Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/3717cf-fa38-4e3e-aefc-f910e5176b5e/1/gdmhIDx5ThYeMs_40Jhtb7jiPec.roa
File: gdmhIDx5ThYeMs_40Jhtb7jiPec.roa (raw, json)
Hash identifier: B6j4QxYlJa05lqgAAnP15E3D3T9lG/9Wl0NNB1LT9cQ=
Subject key identifier: 81:D9:A1:20:3C:79:4E:16:1E:32:CF:F8:D0:98:6D:6F:B8:E2:3D:E7
Certificate issuer: /CN=836462c62c7f63d2f5d787a701d779ab696e2236
Certificate serial: 019A085338EEB21AE23C10FA1F5C5903ABDA
Authority key identifier: 83:64:62:C6:2C:7F:63:D2:F5:D7:87:A7:01:D7:79:AB:69:6E:22:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g2Rixix_Y9L114enAdd5q2luIjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/3717cf-fa38-4e3e-aefc-f910e5176b5e/1/gdmhIDx5ThYeMs_40Jhtb7jiPec.roa
Signing time: Tue 21 Oct 2025 19:51:03 +0000
ROA not before: Tue 21 Oct 2025 19:51:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209128
IP address blocks: 185.149.121.0/24 maxlen: 24
2a0d:5980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/3717cf-fa38-4e3e-aefc-f910e5176b5e/1/g2Rixix_Y9L114enAdd5q2luIjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/3717cf-fa38-4e3e-aefc-f910e5176b5e/1/g2Rixix_Y9L114enAdd5q2luIjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/g2Rixix_Y9L114enAdd5q2luIjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:08:53:38:ee:b2:1a:e2:3c:10:fa:1f:5c:59:03:ab:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=836462c62c7f63d2f5d787a701d779ab696e2236
Validity
Not Before: Oct 21 19:51:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=81d9a1203c794e161e32cff8d0986d6fb8e23de7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:99:30:7a:f6:57:31:ae:71:92:c7:1a:a8:df:
8c:ae:6c:90:ad:85:16:c9:31:42:2d:ac:be:ba:cf:
26:f5:84:a4:aa:92:b8:3b:1c:83:ee:47:c3:1b:59:
20:fc:42:fa:02:41:ea:26:a5:3c:d0:e5:85:42:27:
80:c7:85:e9:2f:82:f9:67:29:2f:93:d0:5e:e1:35:
8e:77:40:d6:32:b5:8f:fc:4c:2e:0b:ff:ef:8d:58:
32:99:94:0b:bd:55:d7:d0:8b:eb:c5:cc:ec:7c:5d:
6b:2e:08:b4:a3:fa:e5:7a:ac:32:42:3f:13:e8:1b:
0e:e8:a7:68:f9:64:07:37:bd:14:c6:0c:32:2e:ef:
cf:bb:56:80:a7:26:ad:c4:14:01:7e:f7:2d:57:6b:
7b:b3:69:9f:80:c5:fa:7d:1d:2d:4e:5d:6a:4e:37:
28:6b:60:e0:71:e9:cf:47:0f:de:a7:9e:10:be:f8:
87:5f:34:78:d4:0b:d7:e2:ee:47:7c:96:c5:f7:90:
04:7e:c5:6b:48:d0:ff:6b:ea:d7:66:b6:26:ff:26:
a2:e0:f2:69:bb:dd:4b:b4:f6:87:79:09:ac:25:9c:
03:ac:71:2b:29:24:8c:75:5a:76:a0:cf:f2:1d:e2:
ae:7c:1e:61:20:b2:d8:6c:9d:b1:3f:bb:80:73:c4:
bf:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:D9:A1:20:3C:79:4E:16:1E:32:CF:F8:D0:98:6D:6F:B8:E2:3D:E7
X509v3 Authority Key Identifier:
keyid:83:64:62:C6:2C:7F:63:D2:F5:D7:87:A7:01:D7:79:AB:69:6E:22:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g2Rixix_Y9L114enAdd5q2luIjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/3717cf-fa38-4e3e-aefc-f910e5176b5e/1/gdmhIDx5ThYeMs_40Jhtb7jiPec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/3717cf-fa38-4e3e-aefc-f910e5176b5e/1/g2Rixix_Y9L114enAdd5q2luIjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.121.0/24
IPv6:
2a0d:5980::/29
Signature Algorithm: sha256WithRSAEncryption
1a:64:3f:2f:c5:ed:25:06:61:ed:1a:38:f9:d5:84:34:58:c9:
8e:2b:d8:d6:ee:f2:65:3a:47:d0:05:f7:4e:8e:d3:10:fc:93:
d5:42:3c:79:00:cf:ab:38:2e:e4:cd:6e:62:4b:98:67:5c:0d:
8e:08:e7:6a:84:fd:fb:56:6f:f5:0b:00:57:d5:2c:61:ae:d6:
cf:9d:7b:6e:2c:cb:1b:c1:d3:c0:ee:7a:91:f3:64:dc:3a:66:
be:13:b8:5a:0c:98:d1:bc:4b:78:db:f1:8d:69:d3:1e:fd:24:
39:46:ef:04:e3:1e:08:3f:96:cc:cf:d3:c4:a4:de:ab:d4:ed:
30:19:c7:e3:b8:64:87:6a:37:96:ab:21:63:fc:cd:7a:cf:09:
14:38:3b:4d:23:88:f6:54:00:64:98:15:b9:e9:9f:90:68:cc:
31:7f:fa:ae:d2:3b:e6:21:ea:e9:a5:99:3a:45:df:78:f6:b0:
5b:12:f4:f6:d7:69:19:ee:b7:b3:51:2a:36:c4:23:69:83:36:
17:fd:f4:c4:4c:e8:a4:68:e0:2a:8f:02:57:f1:f5:2e:0e:4e:
81:df:04:83:b3:82:8a:ff:34:57:3b:f4:61:d6:77:64:6a:34:
57:74:2c:0e:5d:d5:48:60:17:90:c4:03:c9:18:aa:50:83:8b:
c5:5b:ee:2a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZoIUzjushriPBD6H1xZA6vaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNjQ2MmM2MmM3ZjYzZDJmNWQ3ODdhNzAxZDc3OWFiNjk2
ZTIyMzYwHhcNMjUxMDIxMTk1MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWQ5YTEyMDNjNzk0ZTE2MWUzMmNmZjhkMDk4NmQ2ZmI4ZTIzZGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJkwevZXMa5xkscaqN+MrmyQrYUW
yTFCLay+us8m9YSkqpK4OxyD7kfDG1kg/EL6AkHqJqU80OWFQieAx4XpL4L5Zykv
k9Be4TWOd0DWMrWP/EwuC//vjVgymZQLvVXX0IvrxczsfF1rLgi0o/rleqwyQj8T
6BsO6Kdo+WQHN70UxgwyLu/Pu1aApyatxBQBfvctV2t7s2mfgMX6fR0tTl1qTjco
a2DgcenPRw/ep54QvviHXzR41AvX4u5HfJbF95AEfsVrSND/a+rXZrYm/yai4PJp
u91LtPaHeQmsJZwDrHErKSSMdVp2oM/yHeKufB5hILLYbJ2xP7uAc8S/VwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIHZoSA8eU4WHjLP+NCYbW+44j3nMB8GA1UdIwQY
MBaAFINkYsYsf2PS9deHpwHXeatpbiI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzJSaXhpeF9ZOUwxMTRlbkFkZDVxMmx1SWpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8zNzE3Y2YtZmEzOC00ZTNlLWFlZmMt
ZjkxMGU1MTc2YjVlLzEvZ2RtaElEeDVUaFllTXNfNDBKaHRiN2ppUGVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8zNzE3Y2YtZmEzOC00ZTNlLWFlZmMtZjkxMGU1MTc2YjVl
LzEvZzJSaXhpeF9ZOUwxMTRlbkFkZDVxMmx1SWpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuZV5MA0E
AgACMAcDBQMqDVmAMA0GCSqGSIb3DQEBCwUAA4IBAQAaZD8vxe0lBmHtGjj51YQ0
WMmOK9jW7vJlOkfQBfdOjtMQ/JPVQjx5AM+rOC7kzW5iS5hnXA2OCOdqhP37Vm/1
CwBX1SxhrtbPnXtuLMsbwdPA7nqR82TcOma+E7haDJjRvEt42/GNadMe/SQ5Ru8E
4x4IP5bMz9PEpN6r1O0wGcfjuGSHajeWqyFj/M16zwkUODtNI4j2VABkmBW56Z+Q
aMwxf/qu0jvmIerppZk6Rd949rBbEvT212kZ7rezUSo2xCNpgzYX/fTETOikaOAq
jwJX8fUuDk6B3wSDs4KK/zRXO/Rh1ndkajRXdCwOXdVIYBeQxAPJGKpQg4vFW+4q
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:47:16 2025 by rpki-client