Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/GdaOCguztGPgOusfpdX7N21zAGs.roa
File: GdaOCguztGPgOusfpdX7N21zAGs.roa (raw, json)
Hash identifier: 9nGvtvx3yv1nR5hIQPFsEwU5LRVA3qOSyHkgSBGcJ/g=
Subject key identifier: 19:D6:8E:0A:0B:B3:B4:63:E0:3A:EB:1F:A5:D5:FB:37:6D:73:00:6B
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019A43F2E6BB6334C8EB3F1D41BB38339533
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/GdaOCguztGPgOusfpdX7N21zAGs.roa
Signing time: Sun 02 Nov 2025 09:43:03 +0000
ROA not before: Sun 02 Nov 2025 09:43:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 79.172.193.0/24 maxlen: 24
87.229.11.0/24 maxlen: 24
87.229.23.0/24 maxlen: 24
87.229.37.0/24 maxlen: 24
87.229.80.0/23 maxlen: 24
87.229.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:43:f2:e6:bb:63:34:c8:eb:3f:1d:41:bb:38:33:95:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Nov 2 09:43:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19d68e0a0bb3b463e03aeb1fa5d5fb376d73006b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:28:85:c0:81:82:1b:b3:bd:05:14:f6:a4:75:
07:35:42:a9:d6:43:bc:eb:8c:03:3e:a4:f7:16:96:
30:19:c9:19:c4:67:6a:b3:1f:4b:48:cd:d4:3e:c6:
2e:44:12:d0:b2:f2:cf:65:59:ee:2b:da:4b:3c:3f:
a4:ad:b3:01:b6:c4:9d:91:f5:55:d2:a6:dc:a4:05:
28:16:41:56:5b:4e:4d:b7:5e:43:43:57:af:2e:2b:
d9:5d:76:ad:83:4e:38:83:00:97:38:c8:fe:c8:4b:
92:ab:44:94:1b:f1:19:96:7c:e2:99:8d:00:40:9a:
c0:74:a2:4e:32:e1:b6:d4:ba:93:d4:45:df:d4:5e:
d1:c9:40:10:5f:69:96:2e:cc:f7:bb:f7:f4:f6:ae:
b3:f1:af:68:88:21:71:d5:01:65:b1:66:83:20:ed:
7f:ef:9a:f1:0d:00:37:92:1b:0f:7f:d2:55:eb:f9:
8c:cf:c1:15:cf:29:ea:1a:dc:68:85:f4:4a:3c:aa:
95:84:63:12:6f:af:c5:90:b6:33:de:f5:17:93:1a:
8b:aa:5f:11:01:d0:49:2b:f4:71:c3:35:21:7c:93:
96:25:5f:1b:bb:95:fa:73:c5:f3:e7:11:54:9d:6e:
b2:ea:20:e6:d4:5b:02:26:86:ad:9c:79:46:6a:69:
fc:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:D6:8E:0A:0B:B3:B4:63:E0:3A:EB:1F:A5:D5:FB:37:6D:73:00:6B
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/GdaOCguztGPgOusfpdX7N21zAGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.193.0/24
87.229.11.0/24
87.229.23.0/24
87.229.37.0/24
87.229.80.0/23
87.229.124.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:86:ca:4c:44:64:cc:f0:db:04:d2:f1:62:b0:05:8e:3f:38:
d7:57:d2:b8:a6:2c:fe:0b:d6:d3:40:31:ca:c5:fc:29:6a:23:
64:4f:0c:4a:a0:a2:ce:24:7c:66:c2:45:88:c4:1b:d5:f4:0c:
52:8f:21:04:71:e4:80:61:6f:73:d0:10:83:bf:1a:d8:e0:e1:
fe:b2:0f:e1:61:2f:40:c9:24:d0:ac:35:f3:4d:46:48:95:06:
9b:d0:d9:59:6d:36:88:5b:0b:29:9b:c4:1a:36:67:ba:a7:b8:
de:65:d4:f8:e9:a7:53:00:27:c9:ac:f0:4e:e9:12:0d:54:44:
67:d2:9a:18:94:d6:6e:a0:ba:e9:10:1f:8d:f5:48:43:22:d7:
ff:dd:48:6f:8b:da:a6:1b:84:ea:f5:29:41:44:7d:cf:37:2e:
80:3e:fd:88:7f:70:ad:af:3e:02:98:f5:5d:10:4f:34:3e:0f:
dc:0c:25:ea:92:82:10:ec:38:16:07:33:29:a7:61:87:27:aa:
56:af:8e:3e:68:3f:c8:7a:44:57:3f:8a:f4:15:9d:85:88:cf:
9f:91:f2:00:e7:8b:f5:b9:ec:e0:d9:c1:8b:c1:82:73:51:a4:
02:fd:6d:e7:be:1e:a3:6f:2e:8e:a7:df:e2:71:59:6a:ce:f9:
9a:ec:f8:6d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZpD8ua7YzTI6z8dQbs4M5UzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUxMTAyMDk0MzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWQ2OGUwYTBiYjNiNDYzZTAzYWViMWZhNWQ1ZmIzNzZkNzMwMDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCiFwIGCG7O9BRT2pHUHNUKp1kO8
64wDPqT3FpYwGckZxGdqsx9LSM3UPsYuRBLQsvLPZVnuK9pLPD+krbMBtsSdkfVV
0qbcpAUoFkFWW05Nt15DQ1evLivZXXatg044gwCXOMj+yEuSq0SUG/EZlnzimY0A
QJrAdKJOMuG21LqT1EXf1F7RyUAQX2mWLsz3u/f09q6z8a9oiCFx1QFlsWaDIO1/
75rxDQA3khsPf9JV6/mMz8EVzynqGtxohfRKPKqVhGMSb6/FkLYz3vUXkxqLql8R
AdBJK/RxwzUhfJOWJV8bu5X6c8Xz5xFUnW6y6iDm1FsCJoatnHlGamn8NwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBnWjgoLs7Rj4DrrH6XV+zdtcwBrMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvR2RhT0NndXp0R1BnT3VzZnBkWDdOMjF6QUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAT6zBAwQA
V+ULAwQAV+UXAwQAV+UlAwQBV+VQAwQBV+V8MA0GCSqGSIb3DQEBCwUAA4IBAQAe
hspMRGTM8NsE0vFisAWOPzjXV9K4piz+C9bTQDHKxfwpaiNkTwxKoKLOJHxmwkWI
xBvV9AxSjyEEceSAYW9z0BCDvxrY4OH+sg/hYS9AySTQrDXzTUZIlQab0NlZbTaI
Wwspm8QaNme6p7jeZdT46adTACfJrPBO6RINVERn0poYlNZuoLrpEB+N9UhDItf/
3Uhvi9qmG4Tq9SlBRH3PNy6APv2If3Ctrz4CmPVdEE80Pg/cDCXqkoIQ7DgWBzMp
p2GHJ6pWr44+aD/IekRXP4r0FZ2FiM+fkfIA54v1uezg2cGLwYJzUaQC/W3nvh6j
by6Op9/icVlqzvma7Pht
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:50:20 2025 by rpki-client