Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/Gmr6DvFecGNz7K0pxzX4Fgvg1Ek.roa
File: Gmr6DvFecGNz7K0pxzX4Fgvg1Ek.roa (raw, json)
Hash identifier: vp2rFqOY6nmUicsFoLP4/cfheUkk9r3+DgY732ObGfU=
Subject key identifier: 1A:6A:FA:0E:F1:5E:70:63:73:EC:AD:29:C7:35:F8:16:0B:E0:D4:49
Certificate issuer: /CN=1f00b0aa8924c377889e3d3b996093b87a73d0e1
Certificate serial: 019B7835438BA6ABCCA7F9EF986E104701DA
Authority key identifier: 1F:00:B0:AA:89:24:C3:77:88:9E:3D:3B:99:60:93:B8:7A:73:D0:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HwCwqokkw3eInj07mWCTuHpz0OE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/Gmr6DvFecGNz7K0pxzX4Fgvg1Ek.roa
Signing time: Thu 01 Jan 2026 06:18:35 +0000
ROA not before: Thu 01 Jan 2026 06:18:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50264
IP address blocks: 87.251.23.0/24 maxlen: 24
185.165.20.0/24 maxlen: 24
185.165.21.0/24 maxlen: 24
185.165.22.0/24 maxlen: 24
185.165.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/HwCwqokkw3eInj07mWCTuHpz0OE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/HwCwqokkw3eInj07mWCTuHpz0OE.mft
rsync://rpki.ripe.net/repository/DEFAULT/HwCwqokkw3eInj07mWCTuHpz0OE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:35:43:8b:a6:ab:cc:a7:f9:ef:98:6e:10:47:01:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f00b0aa8924c377889e3d3b996093b87a73d0e1
Validity
Not Before: Jan 1 06:18:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1a6afa0ef15e706373ecad29c735f8160be0d449
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a3:70:6d:bf:dc:dd:f2:7e:13:e2:ed:d7:d9:
7f:66:c4:ee:4c:fa:09:ee:70:cd:36:f1:cb:c0:23:
05:90:a4:11:36:69:48:18:13:9a:76:de:e5:45:26:
38:ec:12:4a:33:48:92:6e:4c:ab:7f:34:b3:38:cf:
eb:3d:e8:24:85:ef:a0:04:ad:96:90:42:88:3e:d4:
a5:71:42:36:06:91:ab:6e:72:53:af:6d:f2:28:69:
5b:e8:a8:79:93:66:66:6b:f6:f0:4c:09:fd:8a:69:
af:6d:5f:cd:17:67:ba:40:6a:f4:2d:55:75:45:cb:
bf:3a:03:74:55:4d:07:1d:27:2b:13:94:1b:54:5a:
0a:5b:65:ba:3f:85:a8:79:54:25:55:b4:28:fe:e6:
6b:80:2a:e3:c6:15:9d:74:0d:15:64:8a:d1:fb:6d:
fc:ec:3e:d7:91:e2:e4:4d:64:85:fa:0c:82:3b:58:
02:9b:32:f8:2f:81:85:df:de:40:d3:37:e5:eb:5f:
a5:bd:ce:bb:c3:1f:0d:d7:34:3b:46:ef:84:ff:36:
f3:89:51:a1:0e:c5:0d:11:80:5a:9c:7f:b2:fe:e5:
a6:25:ee:8a:99:7f:1e:e3:d2:23:b3:92:b8:8e:02:
40:e8:85:91:a9:f7:c3:a6:69:5b:18:71:d2:39:bd:
e4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:6A:FA:0E:F1:5E:70:63:73:EC:AD:29:C7:35:F8:16:0B:E0:D4:49
X509v3 Authority Key Identifier:
keyid:1F:00:B0:AA:89:24:C3:77:88:9E:3D:3B:99:60:93:B8:7A:73:D0:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HwCwqokkw3eInj07mWCTuHpz0OE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/Gmr6DvFecGNz7K0pxzX4Fgvg1Ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/5615ec-51c5-4a4d-b6f9-e407e6025a43/1/HwCwqokkw3eInj07mWCTuHpz0OE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.251.23.0/24
185.165.20.0/22
Signature Algorithm: sha256WithRSAEncryption
11:34:31:3e:a1:b8:35:78:57:8d:13:2c:02:df:d9:60:20:97:
df:aa:6f:73:f8:cb:29:b7:36:e6:39:34:60:4a:77:bb:a3:77:
6e:b5:fd:04:37:1f:53:51:06:a6:27:d1:b1:a2:3f:23:86:0e:
3d:dd:a5:3f:d1:2b:7c:b5:3a:b1:28:34:e3:c0:bb:11:d0:b1:
32:bc:c6:9e:9e:33:0f:24:26:07:de:86:e8:e1:b4:48:f0:60:
03:b3:ab:af:20:a0:6b:ce:b9:48:77:62:a3:a9:c6:bd:ed:2b:
3c:d5:1d:2a:7e:56:2f:98:eb:46:38:75:4d:38:9c:4b:3d:42:
98:71:c0:67:91:1e:14:8f:96:72:7a:31:55:2b:65:a6:22:b7:
7f:00:5b:01:76:2c:4e:a0:02:21:d8:e1:a6:0d:65:c7:a1:2f:
2e:b4:84:93:c9:30:bc:28:ab:8d:87:49:de:6a:3f:ae:2f:8f:
f2:2e:84:10:7c:fc:33:f9:e3:e9:61:37:8f:d9:48:44:de:81:
84:5c:40:b8:7a:00:e0:cf:8f:c1:30:f4:a4:19:59:24:76:d9:
39:21:88:bb:5b:8d:d9:43:cf:c9:4c:1f:e4:ce:40:1e:33:58:
a2:ed:67:40:b2:30:63:46:d1:18:70:27:a9:d0:2a:82:f7:5f:
8f:11:4d:e9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZt4NUOLpqvMp/nvmG4QRwHaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMDBiMGFhODkyNGMzNzc4ODllM2QzYjk5NjA5M2I4N2E3
M2QwZTEwHhcNMjYwMTAxMDYxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTZhZmEwZWYxNWU3MDYzNzNlY2FkMjljNzM1ZjgxNjBiZTBkNDQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6Nwbb/c3fJ+E+Lt19l/ZsTuTPoJ
7nDNNvHLwCMFkKQRNmlIGBOadt7lRSY47BJKM0iSbkyrfzSzOM/rPegkhe+gBK2W
kEKIPtSlcUI2BpGrbnJTr23yKGlb6Kh5k2Zma/bwTAn9immvbV/NF2e6QGr0LVV1
Rcu/OgN0VU0HHScrE5QbVFoKW2W6P4WoeVQlVbQo/uZrgCrjxhWddA0VZIrR+238
7D7XkeLkTWSF+gyCO1gCmzL4L4GF395A0zfl61+lvc67wx8N1zQ7Ru+E/zbziVGh
DsUNEYBanH+y/uWmJe6KmX8e49Ijs5K4jgJA6IWRqffDpmlbGHHSOb3k9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBpq+g7xXnBjc+ytKcc1+BYL4NRJMB8GA1UdIwQY
MBaAFB8AsKqJJMN3iJ49O5lgk7h6c9DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHdDd3Fva2t3M2VJbmowN21XQ1R1SHB6ME9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi81NjE1ZWMtNTFjNS00YTRkLWI2Zjkt
ZTQwN2U2MDI1YTQzLzEvR21yNkR2RmVjR056N0swcHh6WDRGZ3ZnMUVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi81NjE1ZWMtNTFjNS00YTRkLWI2ZjktZTQwN2U2MDI1YTQz
LzEvSHdDd3Fva2t3M2VJbmowN21XQ1R1SHB6ME9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV/sXAwQC
uaUUMA0GCSqGSIb3DQEBCwUAA4IBAQARNDE+obg1eFeNEywC39lgIJffqm9z+Msp
tzbmOTRgSne7o3dutf0ENx9TUQamJ9Gxoj8jhg493aU/0St8tTqxKDTjwLsR0LEy
vMaenjMPJCYH3obo4bRI8GADs6uvIKBrzrlId2Kjqca97Ss81R0qflYvmOtGOHVN
OJxLPUKYccBnkR4Uj5ZyejFVK2WmIrd/AFsBdixOoAIh2OGmDWXHoS8utISTyTC8
KKuNh0neaj+uL4/yLoQQfPwz+ePpYTeP2UhE3oGEXEC4egDgz4/BMPSkGVkkdtk5
IYi7W43ZQ8/JTB/kzkAeM1ii7WdAsjBjRtEYcCep0CqC91+PEU3p
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:52:29 2026 by rpki-client