Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/6197c1-72f4-4e4f-a4b8-9e4d0cf95544/1/AlIwiuWjQieywSsyw5heSRNGmSw.roa
File: AlIwiuWjQieywSsyw5heSRNGmSw.roa (raw, json)
Hash identifier: h4MIxkZlOYU3Vy7sGgEQPdGyZXemU35nFw7qReQJEwg=
Subject key identifier: 02:52:30:8A:E5:A3:42:27:B2:C1:2B:32:C3:98:5E:49:13:46:99:2C
Certificate issuer: /CN=191b1a99358daa58e72625c4ce9d829e918efc86
Certificate serial: 019CD62F505C151C6AC79124165E0C14084A
Authority key identifier: 19:1B:1A:99:35:8D:AA:58:E7:26:25:C4:CE:9D:82:9E:91:8E:FC:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GRsamTWNqljnJiXEzp2CnpGO_IY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/6197c1-72f4-4e4f-a4b8-9e4d0cf95544/1/AlIwiuWjQieywSsyw5heSRNGmSw.roa
Signing time: Tue 10 Mar 2026 05:19:10 +0000
ROA not before: Tue 10 Mar 2026 05:19:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203459
IP address blocks: 185.122.252.0/24 maxlen: 24
185.122.253.0/24 maxlen: 24
185.122.254.0/24 maxlen: 24
185.122.255.0/24 maxlen: 24
185.133.224.0/24 maxlen: 24
185.133.225.0/24 maxlen: 24
185.133.226.0/24 maxlen: 24
185.133.227.0/24 maxlen: 24
185.217.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/6197c1-72f4-4e4f-a4b8-9e4d0cf95544/1/GRsamTWNqljnJiXEzp2CnpGO_IY.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/6197c1-72f4-4e4f-a4b8-9e4d0cf95544/1/GRsamTWNqljnJiXEzp2CnpGO_IY.mft
rsync://rpki.ripe.net/repository/DEFAULT/GRsamTWNqljnJiXEzp2CnpGO_IY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d6:2f:50:5c:15:1c:6a:c7:91:24:16:5e:0c:14:08:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=191b1a99358daa58e72625c4ce9d829e918efc86
Validity
Not Before: Mar 10 05:19:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0252308ae5a34227b2c12b32c3985e491346992c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:2c:e3:37:78:2e:20:cd:b1:17:ad:b6:72:fd:
27:0c:0a:ba:fc:02:15:50:a5:96:03:d4:37:64:dd:
a5:9f:3f:98:1f:42:fb:4e:8f:8f:f2:3b:7d:04:ce:
c5:0c:0d:b8:aa:01:e3:43:f6:72:3a:86:d2:8d:98:
ba:85:13:17:b2:3e:7a:d9:30:c4:6e:cc:00:07:7d:
da:20:85:ab:ae:60:5b:cc:4a:bf:ff:24:62:96:6e:
6d:a9:d6:f7:f8:a8:cd:45:b6:db:fa:44:19:ad:ad:
20:12:9f:fe:01:1c:98:ae:85:02:0f:a9:42:1b:4e:
65:4e:d7:00:18:9a:02:0c:7a:f3:62:7a:f8:29:11:
1e:22:01:35:12:d1:8e:11:ed:75:a5:86:24:f7:14:
9c:e0:5b:40:94:7d:10:3f:49:9e:39:24:6b:6f:8c:
56:38:95:22:df:01:f1:b4:52:ac:42:46:a3:63:6a:
ce:0c:d6:c0:ed:71:ba:27:ab:f4:e3:f0:86:1c:55:
16:1c:9d:36:71:d3:d7:b0:c0:54:19:bc:29:ea:29:
ae:15:35:d6:df:a7:69:b7:c8:ea:74:15:2c:a4:82:
4f:a9:87:10:6d:21:c8:53:12:05:ed:59:4f:76:b7:
71:7f:6a:ce:12:ab:a7:40:5d:60:21:c7:f5:35:a9:
1b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:52:30:8A:E5:A3:42:27:B2:C1:2B:32:C3:98:5E:49:13:46:99:2C
X509v3 Authority Key Identifier:
keyid:19:1B:1A:99:35:8D:AA:58:E7:26:25:C4:CE:9D:82:9E:91:8E:FC:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GRsamTWNqljnJiXEzp2CnpGO_IY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/6197c1-72f4-4e4f-a4b8-9e4d0cf95544/1/AlIwiuWjQieywSsyw5heSRNGmSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/6197c1-72f4-4e4f-a4b8-9e4d0cf95544/1/GRsamTWNqljnJiXEzp2CnpGO_IY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.122.252.0/22
185.133.224.0/22
185.217.61.0/24
Signature Algorithm: sha256WithRSAEncryption
13:22:cd:2f:34:cd:f0:63:6e:8e:0d:c9:4f:6b:91:6e:1c:fc:
da:e5:04:0e:9f:f1:e7:f3:94:a9:85:f3:3b:ab:98:e6:2e:78:
6e:ab:b5:c2:dd:84:b0:ae:10:f5:10:12:f5:0f:bd:80:da:be:
f2:e3:fd:5a:bc:42:ca:df:7f:d2:a1:30:9d:f3:b2:d1:7e:b3:
94:ab:cb:e3:76:16:eb:59:9a:47:98:e7:7b:32:78:0e:2e:26:
72:89:e2:ac:fe:a2:44:d4:30:51:3c:38:fe:fe:e6:38:d4:c9:
e2:13:f9:7a:10:69:68:e1:7d:d0:75:d6:f7:a1:2b:6d:21:f4:
26:b7:11:70:4c:33:ad:d0:2f:17:7a:d3:f7:70:b7:2d:a6:21:
49:67:fb:65:43:4c:ef:0b:ea:72:6f:82:f8:8c:f4:c5:3d:f5:
5b:64:22:21:6c:90:fa:78:1d:3a:e7:8b:08:2c:b2:7a:e5:cf:
df:3f:37:64:e1:b1:f0:51:6d:be:26:0e:78:cb:6b:47:46:83:
ea:67:b5:2d:b1:17:1f:76:3d:71:9a:88:fa:a3:10:0d:dc:59:
ec:11:2e:f7:84:09:28:f5:1a:1e:38:95:04:76:ad:32:bb:1f:
4e:07:18:2c:11:94:f1:f1:52:0a:03:90:e0:62:0b:8c:46:79:
aa:bf:10:ec
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZzWL1BcFRxqx5EkFl4MFAhKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MWIxYTk5MzU4ZGFhNThlNzI2MjVjNGNlOWQ4MjllOTE4
ZWZjODYwHhcNMjYwMzEwMDUxOTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjUyMzA4YWU1YTM0MjI3YjJjMTJiMzJjMzk4NWU0OTEzNDY5OTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CzjN3guIM2xF622cv0nDAq6/AIV
UKWWA9Q3ZN2lnz+YH0L7To+P8jt9BM7FDA24qgHjQ/ZyOobSjZi6hRMXsj562TDE
bswAB33aIIWrrmBbzEq//yRilm5tqdb3+KjNRbbb+kQZra0gEp/+ARyYroUCD6lC
G05lTtcAGJoCDHrzYnr4KREeIgE1EtGOEe11pYYk9xSc4FtAlH0QP0meOSRrb4xW
OJUi3wHxtFKsQkajY2rODNbA7XG6J6v04/CGHFUWHJ02cdPXsMBUGbwp6imuFTXW
36dpt8jqdBUspIJPqYcQbSHIUxIF7VlPdrdxf2rOEqunQF1gIcf1NakbCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAJSMIrlo0InssErMsOYXkkTRpksMB8GA1UdIwQY
MBaAFBkbGpk1japY5yYlxM6dgp6RjvyGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1JzYW1UV05xbGpuSmlYRXpwMkNucEdPX0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni82MTk3YzEtNzJmNC00ZTRmLWE0Yjgt
OWU0ZDBjZjk1NTQ0LzEvQWxJd2l1V2pRaWV5d1NzeXc1aGVTUk5HbVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni82MTk3YzEtNzJmNC00ZTRmLWE0YjgtOWU0ZDBjZjk1NTQ0
LzEvR1JzYW1UV05xbGpuSmlYRXpwMkNucEdPX0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCuXr8AwQC
uYXgAwQAudk9MA0GCSqGSIb3DQEBCwUAA4IBAQATIs0vNM3wY26ODclPa5FuHPza
5QQOn/Hn85SphfM7q5jmLnhuq7XC3YSwrhD1EBL1D72A2r7y4/1avELK33/SoTCd
87LRfrOUq8vjdhbrWZpHmOd7MngOLiZyieKs/qJE1DBRPDj+/uY41MniE/l6EGlo
4X3Qddb3oSttIfQmtxFwTDOt0C8XetP3cLctpiFJZ/tlQ0zvC+pyb4L4jPTFPfVb
ZCIhbJD6eB0654sILLJ65c/fPzdk4bHwUW2+Jg54y2tHRoPqZ7UtsRcfdj1xmoj6
oxAN3FnsES73hAko9RoeOJUEdq0yux9OBxgsEZTx8VIKA5DgYguMRnmqvxDs
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:08:31 2026 by rpki-client