Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/GzoYbPuA6zt92uMBOAiHk0i8fMs.roa
File: GzoYbPuA6zt92uMBOAiHk0i8fMs.roa (raw, json)
Hash identifier: BhU8n2AYRLl+UcY3HBoFElDvFC16XHDPo9Q/sW3CcM0=
Subject key identifier: 1B:3A:18:6C:FB:80:EB:3B:7D:DA:E3:01:38:08:87:93:48:BC:7C:CB
Certificate issuer: /CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Certificate serial: 019C0DE00382ECD2A8BCBC88DD43430FFC77
Authority key identifier: 1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/GzoYbPuA6zt92uMBOAiHk0i8fMs.roa
Signing time: Fri 30 Jan 2026 07:48:30 +0000
ROA not before: Fri 30 Jan 2026 07:48:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213230
IP address blocks: 5.161.0.0/16 maxlen: 24
87.99.128.0/17 maxlen: 24
178.156.128.0/17 maxlen: 24
185.12.64.0/22 maxlen: 24
2a01:4ff::/40 maxlen: 48
2a01:4ff:ff01::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:0d:e0:03:82:ec:d2:a8:bc:bc:88:dd:43:43:0f:fc:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f46f57735a4e63dbef848ee0d9d199e215f8304
Validity
Not Before: Jan 30 07:48:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1b3a186cfb80eb3b7ddae3013808879348bc7ccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e6:fb:68:74:a9:bc:97:1e:8f:16:7d:fb:16:
f0:d8:a9:09:df:c4:a2:df:94:a4:78:a8:dd:55:65:
6e:96:00:46:f0:6e:bd:00:02:d9:83:a9:67:8a:c1:
6c:20:e8:1a:09:46:38:74:25:31:bc:12:e0:57:d2:
1b:34:d7:f3:f6:04:a7:c7:19:46:40:f1:a7:d7:3c:
19:c4:b7:50:f8:6b:9e:69:fe:e6:64:72:8f:71:b3:
78:2e:04:c9:67:d2:99:00:3b:06:18:ce:96:2d:e0:
49:93:02:3c:8d:75:91:b5:b9:2d:fa:57:01:04:92:
5a:38:d9:f7:46:97:cd:f7:38:d2:2a:19:9c:97:b3:
01:f1:02:95:8f:6c:ed:0e:fd:dc:27:99:a6:20:3a:
31:d9:d8:d4:c3:92:86:c8:ed:f9:bd:e6:db:0f:82:
89:d9:bd:29:3d:d7:cb:d6:5d:e8:70:54:a0:52:01:
8a:29:81:36:90:ef:ac:c8:ba:37:64:a0:11:c9:d7:
f2:b9:69:f4:97:04:f3:f1:cc:30:bd:69:38:9d:d8:
35:8a:de:f3:9d:2d:62:9c:81:d8:89:c4:22:12:d2:
e7:bf:f6:dc:29:86:2c:9e:a3:d7:3d:07:63:16:30:
9c:d9:a6:9f:1f:f9:3e:40:9c:78:de:50:a0:0d:5e:
50:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:3A:18:6C:FB:80:EB:3B:7D:DA:E3:01:38:08:87:93:48:BC:7C:CB
X509v3 Authority Key Identifier:
keyid:1F:46:F5:77:35:A4:E6:3D:BE:F8:48:EE:0D:9D:19:9E:21:5F:83:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/GzoYbPuA6zt92uMBOAiHk0i8fMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/107266-ab51-462b-9fc2-a7c9898eecbc/1/H0b1dzWk5j2--EjuDZ0ZniFfgwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.161.0.0/16
87.99.128.0/17
178.156.128.0/17
185.12.64.0/22
IPv6:
2a01:4ff::/40
2a01:4ff:ff01::/48
Signature Algorithm: sha256WithRSAEncryption
d1:43:8c:d3:11:9c:e6:b4:0a:a2:81:64:81:d4:03:7f:b2:b7:
74:6b:0a:26:47:2b:cf:60:63:94:01:bf:c9:cf:fa:30:23:7e:
0b:c7:15:d0:66:33:54:97:2f:09:7f:0e:78:ea:04:01:26:a4:
84:46:39:86:2b:83:63:6e:8b:ca:0a:5c:b1:63:fb:bf:75:62:
29:97:a6:e6:23:50:61:4c:02:c6:d7:76:6c:56:9d:18:58:c7:
7f:77:48:97:e0:9e:28:4b:d4:d4:58:b9:44:88:d0:d9:de:25:
1a:cd:39:f4:cc:f6:90:1b:43:4b:7c:33:04:98:aa:b6:56:3c:
bb:f4:b5:8e:22:b7:2f:37:0e:86:f0:8d:c4:d4:2d:1e:fc:0d:
d1:d8:74:53:31:f0:d9:cd:52:f9:82:e9:28:67:bd:f1:41:71:
d3:78:9d:bf:67:d9:6f:05:37:10:2c:24:d9:63:9d:c9:57:19:
a9:a2:00:de:65:c2:94:3c:3e:ee:56:26:5d:a7:7b:41:72:23:
4b:be:c4:22:1a:89:2c:f4:09:7e:7a:5f:ce:50:76:26:be:96:
8f:b9:7c:74:18:b4:91:81:ea:d8:67:ad:97:22:7a:b2:8e:bc:
96:00:26:7d:7f:37:0d:48:82:fc:46:49:1a:03:07:0a:94:c8:
9f:ff:1e:26
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZwN4AOC7NKovLyI3UNDD/x3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNDZmNTc3MzVhNGU2M2RiZWY4NDhlZTBkOWQxOTllMjE1
ZjgzMDQwHhcNMjYwMTMwMDc0ODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjNhMTg2Y2ZiODBlYjNiN2RkYWUzMDEzODA4ODc5MzQ4YmM3Y2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Ob7aHSpvJcejxZ9+xbw2KkJ38Si
35SkeKjdVWVulgBG8G69AALZg6lnisFsIOgaCUY4dCUxvBLgV9IbNNfz9gSnxxlG
QPGn1zwZxLdQ+Gueaf7mZHKPcbN4LgTJZ9KZADsGGM6WLeBJkwI8jXWRtbkt+lcB
BJJaONn3RpfN9zjSKhmcl7MB8QKVj2ztDv3cJ5mmIDox2djUw5KGyO35vebbD4KJ
2b0pPdfL1l3ocFSgUgGKKYE2kO+syLo3ZKARydfyuWn0lwTz8cwwvWk4ndg1it7z
nS1inIHYicQiEtLnv/bcKYYsnqPXPQdjFjCc2aafH/k+QJx43lCgDV5QDQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBs6GGz7gOs7fdrjATgIh5NIvHzLMB8GA1UdIwQY
MBaAFB9G9Xc1pOY9vvhI7g2dGZ4hX4MEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzIt
YTdjOTg5OGVlY2JjLzEvR3pvWWJQdUE2enQ5MnVNQk9BaUhrMGk4Zk1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8xMDcyNjYtYWI1MS00NjJiLTlmYzItYTdjOTg5OGVlY2Jj
LzEvSDBiMWR6V2s1ajItLUVqdURaMFpuaUZmZ3dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAdBAIAATAXAwMABaEDBAdX
Y4ADBAeynIADBAK5DEAwFwQCAAIwEQMGACoBBP8AAwcAKgEE//8BMA0GCSqGSIb3
DQEBCwUAA4IBAQDRQ4zTEZzmtAqigWSB1AN/srd0awomRyvPYGOUAb/Jz/owI34L
xxXQZjNUly8Jfw546gQBJqSERjmGK4NjbovKClyxY/u/dWIpl6bmI1BhTALG13Zs
Vp0YWMd/d0iX4J4oS9TUWLlEiNDZ3iUazTn0zPaQG0NLfDMEmKq2Vjy79LWOIrcv
Nw6G8I3E1C0e/A3R2HRTMfDZzVL5gukoZ73xQXHTeJ2/Z9lvBTcQLCTZY53JVxmp
ogDeZcKUPD7uViZdp3tBciNLvsQiGoks9Al+el/OUHYmvpaPuXx0GLSRgerYZ62X
InqyjryWACZ9fzcNSIL8RkkaAwcKlMif/x4m
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:04:28 2026 by rpki-client