Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/pGPZirCKZzbNWc11cAMZui5y53g.roa
File: pGPZirCKZzbNWc11cAMZui5y53g.roa (raw, json)
Hash identifier: x16id1SP+uWE4b9i/PFLiuYNReYseV++lthZDwFfk5U=
Subject key identifier: A4:63:D9:8A:B0:8A:67:36:CD:59:CD:75:70:03:19:BA:2E:72:E7:78
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 019C7B04EFD4A2A100A56F97B16D83D1D9A5
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/pGPZirCKZzbNWc11cAMZui5y53g.roa
Signing time: Fri 20 Feb 2026 12:27:26 +0000
ROA not before: Fri 20 Feb 2026 12:27:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213676
IP address blocks: 185.148.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7b:04:ef:d4:a2:a1:00:a5:6f:97:b1:6d:83:d1:d9:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Feb 20 12:27:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a463d98ab08a6736cd59cd75700319ba2e72e778
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f6:d9:8a:89:bd:9f:6c:c6:98:a0:c0:be:1f:
04:b3:60:0b:6e:0d:3b:64:e5:93:d1:80:38:b4:8d:
67:69:e9:16:52:64:02:cf:50:83:71:46:6d:d7:ee:
46:ce:e6:47:9c:d6:f7:0a:a3:a2:eb:ba:ff:34:1d:
9d:ad:20:13:cb:15:c6:45:6a:e4:13:c6:61:0d:45:
cf:27:cf:bc:8d:8b:06:f2:aa:ae:4c:5c:2b:5c:5d:
3b:b9:78:23:b4:ea:a6:d2:7c:1e:07:f6:10:30:dc:
14:fa:d3:8f:96:a1:aa:06:1e:ed:b1:0e:b6:4a:ce:
f4:d3:25:23:f2:88:23:25:7c:cf:1c:66:2e:42:21:
31:c4:c7:1b:e8:d0:ed:06:53:4e:76:77:9a:b9:f3:
28:18:8c:0f:7b:e3:ad:03:50:30:8d:b6:05:f5:b1:
42:78:29:ea:00:ac:11:b7:59:eb:36:93:ef:44:0f:
92:e9:c7:d7:b2:9f:b5:fd:8c:c8:67:dc:ee:2c:80:
87:84:6b:7c:38:7e:20:eb:57:20:7d:25:4b:01:7d:
61:ad:6f:73:48:d3:c6:31:4e:9b:d4:65:46:19:4b:
79:63:35:63:07:06:74:74:1b:d1:43:19:f6:b0:24:
44:75:ca:ee:b0:b4:f5:50:ed:df:11:eb:b4:00:e3:
f2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:63:D9:8A:B0:8A:67:36:CD:59:CD:75:70:03:19:BA:2E:72:E7:78
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/pGPZirCKZzbNWc11cAMZui5y53g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.242.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:53:92:a8:70:e9:5a:f9:9c:dd:19:cf:00:e1:63:10:f2:b2:
2f:a8:d2:ca:41:e7:c8:fd:a2:fe:fa:fb:8c:7a:d5:c0:23:94:
ef:d0:43:4a:b6:7b:de:e6:36:d4:1f:75:84:75:71:29:9a:92:
e7:fd:b2:1b:ae:83:26:d3:f8:49:96:7e:24:fb:ea:43:eb:28:
bc:78:b0:01:83:38:4d:f7:fd:75:1f:20:cd:5b:7e:f9:67:4c:
e0:ec:3d:ac:46:9a:9a:f7:09:2b:44:33:36:17:f0:4b:ad:6f:
b5:e1:bf:64:9e:31:aa:83:d3:5a:f1:2d:1f:ad:b5:ed:94:d3:
77:15:8f:69:f9:f0:80:74:8c:f7:53:d0:bb:bb:e6:7c:ae:ed:
8a:37:71:4b:1b:00:72:66:f7:aa:38:57:06:60:fd:9e:b6:17:
88:e9:b3:c2:fd:f4:c7:7e:16:44:04:89:60:c4:bd:4e:0a:6d:
f2:85:b9:5e:46:25:5f:a6:fe:81:a0:71:34:37:61:c5:f9:e9:
28:5f:87:2c:fc:90:cb:a7:eb:b7:f3:6a:81:23:54:e2:92:1b:
77:64:ea:65:4a:de:83:3b:fe:f3:bd:7c:16:08:70:6f:2b:8e:
90:a1:65:a8:d5:3f:38:ec:e6:89:2f:27:4a:64:91:97:d3:d6:
8a:2b:3d:63
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZx7BO/UoqEApW+XsW2D0dmlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjYwMjIwMTIyNzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDYzZDk4YWIwOGE2NzM2Y2Q1OWNkNzU3MDAzMTliYTJlNzJlNzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/bZiom9n2zGmKDAvh8Es2ALbg07
ZOWT0YA4tI1naekWUmQCz1CDcUZt1+5GzuZHnNb3CqOi67r/NB2drSATyxXGRWrk
E8ZhDUXPJ8+8jYsG8qquTFwrXF07uXgjtOqm0nweB/YQMNwU+tOPlqGqBh7tsQ62
Ss700yUj8ogjJXzPHGYuQiExxMcb6NDtBlNOdneaufMoGIwPe+OtA1AwjbYF9bFC
eCnqAKwRt1nrNpPvRA+S6cfXsp+1/YzIZ9zuLICHhGt8OH4g61cgfSVLAX1hrW9z
SNPGMU6b1GVGGUt5YzVjBwZ0dBvRQxn2sCREdcrusLT1UO3fEeu0AOPymwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKRj2Yqwimc2zVnNdXADGboucud4MB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvcEdQWmlyQ0taemJOV2MxMWNBTVp1aTV5NTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZTyMA0G
CSqGSIb3DQEBCwUAA4IBAQCOU5KocOla+ZzdGc8A4WMQ8rIvqNLKQefI/aL++vuM
etXAI5Tv0ENKtnve5jbUH3WEdXEpmpLn/bIbroMm0/hJln4k++pD6yi8eLABgzhN
9/11HyDNW375Z0zg7D2sRpqa9wkrRDM2F/BLrW+14b9knjGqg9Na8S0frbXtlNN3
FY9p+fCAdIz3U9C7u+Z8ru2KN3FLGwByZveqOFcGYP2etheI6bPC/fTHfhZEBIlg
xL1OCm3yhbleRiVfpv6BoHE0N2HF+ekoX4cs/JDLp+u382qBI1Tikht3ZOplSt6D
O/7zvXwWCHBvK46QoWWo1T847OaJLydKZJGX09aKKz1j
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:56:02 2026 by rpki-client