Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/gCXrBFLxOw6kqjD16CuMsL6zWgE.roa
File: gCXrBFLxOw6kqjD16CuMsL6zWgE.roa (raw, json)
Hash identifier: v9RU6FPgMI/ClMLp92GPHhi/v35/JkjC+Xjyrv6zdv8=
Subject key identifier: 80:25:EB:04:52:F1:3B:0E:A4:AA:30:F5:E8:2B:8C:B0:BE:B3:5A:01
Certificate issuer: /CN=a999cffa6e48fa2c4f8d09803396b457a630a33d
Certificate serial: 019DB966AB175959BF1466A1F78760DE6357
Authority key identifier: A9:99:CF:FA:6E:48:FA:2C:4F:8D:09:80:33:96:B4:57:A6:30:A3:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/gCXrBFLxOw6kqjD16CuMsL6zWgE.roa
Signing time: Thu 23 Apr 2026 08:13:26 +0000
ROA not before: Thu 23 Apr 2026 08:13:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212655
IP address blocks: 45.92.44.0/22 maxlen: 24
83.217.160.0/20 maxlen: 20
87.192.96.0/19 maxlen: 24
89.127.224.0/21 maxlen: 21
185.8.92.0/24 maxlen: 24
185.8.94.0/23 maxlen: 24
185.8.94.0/24 maxlen: 24
185.26.240.0/22 maxlen: 22
185.43.128.0/22 maxlen: 22
185.83.64.0/22 maxlen: 22
185.154.144.0/22 maxlen: 22
193.28.90.0/24 maxlen: 24
2a0e:1d40::/29 maxlen: 41
2a0e:1d47:8080::/41 maxlen: 41
2a0e:1d47:da80::/41 maxlen: 41
2a10:6940::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b9:66:ab:17:59:59:bf:14:66:a1:f7:87:60:de:63:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a999cffa6e48fa2c4f8d09803396b457a630a33d
Validity
Not Before: Apr 23 08:13:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8025eb0452f13b0ea4aa30f5e82b8cb0beb35a01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e0:ae:1a:2b:99:87:95:a9:49:9c:95:1b:2a:
c5:e9:49:2e:38:dd:b6:89:87:af:56:01:b1:ae:e6:
9d:22:f2:cd:80:91:6b:2b:a2:25:b4:80:39:1c:2d:
c7:7a:ff:57:54:6f:e9:8e:2e:b3:8d:e5:f3:a3:2a:
cf:26:28:db:b4:12:0f:ef:0d:31:12:65:91:24:50:
19:6e:21:83:89:3b:48:ea:b5:f8:aa:90:ce:22:18:
73:3d:7f:45:7e:96:a7:d4:30:96:64:22:76:57:d6:
69:11:56:30:bd:49:5f:dc:c5:6f:ab:83:91:00:60:
53:57:f5:cc:04:be:66:03:d6:96:90:b6:b2:b2:67:
8c:b9:99:d3:61:61:9d:d3:59:68:b9:66:12:33:09:
ab:c5:7f:f6:eb:e3:a2:12:a1:c8:35:b2:33:9c:77:
75:84:29:55:2f:34:81:f5:fd:93:52:cf:eb:9c:8c:
b0:1c:b8:b3:9f:a7:ac:b3:94:bd:47:f2:e8:53:2b:
7f:64:f6:94:b5:d2:3b:f4:81:e9:a5:08:14:9b:45:
57:f6:db:5e:61:59:1e:fe:a6:57:9d:f8:6c:d4:08:
59:c2:bb:28:66:63:c2:0c:21:8d:d0:8c:09:40:6f:
0f:f8:65:4e:67:a7:d6:f3:5b:0b:15:25:3a:f0:d7:
c8:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:25:EB:04:52:F1:3B:0E:A4:AA:30:F5:E8:2B:8C:B0:BE:B3:5A:01
X509v3 Authority Key Identifier:
keyid:A9:99:CF:FA:6E:48:FA:2C:4F:8D:09:80:33:96:B4:57:A6:30:A3:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/gCXrBFLxOw6kqjD16CuMsL6zWgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.44.0/22
83.217.160.0/20
87.192.96.0/19
89.127.224.0/21
185.8.92.0/24
185.8.94.0/23
185.26.240.0/22
185.43.128.0/22
185.83.64.0/22
185.154.144.0/22
193.28.90.0/24
IPv6:
2a0e:1d40::/29
2a10:6940::/29
Signature Algorithm: sha256WithRSAEncryption
71:29:62:10:67:0e:24:b5:41:e9:dd:22:6a:04:03:e7:9d:4d:
c7:af:34:6c:86:17:f0:68:a3:95:a5:47:40:d9:ae:0b:3e:e0:
61:69:d4:a7:7e:35:9d:4c:f6:62:b1:1f:65:52:ea:86:1c:89:
af:43:65:3b:32:b2:9c:8e:70:b4:fe:79:b8:d2:89:ca:be:c2:
bb:8e:73:37:74:bb:84:a7:96:8d:e2:15:32:92:e6:d4:b9:a0:
bc:ba:88:d6:a2:f3:a5:dc:d0:d0:05:ff:03:9f:39:d8:0e:65:
c4:50:00:cf:6a:78:77:53:a6:3f:b8:34:e7:a0:70:3b:5c:ac:
85:00:f1:9f:07:42:70:a5:18:11:36:52:69:e1:6c:b4:91:ce:
58:e6:65:95:86:32:d4:43:8a:6a:3c:29:2c:87:2a:0d:74:3c:
dc:fa:03:c6:01:32:69:a0:d8:2c:96:2c:dd:09:3b:71:81:ab:
1f:bc:81:aa:20:21:34:d2:d4:11:b5:4b:26:26:d8:c0:ea:3d:
d0:ae:98:58:e1:86:87:8a:2e:41:69:15:5c:30:7f:0b:b1:f1:
8e:1d:3d:f3:15:69:5d:7d:1d:be:da:9b:97:b8:95:17:8c:0c:
7d:70:14:7c:7f:c2:b5:f8:70:25:b9:a7:e1:0f:3e:3d:b2:83:
41:3f:f6:97
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZ25ZqsXWVm/FGah94dg3mNXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5OTljZmZhNmU0OGZhMmM0ZjhkMDk4MDMzOTZiNDU3YTYz
MGEzM2QwHhcNMjYwNDIzMDgxMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDI1ZWIwNDUyZjEzYjBlYTRhYTMwZjVlODJiOGNiMGJlYjM1YTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4OCuGiuZh5WpSZyVGyrF6UkuON22
iYevVgGxruadIvLNgJFrK6IltIA5HC3Hev9XVG/pji6zjeXzoyrPJijbtBIP7w0x
EmWRJFAZbiGDiTtI6rX4qpDOIhhzPX9Ffpan1DCWZCJ2V9ZpEVYwvUlf3MVvq4OR
AGBTV/XMBL5mA9aWkLaysmeMuZnTYWGd01louWYSMwmrxX/26+OiEqHINbIznHd1
hClVLzSB9f2TUs/rnIywHLizn6ess5S9R/LoUyt/ZPaUtdI79IHppQgUm0VX9tte
YVke/qZXnfhs1AhZwrsoZmPCDCGN0IwJQG8P+GVOZ6fW81sLFSU68NfIqwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFIAl6wRS8TsOpKow9egrjLC+s1oBMB8GA1UdIwQY
MBaAFKmZz/puSPosT40JgDOWtFemMKM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVpuUC1tNUktaXhQalFtQU01YTBWNll3b3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9mMTQzZDAtYWViOC00YjUyLTljMzUt
YjNhNTA5MTBjMmE4LzEvZ0NYckJGTHhPdzZrcWpEMTZDdU1zTDZ6V2dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9mMTQzZDAtYWViOC00YjUyLTljMzUtYjNhNTA5MTBjMmE4
LzEvcVpuUC1tNUktaXhQalFtQU01YTBWNll3b3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBIBAIAATBCAwQCLVwsAwQE
U9mgAwQFV8BgAwQDWX/gAwQAuQhcAwQBuQheAwQCuRrwAwQCuSuAAwQCuVNAAwQC
uZqQAwQAwRxaMBQEAgACMA4DBQMqDh1AAwUDKhBpQDANBgkqhkiG9w0BAQsFAAOC
AQEAcSliEGcOJLVB6d0iagQD551Nx680bIYX8GijlaVHQNmuCz7gYWnUp341nUz2
YrEfZVLqhhyJr0NlOzKynI5wtP55uNKJyr7Cu45zN3S7hKeWjeIVMpLm1LmgvLqI
1qLzpdzQ0AX/A5852A5lxFAAz2p4d1OmP7g056BwO1yshQDxnwdCcKUYETZSaeFs
tJHOWOZllYYy1EOKajwpLIcqDXQ83PoDxgEyaaDYLJYs3Qk7cYGrH7yBqiAhNNLU
EbVLJibYwOo90K6YWOGGh4ouQWkVXDB/C7Hxjh098xVpXX0dvtqbl7iVF4wMfXAU
fH/CtfhwJbmn4Q8+PbKDQT/2lw==
-----END CERTIFICATE-----
Generated at Wed May 13 08:00:28 2026 by rpki-client