Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/632463-c2dc-4cb8-bc4f-2df99d8123b7/1/G2J1mbO5SfOgCeh5sYzB_zBsUlY.roa
File: G2J1mbO5SfOgCeh5sYzB_zBsUlY.roa (raw, json)
Hash identifier: yJMiIGusOoKDUJh8IDxxzE/Bfvy2Ug2/08WIutRLszo=
Subject key identifier: 1B:62:75:99:B3:B9:49:F3:A0:09:E8:79:B1:8C:C1:FF:30:6C:52:56
Certificate issuer: /CN=e95cc178cdf5ad9279939e5768ae8883ffbf35eb
Certificate serial: 019CB32F4AAD4C6A3DB9352A0231DEA6B778
Authority key identifier: E9:5C:C1:78:CD:F5:AD:92:79:93:9E:57:68:AE:88:83:FF:BF:35:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6VzBeM31rZJ5k55XaK6Ig_-_Nes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/632463-c2dc-4cb8-bc4f-2df99d8123b7/1/G2J1mbO5SfOgCeh5sYzB_zBsUlY.roa
Signing time: Tue 03 Mar 2026 10:12:26 +0000
ROA not before: Tue 03 Mar 2026 10:12:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34557
IP address blocks: 85.9.128.0/18 maxlen: 18
85.9.128.0/24 maxlen: 24
85.9.129.0/24 maxlen: 24
85.9.130.0/24 maxlen: 24
85.9.131.0/24 maxlen: 24
85.9.132.0/24 maxlen: 24
85.9.133.0/24 maxlen: 24
85.9.135.0/24 maxlen: 24
85.9.137.0/24 maxlen: 24
85.9.140.0/24 maxlen: 24
85.9.141.0/24 maxlen: 24
85.9.142.0/24 maxlen: 24
85.9.144.0/24 maxlen: 24
85.9.145.0/24 maxlen: 24
85.9.146.0/24 maxlen: 24
85.9.147.0/24 maxlen: 24
85.9.148.0/24 maxlen: 24
85.9.149.0/24 maxlen: 24
85.9.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/632463-c2dc-4cb8-bc4f-2df99d8123b7/1/6VzBeM31rZJ5k55XaK6Ig_-_Nes.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/632463-c2dc-4cb8-bc4f-2df99d8123b7/1/6VzBeM31rZJ5k55XaK6Ig_-_Nes.mft
rsync://rpki.ripe.net/repository/DEFAULT/6VzBeM31rZJ5k55XaK6Ig_-_Nes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b3:2f:4a:ad:4c:6a:3d:b9:35:2a:02:31:de:a6:b7:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e95cc178cdf5ad9279939e5768ae8883ffbf35eb
Validity
Not Before: Mar 3 10:12:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1b627599b3b949f3a009e879b18cc1ff306c5256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5e:00:9d:bb:8e:a9:9b:0b:37:c2:20:7a:0a:
0a:b0:0c:f8:87:02:5e:08:10:57:5e:e3:59:f4:17:
81:3c:55:5d:e6:66:a7:aa:08:48:ec:44:62:87:4f:
95:db:f7:50:b3:4e:d6:a0:13:d4:c1:ed:b8:f5:d9:
34:f4:a1:bd:e1:1a:57:a8:50:05:02:3b:c9:15:87:
48:fa:37:5d:73:75:3c:bf:16:01:b7:9b:82:32:6b:
6a:b4:4b:a9:84:fd:e3:f5:30:f5:9d:ff:63:03:a4:
d7:68:73:57:3b:cd:d8:e7:9b:e8:72:7c:3d:f8:ce:
6d:e7:f0:a2:ea:5a:c4:a3:1b:26:11:83:fc:3f:a4:
80:fb:54:83:cf:c6:00:85:88:ca:75:e8:27:ab:94:
ce:cc:11:91:e0:96:ec:39:52:d1:1d:5f:19:9b:13:
8e:8d:ae:00:26:c3:b4:df:e9:05:ea:23:2f:b5:ad:
72:6c:e3:ca:b8:19:82:f3:db:bf:95:a3:c3:4c:21:
89:77:a6:0c:2b:7d:d2:2b:12:1a:53:e5:1d:19:27:
22:a8:1d:a0:72:37:d7:da:f1:9e:50:f7:93:9e:7d:
da:1e:d9:ce:91:42:34:f6:f5:5f:4b:d4:07:ff:ef:
94:3b:13:bc:c2:92:bb:5c:20:d9:e4:e6:95:c7:7b:
5d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:62:75:99:B3:B9:49:F3:A0:09:E8:79:B1:8C:C1:FF:30:6C:52:56
X509v3 Authority Key Identifier:
keyid:E9:5C:C1:78:CD:F5:AD:92:79:93:9E:57:68:AE:88:83:FF:BF:35:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6VzBeM31rZJ5k55XaK6Ig_-_Nes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/632463-c2dc-4cb8-bc4f-2df99d8123b7/1/G2J1mbO5SfOgCeh5sYzB_zBsUlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/632463-c2dc-4cb8-bc4f-2df99d8123b7/1/6VzBeM31rZJ5k55XaK6Ig_-_Nes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.9.128.0/18
Signature Algorithm: sha256WithRSAEncryption
5e:b3:ef:cc:6c:0c:14:70:97:80:76:22:5b:d0:83:21:1d:4c:
9d:10:96:22:c6:e4:3e:7e:df:f2:20:a0:53:05:e2:2a:9c:e0:
1c:c8:71:ea:ae:f9:2c:c1:45:1a:97:15:00:5a:0b:99:12:42:
28:07:cb:22:92:b7:a5:d2:61:76:3e:18:1c:aa:6e:5d:ab:ed:
c8:cc:cd:d4:04:5d:42:a2:e2:72:61:14:ba:de:f3:4b:11:41:
36:ff:34:88:6a:72:9e:1a:8e:cd:04:b3:46:79:5f:a5:23:62:
5a:6a:94:8d:ec:0e:5d:94:3c:ce:f5:84:6d:ca:9e:f3:4a:78:
f1:16:56:46:38:d3:b7:ea:b9:6b:da:68:1a:9c:f7:66:44:0e:
34:c1:8f:fe:bd:84:6b:c8:a3:e9:75:7c:13:ad:35:5d:b8:04:
7c:53:c8:30:dc:70:95:f7:e4:67:9e:7c:e4:ec:3d:04:b6:99:
b5:03:5b:73:e8:b0:bc:32:c9:e9:31:47:9e:a1:90:7d:94:17:
5e:81:65:c7:df:88:bb:74:4b:ed:5d:80:76:4e:b8:a3:b5:2a:
33:58:8e:21:db:4a:a0:71:82:2e:9a:5d:30:ab:f1:da:c2:16:
cc:ee:4f:ea:72:a5:c8:19:25:47:6e:92:19:b5:0c:3d:43:6e:
14:3b:05:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZyzL0qtTGo9uTUqAjHeprd4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NWNjMTc4Y2RmNWFkOTI3OTkzOWU1NzY4YWU4ODgzZmZi
ZjM1ZWIwHhcNMjYwMzAzMTAxMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjYyNzU5OWIzYjk0OWYzYTAwOWU4NzliMThjYzFmZjMwNmM1MjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx14AnbuOqZsLN8IgegoKsAz4hwJe
CBBXXuNZ9BeBPFVd5manqghI7ERih0+V2/dQs07WoBPUwe249dk09KG94RpXqFAF
AjvJFYdI+jddc3U8vxYBt5uCMmtqtEuphP3j9TD1nf9jA6TXaHNXO83Y55vocnw9
+M5t5/Ci6lrEoxsmEYP8P6SA+1SDz8YAhYjKdegnq5TOzBGR4JbsOVLRHV8ZmxOO
ja4AJsO03+kF6iMvta1ybOPKuBmC89u/laPDTCGJd6YMK33SKxIaU+UdGSciqB2g
cjfX2vGeUPeTnn3aHtnOkUI09vVfS9QH/++UOxO8wpK7XCDZ5OaVx3tdAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBtidZmzuUnzoAnoebGMwf8wbFJWMB8GA1UdIwQY
MBaAFOlcwXjN9a2SeZOeV2iuiIP/vzXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlZ6QmVNMzFyWko1azU1WGFLNklnXy1fTmVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82MzI0NjMtYzJkYy00Y2I4LWJjNGYt
MmRmOTlkODEyM2I3LzEvRzJKMW1iTzVTZk9nQ2VoNXNZekJfekJzVWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82MzI0NjMtYzJkYy00Y2I4LWJjNGYtMmRmOTlkODEyM2I3
LzEvNlZ6QmVNMzFyWko1azU1WGFLNklnXy1fTmVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGVQmAMA0G
CSqGSIb3DQEBCwUAA4IBAQBes+/MbAwUcJeAdiJb0IMhHUydEJYixuQ+ft/yIKBT
BeIqnOAcyHHqrvkswUUalxUAWguZEkIoB8sikrel0mF2Phgcqm5dq+3IzM3UBF1C
ouJyYRS63vNLEUE2/zSIanKeGo7NBLNGeV+lI2JaapSN7A5dlDzO9YRtyp7zSnjx
FlZGONO36rlr2mganPdmRA40wY/+vYRryKPpdXwTrTVduAR8U8gw3HCV9+Rnnnzk
7D0Etpm1A1tz6LC8MsnpMUeeoZB9lBdegWXH34i7dEvtXYB2TrijtSozWI4h20qg
cYIuml0wq/HawhbM7k/qcqXIGSVHbpIZtQw9Q24UOwUp
-----END CERTIFICATE-----
Generated at Thu Mar 26 20:33:34 2026 by rpki-client