Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/gdKuN8un0ka34upTcT-42lEjLA0.roa
File: gdKuN8un0ka34upTcT-42lEjLA0.roa (raw, json)
Hash identifier: vYw2jLZRkHVopPIYtgjIA/BNewpjDEw62IALN1qoWZI=
Subject key identifier: 81:D2:AE:37:CB:A7:D2:46:B7:E2:EA:53:71:3F:B8:DA:51:23:2C:0D
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 019908B001D06192968720979BE3D7D62BBA
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/gdKuN8un0ka34upTcT-42lEjLA0.roa
Signing time: Tue 02 Sep 2025 04:29:36 +0000
ROA not before: Tue 02 Sep 2025 04:29:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 89.106.26.0/24 maxlen: 24
94.229.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:08:b0:01:d0:61:92:96:87:20:97:9b:e3:d7:d6:2b:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Sep 2 04:29:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81d2ae37cba7d246b7e2ea53713fb8da51232c0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a9:46:5e:0b:91:da:dc:97:06:8c:d5:b8:d0:
a5:db:24:81:fc:77:84:ce:db:3a:b4:08:13:b0:d8:
f7:db:b3:20:89:fa:1c:34:76:12:8a:ad:43:e2:32:
94:a9:cb:64:3e:17:9e:91:b8:7b:3e:ef:ba:71:ad:
37:e4:a2:ba:14:61:c0:fd:11:9a:1d:ee:4b:6c:d8:
1a:29:6d:fe:4d:a7:42:7c:5a:0e:08:1a:31:a1:9b:
8c:45:9e:69:2d:39:2a:31:93:0b:cb:14:0c:3a:6d:
34:82:2a:10:74:87:5a:46:ba:2c:a7:be:24:5d:fd:
9d:06:c5:a5:a0:69:ff:9d:b2:b2:1f:9f:03:01:1d:
5b:e5:c2:e0:eb:0e:50:06:ec:0b:5b:8a:b5:35:9d:
f9:36:5e:1b:8e:3e:cd:2e:59:09:43:de:ca:46:b7:
55:fa:2d:f2:6a:68:af:98:20:58:2b:4e:38:06:3d:
b4:d4:e7:ab:e4:79:2e:81:42:e9:3a:85:d8:0b:f2:
38:dd:03:f2:c1:d2:f2:8b:0d:e2:78:58:8b:5d:ed:
e3:5d:a4:8c:bd:c7:37:85:6f:58:b4:ad:68:98:ef:
6b:5f:4a:cc:2c:11:6c:f5:65:81:cf:90:de:d2:fb:
c6:41:68:49:08:a0:2a:28:c1:bc:7b:a2:aa:73:d1:
7c:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D2:AE:37:CB:A7:D2:46:B7:E2:EA:53:71:3F:B8:DA:51:23:2C:0D
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/gdKuN8un0ka34upTcT-42lEjLA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.26.0/24
94.229.223.0/24
Signature Algorithm: sha256WithRSAEncryption
01:8f:10:34:b3:b5:3b:98:9b:03:98:f2:32:4f:ab:70:6e:d7:
54:13:f6:f0:25:c1:e8:0e:41:d9:e3:be:4b:1a:53:d8:cc:d8:
2d:cc:46:1d:af:7f:ff:dc:ec:1b:b2:5d:0d:94:ca:95:5b:2f:
30:b9:61:a0:19:c9:6b:c7:27:41:0a:65:03:4c:ea:be:28:ce:
df:94:7d:34:82:2a:0e:93:f1:44:8e:56:f2:82:97:33:09:35:
bf:8f:fc:3c:a8:83:bd:0c:4a:cc:83:ef:41:fd:3e:ff:94:a9:
de:ef:86:ba:5b:f5:f2:08:ee:13:0d:bb:8c:66:51:8f:5a:71:
a5:d6:55:3d:fc:9d:7d:f6:1e:26:f7:9b:d8:31:65:19:53:63:
6f:06:f7:1f:65:54:c4:37:1b:07:3f:f5:58:18:fa:35:5d:ce:
e1:e0:e8:ae:f4:33:45:cd:7b:ac:9b:6e:41:c6:8f:a9:a2:ce:
e8:89:7f:f8:54:b2:22:68:ff:16:dd:39:06:a2:57:ed:85:1d:
67:09:da:65:fe:82:7f:4a:66:b7:a4:a2:31:bf:ca:8b:b9:53:
2a:73:85:e3:85:33:cc:98:e9:7c:3e:b1:05:00:de:1f:bb:e2:
cc:34:8e:c2:0a:44:e6:d0:7e:34:77:10:01:90:7f:02:6c:34:
d0:84:75:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZkIsAHQYZKWhyCXm+PX1iu6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjUwOTAyMDQyOTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWQyYWUzN2NiYTdkMjQ2YjdlMmVhNTM3MTNmYjhkYTUxMjMyYzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqlGXguR2tyXBozVuNCl2ySB/HeE
zts6tAgTsNj327MgifocNHYSiq1D4jKUqctkPheekbh7Pu+6ca035KK6FGHA/RGa
He5LbNgaKW3+TadCfFoOCBoxoZuMRZ5pLTkqMZMLyxQMOm00gioQdIdaRrosp74k
Xf2dBsWloGn/nbKyH58DAR1b5cLg6w5QBuwLW4q1NZ35Nl4bjj7NLlkJQ97KRrdV
+i3yamivmCBYK044Bj201Oer5HkugULpOoXYC/I43QPywdLyiw3ieFiLXe3jXaSM
vcc3hW9YtK1omO9rX0rMLBFs9WWBz5De0vvGQWhJCKAqKMG8e6Kqc9F89wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIHSrjfLp9JGt+LqU3E/uNpRIywNMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvZ2RLdU44dW4wa2EzNHVwVGNULTQybEVqTEEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWWoaAwQA
XuXfMA0GCSqGSIb3DQEBCwUAA4IBAQABjxA0s7U7mJsDmPIyT6twbtdUE/bwJcHo
DkHZ475LGlPYzNgtzEYdr3//3Owbsl0NlMqVWy8wuWGgGclrxydBCmUDTOq+KM7f
lH00gioOk/FEjlbygpczCTW/j/w8qIO9DErMg+9B/T7/lKne74a6W/XyCO4TDbuM
ZlGPWnGl1lU9/J199h4m95vYMWUZU2NvBvcfZVTENxsHP/VYGPo1Xc7h4Oiu9DNF
zXusm25Bxo+pos7oiX/4VLIiaP8W3TkGolfthR1nCdpl/oJ/Sma3pKIxv8qLuVMq
c4XjhTPMmOl8PrEFAN4fu+LMNI7CCkTm0H40dxABkH8CbDTQhHUW
-----END CERTIFICATE-----
Generated at Mon Sep 15 13:53:02 2025 by rpki-client