Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/GNwrK88P2bKNDHhNoGFIFLVNmOo.roa
File: GNwrK88P2bKNDHhNoGFIFLVNmOo.roa (raw, json)
Hash identifier: Tvnbkz2Ie8IgGBF6LhVoidD9voIILo2Au6uwof9Oqoo=
Subject key identifier: 18:DC:2B:2B:CF:0F:D9:B2:8D:0C:78:4D:A0:61:48:14:B5:4D:98:EA
Certificate issuer: /CN=a2ed0ba8b46ef251e5a058a64a21b307d3650ddc
Certificate serial: 019D3E815A1F23B0E8EE2F557680C229689B
Authority key identifier: A2:ED:0B:A8:B4:6E:F2:51:E5:A0:58:A6:4A:21:B3:07:D3:65:0D:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ou0LqLRu8lHloFimSiGzB9NlDdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/GNwrK88P2bKNDHhNoGFIFLVNmOo.roa
Signing time: Mon 30 Mar 2026 11:29:17 +0000
ROA not before: Mon 30 Mar 2026 11:29:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5466
IP address blocks: 51.171.0.0/16 maxlen: 16
62.77.160.0/19 maxlen: 19
82.141.192.0/18 maxlen: 18
83.70.0.0/15 maxlen: 15
83.174.160.0/19 maxlen: 19
86.40.0.0/13 maxlen: 13
86.43.56.0/24 maxlen: 24
86.43.60.0/24 maxlen: 24
86.43.88.0/24 maxlen: 24
86.43.151.0/24 maxlen: 24
95.44.0.0/15 maxlen: 15
159.134.0.0/16 maxlen: 16
159.134.0.0/24 maxlen: 24
159.134.191.0/24 maxlen: 24
159.134.237.0/24 maxlen: 24
159.134.250.0/24 maxlen: 24
185.57.112.0/22 maxlen: 22
194.106.128.0/19 maxlen: 19
194.125.128.0/18 maxlen: 18
194.125.192.0/19 maxlen: 19
195.7.32.0/19 maxlen: 19
213.94.128.0/17 maxlen: 17
213.190.128.0/19 maxlen: 19
217.183.0.0/16 maxlen: 16
2001:bb0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/ou0LqLRu8lHloFimSiGzB9NlDdw.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/ou0LqLRu8lHloFimSiGzB9NlDdw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ou0LqLRu8lHloFimSiGzB9NlDdw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3e:81:5a:1f:23:b0:e8:ee:2f:55:76:80:c2:29:68:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2ed0ba8b46ef251e5a058a64a21b307d3650ddc
Validity
Not Before: Mar 30 11:29:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=18dc2b2bcf0fd9b28d0c784da0614814b54d98ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4c:8a:d5:8c:14:4a:b9:d3:f6:04:8b:35:58:
cf:5c:a4:85:63:90:ee:50:bd:d3:9e:09:44:b9:fd:
59:86:d7:dc:24:32:a4:a3:8d:0d:86:24:69:7d:cc:
d3:a4:e3:19:dc:85:f3:c3:3b:e5:ff:7e:59:71:0a:
b2:b5:66:15:f1:d1:11:0c:f1:c8:76:f6:5d:d7:ab:
22:04:14:19:35:43:9a:0a:f4:25:a0:a6:a9:23:d7:
9f:98:86:45:a9:b5:7f:8a:6a:5a:d1:c5:89:32:a1:
46:83:f4:4f:2f:5c:ba:e2:71:e1:40:99:62:12:12:
10:78:9d:ff:a1:ce:cc:a9:70:6a:18:75:30:34:b5:
1d:db:4f:ef:dc:59:1e:a5:92:ca:2b:b1:d8:70:86:
b4:be:4f:fd:e9:d8:4a:d7:f0:71:e4:82:f8:b5:10:
7d:e5:1b:ae:77:cd:20:e8:24:86:d3:90:f3:89:1a:
00:5a:4a:9e:83:d1:d9:ce:56:7f:6d:71:6f:b0:e0:
19:37:a4:07:8d:ee:14:96:d9:40:b8:90:eb:50:f7:
60:1f:9d:ab:b6:0b:88:72:2e:5c:5f:e7:cf:be:86:
f6:ce:e6:c2:35:aa:49:01:43:42:c5:bd:56:c4:31:
33:7d:02:3e:e0:5f:0f:70:cb:a0:c3:44:11:d1:29:
ef:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:DC:2B:2B:CF:0F:D9:B2:8D:0C:78:4D:A0:61:48:14:B5:4D:98:EA
X509v3 Authority Key Identifier:
keyid:A2:ED:0B:A8:B4:6E:F2:51:E5:A0:58:A6:4A:21:B3:07:D3:65:0D:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ou0LqLRu8lHloFimSiGzB9NlDdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/GNwrK88P2bKNDHhNoGFIFLVNmOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/ou0LqLRu8lHloFimSiGzB9NlDdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.171.0.0/16
62.77.160.0/19
82.141.192.0/18
83.70.0.0/15
83.174.160.0/19
86.40.0.0/13
95.44.0.0/15
159.134.0.0/16
185.57.112.0/22
194.106.128.0/19
194.125.128.0-194.125.223.255
195.7.32.0/19
213.94.128.0/17
213.190.128.0/19
217.183.0.0/16
IPv6:
2001:bb0::/29
Signature Algorithm: sha256WithRSAEncryption
1a:f0:53:44:4d:17:41:5a:2c:f5:77:41:56:0b:2e:51:b7:26:
ef:00:ad:e7:ac:a9:43:a7:e4:3d:e3:1b:d3:a2:b8:dc:dd:64:
b0:ae:a5:e7:a0:0b:1e:8b:58:41:c0:1c:06:b7:d1:9d:dc:eb:
2a:27:4f:2c:8a:82:c1:ab:eb:6a:4e:bd:e3:0f:45:d3:50:1b:
67:e9:0d:1a:03:51:0b:39:49:6d:83:d4:2d:17:fd:cf:4f:b4:
37:02:09:33:d8:86:81:c8:00:59:7a:fa:b6:23:62:37:da:27:
3e:49:42:c1:e4:31:ff:54:49:43:e9:27:e6:48:b7:91:d7:f2:
d0:bf:fb:ea:d7:70:c9:59:7f:83:b9:28:61:b9:da:b4:d1:72:
05:73:76:5f:7a:05:b7:18:e0:e4:c4:2e:ec:5b:18:0a:38:d6:
d3:40:d0:65:a3:24:11:27:52:d7:bd:3c:54:eb:64:bc:60:23:
8e:f6:8e:d6:ef:3d:ff:e3:df:45:a8:c9:89:b1:69:79:35:6b:
67:93:86:d8:e1:34:94:7c:05:c4:1d:6a:e1:5b:cb:e5:a7:da:
0f:4f:c7:2e:c7:0d:a5:b6:92:5d:6b:83:84:f1:27:1d:8b:26:
f0:47:ed:10:b9:dd:d9:26:f3:55:c7:29:e0:55:95:cb:52:aa:
85:75:b0:c4
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZ0+gVofI7Do7i9VdoDCKWibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZWQwYmE4YjQ2ZWYyNTFlNWEwNThhNjRhMjFiMzA3ZDM2
NTBkZGMwHhcNMjYwMzMwMTEyOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGRjMmIyYmNmMGZkOWIyOGQwYzc4NGRhMDYxNDgxNGI1NGQ5OGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkyK1YwUSrnT9gSLNVjPXKSFY5Du
UL3TnglEuf1ZhtfcJDKko40NhiRpfczTpOMZ3IXzwzvl/35ZcQqytWYV8dERDPHI
dvZd16siBBQZNUOaCvQloKapI9efmIZFqbV/impa0cWJMqFGg/RPL1y64nHhQJli
EhIQeJ3/oc7MqXBqGHUwNLUd20/v3FkepZLKK7HYcIa0vk/96dhK1/Bx5IL4tRB9
5Ruud80g6CSG05DziRoAWkqeg9HZzlZ/bXFvsOAZN6QHje4UltlAuJDrUPdgH52r
tguIci5cX+fPvob2zubCNapJAUNCxb1WxDEzfQI+4F8PcMugw0QR0SnvKQIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFBjcKyvPD9myjQx4TaBhSBS1TZjqMB8GA1UdIwQY
MBaAFKLtC6i0bvJR5aBYpkohswfTZQ3cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3UwTHFMUnU4bEhsb0ZpbVNpR3pCOU5sRGR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC81YmU4ZjctMWFkMC00NGJmLThiM2Ut
NzkxYzVhODUzOTBkLzEvR053cks4OFAyYktOREhoTm9HRklGTFZObU9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC81YmU4ZjctMWFkMC00NGJmLThiM2UtNzkxYzVhODUzOTBk
LzEvb3UwTHFMUnU4bEhsb0ZpbVNpR3pCOU5sRGR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMDADOrAwQF
Pk2gAwQGUo3AAwMBU0YDBAVTrqADAwNWKAMDAV8sAwMAn4YDBAK5OXADBAXCaoAw
DAMEB8J9gAMEBcJ9wAMEBcMHIAMEB9VegAMEBdW+gAMDANm3MA0EAgACMAcDBQMg
AQuwMA0GCSqGSIb3DQEBCwUAA4IBAQAa8FNETRdBWiz1d0FWCy5RtybvAK3nrKlD
p+Q94xvTorjc3WSwrqXnoAsei1hBwBwGt9Gd3OsqJ08sioLBq+tqTr3jD0XTUBtn
6Q0aA1ELOUltg9QtF/3PT7Q3Agkz2IaByABZevq2I2I32ic+SULB5DH/VElD6Sfm
SLeR1/LQv/vq13DJWX+DuShhudq00XIFc3ZfegW3GODkxC7sWxgKONbTQNBloyQR
J1LXvTxU62S8YCOO9o7W7z3/499FqMmJsWl5NWtnk4bY4TSUfAXEHWrhW8vlp9oP
T8cuxw2ltpJda4OE8ScdiybwR+0Qud3ZJvNVxyngVZXLUqqFdbDE
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:10:23 2026 by rpki-client