Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/GtnEFJvKTM3dVz-bb1HbpXYUrYs.roa
File: GtnEFJvKTM3dVz-bb1HbpXYUrYs.roa (raw, json)
Hash identifier: cDuGcuctwovPIbS70GWqGpssgtZhA8cTCgHfI3MencU=
Subject key identifier: 1A:D9:C4:14:9B:CA:4C:CD:DD:57:3F:9B:6F:51:DB:A5:76:14:AD:8B
Certificate issuer: /CN=d275d7a8bac0477f5509dff11b9195ca60df87da
Certificate serial: 019CBE43F98B1A416ACB1B70E69420A7F960
Authority key identifier: D2:75:D7:A8:BA:C0:47:7F:55:09:DF:F1:1B:91:95:CA:60:DF:87:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nXXqLrAR39VCd_xG5GVymDfh9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/GtnEFJvKTM3dVz-bb1HbpXYUrYs.roa
Signing time: Thu 05 Mar 2026 13:50:51 +0000
ROA not before: Thu 05 Mar 2026 13:50:51 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43342
IP address blocks: 91.135.178.0/23 maxlen: 23
91.135.178.0/24 maxlen: 24
91.135.179.0/24 maxlen: 24
91.135.180.0/24 maxlen: 24
91.135.181.0/24 maxlen: 24
91.135.184.0/22 maxlen: 23
91.135.184.0/24 maxlen: 24
91.135.185.0/24 maxlen: 24
91.135.186.0/24 maxlen: 24
91.135.187.0/24 maxlen: 24
91.135.190.0/23 maxlen: 23
91.135.190.0/24 maxlen: 24
91.135.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/0nXXqLrAR39VCd_xG5GVymDfh9o.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/0nXXqLrAR39VCd_xG5GVymDfh9o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0nXXqLrAR39VCd_xG5GVymDfh9o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 08:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:be:43:f9:8b:1a:41:6a:cb:1b:70:e6:94:20:a7:f9:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d275d7a8bac0477f5509dff11b9195ca60df87da
Validity
Not Before: Mar 5 13:50:51 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1ad9c4149bca4ccddd573f9b6f51dba57614ad8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:9e:61:51:be:b1:8a:39:6e:ed:78:59:f9:ba:
59:f1:5a:9d:5d:05:55:df:c7:c0:23:09:02:66:ad:
14:0b:c4:23:56:c4:d1:4c:59:00:de:e6:1e:80:98:
71:ec:6b:48:3a:7c:be:bf:f4:cc:d8:3b:77:3c:6e:
42:03:e5:60:4e:8b:44:42:7c:95:aa:ca:0b:68:a1:
d3:7d:4e:35:0f:26:1c:b3:f6:cb:22:20:1a:42:21:
35:c1:60:50:5e:fc:3a:e7:b6:de:6f:3e:01:a6:e0:
25:58:f7:82:ca:57:59:d6:68:9f:d0:ff:8f:a3:6d:
52:a6:7a:52:03:c6:bf:f7:28:25:ec:58:90:71:af:
c1:45:f0:d8:c8:ca:52:4f:88:50:8b:24:b9:20:50:
81:f5:8f:b1:8d:db:ff:e6:26:47:e1:50:0f:9d:6c:
d4:5a:a0:04:71:8b:b0:7f:ef:43:9b:e8:28:ff:34:
da:f5:57:97:86:68:f7:61:14:4f:d3:f1:c2:d0:1e:
94:1f:af:95:46:ee:40:32:5c:89:04:72:c2:e1:a7:
83:25:36:45:00:ae:c4:e4:a8:5c:f8:08:2b:3d:75:
84:f5:0d:63:82:84:e6:2f:39:95:1b:c0:3d:8d:7a:
85:ba:db:d7:ed:00:64:8a:4f:c8:21:99:ed:7e:97:
0b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:D9:C4:14:9B:CA:4C:CD:DD:57:3F:9B:6F:51:DB:A5:76:14:AD:8B
X509v3 Authority Key Identifier:
keyid:D2:75:D7:A8:BA:C0:47:7F:55:09:DF:F1:1B:91:95:CA:60:DF:87:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nXXqLrAR39VCd_xG5GVymDfh9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/GtnEFJvKTM3dVz-bb1HbpXYUrYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/0nXXqLrAR39VCd_xG5GVymDfh9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.135.178.0-91.135.181.255
91.135.184.0/22
91.135.190.0/23
Signature Algorithm: sha256WithRSAEncryption
56:a5:1a:31:62:e7:54:ac:0e:0d:1c:5f:80:e0:57:e2:0b:12:
21:68:78:c5:a5:a5:19:ec:01:2b:5b:9a:c7:5d:43:f5:03:62:
e6:e0:15:24:b7:f9:cc:a4:d2:0b:66:34:8f:67:8f:73:a6:c5:
02:46:e1:7a:c2:91:b0:09:48:1d:7c:cd:15:88:4e:c6:db:95:
5d:55:e8:3f:ac:e5:76:be:be:16:88:4b:27:ea:4c:a1:3f:c8:
b5:54:1d:c8:f9:4e:33:42:bd:64:3c:38:1a:09:80:26:2c:5a:
aa:14:aa:a5:9c:96:9f:4f:d7:50:a8:17:94:b3:e4:af:f7:e1:
21:ff:58:23:29:a8:1e:f4:f0:32:0d:22:c5:dc:33:80:b5:40:
ad:f7:e0:be:3d:c0:77:a2:bb:fc:0c:e6:11:b1:c0:f1:f3:36:
43:f3:bf:61:ca:60:e0:3b:fe:1b:6a:05:23:aa:a9:5a:9d:84:
06:f5:3a:df:14:58:74:d6:f0:f7:bd:df:16:8e:80:53:26:e3:
7b:8b:30:ee:db:db:06:c7:c0:5d:9e:d2:25:60:31:94:b9:14:
72:43:93:20:cf:42:37:6f:7f:7c:b3:c8:7c:08:1f:4e:39:f9:
3c:a2:f3:2c:af:74:21:3a:2d:e4:f0:25:47:d9:ca:18:f9:45:
8c:13:c6:42
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZy+Q/mLGkFqyxtw5pQgp/lgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzVkN2E4YmFjMDQ3N2Y1NTA5ZGZmMTFiOTE5NWNhNjBk
Zjg3ZGEwHhcNMjYwMzA1MTM1MDUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWQ5YzQxNDliY2E0Y2NkZGQ1NzNmOWI2ZjUxZGJhNTc2MTRhZDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZ5hUb6xijlu7XhZ+bpZ8VqdXQVV
38fAIwkCZq0UC8QjVsTRTFkA3uYegJhx7GtIOny+v/TM2Dt3PG5CA+VgTotEQnyV
qsoLaKHTfU41DyYcs/bLIiAaQiE1wWBQXvw657bebz4BpuAlWPeCyldZ1mif0P+P
o21SpnpSA8a/9ygl7FiQca/BRfDYyMpST4hQiyS5IFCB9Y+xjdv/5iZH4VAPnWzU
WqAEcYuwf+9Dm+go/zTa9VeXhmj3YRRP0/HC0B6UH6+VRu5AMlyJBHLC4aeDJTZF
AK7E5Khc+AgrPXWE9Q1jgoTmLzmVG8A9jXqFutvX7QBkik/IIZntfpcL4wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBrZxBSbykzN3Vc/m29R26V2FK2LMB8GA1UdIwQY
MBaAFNJ116i6wEd/VQnf8RuRlcpg34faMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5YWHFMckFSMzlWQ2RfeEc1R1Z5bURmaDlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS83YmViMDQtMzE3Yi00NDhhLTgyZWQt
NTY1YjE0NDcwMzdiLzEvR3RuRUZKdktUTTNkVnotYmIxSGJwWFlVcllzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS83YmViMDQtMzE3Yi00NDhhLTgyZWQtNTY1YjE0NDcwMzdi
LzEvMG5YWHFMckFSMzlWQ2RfeEc1R1Z5bURmaDlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAFbh7ID
BAFbh7QDBAJbh7gDBAFbh74wDQYJKoZIhvcNAQELBQADggEBAFalGjFi51SsDg0c
X4DgV+ILEiFoeMWlpRnsAStbmsddQ/UDYubgFSS3+cyk0gtmNI9nj3OmxQJG4XrC
kbAJSB18zRWITsbblV1V6D+s5Xa+vhaISyfqTKE/yLVUHcj5TjNCvWQ8OBoJgCYs
WqoUqqWclp9P11CoF5Sz5K/34SH/WCMpqB708DINIsXcM4C1QK334L49wHeiu/wM
5hGxwPHzNkPzv2HKYOA7/htqBSOqqVqdhAb1Ot8UWHTW8Pe93xaOgFMm43uLMO7b
2wbHwF2e0iVgMZS5FHJDkyDPQjdvf3yzyHwIH045+Tyi8yyvdCE6LeTwJUfZyhj5
RYwTxkI=
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:50:20 2026 by rpki-client