Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/G1x4whba5RT_Vtli04punRbWO2w.roa
File: G1x4whba5RT_Vtli04punRbWO2w.roa (raw, json)
Hash identifier: oyOFlbeBxFp4U1nbeagK0NVY5RB+WGnA51lFrV/vpsI=
Subject key identifier: 1B:5C:78:C2:16:DA:E5:14:FF:56:D9:62:D3:8A:6E:9D:16:D6:3B:6C
Certificate issuer: /CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Certificate serial: 019C0917F2D13FC4F9D21F69AE4191332A50
Authority key identifier: 75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/G1x4whba5RT_Vtli04punRbWO2w.roa
Signing time: Thu 29 Jan 2026 09:31:30 +0000
ROA not before: Thu 29 Jan 2026 09:31:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3302
IP address blocks: 5.150.128.0/20 maxlen: 20
62.94.0.0/16 maxlen: 24
81.92.32.0/20 maxlen: 20
83.211.0.0/16 maxlen: 24
128.65.112.0/20 maxlen: 20
185.58.44.0/22 maxlen: 22
185.82.0.0/22 maxlen: 22
185.168.24.0/22 maxlen: 24
194.20.0.0/16 maxlen: 24
194.21.0.0/18 maxlen: 24
194.153.192.0/20 maxlen: 24
194.153.208.0/22 maxlen: 24
195.62.224.0/19 maxlen: 24
212.90.0.0/19 maxlen: 24
212.110.0.0/19 maxlen: 24
213.136.128.0/18 maxlen: 24
213.149.192.0/19 maxlen: 19
213.183.128.0/19 maxlen: 19
213.198.128.0/18 maxlen: 24
213.203.128.0/18 maxlen: 24
217.15.208.0/20 maxlen: 24
217.29.160.0/20 maxlen: 20
2001:750::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.mft
rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 06:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:09:17:f2:d1:3f:c4:f9:d2:1f:69:ae:41:91:33:2a:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Validity
Not Before: Jan 29 09:31:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1b5c78c216dae514ff56d962d38a6e9d16d63b6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e2:e0:ee:86:1e:99:47:48:e3:71:ce:04:c8:
a1:04:3b:09:e7:49:53:7b:81:b3:61:ea:e5:6b:f8:
a7:c2:41:2b:5a:ac:79:7d:27:27:5f:05:dd:c2:3f:
69:84:78:36:0d:03:75:c4:fc:d0:5e:88:47:05:3a:
7b:f2:2f:bb:94:32:9e:66:04:f1:79:50:d2:49:c7:
d9:14:bd:bb:f8:79:c7:4f:df:f0:2e:a0:34:81:38:
dd:5f:c4:ce:3c:54:f7:77:c6:f7:42:22:05:25:6f:
8a:6c:10:9f:9e:2a:df:97:d2:54:35:3f:e4:7b:70:
9c:82:c6:67:f1:35:09:7e:7e:c3:61:4d:3c:e8:7e:
06:b3:04:22:f7:e5:d1:36:a7:17:f1:f2:40:a1:01:
66:2b:be:fb:b0:47:6b:5d:0d:24:ca:1d:ea:14:ca:
3c:32:7c:56:7a:68:c2:7e:04:72:ea:00:2d:e9:92:
3d:c3:55:86:82:85:bf:4f:64:c9:bb:5b:6f:e2:67:
5b:bf:14:3c:80:79:33:9d:d0:0c:79:98:69:2f:09:
c2:a1:ab:ba:d3:82:f5:0a:a2:1a:70:18:90:a5:f9:
21:fd:26:04:fb:72:f1:82:94:dc:9f:ab:fa:5a:b9:
5e:a4:33:a4:a5:b9:03:18:95:0e:5f:fd:6b:99:aa:
f6:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:5C:78:C2:16:DA:E5:14:FF:56:D9:62:D3:8A:6E:9D:16:D6:3B:6C
X509v3 Authority Key Identifier:
keyid:75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/G1x4whba5RT_Vtli04punRbWO2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.150.128.0/20
62.94.0.0/16
81.92.32.0/20
83.211.0.0/16
128.65.112.0/20
185.58.44.0/22
185.82.0.0/22
185.168.24.0/22
194.20.0.0-194.21.63.255
194.153.192.0-194.153.211.255
195.62.224.0/19
212.90.0.0/19
212.110.0.0/19
213.136.128.0/18
213.149.192.0/19
213.183.128.0/19
213.198.128.0/18
213.203.128.0/18
217.15.208.0/20
217.29.160.0/20
IPv6:
2001:750::/29
Signature Algorithm: sha256WithRSAEncryption
80:91:f8:98:cb:2c:97:9a:96:26:6c:6a:7d:4b:e9:92:67:49:
f5:a9:80:44:09:0b:7f:3b:db:a9:70:34:21:f2:7c:0f:e7:af:
1d:d3:ba:60:84:a9:53:ea:13:96:de:b7:41:7d:b6:69:3e:2d:
96:10:ad:ef:08:b8:2a:9e:16:b8:7c:63:b5:09:4f:ce:b9:54:
84:10:fa:73:71:06:da:0b:27:7a:03:50:80:51:18:9c:fd:c8:
1e:13:23:90:0c:8c:c2:b5:a6:a9:61:95:54:01:43:19:0a:47:
58:c2:3f:49:e3:f8:4d:89:39:2f:14:8e:91:40:d3:b6:17:b0:
57:91:05:24:5d:3e:c1:d1:ab:ca:f7:7f:50:4f:45:3e:4f:a3:
fb:1a:cb:69:62:ba:d3:1a:ed:9c:b3:98:64:3e:68:57:b7:80:
94:79:44:76:ff:99:e7:48:e4:82:e3:2a:40:ab:83:aa:ba:97:
d3:95:f4:4c:ab:64:36:bf:d9:7b:4c:33:5a:df:19:7b:e3:4d:
ca:94:f8:ce:0d:2a:8f:e4:db:bd:d9:e2:c8:06:d4:b3:a7:cb:
80:7b:6d:29:31:96:be:28:c8:c2:80:c9:54:c9:0e:3c:dd:20:
e7:87:9a:01:4e:96:50:fd:c4:8f:ee:43:61:c4:15:c8:ce:3d:
fd:65:4f:33
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZwJF/LRP8T50h9prkGRMypQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MzliN2ExMjM0MTdhYTcxOTMyNTk0NmFhODllMGYzMGFi
MGNhMDkwHhcNMjYwMTI5MDkzMTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjVjNzhjMjE2ZGFlNTE0ZmY1NmQ5NjJkMzhhNmU5ZDE2ZDYzYjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneLg7oYemUdI43HOBMihBDsJ50lT
e4GzYerla/inwkErWqx5fScnXwXdwj9phHg2DQN1xPzQXohHBTp78i+7lDKeZgTx
eVDSScfZFL27+HnHT9/wLqA0gTjdX8TOPFT3d8b3QiIFJW+KbBCfnirfl9JUNT/k
e3CcgsZn8TUJfn7DYU086H4GswQi9+XRNqcX8fJAoQFmK777sEdrXQ0kyh3qFMo8
MnxWemjCfgRy6gAt6ZI9w1WGgoW/T2TJu1tv4mdbvxQ8gHkzndAMeZhpLwnCoau6
04L1CqIacBiQpfkh/SYE+3LxgpTcn6v6WrlepDOkpbkDGJUOX/1rmar2bwIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFBtceMIW2uUU/1bZYtOKbp0W1jtsMB8GA1UdIwQY
MBaAFHU5t6EjQXqnGTJZRqqJ4PMKsMoJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjct
NWI1ZTMzY2U3MGFkLzEvRzF4NHdoYmE1UlRfVnRsaTA0cHVuUmJXTzJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjctNWI1ZTMzY2U3MGFk
LzEvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBjAQCAAEwgYUDBAQF
loADAwA+XgMEBFFcIAMDAFPTAwQEgEFwAwQCuTosAwQCuVIAAwQCuagYMAsDAwLC
FAMEBsIVADAMAwQGwpnAAwQCwpnQAwQFwz7gAwQF1FoAAwQF1G4AAwQG1YiAAwQF
1ZXAAwQF1beAAwQG1caAAwQG1cuAAwQE2Q/QAwQE2R2gMA0EAgACMAcDBQMgAQdQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCAkfiYyyyXmpYmbGp9S+mSZ0n1qYBECQt/O9up
cDQh8nwP568d07pghKlT6hOW3rdBfbZpPi2WEK3vCLgqnha4fGO1CU/OuVSEEPpz
cQbaCyd6A1CAURic/cgeEyOQDIzCtaapYZVUAUMZCkdYwj9J4/hNiTkvFI6RQNO2
F7BXkQUkXT7B0avK939QT0U+T6P7GstpYrrTGu2cs5hkPmhXt4CUeUR2/5nnSOSC
4ypAq4OqupfTlfRMq2Q2v9l7TDNa3xl7403KlPjODSqP5Nu92eLIBtSzp8uAe20p
MZa+KMjCgMlUyQ483SDnh5oBTpZQ/cSP7kNhxBXIzj39ZU8z
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:56:26 2026 by rpki-client