Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/6197c1-72f4-4e4f-a4b8-9e4d0cf95544/1/AvzQimXHm05p82wKX1RRrrvCRQ0.roa
File: AvzQimXHm05p82wKX1RRrrvCRQ0.roa (raw, json)
Hash identifier: 0aajLu9GYqHeehMPQx1KGbuHBSE8/FQmljIwGRD449M=
Subject key identifier: 02:FC:D0:8A:65:C7:9B:4E:69:F3:6C:0A:5F:54:51:AE:BB:C2:45:0D
Certificate issuer: /CN=191b1a99358daa58e72625c4ce9d829e918efc86
Certificate serial: 019DAA968F0A6C9B576282F690D4DBA6E89B
Authority key identifier: 19:1B:1A:99:35:8D:AA:58:E7:26:25:C4:CE:9D:82:9E:91:8E:FC:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GRsamTWNqljnJiXEzp2CnpGO_IY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/6197c1-72f4-4e4f-a4b8-9e4d0cf95544/1/AvzQimXHm05p82wKX1RRrrvCRQ0.roa
Signing time: Mon 20 Apr 2026 11:11:26 +0000
ROA not before: Mon 20 Apr 2026 11:11:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211235
IP address blocks: 45.89.20.0/24 maxlen: 24
185.133.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/6197c1-72f4-4e4f-a4b8-9e4d0cf95544/1/GRsamTWNqljnJiXEzp2CnpGO_IY.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/6197c1-72f4-4e4f-a4b8-9e4d0cf95544/1/GRsamTWNqljnJiXEzp2CnpGO_IY.mft
rsync://rpki.ripe.net/repository/DEFAULT/GRsamTWNqljnJiXEzp2CnpGO_IY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 08:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:aa:96:8f:0a:6c:9b:57:62:82:f6:90:d4:db:a6:e8:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=191b1a99358daa58e72625c4ce9d829e918efc86
Validity
Not Before: Apr 20 11:11:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=02fcd08a65c79b4e69f36c0a5f5451aebbc2450d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2e:59:0c:e0:fa:d0:e2:08:74:d8:b7:80:dd:
fc:67:b2:8b:5f:d9:c1:f3:ad:c3:83:92:e7:48:8e:
de:f7:cd:7f:d7:d4:b9:6e:a9:8f:cc:d0:9e:51:ec:
96:f5:a2:e6:5d:ac:2d:aa:8f:4a:13:ca:86:84:9d:
b0:a2:71:93:41:b3:e4:aa:93:d9:c2:b5:93:58:0f:
15:58:10:5b:ef:6c:6b:1e:76:63:c7:5d:e7:22:ba:
60:4d:68:41:26:35:06:b8:f2:28:04:28:b8:3a:a5:
95:f2:d4:24:23:56:4c:3d:4b:4a:5d:a8:52:43:61:
6f:da:c6:e1:2a:47:d6:9f:fe:42:80:7d:09:9a:c4:
24:54:47:8a:59:1f:2f:3a:18:d7:ea:66:1c:83:2e:
bf:96:21:e2:47:f0:94:c8:cf:78:49:c0:1a:30:cd:
ff:5b:59:3f:13:30:11:5e:58:6b:4c:a4:d0:1c:aa:
ee:9b:e5:32:a3:c2:81:2a:e5:dc:e4:6a:ef:6e:38:
73:bb:8a:ad:42:48:6d:bd:f9:25:21:a8:8f:d3:af:
fd:5c:8e:d0:49:41:fc:ea:38:87:28:4e:66:c8:d2:
24:b2:29:e9:78:a5:8a:3f:27:f9:11:c7:f9:d8:1f:
b1:5d:00:c7:d7:97:68:f2:bc:ea:8a:fb:43:72:0e:
42:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:FC:D0:8A:65:C7:9B:4E:69:F3:6C:0A:5F:54:51:AE:BB:C2:45:0D
X509v3 Authority Key Identifier:
keyid:19:1B:1A:99:35:8D:AA:58:E7:26:25:C4:CE:9D:82:9E:91:8E:FC:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GRsamTWNqljnJiXEzp2CnpGO_IY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/6197c1-72f4-4e4f-a4b8-9e4d0cf95544/1/AvzQimXHm05p82wKX1RRrrvCRQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/6197c1-72f4-4e4f-a4b8-9e4d0cf95544/1/GRsamTWNqljnJiXEzp2CnpGO_IY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.20.0/24
185.133.226.0/24
Signature Algorithm: sha256WithRSAEncryption
45:ad:78:a9:92:d2:14:fa:1c:14:c8:19:59:f0:85:79:ba:95:
c5:2c:8b:88:94:58:35:db:7a:bd:50:fd:f3:6d:76:c5:cc:9c:
3d:63:0c:d3:27:0a:fd:68:4b:e4:17:82:31:94:a8:e9:f2:96:
cb:e9:23:71:12:07:7c:9d:a0:1c:54:82:49:bf:54:86:9f:ac:
ff:9d:6e:6b:e4:37:09:63:71:d4:31:18:3c:16:a8:fd:4d:6e:
a1:35:5f:fe:5a:fd:d0:cc:86:e9:df:48:c3:38:9f:29:a8:ab:
dd:b1:89:67:d3:f7:90:93:46:c1:ed:50:bc:6d:3e:29:d1:0c:
20:fb:5c:d7:d7:65:d2:4c:12:7c:87:58:f2:2c:a5:ca:b3:35:
51:5b:2e:8e:43:bb:0f:d7:c7:3c:93:ab:f8:12:1f:e1:7b:18:
b3:1e:56:b2:a2:62:8c:7a:b3:1c:a4:0a:eb:63:a9:db:b8:43:
f2:35:b5:3a:a1:d8:3e:05:e9:b1:7a:fa:62:18:cf:b3:e5:fe:
2c:21:e1:80:3d:cd:45:fe:ef:60:d7:23:4b:e5:9c:0d:ab:5c:
6c:b2:4f:3f:0d:04:93:a1:c0:d6:b8:27:17:2d:b5:e6:69:ff:
dd:c1:1f:04:74:da:e3:b1:eb:a9:1d:ea:a0:d5:5b:7a:53:fb:
b1:17:32:cd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ2qlo8KbJtXYoL2kNTbpuibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MWIxYTk5MzU4ZGFhNThlNzI2MjVjNGNlOWQ4MjllOTE4
ZWZjODYwHhcNMjYwNDIwMTExMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmZjZDA4YTY1Yzc5YjRlNjlmMzZjMGE1ZjU0NTFhZWJiYzI0NTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwi5ZDOD60OIIdNi3gN38Z7KLX9nB
863Dg5LnSI7e981/19S5bqmPzNCeUeyW9aLmXawtqo9KE8qGhJ2wonGTQbPkqpPZ
wrWTWA8VWBBb72xrHnZjx13nIrpgTWhBJjUGuPIoBCi4OqWV8tQkI1ZMPUtKXahS
Q2Fv2sbhKkfWn/5CgH0JmsQkVEeKWR8vOhjX6mYcgy6/liHiR/CUyM94ScAaMM3/
W1k/EzARXlhrTKTQHKrum+Uyo8KBKuXc5Grvbjhzu4qtQkhtvfklIaiP06/9XI7Q
SUH86jiHKE5myNIksinpeKWKPyf5Ecf52B+xXQDH15do8rzqivtDcg5CqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAL80Iplx5tOafNsCl9UUa67wkUNMB8GA1UdIwQY
MBaAFBkbGpk1japY5yYlxM6dgp6RjvyGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1JzYW1UV05xbGpuSmlYRXpwMkNucEdPX0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni82MTk3YzEtNzJmNC00ZTRmLWE0Yjgt
OWU0ZDBjZjk1NTQ0LzEvQXZ6UWltWEhtMDVwODJ3S1gxUlJycnZDUlEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni82MTk3YzEtNzJmNC00ZTRmLWE0YjgtOWU0ZDBjZjk1NTQ0
LzEvR1JzYW1UV05xbGpuSmlYRXpwMkNucEdPX0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVkUAwQA
uYXiMA0GCSqGSIb3DQEBCwUAA4IBAQBFrXipktIU+hwUyBlZ8IV5upXFLIuIlFg1
23q9UP3zbXbFzJw9YwzTJwr9aEvkF4IxlKjp8pbL6SNxEgd8naAcVIJJv1SGn6z/
nW5r5DcJY3HUMRg8Fqj9TW6hNV/+Wv3QzIbp30jDOJ8pqKvdsYln0/eQk0bB7VC8
bT4p0Qwg+1zX12XSTBJ8h1jyLKXKszVRWy6OQ7sP18c8k6v4Eh/hexizHlayomKM
erMcpArrY6nbuEPyNbU6odg+BemxevpiGM+z5f4sIeGAPc1F/u9g1yNL5ZwNq1xs
sk8/DQSTocDWuCcXLbXmaf/dwR8EdNrjseupHeqg1Vt6U/uxFzLN
-----END CERTIFICATE-----
Generated at Wed May 13 20:08:19 2026 by rpki-client