Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/bd0556-3f33-46de-9291-3b34420d90d2/1/gV3lWCZGEL7TywDCIp2kVK10Glc.roa
File: gV3lWCZGEL7TywDCIp2kVK10Glc.roa (raw, json)
Hash identifier: kcop4NfBtpHkYykeiA98ibh1BPUfzjJD5yzNWc+dbDg=
Subject key identifier: 81:5D:E5:58:26:46:10:BE:D3:CB:00:C2:22:9D:A4:54:AD:74:1A:57
Certificate issuer: /CN=29574576e9cea38ea3f6eeb26c8327528a0a1bff
Certificate serial: 019E2065185DD26FA44C44B36718E8F9A5FE
Authority key identifier: 29:57:45:76:E9:CE:A3:8E:A3:F6:EE:B2:6C:83:27:52:8A:0A:1B:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVdFdunOo46j9u6ybIMnUooKG_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/bd0556-3f33-46de-9291-3b34420d90d2/1/gV3lWCZGEL7TywDCIp2kVK10Glc.roa
Signing time: Wed 13 May 2026 08:12:36 +0000
ROA not before: Wed 13 May 2026 08:12:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44578
IP address blocks: 81.85.92.0/22 maxlen: 22
81.85.92.0/24 maxlen: 24
81.85.93.0/24 maxlen: 24
81.85.94.0/24 maxlen: 24
81.85.95.0/24 maxlen: 24
90.156.220.0/23 maxlen: 23
185.209.49.0/24 maxlen: 24
188.244.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/bd0556-3f33-46de-9291-3b34420d90d2/1/KVdFdunOo46j9u6ybIMnUooKG_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/bd0556-3f33-46de-9291-3b34420d90d2/1/KVdFdunOo46j9u6ybIMnUooKG_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KVdFdunOo46j9u6ybIMnUooKG_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:20:65:18:5d:d2:6f:a4:4c:44:b3:67:18:e8:f9:a5:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29574576e9cea38ea3f6eeb26c8327528a0a1bff
Validity
Not Before: May 13 08:12:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=815de558264610bed3cb00c2229da454ad741a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f3:f4:96:ab:dc:fd:7d:a5:36:ea:b4:ad:26:
7a:a9:04:22:7b:80:0a:92:27:d0:45:d3:47:06:1c:
0a:ee:23:db:1f:08:8b:21:4c:e8:e5:73:b0:72:04:
bc:6c:8b:03:e2:75:67:44:17:34:8e:e7:27:92:61:
c1:a6:28:14:ce:13:e4:d6:17:9a:2e:f0:e0:74:09:
a5:c7:af:34:9c:81:b6:09:02:7d:70:a2:0e:f6:c8:
c6:b0:6e:85:4c:2f:17:e7:85:6d:74:6a:bf:2f:97:
08:3f:c2:16:0b:8f:9d:32:86:0e:03:9a:18:b4:d6:
f7:fd:bb:b8:cf:87:53:78:ef:65:ff:b4:06:46:d5:
3e:0c:e2:f8:a6:73:35:f9:6f:21:63:43:a7:a6:6b:
f2:e3:ab:d5:cc:99:22:15:ad:cc:b2:bc:9e:67:b8:
9a:a8:fc:ce:0d:c0:78:1a:46:05:8e:79:cb:bb:ee:
5f:06:e5:6f:bc:1e:ec:5f:45:81:11:62:4b:0a:e3:
c1:7b:db:81:36:87:34:2d:bb:7e:ae:b4:97:61:bc:
3e:6a:eb:21:02:d4:5c:84:31:cf:58:1b:47:1d:4d:
34:3e:37:79:eb:97:c7:13:c7:b1:5b:a6:5f:4c:ee:
10:69:5c:7b:70:4f:6d:9a:78:47:4a:9b:34:f2:f1:
3b:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:5D:E5:58:26:46:10:BE:D3:CB:00:C2:22:9D:A4:54:AD:74:1A:57
X509v3 Authority Key Identifier:
keyid:29:57:45:76:E9:CE:A3:8E:A3:F6:EE:B2:6C:83:27:52:8A:0A:1B:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVdFdunOo46j9u6ybIMnUooKG_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bd0556-3f33-46de-9291-3b34420d90d2/1/gV3lWCZGEL7TywDCIp2kVK10Glc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/bd0556-3f33-46de-9291-3b34420d90d2/1/KVdFdunOo46j9u6ybIMnUooKG_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.85.92.0/22
90.156.220.0/23
185.209.49.0/24
188.244.112.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:c1:52:12:9f:23:31:aa:8b:13:40:88:7b:c3:4a:62:df:38:
e2:5b:38:bf:73:2d:14:cf:93:1a:3a:10:db:ad:fb:31:ed:1c:
13:f6:6f:8e:9b:59:a5:c2:e1:55:e4:7b:df:b3:fe:db:e8:ea:
4e:df:c8:00:3c:20:96:36:4c:4c:4a:e7:56:27:1f:5f:99:07:
9a:7e:3e:8d:b6:8b:3a:8d:be:72:35:74:f4:49:46:12:8d:6f:
f3:8f:f6:6f:48:e0:3c:85:c2:c6:bb:69:2c:59:9e:36:d4:83:
6d:bb:17:6a:f2:06:51:c0:92:11:03:e8:1c:4d:e2:8c:4a:a3:
7a:ea:6b:c1:40:a5:ea:c0:3d:98:c8:40:ae:8b:1d:f7:5a:f2:
58:f8:ee:f8:3e:f5:68:43:f1:7c:d8:d0:5b:d2:2c:26:bb:13:
8d:cc:4d:f1:50:f1:43:c2:96:e9:1d:f2:ce:09:53:0e:13:4d:
71:05:29:bd:b0:9c:e3:e1:fd:ed:c7:dc:aa:96:47:15:e1:8c:
7c:11:87:fc:1c:a4:99:2f:8f:45:00:89:5c:8f:c7:b0:36:35:
b0:49:87:81:83:68:a9:f2:bb:e3:0b:de:7c:5e:ad:3f:e0:2b:
2f:d5:46:61:fd:fc:23:48:cd:77:cc:b6:58:8a:dc:20:44:89:
a7:8a:a2:8c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ4gZRhd0m+kTESzZxjo+aX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NTc0NTc2ZTljZWEzOGVhM2Y2ZWViMjZjODMyNzUyOGEw
YTFiZmYwHhcNMjYwNTEzMDgxMjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTVkZTU1ODI2NDYxMGJlZDNjYjAwYzIyMjlkYTQ1NGFkNzQxYTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfP0lqvc/X2lNuq0rSZ6qQQie4AK
kifQRdNHBhwK7iPbHwiLIUzo5XOwcgS8bIsD4nVnRBc0jucnkmHBpigUzhPk1hea
LvDgdAmlx680nIG2CQJ9cKIO9sjGsG6FTC8X54VtdGq/L5cIP8IWC4+dMoYOA5oY
tNb3/bu4z4dTeO9l/7QGRtU+DOL4pnM1+W8hY0Onpmvy46vVzJkiFa3MsryeZ7ia
qPzODcB4GkYFjnnLu+5fBuVvvB7sX0WBEWJLCuPBe9uBNoc0Lbt+rrSXYbw+aush
AtRchDHPWBtHHU00Pjd565fHE8exW6ZfTO4QaVx7cE9tmnhHSps08vE7FQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIFd5VgmRhC+08sAwiKdpFStdBpXMB8GA1UdIwQY
MBaAFClXRXbpzqOOo/busmyDJ1KKChv/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1ZkRmR1bk9vNDZqOXU2eWJJTW5Vb29LR184LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iZDA1NTYtM2YzMy00NmRlLTkyOTEt
M2IzNDQyMGQ5MGQyLzEvZ1YzbFdDWkdFTDdUeXdEQ0lwMmtWSzEwR2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iZDA1NTYtM2YzMy00NmRlLTkyOTEtM2IzNDQyMGQ5MGQy
LzEvS1ZkRmR1bk9vNDZqOXU2eWJJTW5Vb29LR184LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCUVVcAwQB
WpzcAwQAudExAwQAvPRwMA0GCSqGSIb3DQEBCwUAA4IBAQBtwVISnyMxqosTQIh7
w0pi3zjiWzi/cy0Uz5MaOhDbrfsx7RwT9m+Om1mlwuFV5Hvfs/7b6OpO38gAPCCW
NkxMSudWJx9fmQeafj6Ntos6jb5yNXT0SUYSjW/zj/ZvSOA8hcLGu2ksWZ421INt
uxdq8gZRwJIRA+gcTeKMSqN66mvBQKXqwD2YyECuix33WvJY+O74PvVoQ/F82NBb
0iwmuxONzE3xUPFDwpbpHfLOCVMOE01xBSm9sJzj4f3tx9yqlkcV4Yx8EYf8HKSZ
L49FAIlcj8ewNjWwSYeBg2ip8rvjC958Xq0/4Csv1UZh/fwjSM13zLZYitwgRImn
iqKM
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:56:42 2026 by rpki-client