Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/af58b6-9e8f-406e-ac1c-2fc030a60cea/1/GD5zGeK82JMRLCdDxAWJu0129c0.roa
File: GD5zGeK82JMRLCdDxAWJu0129c0.roa (raw, json)
Hash identifier: UJN0UN2eYXvmzjBE0pThRBHPym/0Sf7LLjajUxCXmBA=
Subject key identifier: 18:3E:73:19:E2:BC:D8:93:11:2C:27:43:C4:05:89:BB:4D:76:F5:CD
Certificate issuer: /CN=1329cd3ee2fe126a82ca2a58c87ed5838fe2af57
Certificate serial: 019D9071F2C724D8055FCD0E66247EC13E51
Authority key identifier: 13:29:CD:3E:E2:FE:12:6A:82:CA:2A:58:C8:7E:D5:83:8F:E2:AF:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EynNPuL-EmqCyipYyH7Vg4_ir1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/af58b6-9e8f-406e-ac1c-2fc030a60cea/1/GD5zGeK82JMRLCdDxAWJu0129c0.roa
Signing time: Wed 15 Apr 2026 09:21:20 +0000
ROA not before: Wed 15 Apr 2026 09:21:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59497
IP address blocks: 185.189.184.0/22 maxlen: 22
185.189.184.0/24 maxlen: 24
185.189.185.0/24 maxlen: 24
185.189.186.0/24 maxlen: 24
185.189.187.0/24 maxlen: 24
194.8.156.0/22 maxlen: 22
194.8.156.0/24 maxlen: 24
194.8.157.0/24 maxlen: 24
194.8.158.0/24 maxlen: 24
194.8.159.0/24 maxlen: 24
195.140.228.0/22 maxlen: 22
195.140.228.0/24 maxlen: 24
195.178.18.0/23 maxlen: 23
195.178.18.0/24 maxlen: 24
2a09:87c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/af58b6-9e8f-406e-ac1c-2fc030a60cea/1/EynNPuL-EmqCyipYyH7Vg4_ir1c.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/af58b6-9e8f-406e-ac1c-2fc030a60cea/1/EynNPuL-EmqCyipYyH7Vg4_ir1c.mft
rsync://rpki.ripe.net/repository/DEFAULT/EynNPuL-EmqCyipYyH7Vg4_ir1c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:90:71:f2:c7:24:d8:05:5f:cd:0e:66:24:7e:c1:3e:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1329cd3ee2fe126a82ca2a58c87ed5838fe2af57
Validity
Not Before: Apr 15 09:21:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=183e7319e2bcd893112c2743c40589bb4d76f5cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:38:91:7d:4f:da:b1:65:5c:7c:62:cc:39:16:
1e:df:99:bb:33:4a:62:0f:13:52:1c:97:7b:ba:b3:
c6:52:8f:9d:53:02:a1:3b:cf:60:40:26:89:84:1d:
2d:9f:33:a0:1d:e2:58:c9:1f:17:3f:1d:cc:5d:87:
ff:f7:7f:74:c2:a6:de:4f:73:4f:23:33:4a:d9:40:
5d:b8:28:02:97:bc:67:83:23:88:d6:cb:70:27:84:
66:85:7f:a1:48:04:24:26:1a:1d:f0:6b:f7:21:d5:
f0:08:1b:e1:70:f1:16:35:7f:b2:ff:d7:39:4f:da:
e8:30:96:8d:3a:da:2b:fb:bf:28:cc:26:48:4f:d4:
b1:db:55:ce:1d:bd:f2:01:b7:07:57:41:52:fd:66:
d2:62:69:0c:31:7b:c3:88:f1:ab:15:f4:de:12:36:
80:f4:66:80:7e:27:9a:cd:37:d3:fd:8e:e3:81:d4:
af:d6:04:c9:14:5f:37:94:58:91:15:aa:f0:99:cb:
72:29:f9:2d:7c:40:90:b3:95:68:31:be:96:82:a4:
cd:9f:8d:dd:db:ae:3b:51:7d:17:6d:bf:62:93:47:
ed:a4:24:66:fb:cc:b6:6b:28:ec:1b:a9:fa:27:d4:
33:88:95:c2:9f:26:10:b6:5e:48:d8:49:aa:dc:87:
ef:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:3E:73:19:E2:BC:D8:93:11:2C:27:43:C4:05:89:BB:4D:76:F5:CD
X509v3 Authority Key Identifier:
keyid:13:29:CD:3E:E2:FE:12:6A:82:CA:2A:58:C8:7E:D5:83:8F:E2:AF:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EynNPuL-EmqCyipYyH7Vg4_ir1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/af58b6-9e8f-406e-ac1c-2fc030a60cea/1/GD5zGeK82JMRLCdDxAWJu0129c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/af58b6-9e8f-406e-ac1c-2fc030a60cea/1/EynNPuL-EmqCyipYyH7Vg4_ir1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.184.0/22
194.8.156.0/22
195.140.228.0/22
195.178.18.0/23
IPv6:
2a09:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:2e:af:26:6f:03:7c:26:b5:95:a4:1a:f5:2b:1d:49:15:0c:
66:67:fe:ae:5e:c8:0c:9e:c9:b8:dd:0f:35:8c:2a:75:ad:af:
24:76:31:a6:ca:a1:5c:0b:18:de:c2:f5:66:d5:cd:1b:0c:28:
1d:ec:76:9e:8e:46:9b:a6:96:cf:70:e5:5a:41:fb:26:c4:b7:
d7:ec:71:f3:4c:50:2b:97:6e:86:55:37:6a:08:f0:01:e6:37:
f7:fe:be:98:e3:91:65:11:00:3e:28:5d:68:3f:43:db:79:1c:
7d:25:7c:a1:3b:5a:7e:00:d3:26:66:f9:c1:86:ad:6c:c9:6f:
9b:29:6d:a2:8a:71:e1:a2:fb:53:9b:de:3d:0c:b0:1f:9e:dc:
0b:5c:80:2e:af:6f:35:26:f7:aa:38:1d:be:f0:ba:cc:a3:57:
af:bd:20:f2:b0:c4:c0:b7:54:8b:56:60:ec:9d:db:00:fa:6c:
31:95:d0:d1:68:42:45:30:4c:f5:ec:e2:cf:89:34:aa:8d:c8:
85:72:7a:38:ad:3a:4e:87:21:b9:ac:48:aa:02:e6:e1:15:0e:
33:a3:a6:26:be:15:15:cd:5c:ce:ea:66:25:7b:b3:84:8e:2b:
ad:a7:61:76:7c:c1:88:6e:f5:22:09:4a:0e:cd:9a:62:42:e1:
21:c3:5b:7d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZ2QcfLHJNgFX80OZiR+wT5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMjljZDNlZTJmZTEyNmE4MmNhMmE1OGM4N2VkNTgzOGZl
MmFmNTcwHhcNMjYwNDE1MDkyMTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODNlNzMxOWUyYmNkODkzMTEyYzI3NDNjNDA1ODliYjRkNzZmNWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ziRfU/asWVcfGLMORYe35m7M0pi
DxNSHJd7urPGUo+dUwKhO89gQCaJhB0tnzOgHeJYyR8XPx3MXYf/9390wqbeT3NP
IzNK2UBduCgCl7xngyOI1stwJ4RmhX+hSAQkJhod8Gv3IdXwCBvhcPEWNX+y/9c5
T9roMJaNOtor+78ozCZIT9Sx21XOHb3yAbcHV0FS/WbSYmkMMXvDiPGrFfTeEjaA
9GaAfieazTfT/Y7jgdSv1gTJFF83lFiRFarwmctyKfktfECQs5VoMb6WgqTNn43d
2647UX0Xbb9ik0ftpCRm+8y2ayjsG6n6J9QziJXCnyYQtl5I2Emq3IfviQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBg+cxnivNiTESwnQ8QFibtNdvXNMB8GA1UdIwQY
MBaAFBMpzT7i/hJqgsoqWMh+1YOP4q9XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXluTlB1TC1FbXFDeWlwWXlIN1ZnNF9pcjFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9hZjU4YjYtOWU4Zi00MDZlLWFjMWMt
MmZjMDMwYTYwY2VhLzEvR0Q1ekdlSzgySk1STENkRHhBV0p1MDEyOWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9hZjU4YjYtOWU4Zi00MDZlLWFjMWMtMmZjMDMwYTYwY2Vh
LzEvRXluTlB1TC1FbXFDeWlwWXlIN1ZnNF9pcjFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCub24AwQC
wgicAwQCw4zkAwQBw7ISMA0EAgACMAcDBQMqCYfAMA0GCSqGSIb3DQEBCwUAA4IB
AQCOLq8mbwN8JrWVpBr1Kx1JFQxmZ/6uXsgMnsm43Q81jCp1ra8kdjGmyqFcCxje
wvVm1c0bDCgd7HaejkabppbPcOVaQfsmxLfX7HHzTFArl26GVTdqCPAB5jf3/r6Y
45FlEQA+KF1oP0PbeRx9JXyhO1p+ANMmZvnBhq1syW+bKW2iinHhovtTm949DLAf
ntwLXIAur281JveqOB2+8LrMo1evvSDysMTAt1SLVmDsndsA+mwxldDRaEJFMEz1
7OLPiTSqjciFcno4rTpOhyG5rEiqAubhFQ4zo6YmvhUVzVzO6mYle7OEjiutp2F2
fMGIbvUiCUoOzZpiQuEhw1t9
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:50:28 2026 by rpki-client