Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/b98b9f-b581-4e3e-ae8a-987d869566f6/1/gvthCNIXZpaMb2ZutbDvX6DCkBk.roa
File: gvthCNIXZpaMb2ZutbDvX6DCkBk.roa (raw, json)
Hash identifier: tPtLLMo+LPUP4l2VgdhxLWlnMKhOqjN726EsOHNpydc=
Subject key identifier: 82:FB:61:08:D2:17:66:96:8C:6F:66:6E:B5:B0:EF:5F:A0:C2:90:19
Certificate issuer: /CN=20820f796481ac0e9637c962414597b1fe227c24
Certificate serial: 019CD87E2A7B82807E7CB75FAB85257B1F96
Authority key identifier: 20:82:0F:79:64:81:AC:0E:96:37:C9:62:41:45:97:B1:FE:22:7C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IIIPeWSBrA6WN8liQUWXsf4ifCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/b98b9f-b581-4e3e-ae8a-987d869566f6/1/gvthCNIXZpaMb2ZutbDvX6DCkBk.roa
Signing time: Tue 10 Mar 2026 16:04:32 +0000
ROA not before: Tue 10 Mar 2026 16:04:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203483
IP address blocks: 185.11.94.0/23 maxlen: 24
185.11.95.0/24 maxlen: 24
2a0c:9680:2::/48 maxlen: 48
2a0c:9680:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/b98b9f-b581-4e3e-ae8a-987d869566f6/1/IIIPeWSBrA6WN8liQUWXsf4ifCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/b98b9f-b581-4e3e-ae8a-987d869566f6/1/IIIPeWSBrA6WN8liQUWXsf4ifCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IIIPeWSBrA6WN8liQUWXsf4ifCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d8:7e:2a:7b:82:80:7e:7c:b7:5f:ab:85:25:7b:1f:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20820f796481ac0e9637c962414597b1fe227c24
Validity
Not Before: Mar 10 16:04:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=82fb6108d21766968c6f666eb5b0ef5fa0c29019
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4c:e4:75:1b:e3:6a:a5:4f:69:3a:30:34:cf:
7b:04:5d:81:e1:20:fb:c5:c4:0f:fa:1e:6e:dd:31:
ea:27:f3:5b:d4:89:9d:f1:bb:aa:c2:b5:ce:c2:68:
13:42:b7:09:3f:79:f1:c0:a6:a2:7f:5d:b7:4e:22:
fb:77:7d:02:91:9b:d2:8d:0b:4f:5c:d3:73:04:ab:
28:fe:23:ad:8f:89:da:55:29:db:b8:6e:8c:9c:0c:
88:9c:3d:d6:5c:95:b3:08:ff:71:8b:87:55:fb:e5:
19:0a:d7:2d:87:6e:29:ca:43:38:fe:7d:2a:83:4a:
d3:c9:4f:97:e7:f4:2a:ad:21:75:b8:15:a6:c3:87:
34:0b:63:07:47:b6:78:2a:d1:ca:c2:f3:66:f4:2e:
cd:41:91:6d:83:bf:fb:4d:9a:10:67:21:7c:3e:e9:
3c:3b:eb:a9:96:18:e5:83:2f:ef:0c:1d:db:fb:02:
ee:e5:8d:1c:3d:30:95:53:a7:f8:d5:9d:2a:af:1f:
6b:de:3e:6a:0b:97:f3:51:65:0a:7d:69:b4:bd:07:
e9:84:4e:c8:79:72:6f:d3:7c:8d:3f:93:b7:02:a6:
67:31:7f:78:22:b9:78:5a:89:35:f2:49:80:cc:d5:
8a:4b:ca:74:36:1d:73:9c:d2:43:cb:57:f9:ed:10:
2e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:FB:61:08:D2:17:66:96:8C:6F:66:6E:B5:B0:EF:5F:A0:C2:90:19
X509v3 Authority Key Identifier:
keyid:20:82:0F:79:64:81:AC:0E:96:37:C9:62:41:45:97:B1:FE:22:7C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IIIPeWSBrA6WN8liQUWXsf4ifCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b98b9f-b581-4e3e-ae8a-987d869566f6/1/gvthCNIXZpaMb2ZutbDvX6DCkBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b98b9f-b581-4e3e-ae8a-987d869566f6/1/IIIPeWSBrA6WN8liQUWXsf4ifCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.11.94.0/23
IPv6:
2a0c:9680:2::/47
Signature Algorithm: sha256WithRSAEncryption
55:c4:77:d4:2c:99:84:d7:79:f5:49:f9:17:b0:b5:bc:58:eb:
de:e9:0f:63:dc:a1:97:f8:1a:36:e1:5a:df:ac:1b:b3:e5:15:
6c:f1:b9:c4:1b:fa:dc:54:21:d1:9a:83:c2:36:36:ac:7e:79:
8c:db:96:2e:06:af:f1:45:9f:1b:f4:3a:3a:6a:45:53:f2:00:
42:5f:4f:35:2b:22:32:92:66:63:70:16:b5:19:d1:ab:1a:40:
fd:5c:0f:41:5a:63:ed:bb:92:1f:5b:b0:c5:ee:dd:7b:39:14:
09:f2:87:95:39:e0:ac:28:81:88:cd:42:26:1f:b7:a1:a7:6c:
17:f9:c8:0b:01:01:5c:49:69:01:83:91:8a:c8:2c:27:d9:6a:
85:b1:2d:7a:7b:1d:fa:80:e9:3a:06:79:5b:9a:2c:d7:86:5b:
a4:e2:14:68:96:57:f5:a2:b1:bd:4f:ec:72:55:3b:54:d6:e5:
77:b6:e7:65:8f:36:c6:53:3e:5e:a2:ca:f2:dd:57:f8:92:73:
48:d6:bc:53:4e:f5:1d:75:11:74:bf:b1:77:6c:c0:6b:fc:ce:
82:3d:26:64:90:ff:a0:d8:e3:8b:23:80:a3:2f:d7:ae:86:55:
39:4d:8d:6a:41:eb:78:84:58:71:11:53:35:72:55:ce:0a:28:
09:b7:cf:4b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZzYfip7goB+fLdfq4Ulex+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwODIwZjc5NjQ4MWFjMGU5NjM3Yzk2MjQxNDU5N2IxZmUy
MjdjMjQwHhcNMjYwMzEwMTYwNDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmZiNjEwOGQyMTc2Njk2OGM2ZjY2NmViNWIwZWY1ZmEwYzI5MDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kzkdRvjaqVPaTowNM97BF2B4SD7
xcQP+h5u3THqJ/Nb1Imd8buqwrXOwmgTQrcJP3nxwKaif123TiL7d30CkZvSjQtP
XNNzBKso/iOtj4naVSnbuG6MnAyInD3WXJWzCP9xi4dV++UZCtcth24pykM4/n0q
g0rTyU+X5/QqrSF1uBWmw4c0C2MHR7Z4KtHKwvNm9C7NQZFtg7/7TZoQZyF8Puk8
O+uplhjlgy/vDB3b+wLu5Y0cPTCVU6f41Z0qrx9r3j5qC5fzUWUKfWm0vQfphE7I
eXJv03yNP5O3AqZnMX94Irl4Wok18kmAzNWKS8p0Nh1znNJDy1f57RAu6wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIL7YQjSF2aWjG9mbrWw71+gwpAZMB8GA1UdIwQY
MBaAFCCCD3lkgawOljfJYkFFl7H+InwkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUlJUGVXU0JyQTZXTjhsaVFVV1hzZjRpZkNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9iOThiOWYtYjU4MS00ZTNlLWFlOGEt
OTg3ZDg2OTU2NmY2LzEvZ3Z0aENOSVhacGFNYjJadXRiRHZYNkRDa0JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9iOThiOWYtYjU4MS00ZTNlLWFlOGEtOTg3ZDg2OTU2NmY2
LzEvSUlJUGVXU0JyQTZXTjhsaVFVV1hzZjRpZkNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuQteMA8E
AgACMAkDBwEqDJaAAAIwDQYJKoZIhvcNAQELBQADggEBAFXEd9QsmYTXefVJ+Rew
tbxY697pD2PcoZf4GjbhWt+sG7PlFWzxucQb+txUIdGag8I2Nqx+eYzbli4Gr/FF
nxv0OjpqRVPyAEJfTzUrIjKSZmNwFrUZ0asaQP1cD0FaY+27kh9bsMXu3Xs5FAny
h5U54KwogYjNQiYft6GnbBf5yAsBAVxJaQGDkYrILCfZaoWxLXp7HfqA6ToGeVua
LNeGW6TiFGiWV/Wisb1P7HJVO1TW5Xe252WPNsZTPl6iyvLdV/iSc0jWvFNO9R11
EXS/sXdswGv8zoI9JmSQ/6DY44sjgKMv166GVTlNjWpB63iEWHERUzVyVc4KKAm3
z0s=
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:06:59 2026 by rpki-client