Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/660e54-5c85-4d25-8e61-7ca11dc3ae82/1/GwcrTxprlO5D_UngU1k7ofqb2vQ.roa
File: GwcrTxprlO5D_UngU1k7ofqb2vQ.roa (raw, json)
Hash identifier: /dEUoEaQYiKNd7FRn0741i8r3OopdTq+ENqKdnvasIg=
Subject key identifier: 1B:07:2B:4F:1A:6B:94:EE:43:FD:49:E0:53:59:3B:A1:FA:9B:DA:F4
Certificate issuer: /CN=9fe94d2eedcd824ac1de74ade36c1f9d69d496ca
Certificate serial: 019A396AAAABE4072099571E9CEB20416A2D
Authority key identifier: 9F:E9:4D:2E:ED:CD:82:4A:C1:DE:74:AD:E3:6C:1F:9D:69:D4:96:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n-lNLu3NgkrB3nSt42wfnWnUlso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/660e54-5c85-4d25-8e61-7ca11dc3ae82/1/GwcrTxprlO5D_UngU1k7ofqb2vQ.roa
Signing time: Fri 31 Oct 2025 08:38:03 +0000
ROA not before: Fri 31 Oct 2025 08:38:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41616
IP address blocks: 176.122.206.0/24 maxlen: 24
176.122.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/660e54-5c85-4d25-8e61-7ca11dc3ae82/1/n-lNLu3NgkrB3nSt42wfnWnUlso.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/660e54-5c85-4d25-8e61-7ca11dc3ae82/1/n-lNLu3NgkrB3nSt42wfnWnUlso.mft
rsync://rpki.ripe.net/repository/DEFAULT/n-lNLu3NgkrB3nSt42wfnWnUlso.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:39:6a:aa:ab:e4:07:20:99:57:1e:9c:eb:20:41:6a:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fe94d2eedcd824ac1de74ade36c1f9d69d496ca
Validity
Not Before: Oct 31 08:38:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b072b4f1a6b94ee43fd49e053593ba1fa9bdaf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3c:07:9f:88:70:c4:48:a8:a6:da:bd:a1:43:
d1:c2:4d:70:9b:24:5e:64:35:10:a2:e7:71:d3:0a:
d1:c9:7c:cc:b1:da:1d:39:c8:bb:d9:75:36:4e:3e:
ae:18:eb:f5:b6:82:ae:e9:52:1f:d1:79:a0:70:5e:
e6:dc:5e:f7:5a:dc:b2:f2:f6:6d:cf:27:8c:d6:a9:
1f:27:5e:c3:1d:3b:b7:b4:c4:4a:bd:e1:65:8a:d5:
a1:77:ec:d6:9b:5f:e2:5e:cd:41:f8:ca:d6:23:c5:
5a:15:0f:b5:0e:2f:38:4b:03:e8:fd:59:2b:48:ce:
fa:06:02:3a:3e:57:3d:b7:34:0e:55:8c:9a:8c:cb:
3d:70:da:0a:2d:81:18:87:45:53:07:69:01:08:ed:
1f:10:4a:65:5c:97:f0:4a:5e:14:6f:02:2c:32:5d:
fe:bd:a2:81:88:b4:31:79:c0:78:42:7f:4d:69:3f:
2f:c4:20:9f:92:e0:e7:e8:0f:cf:c2:79:58:a2:c8:
aa:e0:bd:e1:e3:af:d6:bf:bf:1e:cc:7f:e6:40:47:
ea:92:29:e7:25:42:40:49:91:24:3d:14:d8:f5:1c:
b9:70:4e:22:4e:41:4b:50:61:ab:ce:b9:88:da:7a:
5a:26:c9:2e:e7:87:d7:1c:83:15:ac:86:13:e3:42:
85:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:07:2B:4F:1A:6B:94:EE:43:FD:49:E0:53:59:3B:A1:FA:9B:DA:F4
X509v3 Authority Key Identifier:
keyid:9F:E9:4D:2E:ED:CD:82:4A:C1:DE:74:AD:E3:6C:1F:9D:69:D4:96:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n-lNLu3NgkrB3nSt42wfnWnUlso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/660e54-5c85-4d25-8e61-7ca11dc3ae82/1/GwcrTxprlO5D_UngU1k7ofqb2vQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/660e54-5c85-4d25-8e61-7ca11dc3ae82/1/n-lNLu3NgkrB3nSt42wfnWnUlso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.122.206.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:b2:18:c9:d1:0a:1e:af:53:b9:70:ec:69:13:92:0c:89:8a:
91:74:53:75:4e:41:21:40:19:eb:88:45:78:13:5c:49:04:cc:
38:25:c7:03:04:81:69:4b:71:88:b9:74:2e:9f:04:fa:00:53:
f4:44:c0:bb:c6:ba:ba:62:9c:61:37:48:47:81:1e:2e:34:77:
6a:d4:ae:42:15:24:ad:e9:7f:21:52:e1:e0:8b:dd:18:8d:7b:
26:f6:12:1f:0e:2d:f3:ad:0a:37:c5:83:32:0c:4e:e4:1e:26:
ae:0d:85:66:3a:7c:07:d6:47:50:4e:4d:93:30:77:c8:e8:17:
86:ed:ab:e9:90:40:7a:83:5d:f6:0f:5e:ed:f8:39:04:30:09:
f0:7d:60:f6:90:11:3d:4f:8e:e7:93:a8:d0:fd:6b:6e:c1:68:
24:b3:42:a8:21:53:dd:8b:45:a6:c6:a5:d5:b0:2c:5e:1f:58:
31:f9:ff:08:56:e5:4d:8f:42:58:28:a2:ce:21:51:15:67:08:
32:14:e2:24:5b:0c:3c:b4:e1:f3:31:35:61:2f:db:cb:91:fa:
7e:b9:c5:c3:fa:9b:aa:0b:a5:72:3d:0c:2a:1e:76:56:dc:9d:
e3:35:e8:cf:9b:c9:96:be:64:c6:50:5d:49:67:59:c1:d6:ba:
3c:eb:2e:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZo5aqqr5AcgmVcenOsgQWotMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZTk0ZDJlZWRjZDgyNGFjMWRlNzRhZGUzNmMxZjlkNjlk
NDk2Y2EwHhcNMjUxMDMxMDgzODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjA3MmI0ZjFhNmI5NGVlNDNmZDQ5ZTA1MzU5M2JhMWZhOWJkYWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zwHn4hwxEioptq9oUPRwk1wmyRe
ZDUQoudx0wrRyXzMsdodOci72XU2Tj6uGOv1toKu6VIf0XmgcF7m3F73Wtyy8vZt
zyeM1qkfJ17DHTu3tMRKveFlitWhd+zWm1/iXs1B+MrWI8VaFQ+1Di84SwPo/Vkr
SM76BgI6Plc9tzQOVYyajMs9cNoKLYEYh0VTB2kBCO0fEEplXJfwSl4UbwIsMl3+
vaKBiLQxecB4Qn9NaT8vxCCfkuDn6A/PwnlYosiq4L3h46/Wv78ezH/mQEfqkinn
JUJASZEkPRTY9Ry5cE4iTkFLUGGrzrmI2npaJsku54fXHIMVrIYT40KFDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBsHK08aa5TuQ/1J4FNZO6H6m9r0MB8GA1UdIwQY
MBaAFJ/pTS7tzYJKwd50reNsH51p1JbKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbi1sTkx1M05na3JCM25TdDQyd2ZuV25VbHNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82NjBlNTQtNWM4NS00ZDI1LThlNjEt
N2NhMTFkYzNhZTgyLzEvR3djclR4cHJsTzVEX1VuZ1UxazdvZnFiMnZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82NjBlNTQtNWM4NS00ZDI1LThlNjEtN2NhMTFkYzNhZTgy
LzEvbi1sTkx1M05na3JCM25TdDQyd2ZuV25VbHNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsHrOMA0G
CSqGSIb3DQEBCwUAA4IBAQCOshjJ0Qoer1O5cOxpE5IMiYqRdFN1TkEhQBnriEV4
E1xJBMw4JccDBIFpS3GIuXQunwT6AFP0RMC7xrq6YpxhN0hHgR4uNHdq1K5CFSSt
6X8hUuHgi90YjXsm9hIfDi3zrQo3xYMyDE7kHiauDYVmOnwH1kdQTk2TMHfI6BeG
7avpkEB6g132D17t+DkEMAnwfWD2kBE9T47nk6jQ/WtuwWgks0KoIVPdi0WmxqXV
sCxeH1gx+f8IVuVNj0JYKKLOIVEVZwgyFOIkWww8tOHzMTVhL9vLkfp+ucXD+puq
C6VyPQwqHnZW3J3jNejPm8mWvmTGUF1JZ1nB1ro86y4S
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:12:24 2025 by rpki-client