Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/GE_GF_dA2CBOv7-gUG1tB7WwKsE.roa
File: GE_GF_dA2CBOv7-gUG1tB7WwKsE.roa (raw, json)
Hash identifier: HOXYFTv8yCh3OC2aa0aVLIYRnSQvClNBSEVT+AwELDg=
Subject key identifier: 18:4F:C6:17:F7:40:D8:20:4E:BF:BF:A0:50:6D:6D:07:B5:B0:2A:C1
Certificate issuer: /CN=923a2b3dd7667275f09886df7da079f755ceed59
Certificate serial: 019EBFFA4972A51A83BDBAD26DDD4CF98951
Authority key identifier: 92:3A:2B:3D:D7:66:72:75:F0:98:86:DF:7D:A0:79:F7:55:CE:ED:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kjorPddmcnXwmIbffaB591XO7Vk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/GE_GF_dA2CBOv7-gUG1tB7WwKsE.roa
Signing time: Sat 13 Jun 2026 07:55:11 +0000
ROA not before: Sat 13 Jun 2026 07:55:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207143
IP address blocks: 185.101.156.0/22 maxlen: 22
185.101.156.0/24 maxlen: 24
185.101.157.0/24 maxlen: 24
185.101.158.0/24 maxlen: 24
185.101.159.0/24 maxlen: 24
185.229.88.0/24 maxlen: 24
185.229.89.0/24 maxlen: 24
185.229.90.0/24 maxlen: 24
185.229.91.0/24 maxlen: 24
193.203.253.0/24 maxlen: 24
204.174.100.0/24 maxlen: 24
213.254.165.0/24 maxlen: 24
2a11:8b81::/32 maxlen: 32
2a11:8b82::/32 maxlen: 32
2a11:8b83:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/kjorPddmcnXwmIbffaB591XO7Vk.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/kjorPddmcnXwmIbffaB591XO7Vk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kjorPddmcnXwmIbffaB591XO7Vk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 07:55:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bf:fa:49:72:a5:1a:83:bd:ba:d2:6d:dd:4c:f9:89:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=923a2b3dd7667275f09886df7da079f755ceed59
Validity
Not Before: Jun 13 07:55:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=184fc617f740d8204ebfbfa0506d6d07b5b02ac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:29:fb:60:57:80:02:7b:2e:66:20:43:ea:0a:
4d:a8:e1:f3:ed:0a:0b:e0:b0:9a:5a:c3:32:39:25:
49:e9:72:d5:36:9b:d7:72:d1:88:80:e4:74:1d:81:
cc:ec:f4:c1:b0:dd:9e:95:a7:d3:9f:37:3f:9b:d5:
73:a1:66:5e:8c:d8:2c:46:89:ff:d6:84:ea:dd:e7:
14:d3:23:b7:27:ee:8b:cb:43:4f:54:16:d1:c0:35:
4e:3b:72:eb:8f:cf:2f:c0:05:23:06:f9:50:58:b6:
2e:74:44:db:f3:8b:23:df:e9:f5:c7:13:fd:6e:5d:
71:b8:55:18:54:31:9a:bf:8c:c9:d1:8b:9e:97:5f:
78:b8:a9:3d:57:63:4f:a8:09:c1:21:12:6f:6a:28:
d2:67:01:ec:85:08:f1:6c:16:f0:8d:04:da:9e:61:
d3:65:09:a1:ae:51:6e:b5:09:ed:87:26:52:4a:e2:
0e:d7:9f:56:72:2c:ce:6d:9e:15:75:ce:43:3c:18:
9d:34:bf:8a:d4:84:5c:2e:ce:f5:a9:9e:8b:69:ed:
b6:50:e4:80:b4:3e:8a:ee:70:d2:f8:73:97:57:f7:
2b:25:e3:e8:4e:ae:37:4d:df:a9:da:bf:d7:df:6c:
62:27:f6:64:1a:a3:fb:87:83:09:ed:f6:c0:3b:d1:
7d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:4F:C6:17:F7:40:D8:20:4E:BF:BF:A0:50:6D:6D:07:B5:B0:2A:C1
X509v3 Authority Key Identifier:
keyid:92:3A:2B:3D:D7:66:72:75:F0:98:86:DF:7D:A0:79:F7:55:CE:ED:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjorPddmcnXwmIbffaB591XO7Vk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/GE_GF_dA2CBOv7-gUG1tB7WwKsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/kjorPddmcnXwmIbffaB591XO7Vk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.156.0/22
185.229.88.0/22
193.203.253.0/24
204.174.100.0/24
213.254.165.0/24
IPv6:
2a11:8b81::-2a11:8b82:ffff:ffff:ffff:ffff:ffff:ffff
2a11:8b83:1::/48
Signature Algorithm: sha256WithRSAEncryption
2d:cc:3a:db:31:47:21:f0:65:f7:29:00:dc:6e:b2:50:22:97:
b1:af:e5:ec:5c:81:f6:bd:9c:62:70:b2:55:50:03:92:55:e7:
a2:14:cf:c8:70:9f:bd:bf:61:b4:45:4f:a6:ed:5a:0f:7b:31:
24:f4:8c:90:8b:46:88:b4:27:7b:3b:2b:a5:dd:fb:da:9f:85:
6c:d9:03:1a:ff:6f:79:8b:d9:76:79:4a:90:aa:f2:36:80:98:
20:ad:dc:c0:b9:67:d7:0d:e0:4d:e5:ca:16:f1:9a:38:94:43:
d4:eb:3c:2f:6a:cf:26:3b:cb:2d:64:27:33:ff:11:0f:71:ee:
68:cb:62:93:12:8e:45:62:30:89:f0:0a:64:9c:ca:c4:11:d0:
6c:5d:98:d5:61:14:50:d4:3e:ae:07:9b:84:40:56:07:49:5a:
6d:73:f6:8b:57:e7:c8:7c:01:ea:5b:11:2b:28:5e:05:56:a0:
0d:9e:54:ef:c5:e6:a9:bb:13:dc:09:f0:27:7e:90:bb:f6:04:
ad:5b:38:9d:11:f4:87:d5:96:5b:ab:9b:7d:3a:a3:dd:9f:2d:
69:5d:c6:42:73:b5:d5:70:2b:7f:85:0d:e6:fd:fb:b7:3c:eb:
37:da:f2:68:5c:e4:ad:65:af:5e:f8:51:9d:42:75:15:88:f6:
34:e7:d2:08
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZ6/+klypRqDvbrSbd1M+YlRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyM2EyYjNkZDc2NjcyNzVmMDk4ODZkZjdkYTA3OWY3NTVj
ZWVkNTkwHhcNMjYwNjEzMDc1NTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODRmYzYxN2Y3NDBkODIwNGViZmJmYTA1MDZkNmQwN2I1YjAyYWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyn7YFeAAnsuZiBD6gpNqOHz7QoL
4LCaWsMyOSVJ6XLVNpvXctGIgOR0HYHM7PTBsN2elafTnzc/m9VzoWZejNgsRon/
1oTq3ecU0yO3J+6Ly0NPVBbRwDVOO3Lrj88vwAUjBvlQWLYudETb84sj3+n1xxP9
bl1xuFUYVDGav4zJ0Yuel194uKk9V2NPqAnBIRJvaijSZwHshQjxbBbwjQTanmHT
ZQmhrlFutQnthyZSSuIO159WcizObZ4Vdc5DPBidNL+K1IRcLs71qZ6Lae22UOSA
tD6K7nDS+HOXV/crJePoTq43Td+p2r/X32xiJ/ZkGqP7h4MJ7fbAO9F9RwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFBhPxhf3QNggTr+/oFBtbQe1sCrBMB8GA1UdIwQY
MBaAFJI6Kz3XZnJ18JiG332gefdVzu1ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2pvclBkZG1jblh3bUliZmZhQjU5MVhPN1ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iNzk2ZjQtMmU4OC00ZWFhLWEyNjkt
MjczOGJjYjQzZDZkLzEvR0VfR0ZfZEEyQ0JPdjctZ1VHMXRCN1d3S3NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iNzk2ZjQtMmU4OC00ZWFhLWEyNjktMjczOGJjYjQzZDZk
LzEva2pvclBkZG1jblh3bUliZmZhQjU5MVhPN1ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzAkBAIAATAeAwQCuWWcAwQC
ueVYAwQAwcv9AwQAzK5kAwQA1f6lMB8EAgACMBkwDgMFACoRi4EDBQAqEYuCAwcA
KhGLgwABMA0GCSqGSIb3DQEBCwUAA4IBAQAtzDrbMUch8GX3KQDcbrJQIpexr+Xs
XIH2vZxicLJVUAOSVeeiFM/IcJ+9v2G0RU+m7VoPezEk9IyQi0aItCd7Oyul3fva
n4Vs2QMa/295i9l2eUqQqvI2gJggrdzAuWfXDeBN5coW8Zo4lEPU6zwvas8mO8st
ZCcz/xEPce5oy2KTEo5FYjCJ8ApknMrEEdBsXZjVYRRQ1D6uB5uEQFYHSVptc/aL
V+fIfAHqWxErKF4FVqANnlTvxeapuxPcCfAnfpC79gStWzidEfSH1ZZbq5t9OqPd
ny1pXcZCc7XVcCt/hQ3m/fu3POs32vJoXOStZa9e+FGdQnUViPY059II
-----END CERTIFICATE-----
Generated at Sat Jun 13 17:03:58 2026 by rpki-client