Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/9493ee-7a05-41ef-bcf6-422022499aca/1/GPjTkixHgXgtIDNDsyb7i-Nlleo.roa
File: GPjTkixHgXgtIDNDsyb7i-Nlleo.roa (raw, json)
Hash identifier: 0MyLo6ZK/tC1RGqYqyZYKLVLfr7W+2VBizLdr/A1dio=
Subject key identifier: 18:F8:D3:92:2C:47:81:78:2D:20:33:43:B3:26:FB:8B:E3:65:95:EA
Certificate issuer: /CN=3bad7c91d81891a5947d7e14a6684912063a5dd9
Certificate serial: 019D655E82567097E17C1FFA7A0147F7849E
Authority key identifier: 3B:AD:7C:91:D8:18:91:A5:94:7D:7E:14:A6:68:49:12:06:3A:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O618kdgYkaWUfX4UpmhJEgY6Xdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/9493ee-7a05-41ef-bcf6-422022499aca/1/GPjTkixHgXgtIDNDsyb7i-Nlleo.roa
Signing time: Tue 07 Apr 2026 00:36:25 +0000
ROA not before: Tue 07 Apr 2026 00:36:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215674
IP address blocks: 66.179.29.0/24 maxlen: 24
68.67.113.0/24 maxlen: 24
74.209.175.0/24 maxlen: 24
198.52.247.0/24 maxlen: 24
199.120.230.0/24 maxlen: 24
206.209.210.0/24 maxlen: 24
208.88.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/9493ee-7a05-41ef-bcf6-422022499aca/1/O618kdgYkaWUfX4UpmhJEgY6Xdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/9493ee-7a05-41ef-bcf6-422022499aca/1/O618kdgYkaWUfX4UpmhJEgY6Xdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O618kdgYkaWUfX4UpmhJEgY6Xdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:65:5e:82:56:70:97:e1:7c:1f:fa:7a:01:47:f7:84:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bad7c91d81891a5947d7e14a6684912063a5dd9
Validity
Not Before: Apr 7 00:36:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=18f8d3922c4781782d203343b326fb8be36595ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a1:ed:91:ba:fc:1e:ac:89:d1:17:23:76:e4:
91:ba:77:32:ef:c6:10:9c:1b:08:a8:11:ef:5c:8a:
d9:9a:57:8e:5f:93:83:20:03:a6:76:54:7c:ba:ca:
95:eb:9d:20:82:17:34:1f:5e:3c:3b:fa:0f:b0:0b:
63:69:99:40:22:81:59:66:ef:b4:c1:c7:ad:c8:81:
ef:6d:fd:e0:46:9c:4f:ee:dc:c4:c2:cb:22:63:10:
16:bd:98:93:41:f5:76:80:29:9d:15:18:38:9d:f5:
d5:b4:7e:2f:54:3c:9c:2b:99:78:63:ef:68:86:ee:
44:8d:ae:82:9f:ad:e6:ed:07:aa:ff:bd:a5:5a:73:
12:e4:64:29:c6:ba:90:01:2b:97:16:ec:dc:ce:0d:
c1:54:16:92:4d:d8:b5:94:e5:a9:a7:f8:12:68:2c:
5d:2d:3c:af:9b:4f:ad:92:9a:a2:93:c2:48:62:af:
46:2f:32:c2:99:e3:4f:85:cb:96:31:52:7e:9e:4b:
42:10:08:d8:58:b2:96:ed:f8:c9:ea:13:27:3b:7c:
89:96:1c:1c:4d:4f:51:4f:9c:75:93:e1:88:c2:4e:
37:1f:1b:a3:fb:01:ce:39:ab:e9:33:9e:96:8d:f8:
47:c9:61:80:83:33:c0:63:2c:23:f5:49:93:8e:fa:
5c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:F8:D3:92:2C:47:81:78:2D:20:33:43:B3:26:FB:8B:E3:65:95:EA
X509v3 Authority Key Identifier:
keyid:3B:AD:7C:91:D8:18:91:A5:94:7D:7E:14:A6:68:49:12:06:3A:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O618kdgYkaWUfX4UpmhJEgY6Xdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9493ee-7a05-41ef-bcf6-422022499aca/1/GPjTkixHgXgtIDNDsyb7i-Nlleo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/9493ee-7a05-41ef-bcf6-422022499aca/1/O618kdgYkaWUfX4UpmhJEgY6Xdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.179.29.0/24
68.67.113.0/24
74.209.175.0/24
198.52.247.0/24
199.120.230.0/24
206.209.210.0/24
208.88.65.0/24
Signature Algorithm: sha256WithRSAEncryption
04:c1:61:1b:08:6c:56:41:28:fa:3d:75:4c:60:bc:15:c7:98:
14:99:61:69:7a:68:2a:6a:1e:5f:1b:15:8d:09:2d:72:88:b6:
ad:e8:74:1c:7f:78:c4:72:5c:b3:00:2e:52:91:6f:29:50:99:
74:6e:82:23:86:44:09:56:a7:f7:eb:ee:86:00:b9:f5:fa:8b:
5d:79:e2:36:be:0f:b3:2a:dd:9b:87:17:10:21:2e:31:d8:43:
c5:11:7f:48:ba:f2:00:86:e9:97:32:d7:73:a3:be:80:4b:ae:
b2:45:f5:9e:3d:76:24:00:08:29:1a:6e:7d:0f:3a:23:0c:07:
da:37:ae:10:43:11:e8:62:56:cc:fd:34:a4:78:df:93:25:46:
95:02:53:f2:84:2b:de:f1:2a:f0:56:f6:b1:f1:3a:eb:8f:d4:
ed:c5:1c:6f:12:8c:6e:ec:39:a1:0d:ad:86:26:89:64:f8:fa:
ae:e1:d8:64:d0:25:3b:fe:b7:b3:f4:38:8f:48:f1:18:ba:da:
73:99:44:c6:37:49:14:b8:60:17:d3:b3:bb:b5:3d:66:37:84:
13:cb:b3:f5:d8:9a:7d:2a:b8:fd:d8:92:48:43:f5:ee:2d:ae:
30:ae:15:50:c8:80:8b:4f:0b:59:0a:ca:54:b2:00:cf:ff:70:
02:ce:11:73
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ1lXoJWcJfhfB/6egFH94SeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYWQ3YzkxZDgxODkxYTU5NDdkN2UxNGE2Njg0OTEyMDYz
YTVkZDkwHhcNMjYwNDA3MDAzNjI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGY4ZDM5MjJjNDc4MTc4MmQyMDMzNDNiMzI2ZmI4YmUzNjU5NWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46Htkbr8HqyJ0RcjduSRuncy78YQ
nBsIqBHvXIrZmleOX5ODIAOmdlR8usqV650gghc0H148O/oPsAtjaZlAIoFZZu+0
wcetyIHvbf3gRpxP7tzEwssiYxAWvZiTQfV2gCmdFRg4nfXVtH4vVDycK5l4Y+9o
hu5Eja6Cn63m7Qeq/72lWnMS5GQpxrqQASuXFuzczg3BVBaSTdi1lOWpp/gSaCxd
LTyvm0+tkpqik8JIYq9GLzLCmeNPhcuWMVJ+nktCEAjYWLKW7fjJ6hMnO3yJlhwc
TU9RT5x1k+GIwk43Hxuj+wHOOavpM56WjfhHyWGAgzPAYywj9UmTjvpcOQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBj405IsR4F4LSAzQ7Mm+4vjZZXqMB8GA1UdIwQY
MBaAFDutfJHYGJGllH1+FKZoSRIGOl3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzYxOGtkZ1lrYVdVZlg0VXBtaEpFZ1k2WGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC85NDkzZWUtN2EwNS00MWVmLWJjZjYt
NDIyMDIyNDk5YWNhLzEvR1BqVGtpeEhnWGd0SURORHN5YjdpLU5sbGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC85NDkzZWUtN2EwNS00MWVmLWJjZjYtNDIyMDIyNDk5YWNh
LzEvTzYxOGtkZ1lrYVdVZlg0VXBtaEpFZ1k2WGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAQrMdAwQA
RENxAwQAStGvAwQAxjT3AwQAx3jmAwQAztHSAwQA0FhBMA0GCSqGSIb3DQEBCwUA
A4IBAQAEwWEbCGxWQSj6PXVMYLwVx5gUmWFpemgqah5fGxWNCS1yiLat6HQcf3jE
clyzAC5SkW8pUJl0boIjhkQJVqf36+6GALn1+otdeeI2vg+zKt2bhxcQIS4x2EPF
EX9IuvIAhumXMtdzo76AS66yRfWePXYkAAgpGm59DzojDAfaN64QQxHoYlbM/TSk
eN+TJUaVAlPyhCve8SrwVvax8Trrj9TtxRxvEoxu7DmhDa2GJolk+Pqu4dhk0CU7
/rez9DiPSPEYutpzmUTGN0kUuGAX07O7tT1mN4QTy7P12Jp9Krj92JJIQ/XuLa4w
rhVQyICLTwtZCspUsgDP/3ACzhFz
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:24:41 2026 by rpki-client