Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/gWlZCCr6Elalw_YXJ-o6KEKVmv8.roa
File: gWlZCCr6Elalw_YXJ-o6KEKVmv8.roa (raw, json)
Hash identifier: CiGc6znB1sOXdUB7ScWxvjuj00bGEPOssDZeZLXX0gk=
Subject key identifier: 81:69:59:08:2A:FA:12:56:A5:C3:F6:17:27:EA:3A:28:42:95:9A:FF
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019A4FB351616A742254348A8A758F8D64D9
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/gWlZCCr6Elalw_YXJ-o6KEKVmv8.roa
Signing time: Tue 04 Nov 2025 16:29:03 +0000
ROA not before: Tue 04 Nov 2025 16:29:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9318
IP address blocks: 158.173.193.0/24 maxlen: 24
158.173.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:29:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:b3:51:61:6a:74:22:54:34:8a:8a:75:8f:8d:64:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Nov 4 16:29:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=816959082afa1256a5c3f61727ea3a2842959aff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b1:06:0b:fb:17:0d:e8:f8:8f:05:e4:a4:1c:
f4:db:d8:c5:b0:da:5c:47:d4:e0:91:7d:76:5d:41:
1e:df:c7:70:be:fd:83:eb:4d:e2:62:49:ae:8c:7d:
db:f1:60:e3:f5:4a:4f:4c:97:f2:39:ee:5d:da:02:
04:85:7d:5d:9d:86:b9:76:03:43:46:02:a2:a0:97:
be:20:6a:c9:45:1d:67:f3:20:cf:f0:6f:11:bc:64:
c1:41:ee:c2:9e:6f:fe:96:9d:44:45:ea:12:10:12:
2f:4f:82:ad:c1:ba:7c:42:3d:a6:17:a5:9b:14:5f:
f2:53:41:e0:6c:5a:a3:27:c2:e2:6b:fb:7b:9d:88:
5e:00:af:dd:36:e6:c3:51:55:20:1f:8b:86:eb:bf:
02:4c:35:f9:70:9d:f0:ad:9a:49:d0:d1:3e:d1:c9:
66:ed:b8:df:54:8e:95:20:9e:7c:92:17:74:0f:5e:
61:b5:9c:d7:04:d1:cb:b7:5f:3e:6a:2e:ba:a9:69:
4c:ff:8d:b7:97:b5:a1:16:d5:76:66:17:35:92:30:
c8:02:d0:6b:cc:40:14:73:23:b2:9d:35:1a:cc:98:
64:62:9f:0b:7f:2e:24:5e:e8:f0:83:7a:47:a7:55:
e6:b0:30:76:c0:16:f4:82:9e:0e:98:e8:69:9f:13:
f5:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:69:59:08:2A:FA:12:56:A5:C3:F6:17:27:EA:3A:28:42:95:9A:FF
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/gWlZCCr6Elalw_YXJ-o6KEKVmv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.173.193.0/24
158.173.197.0/24
Signature Algorithm: sha256WithRSAEncryption
19:1f:f6:a0:5d:f8:23:04:48:ab:6b:b9:2f:14:5c:7d:da:91:
65:38:53:d8:5d:02:cd:8f:0c:97:4b:5a:fa:22:27:f5:1a:b1:
90:7a:fe:54:38:36:3c:81:8a:08:b5:7c:e0:e5:ab:d2:99:db:
ef:84:3b:f3:bb:fd:c3:5c:d6:4f:05:6a:25:74:c5:9a:97:b0:
bd:e7:56:7a:ad:56:28:ca:55:9e:4e:92:7a:b8:48:cd:f8:b3:
85:5d:53:50:0e:f0:78:c7:91:ef:e1:b2:b1:f3:71:2e:aa:9f:
ba:57:e5:a6:b0:e5:cb:9a:a7:fe:0a:6e:71:88:55:09:de:93:
6e:a5:31:e4:b5:45:3c:d2:03:0f:a9:1d:6d:35:e7:0e:06:e4:
70:d6:90:46:15:90:06:00:34:34:b0:55:f8:9f:98:ea:28:67:
df:80:68:7d:08:6e:32:8b:58:b8:89:ff:cc:7b:23:82:15:1c:
39:6b:14:87:96:aa:6c:00:a8:65:87:11:d4:a3:21:91:75:7c:
c8:76:55:a4:cd:12:ab:70:80:15:db:d0:72:4d:f9:21:3f:bb:
7a:3e:de:dc:2f:6c:65:de:7a:95:4e:31:8e:76:39:39:bb:46:
08:7c:4c:54:cf:71:5c:cc:04:4c:10:3c:fd:d3:84:4b:a9:df:
91:e4:1b:73
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZpPs1FhanQiVDSKinWPjWTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUxMTA0MTYyOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTY5NTkwODJhZmExMjU2YTVjM2Y2MTcyN2VhM2EyODQyOTU5YWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLEGC/sXDej4jwXkpBz029jFsNpc
R9TgkX12XUEe38dwvv2D603iYkmujH3b8WDj9UpPTJfyOe5d2gIEhX1dnYa5dgND
RgKioJe+IGrJRR1n8yDP8G8RvGTBQe7Cnm/+lp1EReoSEBIvT4Ktwbp8Qj2mF6Wb
FF/yU0HgbFqjJ8Lia/t7nYheAK/dNubDUVUgH4uG678CTDX5cJ3wrZpJ0NE+0clm
7bjfVI6VIJ58khd0D15htZzXBNHLt18+ai66qWlM/423l7WhFtV2Zhc1kjDIAtBr
zEAUcyOynTUazJhkYp8Lfy4kXujwg3pHp1XmsDB2wBb0gp4OmOhpnxP1iwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIFpWQgq+hJWpcP2FyfqOihClZr/MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvZ1dsWkNDcjZFbGFsd19ZWEotbzZLRUtWbXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnq3BAwQA
nq3FMA0GCSqGSIb3DQEBCwUAA4IBAQAZH/agXfgjBEira7kvFFx92pFlOFPYXQLN
jwyXS1r6Iif1GrGQev5UODY8gYoItXzg5avSmdvvhDvzu/3DXNZPBWoldMWal7C9
51Z6rVYoylWeTpJ6uEjN+LOFXVNQDvB4x5Hv4bKx83Euqp+6V+WmsOXLmqf+Cm5x
iFUJ3pNupTHktUU80gMPqR1tNecOBuRw1pBGFZAGADQ0sFX4n5jqKGffgGh9CG4y
i1i4if/MeyOCFRw5axSHlqpsAKhlhxHUoyGRdXzIdlWkzRKrcIAV29ByTfkhP7t6
Pt7cL2xl3nqVTjGOdjk5u0YIfExUz3FczARMEDz904RLqd+R5Btz
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:47:42 2025 by rpki-client