Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/g0_grii_J8fjSLB36dejSo-dFUU.roa
File: g0_grii_J8fjSLB36dejSo-dFUU.roa (raw, json)
Hash identifier: XQEngrLb6NuZE6JtmG7FzYD6Iozx+z9caV3IkC2js0w=
Subject key identifier: 83:4F:E0:AE:28:BF:27:C7:E3:48:B0:77:E9:D7:A3:4A:8F:9D:15:45
Certificate issuer: /CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Certificate serial: 019E0723A3B3721677F9A19C6301E54607BC
Authority key identifier: D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/g0_grii_J8fjSLB36dejSo-dFUU.roa
Signing time: Fri 08 May 2026 10:30:36 +0000
ROA not before: Fri 08 May 2026 10:30:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49544
IP address blocks: 5.180.216.0/23 maxlen: 23
5.180.218.0/23 maxlen: 23
5.200.0.0/19 maxlen: 24
31.204.128.0/19 maxlen: 24
31.204.132.0/22 maxlen: 22
31.204.136.0/23 maxlen: 23
31.204.140.0/22 maxlen: 22
31.204.144.0/24 maxlen: 24
31.204.156.0/23 maxlen: 23
89.104.168.0/23 maxlen: 23
89.104.170.0/23 maxlen: 23
89.104.172.0/22 maxlen: 22
89.104.176.0/23 maxlen: 23
89.104.178.0/23 maxlen: 23
89.104.180.0/24 maxlen: 24
89.104.181.0/24 maxlen: 24
91.195.234.0/23 maxlen: 23
91.198.152.0/24 maxlen: 24
91.216.207.0/24 maxlen: 24
104.153.84.0/22 maxlen: 22
109.200.192.0/19 maxlen: 24
109.200.194.0/23 maxlen: 23
109.200.208.0/22 maxlen: 22
138.128.136.0/22 maxlen: 22
138.128.140.0/22 maxlen: 22
146.247.76.0/22 maxlen: 22
162.244.52.0/22 maxlen: 23
162.245.204.0/22 maxlen: 22
185.41.140.0/22 maxlen: 22
185.50.104.0/22 maxlen: 22
185.52.12.0/22 maxlen: 24
185.179.200.0/23 maxlen: 24
185.179.202.0/23 maxlen: 24
185.197.24.0/22 maxlen: 23
188.122.64.0/19 maxlen: 24
193.43.218.0/23 maxlen: 23
193.43.218.0/24 maxlen: 24
212.19.224.0/22 maxlen: 22
213.163.64.0/19 maxlen: 24
213.179.192.0/19 maxlen: 19
213.179.192.0/22 maxlen: 22
213.179.196.0/22 maxlen: 22
213.179.200.0/22 maxlen: 22
213.179.204.0/22 maxlen: 22
213.179.209.0/24 maxlen: 24
213.179.210.0/23 maxlen: 23
213.179.212.0/22 maxlen: 22
213.179.216.0/22 maxlen: 22
213.179.220.0/23 maxlen: 23
2a00:1630::/29 maxlen: 32
2a00:1630::/32 maxlen: 48
2a00:1631::/32 maxlen: 32
2a00:1632::/32 maxlen: 32
2a00:1637::/32 maxlen: 32
2a00:1d20::/29 maxlen: 32
2a00:1d20::/34 maxlen: 34
2a00:1d20:4000::/34 maxlen: 34
2a00:1d20:8000::/34 maxlen: 34
2a00:1d26::/32 maxlen: 34
2a01:9580::/32 maxlen: 34
2a01:9580:c000::/34 maxlen: 34
2a04:c600::/29 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.mft
rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:07:23:a3:b3:72:16:77:f9:a1:9c:63:01:e5:46:07:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d41703db3020cc1ef2fd71091a468f4a649c238f
Validity
Not Before: May 8 10:30:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=834fe0ae28bf27c7e348b077e9d7a34a8f9d1545
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b6:25:15:d7:6d:8f:ca:97:6f:70:d9:8a:25:
2d:68:11:ba:d1:6c:5c:cf:99:76:71:c9:fb:cb:d7:
0c:d1:3a:5f:bf:b0:f8:9a:b9:59:87:0f:2a:65:43:
b3:8f:56:f8:83:c9:bb:92:86:cc:34:2e:1f:61:c3:
de:d1:c6:5e:68:77:20:bb:81:35:58:ad:c7:65:54:
a0:10:85:71:72:80:cd:ed:fe:01:73:75:c0:c3:3e:
ec:40:a5:cb:0b:68:37:34:60:61:9c:52:29:a3:e1:
70:e4:05:06:35:ab:77:86:99:4d:4f:04:fe:00:7a:
89:11:30:d6:4d:64:d7:df:9f:56:b2:18:5f:d5:9b:
f6:3b:b4:6c:a2:3b:6d:96:e2:d6:76:4e:d4:a3:d4:
07:2c:d8:9e:88:60:d7:6b:70:4b:28:60:a3:dc:62:
96:35:83:bb:36:f1:10:91:14:ae:41:06:68:6e:df:
ac:93:d5:6d:01:f3:bf:7e:42:e2:71:50:6a:2c:4f:
b0:65:6d:31:e9:cc:eb:18:7a:e5:f4:04:26:03:e1:
ad:2a:21:fe:71:7c:96:1c:4c:5a:2a:d1:b2:ec:26:
1c:48:0c:85:a9:7f:5c:cc:40:5a:01:ae:89:33:01:
2d:7d:d5:99:22:2c:97:0b:5f:f3:72:ce:33:2c:76:
74:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:4F:E0:AE:28:BF:27:C7:E3:48:B0:77:E9:D7:A3:4A:8F:9D:15:45
X509v3 Authority Key Identifier:
keyid:D4:17:03:DB:30:20:CC:1E:F2:FD:71:09:1A:46:8F:4A:64:9C:23:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1BcD2zAgzB7y_XEJGkaPSmScI48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/g0_grii_J8fjSLB36dejSo-dFUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/68554b-4f97-406c-90a6-48d31c75f31e/1/1BcD2zAgzB7y_XEJGkaPSmScI48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.216.0/22
5.200.0.0/19
31.204.128.0/19
89.104.168.0-89.104.181.255
91.195.234.0/23
91.198.152.0/24
91.216.207.0/24
104.153.84.0/22
109.200.192.0/19
138.128.136.0/21
146.247.76.0/22
162.244.52.0/22
162.245.204.0/22
185.41.140.0/22
185.50.104.0/22
185.52.12.0/22
185.179.200.0/22
185.197.24.0/22
188.122.64.0/19
193.43.218.0/23
212.19.224.0/22
213.163.64.0/19
213.179.192.0/19
IPv6:
2a00:1630::/29
2a00:1d20::/29
2a01:9580::/32
2a04:c600::/29
Signature Algorithm: sha256WithRSAEncryption
47:b9:53:cb:61:61:f0:dd:f9:eb:9d:e5:64:7e:0f:9c:c1:4d:
14:d8:d7:40:ce:7d:f6:9c:24:27:dd:49:10:66:74:3e:42:d6:
45:98:67:11:f8:2e:88:bc:49:e4:5f:32:6b:18:58:2c:ae:c9:
1e:01:41:5b:80:55:8a:ac:ad:f2:44:43:f8:1b:96:0a:09:da:
d7:1b:e6:af:f9:fd:ec:60:5f:5d:11:36:b9:01:2e:a0:ad:b2:
be:a0:75:6c:29:1b:7a:44:ab:c8:01:44:ae:f9:48:80:0e:08:
2e:ff:9f:af:77:8b:c4:41:bf:31:06:0a:2a:e9:64:c1:45:1b:
41:74:5f:e4:6a:7c:7e:fc:8a:e1:e8:82:ea:f6:53:f9:27:93:
d9:7e:54:59:43:97:f3:be:64:d4:25:4d:02:ff:ec:e1:79:00:
9f:8d:01:a3:ec:71:53:64:74:a1:0e:3e:87:20:84:bf:51:a6:
ba:61:72:35:d3:75:68:fa:b7:9e:5b:25:3f:32:e6:8e:26:b0:
11:90:c7:55:de:82:95:02:24:ef:78:88:04:bc:df:15:85:7f:
1d:bb:d5:34:f5:4e:1f:07:97:77:b7:8b:40:2e:cc:fc:9a:0c:
3b:93:1e:bb:0e:a5:9a:9d:33:ac:24:3d:a2:de:18:92:b8:60:
41:e3:d3:36
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZ4HI6OzchZ3+aGcYwHlRge8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MTcwM2RiMzAyMGNjMWVmMmZkNzEwOTFhNDY4ZjRhNjQ5
YzIzOGYwHhcNMjYwNTA4MTAzMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzRmZTBhZTI4YmYyN2M3ZTM0OGIwNzdlOWQ3YTM0YThmOWQxNTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbYlFddtj8qXb3DZiiUtaBG60Wxc
z5l2ccn7y9cM0Tpfv7D4mrlZhw8qZUOzj1b4g8m7kobMNC4fYcPe0cZeaHcgu4E1
WK3HZVSgEIVxcoDN7f4Bc3XAwz7sQKXLC2g3NGBhnFIpo+Fw5AUGNat3hplNTwT+
AHqJETDWTWTX359Wshhf1Zv2O7RsojttluLWdk7Uo9QHLNieiGDXa3BLKGCj3GKW
NYO7NvEQkRSuQQZobt+sk9VtAfO/fkLicVBqLE+wZW0x6czrGHrl9AQmA+GtKiH+
cXyWHExaKtGy7CYcSAyFqX9czEBaAa6JMwEtfdWZIiyXC1/zcs4zLHZ0hwIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFINP4K4ovyfH40iwd+nXo0qPnRVFMB8GA1UdIwQY
MBaAFNQXA9swIMwe8v1xCRpGj0pknCOPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYt
NDhkMzFjNzVmMzFlLzEvZzBfZ3JpaV9KOGZqU0xCMzZkZWpTby1kRlVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82ODU1NGItNGY5Ny00MDZjLTkwYTYtNDhkMzFjNzVmMzFl
LzEvMUJjRDJ6QWd6Qjd5X1hFSkdrYVBTbVNjSTQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBmQQCAAEwgZIDBAIF
tNgDBAUFyAADBAUfzIAwDAMEA1loqAMEAVlotAMEAVvD6gMEAFvGmAMEAFvYzwME
AmiZVAMEBW3IwAMEA4qAiAMEApL3TAMEAqL0NAMEAqL1zAMEArkpjAMEArkyaAME
Ark0DAMEArmzyAMEArnFGAMEBbx6QAMEAcEr2gMEAtQT4AMEBdWjQAMEBdWzwDAi
BAIAAjAcAwUDKgAWMAMFAyoAHSADBQAqAZWAAwUDKgTGADANBgkqhkiG9w0BAQsF
AAOCAQEAR7lTy2Fh8N35653lZH4PnMFNFNjXQM599pwkJ91JEGZ0PkLWRZhnEfgu
iLxJ5F8yaxhYLK7JHgFBW4BViqyt8kRD+BuWCgna1xvmr/n97GBfXRE2uQEuoK2y
vqB1bCkbekSryAFErvlIgA4ILv+fr3eLxEG/MQYKKulkwUUbQXRf5Gp8fvyK4eiC
6vZT+SeT2X5UWUOX875k1CVNAv/s4XkAn40Bo+xxU2R0oQ4+hyCEv1GmumFyNdN1
aPq3nlslPzLmjiawEZDHVd6ClQIk73iIBLzfFYV/HbvVNPVOHweXd7eLQC7M/JoM
O5Meuw6lmp0zrCQ9ot4YkrhgQePTNg==
-----END CERTIFICATE-----
Generated at Wed May 13 03:56:29 2026 by rpki-client