VQdGkiq+nu//LEedhhs4LPOYA=
-----END CERTIFICATE-----
Generated at Sat Sep 6 15:15:11 2025 by rpki-client