Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/1-gPKYrkboHkA5jyn7VCFjqwwrd4.roa
File: 1-gPKYrkboHkA5jyn7VCFjqwwrd4.roa (raw, json)
Hash identifier: kidu4lOLKqvGV02gy25d0uI1CUme+b+dZBhX/K3RSeg=
Subject key identifier: FA:03:CA:62:B9:1B:A0:79:00:E6:3C:A7:ED:50:85:8E:AC:30:AD:DE
Certificate issuer: /CN=3bde2cd5215e93bfa0ca6df8b2c1f5ed2c94af74
Certificate serial: 019D9B81B0BB63593093E7E49EEFFA735688
Authority key identifier: 3B:DE:2C:D5:21:5E:93:BF:A0:CA:6D:F8:B2:C1:F5:ED:2C:94:AF:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O94s1SFek7-gym34ssH17SyUr3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/1-gPKYrkboHkA5jyn7VCFjqwwrd4.roa
Signing time: Fri 17 Apr 2026 12:54:21 +0000
ROA not before: Fri 17 Apr 2026 12:54:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 33915
IP address blocks: 80.112.128.0/18 maxlen: 18
80.112.128.0/19 maxlen: 19
80.112.160.0/19 maxlen: 19
80.114.128.0/18 maxlen: 18
80.114.128.0/19 maxlen: 19
80.114.160.0/19 maxlen: 19
80.115.224.0/19 maxlen: 19
80.115.224.0/20 maxlen: 20
80.115.240.0/20 maxlen: 20
80.242.224.0/19 maxlen: 19
80.242.224.0/20 maxlen: 20
80.242.240.0/20 maxlen: 20
91.221.96.0/23 maxlen: 23
185.130.174.0/23 maxlen: 23
195.35.128.0/17 maxlen: 17
195.35.128.0/18 maxlen: 18
195.35.192.0/18 maxlen: 18
195.85.128.0/18 maxlen: 18
195.85.128.0/19 maxlen: 19
195.85.160.0/19 maxlen: 19
212.178.64.0/18 maxlen: 18
212.178.64.0/19 maxlen: 19
212.178.96.0/19 maxlen: 19
212.178.128.0/19 maxlen: 19
212.178.128.0/20 maxlen: 20
212.178.144.0/20 maxlen: 20
212.178.192.0/19 maxlen: 19
212.178.192.0/20 maxlen: 20
212.178.208.0/20 maxlen: 20
212.203.0.0/19 maxlen: 19
212.203.0.0/20 maxlen: 20
212.203.16.0/20 maxlen: 20
213.34.64.0/19 maxlen: 19
213.34.64.0/20 maxlen: 20
213.34.80.0/20 maxlen: 20
213.34.160.0/19 maxlen: 19
213.34.160.0/20 maxlen: 20
213.34.176.0/20 maxlen: 20
213.124.0.0/17 maxlen: 17
213.124.0.0/18 maxlen: 18
213.124.64.0/18 maxlen: 18
213.124.128.0/19 maxlen: 19
213.124.128.0/20 maxlen: 20
213.124.144.0/20 maxlen: 20
213.125.0.0/16 maxlen: 16
213.125.0.0/17 maxlen: 17
213.125.128.0/17 maxlen: 17
213.126.0.0/17 maxlen: 17
213.126.0.0/18 maxlen: 18
213.126.64.0/18 maxlen: 18
213.132.160.0/19 maxlen: 19
213.132.160.0/20 maxlen: 20
213.132.176.0/20 maxlen: 20
217.100.0.0/16 maxlen: 16
217.100.0.0/17 maxlen: 17
217.100.128.0/17 maxlen: 17
217.102.224.0/21 maxlen: 21
217.102.224.0/22 maxlen: 22
217.102.228.0/22 maxlen: 22
217.105.192.0/19 maxlen: 19
217.105.192.0/20 maxlen: 20
217.105.208.0/20 maxlen: 20
2001:41f0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/O94s1SFek7-gym34ssH17SyUr3Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/O94s1SFek7-gym34ssH17SyUr3Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/O94s1SFek7-gym34ssH17SyUr3Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 21:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:81:b0:bb:63:59:30:93:e7:e4:9e:ef:fa:73:56:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bde2cd5215e93bfa0ca6df8b2c1f5ed2c94af74
Validity
Not Before: Apr 17 12:54:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fa03ca62b91ba07900e63ca7ed50858eac30adde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2d:1d:3e:1d:24:25:19:a2:56:90:64:49:bb:
63:76:97:eb:60:3d:49:d7:c9:7c:74:74:eb:e7:74:
4e:a0:b0:5a:15:db:4e:bb:f0:a5:17:b6:2a:23:7d:
69:68:2b:3d:40:d8:2e:71:9d:f0:e9:14:35:c8:7c:
7b:a7:93:e7:86:c6:9c:0e:49:fc:76:6b:80:c2:a5:
2b:3d:40:90:69:66:2e:09:ed:c5:78:e2:6e:be:9b:
c6:ba:f5:ff:6c:a1:a8:6d:9a:63:3f:54:09:9b:ce:
2a:40:b6:95:22:ba:10:85:ba:a0:d1:2d:01:41:d6:
76:9e:00:3c:f3:40:9d:a5:f1:34:fc:38:70:be:7b:
39:56:4b:c0:c0:ab:ad:23:28:d1:2b:98:9d:f4:c7:
32:65:58:b9:8c:0b:b1:10:ee:fd:3b:b4:5a:41:32:
ed:6e:1b:2c:85:6d:17:a3:82:68:e0:bc:b4:2b:b0:
dd:1f:27:9c:3f:70:11:01:2c:90:92:f4:c2:ea:77:
0c:fd:2c:48:3a:d0:a7:51:d3:3c:15:6a:c6:6a:d1:
1b:40:fb:1d:b6:08:15:b1:c2:6e:51:c0:f9:70:6b:
5e:b7:15:ac:40:b5:17:f1:65:88:c8:c6:46:95:cf:
34:85:cc:79:31:aa:05:b5:ae:3a:2a:3d:7f:b1:45:
11:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:03:CA:62:B9:1B:A0:79:00:E6:3C:A7:ED:50:85:8E:AC:30:AD:DE
X509v3 Authority Key Identifier:
keyid:3B:DE:2C:D5:21:5E:93:BF:A0:CA:6D:F8:B2:C1:F5:ED:2C:94:AF:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O94s1SFek7-gym34ssH17SyUr3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/1-gPKYrkboHkA5jyn7VCFjqwwrd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/O94s1SFek7-gym34ssH17SyUr3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.112.128.0/18
80.114.128.0/18
80.115.224.0/19
80.242.224.0/19
91.221.96.0/23
185.130.174.0/23
195.35.128.0/17
195.85.128.0/18
212.178.64.0-212.178.159.255
212.178.192.0/19
212.203.0.0/19
213.34.64.0/19
213.34.160.0/19
213.124.0.0-213.124.159.255
213.125.0.0-213.126.127.255
213.132.160.0/19
217.100.0.0/16
217.102.224.0/21
217.105.192.0/19
IPv6:
2001:41f0::/29
Signature Algorithm: sha256WithRSAEncryption
8a:57:54:c8:dc:68:9c:30:ac:35:93:aa:eb:db:2e:fe:2b:34:
c6:08:57:95:ac:cf:09:e2:7f:90:7d:81:37:88:c0:f4:3c:05:
cf:c8:e5:0b:f8:d4:5c:24:e5:01:4e:cf:cf:8f:92:e9:35:64:
78:81:4c:2e:6d:9b:9f:04:fe:cc:84:28:ce:e9:47:70:94:29:
a6:36:68:f5:e7:20:1c:3f:24:f6:7a:08:d8:22:8e:88:bb:b7:
42:bd:69:60:ba:35:e8:10:13:9e:dd:8f:09:80:15:9c:ab:e4:
68:66:43:b5:f6:01:09:4a:9c:be:32:c6:34:79:ba:d4:62:04:
25:08:97:b4:98:36:45:7b:6e:25:50:5f:e6:7f:73:fb:62:c5:
2d:33:3b:03:bf:f1:b4:53:56:04:17:5b:61:54:30:2a:de:a0:
51:dd:74:97:f3:d4:da:f3:a1:d1:4d:29:ca:8b:50:d4:15:e9:
13:79:f9:a0:a6:59:fe:80:a6:47:67:3b:42:73:41:1a:c7:bf:
dc:d9:cf:36:b5:f9:9d:fb:e5:68:77:94:4e:27:bd:ba:cb:83:
3c:59:21:48:b9:b6:bf:7e:3c:df:ea:bc:5a:0d:92:09:6b:4e:
38:ca:81:a0:43:06:c2:93:ed:98:5c:0f:f2:4e:ba:b8:a8:fa:
c2:00:fb:f4
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZ2bgbC7Y1kwk+fknu/6c1aIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZGUyY2Q1MjE1ZTkzYmZhMGNhNmRmOGIyYzFmNWVkMmM5
NGFmNzQwHhcNMjYwNDE3MTI1NDIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTAzY2E2MmI5MWJhMDc5MDBlNjNjYTdlZDUwODU4ZWFjMzBhZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAry0dPh0kJRmiVpBkSbtjdpfrYD1J
18l8dHTr53ROoLBaFdtOu/ClF7YqI31paCs9QNgucZ3w6RQ1yHx7p5PnhsacDkn8
dmuAwqUrPUCQaWYuCe3FeOJuvpvGuvX/bKGobZpjP1QJm84qQLaVIroQhbqg0S0B
QdZ2ngA880CdpfE0/Dhwvns5VkvAwKutIyjRK5id9McyZVi5jAuxEO79O7RaQTLt
bhsshW0Xo4Jo4Ly0K7DdHyecP3ARASyQkvTC6ncM/SxIOtCnUdM8FWrGatEbQPsd
tggVscJuUcD5cGtetxWsQLUX8WWIyMZGlc80hcx5MaoFta46Kj1/sUURrQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFPoDymK5G6B5AOY8p+1QhY6sMK3eMB8GA1UdIwQY
MBaAFDveLNUhXpO/oMpt+LLB9e0slK90MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzk0czFTRmVrNy1neW0zNHNzSDE3U3lVcjNRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jNTNhM2UtZjkwZC00NzQyLTg0ZmIt
ZGIzMTlhMzFiZGY3LzEvMS1nUEtZcmtib0hrQTVqeW43VkNGanF3d3JkNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWEvYzUzYTNlLWY5MGQtNDc0Mi04NGZiLWRiMzE5YTMxYmRm
Ny8xL085NHMxU0ZlazctZ3ltMzRzc0gxN1N5VXIzUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBswYIKwYBBQUHAQcBAf8EgaMwgaAwgY4EAgABMIGHAwQG
UHCAAwQGUHKAAwQFUHPgAwQFUPLgAwQBW91gAwQBuYKuAwQHwyOAAwQGw1WAMAwD
BAbUskADBAXUsoADBAXUssADBAXUywADBAXVIkADBAXVIqAwCwMDAtV8AwQF1XyA
MAsDAwDVfQMEB9V+AAMEBdWEoAMDANlkAwQD2WbgAwQF2WnAMA0EAgACMAcDBQMg
AUHwMA0GCSqGSIb3DQEBCwUAA4IBAQCKV1TI3GicMKw1k6rr2y7+KzTGCFeVrM8J
4n+QfYE3iMD0PAXPyOUL+NRcJOUBTs/Pj5LpNWR4gUwubZufBP7MhCjO6UdwlCmm
Nmj15yAcPyT2egjYIo6Iu7dCvWlgujXoEBOe3Y8JgBWcq+RoZkO19gEJSpy+MsY0
ebrUYgQlCJe0mDZFe24lUF/mf3P7YsUtMzsDv/G0U1YEF1thVDAq3qBR3XSX89Ta
86HRTSnKi1DUFekTefmgpln+gKZHZztCc0Eax7/c2c82tfmd++Vod5ROJ726y4M8
WSFIuba/fjzf6rxaDZIJa044yoGgQwbCk+2YXA/yTrq4qPrCAPv0
-----END CERTIFICATE-----
Generated at Sat Apr 18 06:24:16 2026 by rpki-client