Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/gfPCqcXNvpS8HgWuJgB52NaZPCQ.roa
File: gfPCqcXNvpS8HgWuJgB52NaZPCQ.roa (raw, json)
Hash identifier: pIIARvhr/vcJOrkaSgBOcNLWrXGdKWCcrTuQbg2Kvuw=
Subject key identifier: 81:F3:C2:A9:C5:CD:BE:94:BC:1E:05:AE:26:00:79:D8:D6:99:3C:24
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019C9E1B2E074FE43D10CEFA28BFA5156397
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/gfPCqcXNvpS8HgWuJgB52NaZPCQ.roa
Signing time: Fri 27 Feb 2026 07:58:27 +0000
ROA not before: Fri 27 Feb 2026 07:58:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57043
IP address blocks: 2.57.242.0/24 maxlen: 24
2.57.243.0/24 maxlen: 24
45.88.15.0/24 maxlen: 24
45.135.182.0/24 maxlen: 24
77.81.101.0/24 maxlen: 24
79.110.227.0/24 maxlen: 24
85.204.18.0/24 maxlen: 24
89.35.119.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
89.37.185.0/24 maxlen: 24
89.39.120.0/24 maxlen: 24
89.40.70.0/24 maxlen: 24
89.125.0.0/24 maxlen: 24
89.125.1.0/24 maxlen: 24
89.125.2.0/24 maxlen: 24
89.125.3.0/24 maxlen: 24
89.125.51.0/24 maxlen: 24
89.125.53.0/24 maxlen: 24
89.125.54.0/24 maxlen: 24
89.125.56.0/24 maxlen: 24
89.125.60.0/24 maxlen: 24
89.125.61.0/24 maxlen: 24
89.125.63.0/24 maxlen: 24
89.125.68.0/24 maxlen: 24
89.125.73.0/24 maxlen: 24
89.125.92.0/24 maxlen: 24
89.125.95.0/24 maxlen: 24
89.125.98.0/24 maxlen: 24
89.125.122.0/24 maxlen: 24
89.125.123.0/24 maxlen: 24
89.125.130.0/24 maxlen: 24
89.125.131.0/24 maxlen: 24
89.125.152.0/24 maxlen: 24
89.125.159.0/24 maxlen: 24
89.125.181.0/24 maxlen: 24
89.125.210.0/24 maxlen: 24
94.177.13.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
94.177.145.0/24 maxlen: 24
103.56.84.0/24 maxlen: 24
103.73.35.0/24 maxlen: 24
167.17.40.0/24 maxlen: 24
167.17.176.0/24 maxlen: 24
167.17.177.0/24 maxlen: 24
167.17.178.0/24 maxlen: 24
167.17.180.0/24 maxlen: 24
167.17.182.0/24 maxlen: 24
185.212.119.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
188.213.0.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
193.124.36.0/24 maxlen: 24
193.124.225.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
202.71.12.0/24 maxlen: 24
202.71.13.0/24 maxlen: 24
202.71.15.0/24 maxlen: 24
204.77.1.0/24 maxlen: 24
206.245.129.0/24 maxlen: 24
206.245.131.0/24 maxlen: 24
206.245.133.0/24 maxlen: 24
206.245.134.0/24 maxlen: 24
206.245.135.0/24 maxlen: 24
206.245.157.0/24 maxlen: 24
206.245.159.0/24 maxlen: 24
208.123.185.0/24 maxlen: 24
208.123.190.0/24 maxlen: 24
208.123.191.0/24 maxlen: 24
212.192.0.0/24 maxlen: 24
212.192.8.0/24 maxlen: 24
212.192.11.0/24 maxlen: 24
212.192.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:1b:2e:07:4f:e4:3d:10:ce:fa:28:bf:a5:15:63:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Feb 27 07:58:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=81f3c2a9c5cdbe94bc1e05ae260079d8d6993c24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fc:ce:b4:98:2c:93:1e:0c:f6:34:ce:cf:20:
d0:f3:0d:44:d0:08:41:98:5c:3f:ae:3f:3c:e3:f8:
2d:dc:95:b8:ed:39:40:d6:5b:15:c7:17:47:ed:cd:
f3:45:39:46:ea:c5:3f:e1:11:4c:ba:4b:13:d0:2c:
bc:f3:07:dc:d4:9d:7f:21:53:96:8f:16:f7:3c:37:
99:aa:9c:ac:ef:af:12:6f:bb:a3:22:e2:67:2f:2d:
6d:75:8d:d3:a1:c5:4c:f4:14:29:fd:2a:76:9a:1b:
2c:62:b1:9b:8e:d4:78:d3:ac:b9:b4:77:c5:c4:69:
af:df:b8:94:f6:85:a7:39:b9:14:ba:5f:47:74:fc:
3e:85:3d:df:9d:dc:f4:a5:7c:3f:66:66:76:cb:ca:
d5:b0:52:b8:26:27:ed:a4:aa:43:b8:f5:cc:c6:af:
44:c8:e9:c6:6e:e7:f9:4e:28:cf:ce:0e:f4:ab:a9:
75:d2:93:80:8d:86:a7:a7:ad:e4:e3:d0:cf:7b:ba:
da:f5:e5:03:55:39:a1:cb:47:26:73:45:0b:a9:a8:
74:f0:48:a4:57:dd:d2:6d:6a:16:36:44:ab:ba:3c:
54:f7:83:be:26:03:1a:f1:8f:67:b7:78:00:8b:e0:
0d:ba:47:11:22:8a:5a:d8:7a:2a:47:26:bd:6c:ca:
5d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:F3:C2:A9:C5:CD:BE:94:BC:1E:05:AE:26:00:79:D8:D6:99:3C:24
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/gfPCqcXNvpS8HgWuJgB52NaZPCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.242.0/23
45.88.15.0/24
45.135.182.0/24
77.81.101.0/24
79.110.227.0/24
85.204.18.0/24
89.35.119.0/24
89.35.129.0/24
89.37.185.0/24
89.39.120.0/24
89.40.70.0/24
89.125.0.0/22
89.125.51.0/24
89.125.53.0-89.125.54.255
89.125.56.0/24
89.125.60.0/23
89.125.63.0/24
89.125.68.0/24
89.125.73.0/24
89.125.92.0/24
89.125.95.0/24
89.125.98.0/24
89.125.122.0/23
89.125.130.0/23
89.125.152.0/24
89.125.159.0/24
89.125.181.0/24
89.125.210.0/24
94.177.13.0/24
94.177.106.0/24
94.177.145.0/24
103.56.84.0/24
103.73.35.0/24
167.17.40.0/24
167.17.176.0-167.17.178.255
167.17.180.0/24
167.17.182.0/24
185.212.119.0/24
188.208.103.0/24
188.213.0.0/24
188.214.107.0/24
193.124.36.0/24
193.124.225.0/24
194.85.249.0/24
194.85.251.0/24
202.71.12.0/23
202.71.15.0/24
204.77.1.0/24
206.245.129.0/24
206.245.131.0/24
206.245.133.0-206.245.135.255
206.245.157.0/24
206.245.159.0/24
208.123.185.0/24
208.123.190.0/23
212.192.0.0/24
212.192.8.0/24
212.192.11.0/24
212.192.212.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:7e:86:db:9a:07:29:88:88:05:4d:02:ad:16:9a:81:5f:5e:
5d:ec:9b:18:9f:f9:3c:ef:0d:ce:4a:a8:41:9b:cb:b7:8d:31:
bd:42:34:87:fd:be:f8:58:04:b8:3a:4a:f1:7c:17:f2:fc:2b:
59:4f:a9:ba:35:5b:64:e5:70:1f:a4:bb:18:3a:fe:c0:77:63:
ba:8c:bd:96:33:7d:ba:d8:1d:44:b3:46:d8:f3:e3:3b:84:51:
f2:1b:1d:29:74:fa:e8:e6:21:49:46:d2:9b:77:5c:c6:24:7b:
ec:0b:2d:76:19:0f:bd:17:97:1b:60:d8:99:1d:6e:ab:22:ba:
75:94:85:8c:03:dd:c6:21:fa:df:4e:9b:82:ed:6e:f0:69:c0:
61:f3:4e:82:c8:aa:24:8e:06:bf:31:92:0f:b6:6d:08:3c:78:
ca:de:3e:4f:98:66:f0:c4:ca:3e:a2:6a:8a:76:43:4e:a6:01:
2d:2a:0b:9a:d0:cc:a3:dd:c2:ce:90:0f:c6:b6:89:1b:21:b0:
fc:fa:94:a2:af:ed:2c:ba:70:88:86:6f:b8:68:88:27:cb:f1:
fa:f6:d7:a2:e5:8e:74:25:59:ba:c9:46:9b:f5:12:36:f8:a1:
b0:ef:f4:b1:8e:af:80:a4:32:e6:db:c5:17:92:c1:02:fa:84:
4c:30:14:87
-----BEGIN CERTIFICATE-----
MIIGezCCBWOgAwIBAgISAZyeGy4HT+Q9EM76KL+lFWOXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwMjI3MDc1ODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWYzYzJhOWM1Y2RiZTk0YmMxZTA1YWUyNjAwNzlkOGQ2OTkzYzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnfzOtJgskx4M9jTOzyDQ8w1E0AhB
mFw/rj884/gt3JW47TlA1lsVxxdH7c3zRTlG6sU/4RFMuksT0Cy88wfc1J1/IVOW
jxb3PDeZqpys768Sb7ujIuJnLy1tdY3TocVM9BQp/Sp2mhssYrGbjtR406y5tHfF
xGmv37iU9oWnObkUul9HdPw+hT3fndz0pXw/ZmZ2y8rVsFK4JiftpKpDuPXMxq9E
yOnGbuf5TijPzg70q6l10pOAjYanp63k49DPe7ra9eUDVTmhy0cmc0ULqah08Eik
V93SbWoWNkSrujxU94O+JgMa8Y9nt3gAi+ANukcRIopa2HoqRya9bMpdcQIDAQAB
o4IDhzCCA4MwHQYDVR0OBBYEFIHzwqnFzb6UvB4FriYAedjWmTwkMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvZ2ZQQ3FjWE52cFM4SGdXdUpnQjUyTmFaUENRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBmwYIKwYBBQUHAQcBAf8EggGKMIIBhjCCAYIEAgABMIIB
egMEAQI58gMEAC1YDwMEAC2HtgMEAE1RZQMEAE9u4wMEAFXMEgMEAFkjdwMEAFkj
gQMEAFkluQMEAFkneAMEAFkoRgMEAll9AAMEAFl9MzAMAwQAWX01AwQAWX02AwQA
WX04AwQBWX08AwQAWX0/AwQAWX1EAwQAWX1JAwQAWX1cAwQAWX1fAwQAWX1iAwQB
WX16AwQBWX2CAwQAWX2YAwQAWX2fAwQAWX21AwQAWX3SAwQAXrENAwQAXrFqAwQA
XrGRAwQAZzhUAwQAZ0kjAwQApxEoMAwDBASnEbADBACnEbIDBACnEbQDBACnEbYD
BAC51HcDBAC80GcDBAC81QADBAC81msDBADBfCQDBADBfOEDBADCVfkDBADCVfsD
BAHKRwwDBADKRw8DBADMTQEDBADO9YEDBADO9YMwDAMEAM71hQMEA871gAMEAM71
nQMEAM71nwMEANB7uQMEAdB7vgMEANTAAAMEANTACAMEANTACwMEANTA1DANBgkq
hkiG9w0BAQsFAAOCAQEAj36G25oHKYiIBU0CrRaagV9eXeybGJ/5PO8NzkqoQZvL
t40xvUI0h/2++FgEuDpK8XwX8vwrWU+pujVbZOVwH6S7GDr+wHdjuoy9ljN9utgd
RLNG2PPjO4RR8hsdKXT66OYhSUbSm3dcxiR77AstdhkPvReXG2DYmR1uqyK6dZSF
jAPdxiH6306bgu1u8GnAYfNOgsiqJI4GvzGSD7ZtCDx4yt4+T5hm8MTKPqJqinZD
TqYBLSoLmtDMo93CzpAPxraJGyGw/PqUoq/tLLpwiIZvuGiIJ8vx+vbXouWOdCVZ
uslGm/USNvihsO/0sY6vgKQy5tvFF5LBAvqETDAUhw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:37:26 2026 by rpki-client