Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/655080-a488-4ebe-a471-288fcdf0cd0b/1/Gx6baosvhsyuunnM0M86NpVi0j4.roa
File: Gx6baosvhsyuunnM0M86NpVi0j4.roa (raw, json)
Hash identifier: K5GR2Z76x52/389cbUDZWRSkT2fniOaUKJncmjnTypo=
Subject key identifier: 1B:1E:9B:6A:8B:2F:86:CC:AE:BA:79:CC:D0:CF:3A:36:95:62:D2:3E
Certificate issuer: /CN=53324ea7bb9ed58d8d7b85d5d1cdc0fe43bce236
Certificate serial: 019B7C7F499A55656F7EBFD4D349CE684249
Authority key identifier: 53:32:4E:A7:BB:9E:D5:8D:8D:7B:85:D5:D1:CD:C0:FE:43:BC:E2:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UzJOp7ue1Y2Ne4XV0c3A_kO84jY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/655080-a488-4ebe-a471-288fcdf0cd0b/1/Gx6baosvhsyuunnM0M86NpVi0j4.roa
Signing time: Fri 02 Jan 2026 02:17:55 +0000
ROA not before: Fri 02 Jan 2026 02:17:55 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12571
IP address blocks: 45.128.100.0/22 maxlen: 22
212.76.192.0/19 maxlen: 19
212.76.208.0/24 maxlen: 24
2a00:1d48::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/655080-a488-4ebe-a471-288fcdf0cd0b/1/UzJOp7ue1Y2Ne4XV0c3A_kO84jY.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/655080-a488-4ebe-a471-288fcdf0cd0b/1/UzJOp7ue1Y2Ne4XV0c3A_kO84jY.mft
rsync://rpki.ripe.net/repository/DEFAULT/UzJOp7ue1Y2Ne4XV0c3A_kO84jY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 08:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:7f:49:9a:55:65:6f:7e:bf:d4:d3:49:ce:68:42:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53324ea7bb9ed58d8d7b85d5d1cdc0fe43bce236
Validity
Not Before: Jan 2 02:17:55 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1b1e9b6a8b2f86ccaeba79ccd0cf3a369562d23e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f7:ef:88:ba:95:7e:4b:8e:27:d4:b3:3f:89:
d5:30:00:89:74:45:f9:59:50:d6:02:6f:ab:80:54:
6b:b1:74:b9:60:d7:25:4c:71:89:a6:8a:fb:80:08:
57:1f:45:76:06:70:c1:dc:80:87:5f:c2:b3:e6:9b:
e7:38:bb:bf:ab:44:1d:d7:a1:b6:87:2d:7d:95:f2:
d8:9b:a0:bb:37:c9:bb:fd:4d:08:f3:38:28:c6:9f:
bb:b3:82:22:df:c0:54:67:ac:a8:e3:3a:be:58:dc:
fe:35:46:61:6f:31:3c:fe:8f:fe:b7:ac:90:c1:c3:
e4:80:e0:cf:a5:62:df:29:63:81:cf:f4:4f:a8:37:
15:da:12:c9:c2:c6:d8:19:c1:ae:2f:2c:b8:d5:70:
8d:14:df:34:c6:3d:53:0e:c5:b1:c5:bf:6c:fe:eb:
4b:d0:61:19:82:d8:33:69:fd:28:29:a5:b0:46:ce:
e4:99:21:90:ae:88:05:3f:53:8a:31:fa:44:a7:50:
70:3d:bd:ff:e1:10:75:e3:fa:68:f4:7b:b6:73:f7:
6e:05:7f:74:be:13:19:a3:b7:f0:01:1c:cb:b3:01:
2d:e8:c2:2c:8e:f3:24:4a:c0:01:94:d9:97:b4:77:
f1:83:a8:23:5a:7c:b3:62:9b:e8:c9:3e:a5:55:69:
40:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:1E:9B:6A:8B:2F:86:CC:AE:BA:79:CC:D0:CF:3A:36:95:62:D2:3E
X509v3 Authority Key Identifier:
keyid:53:32:4E:A7:BB:9E:D5:8D:8D:7B:85:D5:D1:CD:C0:FE:43:BC:E2:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UzJOp7ue1Y2Ne4XV0c3A_kO84jY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/655080-a488-4ebe-a471-288fcdf0cd0b/1/Gx6baosvhsyuunnM0M86NpVi0j4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/655080-a488-4ebe-a471-288fcdf0cd0b/1/UzJOp7ue1Y2Ne4XV0c3A_kO84jY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.100.0/22
212.76.192.0/19
IPv6:
2a00:1d48::/32
Signature Algorithm: sha256WithRSAEncryption
84:3e:d5:55:a2:da:89:64:ea:ef:96:a1:ce:12:a4:cc:6f:04:
a3:75:0d:1d:6b:72:ff:97:40:31:77:bf:a1:85:81:13:06:06:
9d:68:de:04:88:b4:e9:51:ce:d1:c8:3b:47:1d:a0:a1:91:16:
a7:a0:6a:2b:ac:82:8f:5a:83:4f:eb:91:11:fb:f5:e5:0d:ae:
02:39:0f:48:93:5f:a5:fe:a9:aa:03:2b:58:98:da:6e:32:01:
b0:3e:18:9b:fc:50:43:26:10:6e:b3:2f:2e:18:da:bb:3e:03:
be:5e:25:ab:fa:ad:43:61:cd:e0:13:c2:f8:71:aa:fa:da:55:
09:33:e4:c9:aa:53:1a:97:d1:fd:d3:85:3f:db:c8:ff:68:6f:
6c:86:94:e8:50:e9:bc:60:19:00:6a:79:e1:03:b0:c6:0a:33:
cc:79:80:6e:8d:a5:27:3f:2a:2c:ab:44:de:f3:84:42:ef:a2:
2a:04:71:b0:fd:40:e3:80:fc:78:a0:82:8f:fd:e5:97:d9:39:
0f:cc:53:4c:4e:10:17:c7:2b:99:38:c8:15:90:92:83:a4:ae:
21:c9:bf:d1:d7:99:ce:62:85:40:86:11:c0:14:e3:cb:dc:06:
95:43:46:7f:2b:7e:2c:ef:e3:5c:c8:3e:6c:bc:d3:ff:54:73:
95:dd:56:96
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZt8f0maVWVvfr/U00nOaEJJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMzI0ZWE3YmI5ZWQ1OGQ4ZDdiODVkNWQxY2RjMGZlNDNi
Y2UyMzYwHhcNMjYwMTAyMDIxNzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjFlOWI2YThiMmY4NmNjYWViYTc5Y2NkMGNmM2EzNjk1NjJkMjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PfviLqVfkuOJ9SzP4nVMACJdEX5
WVDWAm+rgFRrsXS5YNclTHGJpor7gAhXH0V2BnDB3ICHX8Kz5pvnOLu/q0Qd16G2
hy19lfLYm6C7N8m7/U0I8zgoxp+7s4Ii38BUZ6yo4zq+WNz+NUZhbzE8/o/+t6yQ
wcPkgODPpWLfKWOBz/RPqDcV2hLJwsbYGcGuLyy41XCNFN80xj1TDsWxxb9s/utL
0GEZgtgzaf0oKaWwRs7kmSGQrogFP1OKMfpEp1BwPb3/4RB14/po9Hu2c/duBX90
vhMZo7fwARzLswEt6MIsjvMkSsABlNmXtHfxg6gjWnyzYpvoyT6lVWlADQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBsem2qLL4bMrrp5zNDPOjaVYtI+MB8GA1UdIwQY
MBaAFFMyTqe7ntWNjXuF1dHNwP5DvOI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXpKT3A3dWUxWTJOZTRYVjBjM0Ffa084NGpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82NTUwODAtYTQ4OC00ZWJlLWE0NzEt
Mjg4ZmNkZjBjZDBiLzEvR3g2YmFvc3Zoc3l1dW5uTTBNODZOcFZpMGo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82NTUwODAtYTQ4OC00ZWJlLWE0NzEtMjg4ZmNkZjBjZDBi
LzEvVXpKT3A3dWUxWTJOZTRYVjBjM0Ffa084NGpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYBkAwQF
1EzAMA0EAgACMAcDBQAqAB1IMA0GCSqGSIb3DQEBCwUAA4IBAQCEPtVVotqJZOrv
lqHOEqTMbwSjdQ0da3L/l0Axd7+hhYETBgadaN4EiLTpUc7RyDtHHaChkRanoGor
rIKPWoNP65ER+/XlDa4COQ9Ik1+l/qmqAytYmNpuMgGwPhib/FBDJhBusy8uGNq7
PgO+XiWr+q1DYc3gE8L4car62lUJM+TJqlMal9H904U/28j/aG9shpToUOm8YBkA
annhA7DGCjPMeYBujaUnPyosq0Te84RC76IqBHGw/UDjgPx4oIKP/eWX2TkPzFNM
ThAXxyuZOMgVkJKDpK4hyb/R15nOYoVAhhHAFOPL3AaVQ0Z/K34s7+NcyD5svNP/
VHOV3VaW
-----END CERTIFICATE-----
Generated at Mon Mar 2 15:21:41 2026 by rpki-client