Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/geuCX65zM5b7m_vZubXGXyTi8IY.roa
File: geuCX65zM5b7m_vZubXGXyTi8IY.roa (raw, json)
Hash identifier: qQCab6ruYYvNVl/wsnvfIx6ptbnTRuSgj4X/okH45lc=
Subject key identifier: 81:EB:82:5F:AE:73:33:96:FB:9B:FB:D9:B9:B5:C6:5F:24:E2:F0:86
Certificate issuer: /CN=4200982284a050d941dbebbd04b5d0c914f635b7
Certificate serial: 019D1FD18820CEF1F180FA758E809A06B48F
Authority key identifier: 42:00:98:22:84:A0:50:D9:41:DB:EB:BD:04:B5:D0:C9:14:F6:35:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/geuCX65zM5b7m_vZubXGXyTi8IY.roa
Signing time: Tue 24 Mar 2026 12:28:38 +0000
ROA not before: Tue 24 Mar 2026 12:28:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200651
IP address blocks: 37.156.68.0/24 maxlen: 24
37.228.128.0/24 maxlen: 24
37.228.129.0/24 maxlen: 24
85.193.77.0/24 maxlen: 24
94.198.190.0/24 maxlen: 24
185.10.68.0/24 maxlen: 24
185.100.84.0/23 maxlen: 23
185.100.86.0/24 maxlen: 24
185.100.87.0/24 maxlen: 24
185.146.232.0/24 maxlen: 24
185.146.233.0/24 maxlen: 24
185.146.234.0/24 maxlen: 24
185.165.168.0/24 maxlen: 24
185.165.169.0/24 maxlen: 24
185.165.170.0/24 maxlen: 24
185.165.171.0/24 maxlen: 24
185.246.188.0/24 maxlen: 24
185.246.189.0/24 maxlen: 24
185.246.190.0/24 maxlen: 24
185.246.191.0/24 maxlen: 24
185.247.224.0/24 maxlen: 24
185.247.225.0/24 maxlen: 24
185.247.226.0/24 maxlen: 24
188.240.231.0/24 maxlen: 24
188.241.54.0/24 maxlen: 24
213.218.160.0/24 maxlen: 24
2a06:1700::/48 maxlen: 48
2a06:1700:1::/48 maxlen: 48
2a06:1700:2::/48 maxlen: 48
2a06:1700:3::/48 maxlen: 48
2a06:1700:4::/48 maxlen: 48
2a06:1700:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1f:d1:88:20:ce:f1:f1:80:fa:75:8e:80:9a:06:b4:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4200982284a050d941dbebbd04b5d0c914f635b7
Validity
Not Before: Mar 24 12:28:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=81eb825fae733396fb9bfbd9b9b5c65f24e2f086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ca:f5:b0:ea:e5:b4:68:f6:c4:23:f7:0d:ac:
84:4b:4d:1e:4f:7d:07:77:76:c7:72:b0:88:ad:42:
2d:ed:3b:d8:55:27:1d:54:87:79:af:7a:63:04:e5:
ee:f3:52:29:58:59:ef:dc:4f:08:b9:e3:40:e0:9f:
5a:94:64:35:ca:1e:7f:a6:b0:96:3b:f2:45:42:59:
e1:5b:51:bc:64:35:ad:3a:e2:14:f0:76:31:d7:90:
df:9e:c0:38:29:f8:6a:4e:61:bb:cc:47:f1:06:42:
31:ba:34:df:d6:71:a0:87:f0:e8:38:8e:9d:1c:77:
ef:1b:3a:13:e9:6f:6f:6f:15:31:69:b6:3c:29:94:
9a:34:11:58:83:f2:32:a6:3a:b4:1d:9c:33:12:01:
17:09:cc:57:f5:da:40:8a:10:4b:bc:ae:32:f7:cb:
f9:f5:27:db:86:de:7f:2e:2f:8d:9e:97:55:94:4c:
83:98:97:4e:95:57:b0:3a:d2:65:ce:0f:c7:b3:41:
ae:db:b1:cd:bb:4a:db:3c:45:3a:79:8b:88:52:5f:
6f:62:e0:c6:50:f9:4d:60:9b:73:92:a9:11:6f:90:
71:8b:5a:23:bf:37:6b:96:1f:0d:37:38:d5:96:6a:
1d:5f:80:c0:14:71:94:35:cf:d4:9a:fe:4d:fc:d6:
ff:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:EB:82:5F:AE:73:33:96:FB:9B:FB:D9:B9:B5:C6:5F:24:E2:F0:86
X509v3 Authority Key Identifier:
keyid:42:00:98:22:84:A0:50:D9:41:DB:EB:BD:04:B5:D0:C9:14:F6:35:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/geuCX65zM5b7m_vZubXGXyTi8IY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.68.0/24
37.228.128.0/23
85.193.77.0/24
94.198.190.0/24
185.10.68.0/24
185.100.84.0/22
185.146.232.0-185.146.234.255
185.165.168.0/22
185.246.188.0/22
185.247.224.0-185.247.226.255
188.240.231.0/24
188.241.54.0/24
213.218.160.0/24
IPv6:
2a06:1700::-2a06:1700:4:ffff:ffff:ffff:ffff:ffff
2a06:1700:100::/48
Signature Algorithm: sha256WithRSAEncryption
62:2c:ef:27:94:da:9e:55:09:6b:69:93:b0:19:1f:27:23:6c:
c7:ec:ff:bd:98:c0:3e:92:ec:fe:9b:48:33:89:b6:08:10:c7:
76:a7:91:64:f1:02:a3:23:69:86:2e:81:3b:dd:cf:29:df:cd:
58:6a:65:9e:64:6c:c0:8b:e1:82:72:80:f7:25:98:10:4a:16:
08:6f:d8:9c:5c:69:86:08:e0:40:d0:45:c6:5e:69:7d:cc:90:
85:4a:be:2d:53:22:a4:33:a5:62:cd:15:10:32:10:de:8f:f8:
b7:9f:83:0c:26:93:c7:70:f7:06:48:86:22:bb:95:62:d7:ff:
de:bd:e4:c3:a0:c4:4f:b8:da:55:9e:f3:d7:8d:a7:27:a8:89:
6a:16:77:41:da:62:20:2d:86:68:88:81:da:2a:4b:06:df:d9:
a0:88:3a:ba:a3:bd:36:e9:ae:ad:4d:d3:48:ea:be:52:87:99:
df:b2:16:4e:d5:0a:be:08:e1:cb:c2:11:a9:d8:b2:ec:72:55:
57:bd:c2:ae:49:83:16:11:e0:1c:8b:56:11:c0:02:80:46:42:
3b:43:e0:2e:43:cb:08:dd:aa:81:d0:be:e4:ba:f4:b8:7b:ee:
8a:86:e4:bd:26:e7:f1:4e:4e:5b:e1:f6:a3:34:d7:94:20:b4:
9e:3e:e1:eb
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAZ0f0YggzvHxgPp1joCaBrSPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMDA5ODIyODRhMDUwZDk0MWRiZWJiZDA0YjVkMGM5MTRm
NjM1YjcwHhcNMjYwMzI0MTIyODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWViODI1ZmFlNzMzMzk2ZmI5YmZiZDliOWI1YzY1ZjI0ZTJmMDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Mr1sOrltGj2xCP3DayES00eT30H
d3bHcrCIrUIt7TvYVScdVId5r3pjBOXu81IpWFnv3E8IueNA4J9alGQ1yh5/prCW
O/JFQlnhW1G8ZDWtOuIU8HYx15DfnsA4KfhqTmG7zEfxBkIxujTf1nGgh/DoOI6d
HHfvGzoT6W9vbxUxabY8KZSaNBFYg/Iypjq0HZwzEgEXCcxX9dpAihBLvK4y98v5
9Sfbht5/Li+NnpdVlEyDmJdOlVewOtJlzg/Hs0Gu27HNu0rbPEU6eYuIUl9vYuDG
UPlNYJtzkqkRb5Bxi1ojvzdrlh8NNzjVlmodX4DAFHGUNc/Umv5N/Nb/0wIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFIHrgl+uczOW+5v72bm1xl8k4vCGMB8GA1UdIwQY
MBaAFEIAmCKEoFDZQdvrvQS10MkU9jW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWdDWUlvU2dVTmxCMi11OUJMWFF5UlQyTmJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9jNjg4MTktMmY5ZS00NGNlLTg4MTAt
NTFkYzJiMDk2ZGVmLzEvZ2V1Q1g2NXpNNWI3bV92WnViWEdYeVRpOElZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9jNjg4MTktMmY5ZS00NGNlLTg4MTAtNTFkYzJiMDk2ZGVm
LzEvUWdDWUlvU2dVTmxCMi11OUJMWFF5UlQyTmJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBkBAIAATBeAwQAJZxE
AwQBJeSAAwQAVcFNAwQAXsa+AwQAuQpEAwQCuWRUMAwDBAO5kugDBAC5kuoDBAK5
pagDBAK59rwwDAMEBbn34AMEALn34gMEALzw5wMEALzxNgMEANXaoDAgBAIAAjAa
MA8DBAAqBhcDBwAqBhcAAAQDBwAqBhcAAQAwDQYJKoZIhvcNAQELBQADggEBAGIs
7yeU2p5VCWtpk7AZHycjbMfs/72YwD6S7P6bSDOJtggQx3ankWTxAqMjaYYugTvd
zynfzVhqZZ5kbMCL4YJygPclmBBKFghv2JxcaYYI4EDQRcZeaX3MkIVKvi1TIqQz
pWLNFRAyEN6P+Lefgwwmk8dw9wZIhiK7lWLX/9695MOgxE+42lWe89eNpyeoiWoW
d0HaYiAthmiIgdoqSwbf2aCIOrqjvTbprq1N00jqvlKHmd+yFk7VCr4I4cvCEanY
suxyVVe9wq5JgxYR4ByLVhHAAoBGQjtD4C5DywjdqoHQvuS69Lh77oqG5L0m5/FO
Tlvh9qM015QgtJ4+4es=
-----END CERTIFICATE-----
Generated at Thu Mar 26 18:41:24 2026 by rpki-client