Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/GgQHQJcQ48OgIN24yQn_KmfBY4k.roa
File: GgQHQJcQ48OgIN24yQn_KmfBY4k.roa (raw, json)
Hash identifier: /RZqBAMB4vK3sdiMwpfnv83SVE0Xl2Og3iJl9lkkCUI=
Subject key identifier: 1A:04:07:40:97:10:E3:C3:A0:20:DD:B8:C9:09:FF:2A:67:C1:63:89
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019CA7CC43C08B529B98ED771F9207C59845
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/GgQHQJcQ48OgIN24yQn_KmfBY4k.roa
Signing time: Sun 01 Mar 2026 05:08:27 +0000
ROA not before: Sun 01 Mar 2026 05:08:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211066
IP address blocks: 5.83.134.0/24 maxlen: 24
5.175.140.0/24 maxlen: 24
5.175.161.0/24 maxlen: 24
5.175.165.0/24 maxlen: 24
5.175.192.0/24 maxlen: 24
5.175.221.0/24 maxlen: 24
85.93.31.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
89.106.73.0/24 maxlen: 24
89.106.75.0/24 maxlen: 24
89.106.82.0/24 maxlen: 24
89.106.86.0/24 maxlen: 24
89.144.3.0/24 maxlen: 24
89.144.22.0/24 maxlen: 24
94.249.243.0/24 maxlen: 24
94.249.244.0/24 maxlen: 24
94.249.246.0/24 maxlen: 24
94.249.249.0/24 maxlen: 24
95.215.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:a7:cc:43:c0:8b:52:9b:98:ed:77:1f:92:07:c5:98:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 1 05:08:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1a0407409710e3c3a020ddb8c909ff2a67c16389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a6:c0:f1:df:04:e1:e0:6f:cf:c5:b8:2f:09:
a4:22:d7:6f:e9:18:c6:1d:e7:cd:92:cb:94:8d:de:
47:f6:23:23:a5:aa:76:4e:de:3a:58:9e:79:df:2e:
28:34:46:ab:5c:4b:f8:4e:ce:d1:62:23:de:9f:b1:
f2:58:7d:cb:39:7c:f0:6c:d8:f1:fe:f4:5e:d8:d0:
bf:ad:66:d8:62:60:63:7f:d3:3f:7a:48:07:40:00:
f2:cb:2b:34:a9:b1:c6:27:f9:49:ec:30:fc:73:00:
c5:24:37:09:47:30:de:50:76:34:a5:8c:d8:9e:ea:
51:38:37:6d:84:10:20:29:05:a9:8f:91:7d:10:fb:
22:1a:f2:d8:04:fd:9a:40:90:91:8b:94:e4:86:b0:
50:b2:be:56:52:a5:59:47:81:8f:26:2e:ff:76:b2:
bb:92:ed:c2:c9:8f:81:51:b6:af:ce:68:d3:8f:2d:
8a:86:07:aa:91:0e:c4:99:cd:66:a3:ae:1d:72:75:
55:6e:2a:96:b9:db:b1:ff:6b:d0:9c:c5:8c:be:1b:
3c:0d:3d:56:da:71:9f:bf:f4:33:31:02:9c:c4:d6:
a2:53:27:fd:d4:fc:d2:c4:6e:8f:25:ee:78:96:1d:
69:37:9b:c6:23:9a:1f:24:04:0a:97:18:df:30:54:
e0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:04:07:40:97:10:E3:C3:A0:20:DD:B8:C9:09:FF:2A:67:C1:63:89
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/GgQHQJcQ48OgIN24yQn_KmfBY4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.134.0/24
5.175.140.0/24
5.175.161.0/24
5.175.165.0/24
5.175.192.0/24
5.175.221.0/24
85.93.31.0/24
87.239.131.0/24
89.106.73.0/24
89.106.75.0/24
89.106.82.0/24
89.106.86.0/24
89.144.3.0/24
89.144.22.0/24
94.249.243.0-94.249.244.255
94.249.246.0/24
94.249.249.0/24
95.215.32.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:48:d1:f3:c5:bd:f0:92:8b:6f:f6:50:aa:fb:b9:37:59:90:
1d:1a:c2:47:f3:f4:12:13:05:c9:3a:71:db:b9:a1:e7:ee:af:
43:82:61:25:9d:e6:b5:45:e9:24:32:39:d9:bb:b9:69:19:9b:
65:a3:f7:65:c2:1f:b2:1c:b8:49:19:b4:5f:78:17:fc:eb:c7:
80:4e:df:7a:9f:b8:bf:32:0c:12:a7:38:73:1a:49:b0:00:d0:
8c:ad:18:65:c4:87:93:2f:7a:53:b6:3e:20:2f:6e:59:99:23:
dd:85:a0:b8:84:8b:eb:91:e2:3c:56:f0:3f:ed:b1:2f:ef:6f:
c6:30:7e:61:b2:93:cd:fc:6d:24:36:9f:18:0a:08:68:85:e8:
91:34:07:59:65:08:59:ad:42:46:30:51:a2:e3:26:6c:51:a5:
da:6f:e0:6d:9e:64:04:72:21:43:73:cb:94:03:2c:2b:f6:40:
d0:a5:ac:2e:8c:58:b3:67:30:cf:02:81:d7:c6:97:de:e0:d4:
c9:92:12:6b:41:5c:4e:17:80:81:ba:73:15:92:e1:af:d3:b5:
81:52:26:a3:52:bb:e2:62:50:8e:6c:32:4f:60:63:c6:5d:ac:
1c:c3:a1:a2:ff:22:77:ef:ae:58:5a:ef:40:0c:bb:b4:d4:f1:
08:57:6b:dc
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZynzEPAi1KbmO13H5IHxZhFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwMzAxMDUwODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTA0MDc0MDk3MTBlM2MzYTAyMGRkYjhjOTA5ZmYyYTY3YzE2Mzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqbA8d8E4eBvz8W4LwmkItdv6RjG
HefNksuUjd5H9iMjpap2Tt46WJ553y4oNEarXEv4Ts7RYiPen7HyWH3LOXzwbNjx
/vRe2NC/rWbYYmBjf9M/ekgHQADyyys0qbHGJ/lJ7DD8cwDFJDcJRzDeUHY0pYzY
nupRODdthBAgKQWpj5F9EPsiGvLYBP2aQJCRi5TkhrBQsr5WUqVZR4GPJi7/drK7
ku3CyY+BUbavzmjTjy2KhgeqkQ7Emc1mo64dcnVVbiqWudux/2vQnMWMvhs8DT1W
2nGfv/QzMQKcxNaiUyf91PzSxG6PJe54lh1pN5vGI5ofJAQKlxjfMFTgMwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFBoEB0CXEOPDoCDduMkJ/ypnwWOJMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvR2dRSFFKY1E0OE9nSU4yNHlRbl9LbWZCWTRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAAVThgME
AAWvjAMEAAWvoQMEAAWvpQMEAAWvwAMEAAWv3QMEAFVdHwMEAFfvgwMEAFlqSQME
AFlqSwMEAFlqUgMEAFlqVgMEAFmQAwMEAFmQFjAMAwQAXvnzAwQAXvn0AwQAXvn2
AwQAXvn5AwQAX9cgMA0GCSqGSIb3DQEBCwUAA4IBAQB8SNHzxb3wkotv9lCq+7k3
WZAdGsJH8/QSEwXJOnHbuaHn7q9DgmElnea1RekkMjnZu7lpGZtlo/dlwh+yHLhJ
GbRfeBf868eATt96n7i/MgwSpzhzGkmwANCMrRhlxIeTL3pTtj4gL25ZmSPdhaC4
hIvrkeI8VvA/7bEv72/GMH5hspPN/G0kNp8YCghoheiRNAdZZQhZrUJGMFGi4yZs
UaXab+BtnmQEciFDc8uUAywr9kDQpawujFizZzDPAoHXxpfe4NTJkhJrQVxOF4CB
unMVkuGv07WBUiajUrviYlCObDJPYGPGXawcw6Gi/yJ3765YWu9ADLu01PEIV2vc
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:18:24 2026 by rpki-client