Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/2ef900-ef25-42a4-9edd-45e6cd6e320e/1/GA-VcXz1vXl1-W4ySsL5yRbRR90.roa
File: GA-VcXz1vXl1-W4ySsL5yRbRR90.roa (raw, json)
Hash identifier: sabt7kSP6Ub+Pf7PD1DhCfJjvsVteYy09jKtBPh49Ec=
Subject key identifier: 18:0F:95:71:7C:F5:BD:79:75:F9:6E:32:4A:C2:F9:C9:16:D1:47:DD
Certificate issuer: /CN=b07a65a204e3c799fb183b9ebe47362fa7cfe8c4
Certificate serial: 019E02BE74F03B56EB4DC5C3EC709FE1D7EC
Authority key identifier: B0:7A:65:A2:04:E3:C7:99:FB:18:3B:9E:BE:47:36:2F:A7:CF:E8:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sHplogTjx5n7GDuevkc2L6fP6MQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/2ef900-ef25-42a4-9edd-45e6cd6e320e/1/GA-VcXz1vXl1-W4ySsL5yRbRR90.roa
Signing time: Thu 07 May 2026 14:01:36 +0000
ROA not before: Thu 07 May 2026 14:01:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12859
IP address blocks: 46.247.36.0/23 maxlen: 24
185.57.96.0/22 maxlen: 24
2a05:bcc0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/2ef900-ef25-42a4-9edd-45e6cd6e320e/1/sHplogTjx5n7GDuevkc2L6fP6MQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/2ef900-ef25-42a4-9edd-45e6cd6e320e/1/sHplogTjx5n7GDuevkc2L6fP6MQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/sHplogTjx5n7GDuevkc2L6fP6MQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 11:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:02:be:74:f0:3b:56:eb:4d:c5:c3:ec:70:9f:e1:d7:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b07a65a204e3c799fb183b9ebe47362fa7cfe8c4
Validity
Not Before: May 7 14:01:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=180f95717cf5bd7975f96e324ac2f9c916d147dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:34:9f:6a:be:26:fa:a2:fa:47:3f:15:a7:73:
bf:82:42:e1:b3:48:c7:72:e2:1c:02:05:d5:b0:4f:
6b:4d:ec:fa:81:cb:53:2c:43:66:8b:91:7a:c0:ee:
75:16:23:fd:3c:02:c1:6b:4b:a8:57:06:63:89:84:
63:77:15:77:5e:32:fb:0e:62:3c:0f:30:ac:6e:55:
f4:a3:43:7d:af:65:ba:5f:45:31:e8:5b:12:f3:57:
b6:79:04:9f:e1:1f:86:0e:b9:d8:8f:29:11:db:97:
91:9d:1e:52:8b:fd:3d:53:e1:dc:e7:28:0b:f2:c2:
5f:f3:1d:54:26:08:99:3c:af:55:ef:92:27:d5:51:
fe:87:10:77:cf:04:ac:11:59:ac:f4:57:88:da:d3:
0a:82:b0:60:8d:9b:db:e3:d2:52:f9:ae:ba:64:66:
f5:01:50:7b:f2:f4:fd:bc:39:5c:60:c4:c3:b3:9a:
9e:27:f7:73:a1:39:50:3b:db:69:df:be:d8:5c:16:
e5:35:2a:a1:94:f7:22:8f:a7:6d:70:a5:2e:ec:07:
a8:9d:19:67:b6:e9:3b:9e:43:db:bf:17:13:0e:72:
49:d5:95:9d:67:fa:eb:46:b7:5b:d5:e8:d0:08:71:
1a:f1:2a:b1:37:be:3e:72:d3:27:c3:7b:9e:8d:8b:
4d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:0F:95:71:7C:F5:BD:79:75:F9:6E:32:4A:C2:F9:C9:16:D1:47:DD
X509v3 Authority Key Identifier:
keyid:B0:7A:65:A2:04:E3:C7:99:FB:18:3B:9E:BE:47:36:2F:A7:CF:E8:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sHplogTjx5n7GDuevkc2L6fP6MQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/2ef900-ef25-42a4-9edd-45e6cd6e320e/1/GA-VcXz1vXl1-W4ySsL5yRbRR90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/2ef900-ef25-42a4-9edd-45e6cd6e320e/1/sHplogTjx5n7GDuevkc2L6fP6MQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.247.36.0/23
185.57.96.0/22
IPv6:
2a05:bcc0::/29
Signature Algorithm: sha256WithRSAEncryption
5c:5a:6a:bd:4c:84:dd:d4:77:3a:7b:c3:ed:ee:01:03:88:60:
83:21:97:e8:47:7d:ac:92:33:db:26:2f:79:d7:d7:b9:12:de:
9a:b4:4e:db:a6:44:12:68:a0:bb:b7:6e:e3:80:92:78:e7:61:
f3:2c:0a:ca:4f:c1:d4:76:02:6b:74:ae:eb:a2:52:30:db:91:
b1:ac:4e:ef:db:f0:39:76:24:3f:6e:ed:b8:43:85:1c:da:31:
b4:1a:89:6d:bb:f0:cf:b8:c9:ba:8a:b7:2f:48:b8:4c:05:b1:
fd:dc:ce:dd:78:16:e4:c9:7b:78:6f:16:2f:3f:1f:78:1b:1f:
d0:f0:b5:da:cc:65:dd:10:a5:2b:c3:54:f6:8f:7f:8b:d8:56:
0d:95:62:82:ee:e5:be:7a:f3:0f:f0:c3:c8:7a:ea:02:81:be:
23:19:15:ce:77:a1:7d:51:28:bb:9b:7f:a1:1e:48:fe:23:b4:
11:39:d1:1e:2e:d9:b6:b6:b6:c2:ae:bd:79:a1:4a:b8:e8:55:
12:e3:85:a1:f2:95:b2:a1:8c:41:20:42:08:2d:3b:43:f2:43:
39:ac:8f:80:7e:46:34:2d:ad:89:17:a4:85:4f:6b:61:92:69:
07:83:65:4c:06:22:44:9e:3c:5b:67:e5:d5:37:a4:52:49:6b:
3b:05:88:25
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ4CvnTwO1brTcXD7HCf4dfsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwN2E2NWEyMDRlM2M3OTlmYjE4M2I5ZWJlNDczNjJmYTdj
ZmU4YzQwHhcNMjYwNTA3MTQwMTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODBmOTU3MTdjZjViZDc5NzVmOTZlMzI0YWMyZjljOTE2ZDE0N2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzSfar4m+qL6Rz8Vp3O/gkLhs0jH
cuIcAgXVsE9rTez6gctTLENmi5F6wO51FiP9PALBa0uoVwZjiYRjdxV3XjL7DmI8
DzCsblX0o0N9r2W6X0Ux6FsS81e2eQSf4R+GDrnYjykR25eRnR5Si/09U+Hc5ygL
8sJf8x1UJgiZPK9V75In1VH+hxB3zwSsEVms9FeI2tMKgrBgjZvb49JS+a66ZGb1
AVB78vT9vDlcYMTDs5qeJ/dzoTlQO9tp377YXBblNSqhlPcij6dtcKUu7AeonRln
tuk7nkPbvxcTDnJJ1ZWdZ/rrRrdb1ejQCHEa8SqxN74+ctMnw3uejYtNdQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBgPlXF89b15dfluMkrC+ckW0UfdMB8GA1UdIwQY
MBaAFLB6ZaIE48eZ+xg7nr5HNi+nz+jEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0hwbG9nVGp4NW43R0R1ZXZrYzJMNmZQNk1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8yZWY5MDAtZWYyNS00MmE0LTllZGQt
NDVlNmNkNmUzMjBlLzEvR0EtVmNYejF2WGwxLVc0eVNzTDV5UmJSUjkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8yZWY5MDAtZWYyNS00MmE0LTllZGQtNDVlNmNkNmUzMjBl
LzEvc0hwbG9nVGp4NW43R0R1ZXZrYzJMNmZQNk1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBLvckAwQC
uTlgMA0EAgACMAcDBQMqBbzAMA0GCSqGSIb3DQEBCwUAA4IBAQBcWmq9TITd1Hc6
e8Pt7gEDiGCDIZfoR32skjPbJi9519e5Et6atE7bpkQSaKC7t27jgJJ452HzLArK
T8HUdgJrdK7rolIw25GxrE7v2/A5diQ/bu24Q4Uc2jG0Goltu/DPuMm6ircvSLhM
BbH93M7deBbkyXt4bxYvPx94Gx/Q8LXazGXdEKUrw1T2j3+L2FYNlWKC7uW+evMP
8MPIeuoCgb4jGRXOd6F9USi7m3+hHkj+I7QROdEeLtm2trbCrr15oUq46FUS44Wh
8pWyoYxBIEIILTtD8kM5rI+AfkY0La2JF6SFT2thkmkHg2VMBiJEnjxbZ+XVN6RS
SWs7BYgl
-----END CERTIFICATE-----
Generated at Tue May 12 21:38:57 2026 by rpki-client