Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/GKTkasDIKjmC4QqcFpt7uRaO0RY.roa
File: GKTkasDIKjmC4QqcFpt7uRaO0RY.roa (raw, json)
Hash identifier: wjJJuerYTMMPlh4KuRj+aGLGlVBlinpbBEJMdVrS0fM=
Subject key identifier: 18:A4:E4:6A:C0:C8:2A:39:82:E1:0A:9C:16:9B:7B:B9:16:8E:D1:16
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019D97780F1F1EE3B99068FA00E2A9E3BF39
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/GKTkasDIKjmC4QqcFpt7uRaO0RY.roa
Signing time: Thu 16 Apr 2026 18:05:20 +0000
ROA not before: Thu 16 Apr 2026 18:05:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 194.231.128.0/22 maxlen: 24
194.231.132.0/22 maxlen: 22
194.231.132.0/24 maxlen: 24
194.231.136.0/22 maxlen: 22
194.231.139.0/24 maxlen: 24
194.231.142.0/24 maxlen: 24
194.231.151.0/24 maxlen: 24
194.231.152.0/22 maxlen: 22
194.231.195.0/24 maxlen: 24
194.231.196.0/22 maxlen: 22
194.231.196.0/24 maxlen: 24
194.231.199.0/24 maxlen: 24
194.231.200.0/22 maxlen: 22
194.231.202.0/23 maxlen: 24
194.231.204.0/22 maxlen: 22
194.231.204.0/23 maxlen: 24
194.231.206.0/23 maxlen: 24
194.231.208.0/23 maxlen: 24
194.231.210.0/23 maxlen: 24
194.231.212.0/22 maxlen: 22
194.231.212.0/24 maxlen: 24
194.231.213.0/24 maxlen: 24
194.231.214.0/24 maxlen: 24
194.231.218.0/23 maxlen: 24
194.231.220.0/22 maxlen: 24
194.231.222.0/24 maxlen: 24
194.231.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 18:05:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:78:0f:1f:1e:e3:b9:90:68:fa:00:e2:a9:e3:bf:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Apr 16 18:05:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=18a4e46ac0c82a3982e10a9c169b7bb9168ed116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e2:78:35:6d:c5:37:64:1e:46:9b:6c:9e:7f:
5a:a7:42:d5:e2:62:ca:cb:ef:29:6f:22:e7:68:89:
01:7a:1d:9c:83:c1:2b:fd:1b:1f:f1:2b:c1:e5:88:
3b:ea:a0:c8:cb:f2:04:2c:95:80:be:04:74:17:7f:
9e:ea:5c:6f:5a:5d:45:42:9a:2f:81:4f:22:39:32:
a1:51:e3:74:f1:74:88:af:86:8b:da:69:3e:bc:16:
a6:02:4c:36:08:ed:47:44:2e:a5:04:7c:17:14:37:
e9:5d:a3:02:81:87:33:66:b4:1e:97:8e:76:a6:75:
c4:76:69:37:23:cc:1e:3f:65:eb:20:d8:4a:a9:97:
9f:3c:a2:fe:7b:83:e6:b2:00:31:7b:98:85:f7:c6:
85:b9:d6:3e:02:dd:e8:6e:c1:3b:02:d7:a3:4d:c9:
dc:90:49:4c:ba:16:29:68:7b:ed:67:90:96:78:d8:
c7:6e:90:f0:71:c8:14:5c:08:9b:41:ae:aa:3d:e2:
87:7e:6d:27:f5:3f:fe:45:49:11:ac:aa:dd:99:fd:
23:cb:11:c1:04:33:54:cf:eb:d0:aa:be:88:68:06:
69:1b:4f:dc:0b:9e:d9:05:54:71:81:eb:28:d8:02:
9e:e7:8d:83:2a:51:d4:86:f2:ac:e4:dc:09:80:09:
53:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:A4:E4:6A:C0:C8:2A:39:82:E1:0A:9C:16:9B:7B:B9:16:8E:D1:16
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/GKTkasDIKjmC4QqcFpt7uRaO0RY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.231.128.0-194.231.139.255
194.231.142.0/24
194.231.151.0-194.231.155.255
194.231.195.0-194.231.215.255
194.231.218.0-194.231.223.255
Signature Algorithm: sha256WithRSAEncryption
6b:15:7b:c3:97:44:70:07:a7:c2:3a:19:ce:55:b0:d5:3e:99:
d7:71:a1:ca:30:f3:e9:ed:a2:65:c9:cb:79:57:e1:64:9f:a8:
d7:bc:45:b3:89:65:07:8e:cc:a4:09:a2:ab:58:4e:97:7d:64:
84:86:4a:87:7e:0a:42:5f:76:91:a5:08:52:93:3b:32:c8:50:
17:85:25:4d:a3:df:61:97:a0:76:26:de:20:ef:2a:ac:34:75:
91:56:1c:66:f1:6c:3c:11:59:5b:c2:f2:14:2b:7e:ae:1e:5b:
1f:76:a8:e7:3f:4b:05:27:f6:5c:25:8d:50:34:6f:59:56:01:
ae:4c:cc:a3:a5:60:f2:fa:f7:5c:8d:14:bc:2f:17:47:61:15:
20:a6:fe:dc:05:3b:8a:e4:bb:e0:27:4a:c4:e5:44:ce:58:9e:
7c:ed:09:d2:be:c1:ee:0b:07:57:5b:a9:19:e6:b4:c7:57:ef:
20:87:06:c0:30:cc:31:17:c5:e0:45:d8:fd:38:7a:99:83:b5:
ef:c1:e9:20:79:e5:a8:97:78:f0:1e:44:3a:3c:1b:a4:57:3a:
65:2b:8d:f7:a1:a8:7e:80:48:cc:38:41:c5:d9:f9:36:27:0f:
4b:8d:1d:a2:51:54:1f:76:49:20:19:77:93:65:31:cc:c3:23:
e4:5b:fa:7e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZ2XeA8fHuO5kGj6AOKp4785MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjYwNDE2MTgwNTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGE0ZTQ2YWMwYzgyYTM5ODJlMTBhOWMxNjliN2JiOTE2OGVkMTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+J4NW3FN2QeRptsnn9ap0LV4mLK
y+8pbyLnaIkBeh2cg8Er/Rsf8SvB5Yg76qDIy/IELJWAvgR0F3+e6lxvWl1FQpov
gU8iOTKhUeN08XSIr4aL2mk+vBamAkw2CO1HRC6lBHwXFDfpXaMCgYczZrQel452
pnXEdmk3I8weP2XrINhKqZefPKL+e4PmsgAxe5iF98aFudY+At3obsE7AtejTcnc
kElMuhYpaHvtZ5CWeNjHbpDwccgUXAibQa6qPeKHfm0n9T/+RUkRrKrdmf0jyxHB
BDNUz+vQqr6IaAZpG0/cC57ZBVRxgeso2AKe542DKlHUhvKs5NwJgAlTvQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFBik5GrAyCo5guEKnBabe7kWjtEWMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvR0tUa2FzRElLam1DNFFxY0ZwdDd1UmFPMFJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBAfC54AD
BALC54gDBADC544wDAMEAMLnlwMEAsLnmDAMAwQAwufDAwQDwufQMAwDBAHC59oD
BAXC58AwDQYJKoZIhvcNAQELBQADggEBAGsVe8OXRHAHp8I6Gc5VsNU+mddxocow
8+ntomXJy3lX4WSfqNe8RbOJZQeOzKQJoqtYTpd9ZISGSod+CkJfdpGlCFKTOzLI
UBeFJU2j32GXoHYm3iDvKqw0dZFWHGbxbDwRWVvC8hQrfq4eWx92qOc/SwUn9lwl
jVA0b1lWAa5MzKOlYPL691yNFLwvF0dhFSCm/twFO4rku+AnSsTlRM5YnnztCdK+
we4LB1dbqRnmtMdX7yCHBsAwzDEXxeBF2P04epmDte/B6SB55aiXePAeRDo8G6RX
OmUrjfehqH6ASMw4QcXZ+TYnD0uNHaJRVB92SSAZd5NlMczDI+Rb+n4=
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:37:53 2026 by rpki-client