Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/cfdd72-ac43-47f2-a88d-515a0ef686ab/1/gziDOqPG6U9afjnBXPEc69mX6Dw.roa
File: gziDOqPG6U9afjnBXPEc69mX6Dw.roa (raw, json)
Hash identifier: +GIafbcUuO8i9qY+f9XBYqM/fVpDKVh4VVCbD4KyQBw=
Subject key identifier: 83:38:83:3A:A3:C6:E9:4F:5A:7E:39:C1:5C:F1:1C:EB:D9:97:E8:3C
Certificate issuer: /CN=c1fb492f0a188f0014278e0df6bbb029cebadbaf
Certificate serial: 019A2F59750698BC72545C32454E0E71A2E8
Authority key identifier: C1:FB:49:2F:0A:18:8F:00:14:27:8E:0D:F6:BB:B0:29:CE:BA:DB:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wftJLwoYjwAUJ44N9ruwKc66268.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/cfdd72-ac43-47f2-a88d-515a0ef686ab/1/gziDOqPG6U9afjnBXPEc69mX6Dw.roa
Signing time: Wed 29 Oct 2025 09:43:03 +0000
ROA not before: Wed 29 Oct 2025 09:43:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60064
IP address blocks: 185.63.252.0/24 maxlen: 24
185.63.253.0/24 maxlen: 24
185.63.254.0/24 maxlen: 24
2a04:f780::/32 maxlen: 32
2a04:f781::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/cfdd72-ac43-47f2-a88d-515a0ef686ab/1/wftJLwoYjwAUJ44N9ruwKc66268.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/cfdd72-ac43-47f2-a88d-515a0ef686ab/1/wftJLwoYjwAUJ44N9ruwKc66268.mft
rsync://rpki.ripe.net/repository/DEFAULT/wftJLwoYjwAUJ44N9ruwKc66268.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2f:59:75:06:98:bc:72:54:5c:32:45:4e:0e:71:a2:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1fb492f0a188f0014278e0df6bbb029cebadbaf
Validity
Not Before: Oct 29 09:43:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8338833aa3c6e94f5a7e39c15cf11cebd997e83c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:79:11:0d:ee:56:aa:c2:c7:75:ed:ae:16:a1:
cd:f2:49:de:9f:60:c3:1e:06:30:06:0d:42:21:c4:
2f:33:02:60:ea:12:b3:97:b0:cd:17:75:f7:d9:c1:
18:99:93:be:85:33:c6:24:59:07:c4:b8:da:3b:fe:
3b:70:41:bc:e2:4b:64:93:d6:95:ae:04:87:87:d7:
c1:b9:36:04:c0:e0:4d:2d:a0:44:1d:2e:6c:d1:ff:
ce:c8:43:d2:fa:ed:ad:1d:32:8b:f0:c2:fe:39:0c:
9b:e6:e7:9e:e2:d4:1f:ba:36:c7:0b:5b:07:6e:6c:
53:41:6b:0f:85:48:70:0f:4a:f0:d9:e5:ae:5b:e1:
ad:be:7d:23:6a:2a:84:7d:04:76:00:ab:02:88:37:
63:25:dc:0c:55:68:8e:ae:f7:4c:04:58:1d:de:bd:
47:c3:51:70:42:fe:b0:b0:a8:28:67:f4:aa:45:ef:
2e:d3:b7:67:e4:06:ee:b9:39:fe:d8:c8:df:a4:af:
6d:c7:14:19:2d:d7:a4:59:6a:9f:60:f5:76:22:17:
9d:5b:36:e0:e2:64:77:41:00:d2:75:c4:6a:9c:94:
af:9a:43:96:d1:58:f6:fb:15:d8:d3:82:67:f9:ea:
b2:fe:9d:14:32:aa:71:05:43:2f:1f:ef:fe:a2:df:
28:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:38:83:3A:A3:C6:E9:4F:5A:7E:39:C1:5C:F1:1C:EB:D9:97:E8:3C
X509v3 Authority Key Identifier:
keyid:C1:FB:49:2F:0A:18:8F:00:14:27:8E:0D:F6:BB:B0:29:CE:BA:DB:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wftJLwoYjwAUJ44N9ruwKc66268.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/cfdd72-ac43-47f2-a88d-515a0ef686ab/1/gziDOqPG6U9afjnBXPEc69mX6Dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/cfdd72-ac43-47f2-a88d-515a0ef686ab/1/wftJLwoYjwAUJ44N9ruwKc66268.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.252.0-185.63.254.255
IPv6:
2a04:f780::-2a04:f781:ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5d:d1:81:26:65:c9:b3:86:7a:d8:1d:26:02:08:2c:c9:f8:ba:
2d:53:8b:1c:18:bf:20:02:36:cd:b4:e0:03:43:9e:66:81:e7:
5e:df:82:5e:5f:68:a6:51:67:71:c9:4c:d6:4f:2b:2d:07:37:
23:7d:ca:c1:ee:d2:16:c5:19:d3:2f:ff:2d:d9:f4:27:33:91:
68:50:34:51:21:94:d7:44:fd:ec:7a:30:51:be:ee:56:41:cc:
5c:4a:de:9e:75:f2:68:11:95:15:be:92:6e:85:f2:b1:6f:4c:
27:80:8e:aa:b5:41:61:48:9f:2d:de:67:ba:65:be:1e:57:e3:
f1:91:eb:a1:86:fd:76:1c:27:60:9b:dc:b2:77:fe:85:e7:0b:
4f:45:8f:27:c4:56:2c:3b:fb:40:0f:04:1c:d1:2d:4d:5c:d6:
39:ba:4f:30:86:2e:b9:e7:ea:2c:11:5b:06:bf:2e:57:bd:5b:
0b:c0:14:4a:d6:e8:30:41:b0:8c:00:aa:2b:9e:2a:66:ae:5f:
18:f5:09:58:16:37:d2:25:88:24:3a:5f:f5:a5:36:22:b3:05:
d7:a9:92:56:8c:61:2a:3e:ba:bf:e7:58:b7:aa:aa:06:ab:53:
5b:8e:35:a3:25:58:9c:d7:28:90:47:07:02:73:dd:3c:bb:a1:
2a:e8:d7:f4
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZovWXUGmLxyVFwyRU4OcaLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxZmI0OTJmMGExODhmMDAxNDI3OGUwZGY2YmJiMDI5Y2Vi
YWRiYWYwHhcNMjUxMDI5MDk0MzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzM4ODMzYWEzYzZlOTRmNWE3ZTM5YzE1Y2YxMWNlYmQ5OTdlODNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3kRDe5WqsLHde2uFqHN8knen2DD
HgYwBg1CIcQvMwJg6hKzl7DNF3X32cEYmZO+hTPGJFkHxLjaO/47cEG84ktkk9aV
rgSHh9fBuTYEwOBNLaBEHS5s0f/OyEPS+u2tHTKL8ML+OQyb5uee4tQfujbHC1sH
bmxTQWsPhUhwD0rw2eWuW+Gtvn0jaiqEfQR2AKsCiDdjJdwMVWiOrvdMBFgd3r1H
w1FwQv6wsKgoZ/SqRe8u07dn5AbuuTn+2MjfpK9txxQZLdekWWqfYPV2IhedWzbg
4mR3QQDSdcRqnJSvmkOW0Vj2+xXY04Jn+eqy/p0UMqpxBUMvH+/+ot8oiQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIM4gzqjxulPWn45wVzxHOvZl+g8MB8GA1UdIwQY
MBaAFMH7SS8KGI8AFCeODfa7sCnOutuvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2Z0Skx3b1lqd0FVSjQ0TjlydXdLYzY2MjY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9jZmRkNzItYWM0My00N2YyLWE4OGQt
NTE1YTBlZjY4NmFiLzEvZ3ppRE9xUEc2VTlhZmpuQlhQRWM2OW1YNkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9jZmRkNzItYWM0My00N2YyLWE4OGQtNTE1YTBlZjY4NmFi
LzEvd2Z0Skx3b1lqd0FVSjQ0TjlydXdLYzY2MjY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAUBAIAATAOMAwDBAK5P/wD
BAC5P/4wFwQCAAIwETAPAwUHKgT3gAMGACoE94EAMA0GCSqGSIb3DQEBCwUAA4IB
AQBd0YEmZcmzhnrYHSYCCCzJ+LotU4scGL8gAjbNtOADQ55mgede34JeX2imUWdx
yUzWTystBzcjfcrB7tIWxRnTL/8t2fQnM5FoUDRRIZTXRP3sejBRvu5WQcxcSt6e
dfJoEZUVvpJuhfKxb0wngI6qtUFhSJ8t3me6Zb4eV+Pxkeuhhv12HCdgm9yyd/6F
5wtPRY8nxFYsO/tADwQc0S1NXNY5uk8whi655+osEVsGvy5XvVsLwBRK1ugwQbCM
AKornipmrl8Y9QlYFjfSJYgkOl/1pTYiswXXqZJWjGEqPrq/51i3qqoGq1NbjjWj
JVic1yiQRwcCc908u6Eq6Nf0
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:09:22 2025 by rpki-client