Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/1-galbq36Kz9eu9YtknB6JDAXSME.roa
File: 1-galbq36Kz9eu9YtknB6JDAXSME.roa (raw, json)
Hash identifier: aOj2t9UC778Zc6ml9auv2FSdlhxMKBwpnBngLy3nyLk=
Subject key identifier: FA:06:A5:6E:AD:FA:2B:3F:5E:BB:D6:2D:92:70:7A:24:30:17:48:C1
Certificate issuer: /CN=5754d19527fd85d0d444acadd44a01655fdc7400
Certificate serial: 019DAFE8DBFB5347B80940FF5A776FF2A9F4
Authority key identifier: 57:54:D1:95:27:FD:85:D0:D4:44:AC:AD:D4:4A:01:65:5F:DC:74:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1TRlSf9hdDURKyt1EoBZV_cdAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/1-galbq36Kz9eu9YtknB6JDAXSME.roa
Signing time: Tue 21 Apr 2026 11:59:26 +0000
ROA not before: Tue 21 Apr 2026 11:59:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14618
IP address blocks: 193.219.115.0/24 maxlen: 24
2a00:a640:10a0::/44 maxlen: 48
2a00:a640:20a0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/V1TRlSf9hdDURKyt1EoBZV_cdAA.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/V1TRlSf9hdDURKyt1EoBZV_cdAA.mft
rsync://rpki.ripe.net/repository/DEFAULT/V1TRlSf9hdDURKyt1EoBZV_cdAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:af:e8:db:fb:53:47:b8:09:40:ff:5a:77:6f:f2:a9:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5754d19527fd85d0d444acadd44a01655fdc7400
Validity
Not Before: Apr 21 11:59:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fa06a56eadfa2b3f5ebbd62d92707a24301748c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:31:d5:c8:67:a7:bd:d1:64:b8:84:ef:c9:c3:
e7:25:cf:bc:3e:fe:08:60:8b:84:99:d1:d8:32:9c:
e3:bd:dc:6f:dd:88:a0:93:24:bd:e8:f2:ff:5e:55:
a7:e0:5b:49:a0:a5:7a:f9:fb:e1:72:c3:3f:8e:91:
e2:19:c9:75:4f:a8:84:88:93:f2:fc:d5:10:ea:6d:
f6:63:2a:96:d9:4b:5b:6b:72:b3:5c:65:7e:36:ed:
e1:93:3f:c5:8f:bf:08:6c:f8:cb:86:11:3a:8a:c2:
c0:03:a6:b8:a8:46:89:03:3e:0a:9a:41:03:ac:e3:
ea:9f:16:87:ce:12:99:5b:a4:46:3a:b0:c7:4c:26:
0a:5f:12:b5:7a:2a:79:4d:d8:4d:80:07:7d:7e:8e:
97:09:af:60:96:fc:d7:94:3c:7e:fe:f1:b5:c0:d8:
6b:cc:33:ed:72:9c:cf:d6:d5:f6:46:f0:97:0b:07:
49:4d:c7:7a:a6:c0:41:b1:46:8e:48:0b:45:a6:56:
50:23:e3:76:52:6b:4c:4f:83:ee:0b:68:ea:44:38:
d9:8b:24:0b:47:14:32:c1:e3:dd:93:df:c1:e9:42:
ff:57:db:62:f8:71:ff:19:19:06:a1:d9:a6:6c:c3:
e7:aa:1f:49:ea:39:49:22:bb:01:99:7a:06:c7:57:
37:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:06:A5:6E:AD:FA:2B:3F:5E:BB:D6:2D:92:70:7A:24:30:17:48:C1
X509v3 Authority Key Identifier:
keyid:57:54:D1:95:27:FD:85:D0:D4:44:AC:AD:D4:4A:01:65:5F:DC:74:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1TRlSf9hdDURKyt1EoBZV_cdAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/1-galbq36Kz9eu9YtknB6JDAXSME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/7c9fcc-8fce-44b7-b6bf-11776031415f/1/V1TRlSf9hdDURKyt1EoBZV_cdAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.219.115.0/24
IPv6:
2a00:a640:10a0::/44
2a00:a640:20a0::/44
Signature Algorithm: sha256WithRSAEncryption
0e:d4:72:cd:df:8d:09:e1:3c:56:60:42:2d:97:ae:de:f6:e7:
2b:60:67:5a:e0:1a:b7:1b:80:e1:c2:cf:34:ef:65:75:a4:85:
d6:1b:6b:ed:a5:fe:f4:01:8d:39:2a:c3:a1:f1:c3:03:3a:2d:
5c:b0:07:9e:ce:b2:ad:db:86:13:b7:51:f3:60:f2:d1:35:20:
78:7d:0d:19:13:8c:98:38:cc:a1:ef:1c:37:78:90:64:82:01:
a3:c9:67:bd:35:cf:01:a8:4d:12:cd:a0:57:90:d0:bb:34:6f:
c2:a3:01:83:31:94:2b:84:8e:cb:5a:3a:db:b8:11:a2:33:c8:
e5:d7:f2:10:8b:0e:0b:5e:2d:6d:68:98:8f:cf:42:4b:66:66:
86:43:e1:c3:11:e3:e1:83:c5:0d:e7:ef:8c:f0:ca:db:39:e1:
68:a9:6a:74:ac:ec:88:c8:1d:47:73:c2:65:ff:41:23:1b:d9:
14:29:4b:67:2e:43:3f:40:5d:95:34:0a:28:a3:ab:4a:21:89:
70:40:86:3d:84:45:3b:cf:a7:27:6a:69:6c:c9:a4:11:77:22:
cb:3d:51:8d:5d:6c:c7:cc:39:b6:e8:4c:0b:6e:93:77:df:01:
9e:a5:1e:82:f9:52:fa:6c:38:b8:2d:e1:05:dd:30:93:09:3d:
c8:2f:ef:dc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ2v6Nv7U0e4CUD/Wndv8qn0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTRkMTk1MjdmZDg1ZDBkNDQ0YWNhZGQ0NGEwMTY1NWZk
Yzc0MDAwHhcNMjYwNDIxMTE1OTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTA2YTU2ZWFkZmEyYjNmNWViYmQ2MmQ5MjcwN2EyNDMwMTc0OGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDHVyGenvdFkuITvycPnJc+8Pv4I
YIuEmdHYMpzjvdxv3YigkyS96PL/XlWn4FtJoKV6+fvhcsM/jpHiGcl1T6iEiJPy
/NUQ6m32YyqW2Utba3KzXGV+Nu3hkz/Fj78IbPjLhhE6isLAA6a4qEaJAz4KmkED
rOPqnxaHzhKZW6RGOrDHTCYKXxK1eip5TdhNgAd9fo6XCa9glvzXlDx+/vG1wNhr
zDPtcpzP1tX2RvCXCwdJTcd6psBBsUaOSAtFplZQI+N2UmtMT4PuC2jqRDjZiyQL
RxQywePdk9/B6UL/V9ti+HH/GRkGodmmbMPnqh9J6jlJIrsBmXoGx1c3/wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPoGpW6t+is/XrvWLZJweiQwF0jBMB8GA1UdIwQY
MBaAFFdU0ZUn/YXQ1ESsrdRKAWVf3HQAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFUUmxTZjloZERVUkt5dDFFb0JaVl9jZEFBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS83YzlmY2MtOGZjZS00NGI3LWI2YmYt
MTE3NzYwMzE0MTVmLzEvMS1nYWxicTM2S3o5ZXU5WXRrbkI2SkRBWFNNRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODEvN2M5ZmNjLThmY2UtNDRiNy1iNmJmLTExNzc2MDMxNDE1
Zi8xL1YxVFJsU2Y5aGREVVJLeXQxRW9CWlZfY2RBQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQqMCgwDAQCAAEwBgMEAMHbczAY
BAIAAjASAwcEKgCmQBCgAwcEKgCmQCCgMA0GCSqGSIb3DQEBCwUAA4IBAQAO1HLN
340J4TxWYEItl67e9ucrYGda4Bq3G4Dhws8072V1pIXWG2vtpf70AY05KsOh8cMD
Oi1csAeezrKt24YTt1HzYPLRNSB4fQ0ZE4yYOMyh7xw3eJBkggGjyWe9Nc8BqE0S
zaBXkNC7NG/CowGDMZQrhI7LWjrbuBGiM8jl1/IQiw4LXi1taJiPz0JLZmaGQ+HD
EePhg8UN5++M8MrbOeFoqWp0rOyIyB1Hc8Jl/0EjG9kUKUtnLkM/QF2VNAooo6tK
IYlwQIY9hEU7z6cnamlsyaQRdyLLPVGNXWzHzDm26EwLbpN33wGepR6C+VL6bDi4
LeEF3TCTCT3IL+/c
-----END CERTIFICATE-----
Generated at Wed May 13 05:24:57 2026 by rpki-client