Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/gb9GbTpq1gsUJh-maLYBXMuNcek.roa
File: gb9GbTpq1gsUJh-maLYBXMuNcek.roa (raw, json)
Hash identifier: jnI24iKVSPFx8n3bPUehDwCKfVGXeRncj0sd+VIuWYs=
Subject key identifier: 81:BF:46:6D:3A:6A:D6:0B:14:26:1F:A6:68:B6:01:5C:CB:8D:71:E9
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019D150DA9A2E6B44A0CB0B93B4EE46921B2
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/gb9GbTpq1gsUJh-maLYBXMuNcek.roa
Signing time: Sun 22 Mar 2026 10:18:30 +0000
ROA not before: Sun 22 Mar 2026 10:18:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200088
IP address blocks: 78.17.6.0/24 maxlen: 24
89.125.38.0/24 maxlen: 24
89.125.62.0/24 maxlen: 24
89.125.84.0/24 maxlen: 24
89.125.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:15:0d:a9:a2:e6:b4:4a:0c:b0:b9:3b:4e:e4:69:21:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 22 10:18:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=81bf466d3a6ad60b14261fa668b6015ccb8d71e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6f:f5:12:21:3c:78:08:e1:0d:a5:cf:d3:73:
c4:18:2f:3d:c0:04:dd:96:0d:8c:66:f4:18:0d:bd:
dd:05:62:ee:16:88:cb:bf:75:86:7b:5b:6c:30:a4:
52:9b:25:4e:50:e5:fd:b2:d9:46:1f:3a:02:04:29:
b0:45:ba:b6:b0:ae:52:cf:3d:3b:9c:25:79:43:15:
64:7b:46:fa:cd:08:4e:36:a0:a6:c9:dd:2c:3e:c5:
50:ec:13:aa:a0:3c:9e:d5:d7:85:df:f8:76:80:16:
bd:21:32:2a:96:fe:84:d6:11:af:1f:89:ed:a0:07:
8b:de:fb:75:1c:16:47:06:5d:49:38:e5:85:6a:77:
35:b4:c1:47:a3:36:9e:2f:c5:56:5a:97:2d:98:44:
e9:18:41:18:30:27:d7:24:3c:f6:78:ab:c1:45:41:
82:dd:a2:d5:dd:fe:f2:68:27:50:f8:71:2f:b6:38:
69:7c:0e:ff:6f:dc:17:72:5d:58:cc:53:43:f3:f3:
80:c6:fe:fd:eb:42:1d:95:a4:71:71:23:3d:40:74:
52:d0:c0:42:c7:0d:51:55:25:4b:fd:cc:75:75:0f:
6b:84:ac:d2:0b:ae:3c:25:a2:1e:5f:f6:8f:f0:33:
7e:83:5c:96:12:99:25:9b:ed:de:76:40:10:4d:b4:
5f:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:BF:46:6D:3A:6A:D6:0B:14:26:1F:A6:68:B6:01:5C:CB:8D:71:E9
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/gb9GbTpq1gsUJh-maLYBXMuNcek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.17.6.0/24
89.125.38.0/24
89.125.62.0/24
89.125.84.0/24
89.125.93.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:d0:da:06:b9:dd:48:45:80:cb:78:1b:8b:fb:78:ab:1a:0c:
19:6d:23:c4:a1:63:5f:ed:81:d0:bc:d6:ad:70:9c:05:86:17:
0e:c4:57:84:c1:29:e9:79:19:e1:f0:67:52:64:9c:7a:d0:d3:
68:75:dd:85:28:5a:ce:7f:dc:1d:9a:57:c1:21:b4:3f:7a:51:
71:aa:ff:ab:ba:c0:db:9e:65:01:5e:d8:74:e9:70:a7:49:c6:
3f:c1:78:15:00:39:65:15:ea:d3:18:7d:6f:3b:59:2c:0e:c3:
87:56:91:b9:32:60:5e:eb:37:9e:19:6b:86:8d:56:6d:01:be:
68:75:2e:87:1b:37:5c:0b:26:15:e8:55:24:be:d8:cb:09:57:
74:d9:f3:38:60:22:ee:a7:35:51:61:5d:cb:59:d6:bb:fd:1e:
7a:90:96:3c:93:38:8f:90:10:67:f1:75:23:c6:e9:e3:78:01:
d6:03:45:26:d7:3d:04:da:78:7a:ec:6e:21:76:1f:e7:dd:6e:
47:c0:ae:60:f2:bf:e8:15:1a:15:22:ae:cc:fd:af:03:2c:19:
13:d9:6e:cb:95:a2:20:ca:ae:25:45:b4:fe:68:8d:a2:6b:97:
50:b6:25:29:c3:ce:51:25:6e:83:70:d0:97:1e:73:51:78:78:
13:ce:1b:1b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ0VDami5rRKDLC5O07kaSGyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwMzIyMTAxODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWJmNDY2ZDNhNmFkNjBiMTQyNjFmYTY2OGI2MDE1Y2NiOGQ3MWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAum/1EiE8eAjhDaXP03PEGC89wATd
lg2MZvQYDb3dBWLuFojLv3WGe1tsMKRSmyVOUOX9stlGHzoCBCmwRbq2sK5Szz07
nCV5QxVke0b6zQhONqCmyd0sPsVQ7BOqoDye1deF3/h2gBa9ITIqlv6E1hGvH4nt
oAeL3vt1HBZHBl1JOOWFanc1tMFHozaeL8VWWpctmETpGEEYMCfXJDz2eKvBRUGC
3aLV3f7yaCdQ+HEvtjhpfA7/b9wXcl1YzFND8/OAxv7960IdlaRxcSM9QHRS0MBC
xw1RVSVL/cx1dQ9rhKzSC648JaIeX/aP8DN+g1yWEpklm+3edkAQTbRf6wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIG/Rm06atYLFCYfpmi2AVzLjXHpMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvZ2I5R2JUcHExZ3NVSmgtbWFMWUJYTXVOY2VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAThEGAwQA
WX0mAwQAWX0+AwQAWX1UAwQAWX1dMA0GCSqGSIb3DQEBCwUAA4IBAQAd0NoGud1I
RYDLeBuL+3irGgwZbSPEoWNf7YHQvNatcJwFhhcOxFeEwSnpeRnh8GdSZJx60NNo
dd2FKFrOf9wdmlfBIbQ/elFxqv+rusDbnmUBXth06XCnScY/wXgVADllFerTGH1v
O1ksDsOHVpG5MmBe6zeeGWuGjVZtAb5odS6HGzdcCyYV6FUkvtjLCVd02fM4YCLu
pzVRYV3LWda7/R56kJY8kziPkBBn8XUjxunjeAHWA0Um1z0E2nh67G4hdh/n3W5H
wK5g8r/oFRoVIq7M/a8DLBkT2W7LlaIgyq4lRbT+aI2ia5dQtiUpw85RJW6DcNCX
HnNReHgTzhsb
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:58:24 2026 by rpki-client