Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8bc469-f7e3-40c4-afc8-e1d0fdd5bff5/1/GNmi18wQl4vtlo-9lVpDdUD44U8.roa
File: GNmi18wQl4vtlo-9lVpDdUD44U8.roa (raw, json)
Hash identifier: PX3LxFRdOujIRS22JaSLS22PgqGNSnD4VtofU70m2Ic=
Subject key identifier: 18:D9:A2:D7:CC:10:97:8B:ED:96:8F:BD:95:5A:43:75:40:F8:E1:4F
Certificate issuer: /CN=f47d03377cc108f4409126b9a0c201632421c64a
Certificate serial: 019D70B1E6346DEE8FDE0A9BD15EBEA18EF5
Authority key identifier: F4:7D:03:37:7C:C1:08:F4:40:91:26:B9:A0:C2:01:63:24:21:C6:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9H0DN3zBCPRAkSa5oMIBYyQhxko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8bc469-f7e3-40c4-afc8-e1d0fdd5bff5/1/GNmi18wQl4vtlo-9lVpDdUD44U8.roa
Signing time: Thu 09 Apr 2026 05:23:20 +0000
ROA not before: Thu 09 Apr 2026 05:23:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35107
IP address blocks: 87.247.136.0/24 maxlen: 24
87.247.137.0/24 maxlen: 24
87.247.138.0/24 maxlen: 24
87.247.139.0/24 maxlen: 24
89.124.12.0/22 maxlen: 22
95.133.140.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/8bc469-f7e3-40c4-afc8-e1d0fdd5bff5/1/9H0DN3zBCPRAkSa5oMIBYyQhxko.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/8bc469-f7e3-40c4-afc8-e1d0fdd5bff5/1/9H0DN3zBCPRAkSa5oMIBYyQhxko.mft
rsync://rpki.ripe.net/repository/DEFAULT/9H0DN3zBCPRAkSa5oMIBYyQhxko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:70:b1:e6:34:6d:ee:8f:de:0a:9b:d1:5e:be:a1:8e:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f47d03377cc108f4409126b9a0c201632421c64a
Validity
Not Before: Apr 9 05:23:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=18d9a2d7cc10978bed968fbd955a437540f8e14f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:af:7c:49:3f:07:d7:50:a5:ce:c7:c4:a4:41:
1f:ef:0b:a5:8c:f6:ec:c4:20:4f:d0:73:b7:f3:3a:
3b:97:95:f9:12:43:68:22:fc:5a:21:55:5d:0f:c1:
3b:33:19:54:db:a7:78:01:60:a3:fa:f9:e7:da:79:
9e:5a:d5:55:ba:a4:a7:55:97:61:8a:26:3a:e4:5e:
e5:c9:2c:7a:8a:b4:bb:83:29:46:ab:e5:17:73:bf:
96:e0:67:f1:ba:bb:f6:dc:86:be:e6:f1:88:9d:d0:
bd:66:44:21:d5:76:3b:8c:11:ca:03:97:56:97:a5:
0d:90:07:ec:55:15:7a:1b:ed:c0:5c:cb:16:2f:8c:
b3:4e:fe:4d:01:58:bf:b1:35:ff:ad:68:9e:c8:91:
b0:f6:d2:0f:a9:45:05:1f:cd:d8:ce:40:5b:e3:1d:
2f:00:10:72:1b:8d:13:a5:59:11:f0:31:4c:3f:cf:
95:2f:37:79:59:fe:91:46:03:a0:a8:92:b9:8a:0d:
b4:73:9f:e4:82:99:e2:91:98:03:74:64:f8:20:bf:
f8:3a:40:41:86:7d:98:53:5b:cb:b1:95:5e:d6:a5:
ab:c3:1a:d9:55:3a:d4:5d:37:f5:88:88:2e:f9:5c:
0f:cd:9f:3c:8d:12:89:20:94:15:96:b4:9c:72:ea:
c5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:D9:A2:D7:CC:10:97:8B:ED:96:8F:BD:95:5A:43:75:40:F8:E1:4F
X509v3 Authority Key Identifier:
keyid:F4:7D:03:37:7C:C1:08:F4:40:91:26:B9:A0:C2:01:63:24:21:C6:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9H0DN3zBCPRAkSa5oMIBYyQhxko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8bc469-f7e3-40c4-afc8-e1d0fdd5bff5/1/GNmi18wQl4vtlo-9lVpDdUD44U8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8bc469-f7e3-40c4-afc8-e1d0fdd5bff5/1/9H0DN3zBCPRAkSa5oMIBYyQhxko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.247.136.0/22
89.124.12.0/22
95.133.140.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:eb:a8:fe:7d:28:b1:4d:cc:1f:8b:37:5e:7b:7b:07:15:3b:
a2:36:1d:38:6f:3b:7a:90:e3:19:31:cd:f3:f4:21:48:c3:00:
3c:47:44:78:d6:27:d7:e1:44:f8:80:d8:86:1e:28:4f:d2:2b:
4b:5d:dd:f0:c0:7d:13:c2:39:89:a7:34:19:ab:86:3f:cc:9e:
34:54:72:dc:0a:75:04:d3:6c:f4:0c:d3:40:59:84:a2:0a:70:
84:46:15:23:27:69:59:4b:36:ad:de:53:85:54:24:3a:34:90:
b1:e8:8b:48:93:d3:66:24:3e:ae:20:37:e9:51:fc:7a:9a:d8:
72:13:36:8f:e6:af:8d:b3:a2:be:09:27:04:3f:3a:86:90:20:
c3:78:c2:eb:e6:06:64:31:0d:4c:29:32:f1:80:97:97:4e:53:
1b:5b:45:5b:94:54:65:6b:7b:81:be:21:4f:ba:10:85:b4:af:
72:da:5f:d1:e6:b5:d7:a3:9a:ce:dc:8d:9d:a8:4e:0e:3b:59:
5f:88:81:61:95:f5:d4:4d:60:92:95:d4:5c:77:22:5f:20:e1:
55:0c:06:a9:9b:4a:c0:bf:f9:31:bb:a3:b8:08:43:0b:74:6c:
3a:df:4e:81:e8:fa:27:be:d0:f9:5c:ce:54:1d:ec:0b:2d:6c:
47:fc:36:53
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ1wseY0be6P3gqb0V6+oY71MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0N2QwMzM3N2NjMTA4ZjQ0MDkxMjZiOWEwYzIwMTYzMjQy
MWM2NGEwHhcNMjYwNDA5MDUyMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGQ5YTJkN2NjMTA5NzhiZWQ5NjhmYmQ5NTVhNDM3NTQwZjhlMTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo698ST8H11ClzsfEpEEf7wuljPbs
xCBP0HO38zo7l5X5EkNoIvxaIVVdD8E7MxlU26d4AWCj+vnn2nmeWtVVuqSnVZdh
iiY65F7lySx6irS7gylGq+UXc7+W4Gfxurv23Ia+5vGIndC9ZkQh1XY7jBHKA5dW
l6UNkAfsVRV6G+3AXMsWL4yzTv5NAVi/sTX/rWieyJGw9tIPqUUFH83YzkBb4x0v
ABByG40TpVkR8DFMP8+VLzd5Wf6RRgOgqJK5ig20c5/kgpnikZgDdGT4IL/4OkBB
hn2YU1vLsZVe1qWrwxrZVTrUXTf1iIgu+VwPzZ88jRKJIJQVlrSccurFXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBjZotfMEJeL7ZaPvZVaQ3VA+OFPMB8GA1UdIwQY
MBaAFPR9Azd8wQj0QJEmuaDCAWMkIcZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUgwRE4zekJDUFJBa1NhNW9NSUJZeVFoeGtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84YmM0NjktZjdlMy00MGM0LWFmYzgt
ZTFkMGZkZDViZmY1LzEvR05taTE4d1FsNHZ0bG8tOWxWcERkVUQ0NFU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84YmM0NjktZjdlMy00MGM0LWFmYzgtZTFkMGZkZDViZmY1
LzEvOUgwRE4zekJDUFJBa1NhNW9NSUJZeVFoeGtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCV/eIAwQC
WXwMAwQCX4WMMA0GCSqGSIb3DQEBCwUAA4IBAQC466j+fSixTcwfizdee3sHFTui
Nh04bzt6kOMZMc3z9CFIwwA8R0R41ifX4UT4gNiGHihP0itLXd3wwH0TwjmJpzQZ
q4Y/zJ40VHLcCnUE02z0DNNAWYSiCnCERhUjJ2lZSzat3lOFVCQ6NJCx6ItIk9Nm
JD6uIDfpUfx6mthyEzaP5q+Ns6K+CScEPzqGkCDDeMLr5gZkMQ1MKTLxgJeXTlMb
W0VblFRla3uBviFPuhCFtK9y2l/R5rXXo5rO3I2dqE4OO1lfiIFhlfXUTWCSldRc
dyJfIOFVDAapm0rAv/kxu6O4CEMLdGw6306B6PonvtD5XM5UHewLLWxH/DZT
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:54:27 2026 by rpki-client