Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/GEA7esFkrKkXqcM-dIEGwCpmj1c.roa
File: GEA7esFkrKkXqcM-dIEGwCpmj1c.roa (raw, json)
Hash identifier: iHNIjbSUp+ViDNDjpFX4X+jFvZkCAGdxOsPA53hoeyE=
Subject key identifier: 18:40:3B:7A:C1:64:AC:A9:17:A9:C3:3E:74:81:06:C0:2A:66:8F:57
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0198502566217285532911FA66244D74EE56
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/GEA7esFkrKkXqcM-dIEGwCpmj1c.roa
Signing time: Mon 28 Jul 2025 08:28:04 +0000
ROA not before: Mon 28 Jul 2025 08:28:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 77.83.48.0/23 maxlen: 23
193.9.56.0/24 maxlen: 24
193.160.74.0/24 maxlen: 24
193.160.75.0/24 maxlen: 24
194.124.41.0/24 maxlen: 24
213.109.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 08:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:50:25:66:21:72:85:53:29:11:fa:66:24:4d:74:ee:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jul 28 08:28:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18403b7ac164aca917a9c33e748106c02a668f57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:42:eb:60:80:7e:2e:42:92:96:ab:e6:45:94:
d8:cc:82:90:69:4b:f1:9f:5e:38:ea:b0:02:e4:b4:
d5:74:de:a5:68:8a:7e:a9:07:6a:5e:f9:9d:f7:87:
62:4f:c8:f2:b7:54:b2:e6:75:5c:15:2a:9d:e0:69:
61:f2:82:f8:bb:a6:54:91:c0:91:76:90:3a:9d:52:
01:28:2a:a6:48:d2:be:fa:74:d5:7c:bf:40:1b:6e:
20:b9:7e:7d:5a:03:2d:2e:84:50:8d:d9:3f:44:15:
f6:10:0d:08:1b:a7:ab:b1:d1:42:4f:9a:ee:50:20:
b1:70:54:c2:8b:a5:e4:3f:64:98:fc:67:e0:16:00:
40:e9:12:a8:ce:34:ed:6f:94:3d:0a:fc:c1:05:e2:
1f:72:4b:b5:79:6e:27:d9:0a:ff:1d:00:b9:3c:63:
d7:8a:3b:9b:9f:35:59:c3:7f:9a:2d:88:31:b3:7e:
bb:7a:0b:22:44:7b:52:32:5a:e6:8d:1d:3e:d0:0e:
59:62:62:22:74:a8:46:98:76:e4:83:2e:c0:98:57:
a0:96:1a:55:1e:88:63:76:5c:33:64:dc:83:b2:b9:
8f:df:ed:b8:e9:bb:5e:29:22:ee:ed:09:1d:01:7e:
09:9e:c1:62:e5:2c:44:c3:4d:41:71:41:9e:fe:7e:
00:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:40:3B:7A:C1:64:AC:A9:17:A9:C3:3E:74:81:06:C0:2A:66:8F:57
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/GEA7esFkrKkXqcM-dIEGwCpmj1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.48.0/23
193.9.56.0/24
193.160.74.0/23
194.124.41.0/24
213.109.188.0/22
Signature Algorithm: sha256WithRSAEncryption
69:68:6b:45:56:1a:7e:00:7d:5c:4a:88:4f:f2:39:24:9d:c5:
18:ab:69:d1:b9:a1:db:d5:5a:32:4b:81:0c:98:78:75:5b:e3:
23:c8:ea:ca:07:87:70:3e:3e:49:bf:0b:67:ab:73:45:42:b6:
6d:d3:62:b2:e0:ea:b0:f0:b5:6f:dd:37:5a:f9:11:3d:18:f5:
d6:f2:81:18:6f:d8:ca:1e:61:4d:14:13:22:8b:ed:15:d5:e0:
fa:dd:43:68:9a:68:1f:55:c1:91:7d:b1:dc:fc:d1:40:ce:1e:
96:16:52:1c:f4:df:07:90:5e:66:f5:ac:01:67:55:a3:cd:83:
71:aa:23:50:fc:c0:97:c5:d9:0b:4f:13:15:ab:7b:7c:a5:3c:
c3:c8:7d:92:9b:24:ec:34:db:19:14:c5:10:0c:8a:05:0d:e7:
ca:bc:92:de:07:1c:c9:06:51:09:07:57:15:ac:0f:4a:0b:a1:
9c:8b:5a:7b:e6:ca:f0:7a:0b:90:aa:f2:5b:45:72:08:77:fd:
0f:08:d7:c9:0c:74:1a:92:1f:80:d0:7e:94:f8:42:12:ee:4e:
f9:92:3d:bb:b0:5d:ff:32:92:a2:d6:70:08:09:69:35:9a:e0:
0f:a9:b9:8c:04:98:a9:37:c0:ee:f7:3a:b2:68:0c:5b:57:ba:
2f:a2:b2:e2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZhQJWYhcoVTKRH6ZiRNdO5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwNzI4MDgyODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODQwM2I3YWMxNjRhY2E5MTdhOWMzM2U3NDgxMDZjMDJhNjY4ZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkLrYIB+LkKSlqvmRZTYzIKQaUvx
n1446rAC5LTVdN6laIp+qQdqXvmd94diT8jyt1Sy5nVcFSqd4Glh8oL4u6ZUkcCR
dpA6nVIBKCqmSNK++nTVfL9AG24guX59WgMtLoRQjdk/RBX2EA0IG6ersdFCT5ru
UCCxcFTCi6XkP2SY/GfgFgBA6RKozjTtb5Q9CvzBBeIfcku1eW4n2Qr/HQC5PGPX
ijubnzVZw3+aLYgxs367egsiRHtSMlrmjR0+0A5ZYmIidKhGmHbkgy7AmFeglhpV
HohjdlwzZNyDsrmP3+246bteKSLu7QkdAX4JnsFi5SxEw01BcUGe/n4A8QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBhAO3rBZKypF6nDPnSBBsAqZo9XMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvR0VBN2VzRmtyS2tYcWNNLWRJRUd3Q3BtajFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBTVMwAwQA
wQk4AwQBwaBKAwQAwnwpAwQC1W28MA0GCSqGSIb3DQEBCwUAA4IBAQBpaGtFVhp+
AH1cSohP8jkkncUYq2nRuaHb1VoyS4EMmHh1W+MjyOrKB4dwPj5Jvwtnq3NFQrZt
02Ky4Oqw8LVv3Tda+RE9GPXW8oEYb9jKHmFNFBMii+0V1eD63UNommgfVcGRfbHc
/NFAzh6WFlIc9N8HkF5m9awBZ1WjzYNxqiNQ/MCXxdkLTxMVq3t8pTzDyH2SmyTs
NNsZFMUQDIoFDefKvJLeBxzJBlEJB1cVrA9KC6Gci1p75srweguQqvJbRXIId/0P
CNfJDHQakh+A0H6U+EIS7k75kj27sF3/MpKi1nAICWk1muAPqbmMBJipN8Du9zqy
aAxbV7ovorLi
-----END CERTIFICATE-----
Generated at Wed Aug 6 13:16:59 2025 by rpki-client