Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/GXRw4awlHOVeZ-RIQgLB2fI86sc.roa
File: GXRw4awlHOVeZ-RIQgLB2fI86sc.roa (raw, json)
Hash identifier: 4NNynaKkbjIuQ83tWOqRlw9hlcGCOFdPuPBogC+Qg0M=
Subject key identifier: 19:74:70:E1:AC:25:1C:E5:5E:67:E4:48:42:02:C1:D9:F2:3C:EA:C7
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019C9031C6D248D589DABCEB9123309DB905
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/GXRw4awlHOVeZ-RIQgLB2fI86sc.roa
Signing time: Tue 24 Feb 2026 15:08:27 +0000
ROA not before: Tue 24 Feb 2026 15:08:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209207
IP address blocks: 193.233.75.0/24 maxlen: 24
193.233.82.0/24 maxlen: 24
193.233.126.0/24 maxlen: 24
193.233.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:90:31:c6:d2:48:d5:89:da:bc:eb:91:23:30:9d:b9:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Feb 24 15:08:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=197470e1ac251ce55e67e4484202c1d9f23ceac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:82:ed:ca:bb:11:b3:52:9e:05:c7:31:79:9c:
60:37:bc:3b:64:d7:53:43:1b:49:c1:f9:17:d9:f7:
de:6e:f2:15:f9:af:46:a7:a2:51:7f:d6:2b:8b:d0:
17:63:4d:f5:10:48:d9:1d:da:d3:e7:37:7b:b4:5f:
de:0a:3c:15:34:9f:b6:6a:0e:3d:2f:fa:55:5c:73:
a1:e7:ff:5c:00:df:23:d4:86:4a:4c:ee:4a:9e:39:
27:04:02:dc:59:f6:7b:f8:5e:1e:ae:df:ff:51:94:
dd:b4:5d:fb:69:c2:48:c9:0a:6f:f4:14:65:12:1b:
bb:00:43:53:60:ab:a7:98:78:97:05:a4:a6:19:15:
ae:f0:47:62:8c:ae:a5:90:8c:88:0f:44:35:d4:8e:
0f:73:98:d2:d0:03:03:2e:3d:a6:04:c9:f9:ce:5e:
c5:65:b6:9c:0d:16:15:ec:a6:23:ad:bf:b8:c6:41:
20:d5:46:63:95:9e:09:9b:c6:05:e4:ea:5b:41:c7:
c4:0b:b6:cf:44:35:fd:00:d9:6c:76:40:d3:ce:1d:
5d:5e:3e:c1:ed:dd:da:5f:93:42:51:39:a3:54:7c:
e4:47:2f:8e:b7:62:55:80:27:71:a4:85:06:82:d7:
32:3f:56:3e:2d:3c:28:d7:44:78:92:5b:59:e2:8a:
e3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:74:70:E1:AC:25:1C:E5:5E:67:E4:48:42:02:C1:D9:F2:3C:EA:C7
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/GXRw4awlHOVeZ-RIQgLB2fI86sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.75.0/24
193.233.82.0/24
193.233.126.0/24
193.233.198.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:69:01:85:c4:3c:1d:c5:35:a0:8d:8c:3a:6f:d7:c3:b3:e9:
4c:7d:5a:f0:71:a2:6d:27:15:d3:f8:ae:4f:f1:ad:31:2f:71:
db:ea:00:62:c1:2d:7f:f6:7f:39:87:eb:32:9b:26:7e:e0:cd:
cc:c4:cf:ea:de:03:18:1a:11:81:ca:5e:b3:b2:ca:0c:26:2b:
91:0f:83:92:b0:88:a8:86:62:a9:dc:07:9c:e6:2e:f3:ab:55:
a6:9d:e2:f3:52:e4:14:6d:3a:0d:38:3f:f1:2f:b8:0b:f9:8f:
61:27:77:3d:86:b7:99:91:5b:39:f3:26:ac:12:00:ec:ca:4b:
38:48:20:8e:6f:17:20:9c:63:0f:d1:85:ad:d7:2d:cc:37:5c:
d0:7f:11:60:00:d5:ba:fa:0a:cc:bc:eb:8f:5f:e2:23:7c:17:
85:fa:ec:93:ef:db:95:d6:09:06:a4:70:a7:24:16:ce:f5:fb:
bd:2c:d2:a2:02:cc:94:72:dc:57:91:7a:3e:8f:c6:62:0c:ee:
8e:36:0f:29:85:72:0e:89:8e:f8:7f:11:2d:8b:60:03:a0:99:
52:0c:f2:76:7a:d6:83:27:a1:6e:09:26:eb:42:e7:f6:c9:35:
1b:49:da:a5:3b:d3:f8:3b:32:68:e9:60:ec:4c:8e:c7:08:12:
44:86:13:bf
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZyQMcbSSNWJ2rzrkSMwnbkFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjYwMjI0MTUwODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTc0NzBlMWFjMjUxY2U1NWU2N2U0NDg0MjAyYzFkOWYyM2NlYWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ILtyrsRs1KeBccxeZxgN7w7ZNdT
QxtJwfkX2ffebvIV+a9Gp6JRf9Yri9AXY031EEjZHdrT5zd7tF/eCjwVNJ+2ag49
L/pVXHOh5/9cAN8j1IZKTO5KnjknBALcWfZ7+F4ert//UZTdtF37acJIyQpv9BRl
Ehu7AENTYKunmHiXBaSmGRWu8EdijK6lkIyID0Q11I4Pc5jS0AMDLj2mBMn5zl7F
ZbacDRYV7KYjrb+4xkEg1UZjlZ4Jm8YF5OpbQcfEC7bPRDX9ANlsdkDTzh1dXj7B
7d3aX5NCUTmjVHzkRy+Ot2JVgCdxpIUGgtcyP1Y+LTwo10R4kltZ4orj2wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBl0cOGsJRzlXmfkSEICwdnyPOrHMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvR1hSdzRhd2xIT1ZlWi1SSVFnTEIyZkk4NnNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwelLAwQA
welSAwQAwel+AwQAwenGMA0GCSqGSIb3DQEBCwUAA4IBAQA7aQGFxDwdxTWgjYw6
b9fDs+lMfVrwcaJtJxXT+K5P8a0xL3Hb6gBiwS1/9n85h+symyZ+4M3MxM/q3gMY
GhGByl6zssoMJiuRD4OSsIiohmKp3Aec5i7zq1WmneLzUuQUbToNOD/xL7gL+Y9h
J3c9hreZkVs58yasEgDsyks4SCCObxcgnGMP0YWt1y3MN1zQfxFgANW6+grMvOuP
X+IjfBeF+uyT79uV1gkGpHCnJBbO9fu9LNKiAsyUctxXkXo+j8ZiDO6ONg8phXIO
iY74fxEti2ADoJlSDPJ2etaDJ6FuCSbrQuf2yTUbSdqlO9P4OzJo6WDsTI7HCBJE
hhO/
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:19:35 2026 by rpki-client