Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/GReXiclUBB-KrTV4GjU5VEIGiuQ.roa
File: GReXiclUBB-KrTV4GjU5VEIGiuQ.roa (raw, json)
Hash identifier: +RCUZzeLZjE5ABoGDapDE+e1oMevPrWY5U4VoOEOhCE=
Subject key identifier: 19:17:97:89:C9:54:04:1F:8A:AD:35:78:1A:35:39:54:42:06:8A:E4
Certificate issuer: /CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Certificate serial: 019C045639962E7ED04A0A234DA4E8CCCDD0
Authority key identifier: 80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/GReXiclUBB-KrTV4GjU5VEIGiuQ.roa
Signing time: Wed 28 Jan 2026 11:21:25 +0000
ROA not before: Wed 28 Jan 2026 11:21:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 5.39.0.0/17 maxlen: 17
5.135.0.0/16 maxlen: 16
5.196.0.0/16 maxlen: 16
37.59.0.0/16 maxlen: 16
37.187.0.0/16 maxlen: 16
46.105.0.0/16 maxlen: 16
46.105.198.0/24 maxlen: 24
46.105.199.0/24 maxlen: 24
46.105.200.0/24 maxlen: 24
46.105.201.0/24 maxlen: 24
46.105.202.0/24 maxlen: 24
46.105.203.0/24 maxlen: 24
46.105.204.0/24 maxlen: 24
46.105.206.0/24 maxlen: 24
46.105.207.0/24 maxlen: 24
51.38.0.0/16 maxlen: 16
51.68.0.0/16 maxlen: 16
51.75.0.0/16 maxlen: 16
51.77.0.0/16 maxlen: 16
51.83.0.0/16 maxlen: 16
51.89.0.0/16 maxlen: 16
51.91.0.0/16 maxlen: 16
51.178.0.0/16 maxlen: 16
51.195.0.0/16 maxlen: 16
51.210.0.0/16 maxlen: 16
51.254.0.0/15 maxlen: 15
54.36.0.0/16 maxlen: 16
54.37.0.0/16 maxlen: 16
54.38.0.0/16 maxlen: 16
57.128.0.0/17 maxlen: 17
57.128.128.0/18 maxlen: 18
57.128.192.0/18 maxlen: 18
57.129.0.0/17 maxlen: 17
57.129.128.0/17 maxlen: 17
57.130.0.0/16 maxlen: 16
57.131.0.0/17 maxlen: 17
79.137.0.0/17 maxlen: 17
87.98.128.0/17 maxlen: 17
91.121.0.0/16 maxlen: 16
91.134.0.0/16 maxlen: 16
92.222.0.0/16 maxlen: 16
94.23.0.0/16 maxlen: 16
135.125.0.0/17 maxlen: 17
135.125.128.0/17 maxlen: 17
137.74.0.0/16 maxlen: 16
141.94.0.0/16 maxlen: 16
141.95.0.0/17 maxlen: 17
141.95.128.0/17 maxlen: 17
141.227.128.0/20 maxlen: 24
141.227.148.0/22 maxlen: 24
141.227.152.0/21 maxlen: 24
141.227.160.0/19 maxlen: 24
145.239.0.0/16 maxlen: 16
146.59.0.0/16 maxlen: 16
146.59.0.0/17 maxlen: 17
147.135.128.0/17 maxlen: 17
149.202.0.0/16 maxlen: 16
151.80.0.0/16 maxlen: 16
152.228.128.0/17 maxlen: 17
162.19.0.0/17 maxlen: 17
162.19.128.0/17 maxlen: 17
164.132.0.0/16 maxlen: 16
176.31.0.0/16 maxlen: 16
178.32.0.0/15 maxlen: 15
188.165.0.0/16 maxlen: 16
193.70.0.0/17 maxlen: 17
198.244.128.0/17 maxlen: 17
213.32.0.0/17 maxlen: 17
213.186.32.0/19 maxlen: 19
213.251.128.0/18 maxlen: 18
217.182.0.0/16 maxlen: 16
2001:41d0::/32 maxlen: 32
2001:41d0:ab00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.mft
rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:04:56:39:96:2e:7e:d0:4a:0a:23:4d:a4:e8:cc:cd:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80a9fff63a3477957ff75ccdc003dab68cf9d155
Validity
Not Before: Jan 28 11:21:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=19179789c954041f8aad35781a35395442068ae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:24:0b:56:4a:0a:75:5d:dd:21:c4:30:01:c7:
49:2f:39:8e:c7:01:43:57:81:80:87:9b:19:79:4e:
fc:4e:82:62:bb:7d:2d:57:cf:5c:08:7d:94:51:c6:
10:35:76:92:75:d4:ad:4f:c5:d0:53:c7:4d:c4:b8:
b6:32:98:90:35:da:5d:11:0b:60:23:ba:38:b7:91:
63:2d:93:98:d7:8e:eb:de:f5:54:19:c6:b1:58:18:
87:cb:82:17:81:2f:a9:6e:3e:0b:df:3b:1b:73:d1:
a1:ab:64:01:6c:5b:fb:9f:f5:76:b4:6f:98:15:f3:
0c:41:7a:38:f4:bc:79:5f:cf:89:64:b4:b0:82:f2:
1f:e8:47:ee:9e:03:d0:d4:50:4f:07:34:63:1a:b9:
12:bb:43:06:49:c8:12:4a:09:d5:dd:1d:77:85:d3:
4f:41:16:46:95:e8:8e:ad:1e:bf:09:7e:d3:2b:be:
6d:bc:3c:b8:9d:9f:db:48:d1:81:98:03:9f:0b:d5:
46:c5:f6:69:29:05:a9:b4:1e:a7:d8:0b:08:5b:0e:
50:cd:fd:25:d6:c2:da:28:26:35:32:b8:6c:21:04:
47:22:da:1a:1d:04:f1:3f:45:a8:41:1f:ad:54:c0:
ef:ef:f1:6f:23:21:28:3e:db:71:5e:e3:0d:5d:c6:
ae:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:17:97:89:C9:54:04:1F:8A:AD:35:78:1A:35:39:54:42:06:8A:E4
X509v3 Authority Key Identifier:
keyid:80:A9:FF:F6:3A:34:77:95:7F:F7:5C:CD:C0:03:DA:B6:8C:F9:D1:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gKn_9jo0d5V_91zNwAPatoz50VU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/GReXiclUBB-KrTV4GjU5VEIGiuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/b084bf-a454-43cf-ac92-47d98e58545a/1/gKn_9jo0d5V_91zNwAPatoz50VU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.0.0/17
5.135.0.0/16
5.196.0.0/16
37.59.0.0/16
37.187.0.0/16
46.105.0.0/16
51.38.0.0/16
51.68.0.0/16
51.75.0.0/16
51.77.0.0/16
51.83.0.0/16
51.89.0.0/16
51.91.0.0/16
51.178.0.0/16
51.195.0.0/16
51.210.0.0/16
51.254.0.0/15
54.36.0.0-54.38.255.255
57.128.0.0-57.131.127.255
79.137.0.0/17
87.98.128.0/17
91.121.0.0/16
91.134.0.0/16
92.222.0.0/16
94.23.0.0/16
135.125.0.0/16
137.74.0.0/16
141.94.0.0/15
141.227.128.0/20
141.227.148.0-141.227.191.255
145.239.0.0/16
146.59.0.0/16
147.135.128.0/17
149.202.0.0/16
151.80.0.0/16
152.228.128.0/17
162.19.0.0/16
164.132.0.0/16
176.31.0.0/16
178.32.0.0/15
188.165.0.0/16
193.70.0.0/17
198.244.128.0/17
213.32.0.0/17
213.186.32.0/19
213.251.128.0/18
217.182.0.0/16
IPv6:
2001:41d0::/32
Signature Algorithm: sha256WithRSAEncryption
4e:53:b1:0b:79:54:07:7c:5a:6b:f4:c3:6c:de:63:83:c8:ba:
7d:28:c0:f2:b0:a0:b0:fe:1f:8a:f4:4c:06:e6:56:26:75:38:
ba:3a:99:e1:5a:53:4a:cc:3e:e0:7f:e2:aa:0d:d6:5c:33:a5:
57:8e:b2:6d:ce:2e:c6:4c:96:49:94:4f:e0:c3:e0:37:bd:0c:
50:cd:96:88:59:19:c7:10:87:a6:1b:0a:28:1d:fa:8e:00:a2:
28:0e:7e:a0:6d:a2:09:aa:52:0a:3f:0e:0c:f1:36:79:40:4d:
99:df:e1:e5:07:d9:f8:cd:4e:df:10:06:cc:2f:e8:fe:02:39:
df:f6:db:45:c1:5f:8f:46:fd:c9:1c:d0:0c:15:fc:f2:b2:4f:
66:4c:ef:cf:e1:45:c0:01:2b:51:60:63:82:4f:6b:72:fe:1b:
7f:56:89:d5:fc:72:5b:da:c8:4d:2d:68:56:6d:e1:44:36:b7:
d8:64:a0:ac:ff:ee:d2:f6:6f:71:0f:db:7d:2c:46:12:5c:1f:
d7:40:62:b7:63:cb:f3:9f:b6:4b:57:30:ae:b9:80:7f:fb:0d:
1a:7c:6f:28:cd:58:18:96:7a:d3:12:ab:eb:6d:31:e5:f7:8c:
83:b3:a9:69:d0:ff:93:70:c7:f7:4f:6b:cd:41:12:85:f1:00:
7b:c4:72:0a
-----BEGIN CERTIFICATE-----
MIIGHjCCBQagAwIBAgISAZwEVjmWLn7QSgojTaTozM3QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYTlmZmY2M2EzNDc3OTU3ZmY3NWNjZGMwMDNkYWI2OGNm
OWQxNTUwHhcNMjYwMTI4MTEyMTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTE3OTc4OWM5NTQwNDFmOGFhZDM1NzgxYTM1Mzk1NDQyMDY4YWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCQLVkoKdV3dIcQwAcdJLzmOxwFD
V4GAh5sZeU78ToJiu30tV89cCH2UUcYQNXaSddStT8XQU8dNxLi2MpiQNdpdEQtg
I7o4t5FjLZOY147r3vVUGcaxWBiHy4IXgS+pbj4L3zsbc9Ghq2QBbFv7n/V2tG+Y
FfMMQXo49Lx5X8+JZLSwgvIf6EfungPQ1FBPBzRjGrkSu0MGScgSSgnV3R13hdNP
QRZGleiOrR6/CX7TK75tvDy4nZ/bSNGBmAOfC9VGxfZpKQWptB6n2AsIWw5Qzf0l
1sLaKCY1MrhsIQRHItoaHQTxP0WoQR+tVMDv7/FvIyEoPttxXuMNXcau7wIDAQAB
o4IDKjCCAyYwHQYDVR0OBBYEFBkXl4nJVAQfiq01eBo1OVRCBorkMB8GA1UdIwQY
MBaAFICp//Y6NHeVf/dczcAD2raM+dFVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0tuXzlqbzBkNVZfOTF6TndBUGF0b3o1MFZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9iMDg0YmYtYTQ1NC00M2NmLWFjOTIt
NDdkOThlNTg1NDVhLzEvR1JlWGljbFVCQi1LclRWNEdqVTVWRUlHaXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9iMDg0YmYtYTQ1NC00M2NmLWFjOTItNDdkOThlNTg1NDVh
LzEvZ0tuXzlqbzBkNVZfOTF6TndBUGF0b3o1MFZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPgYIKwYBBQUHAQcBAf8EggEtMIIBKTCCARYEAgABMIIB
DgMEBwUnAAMDAAWHAwMABcQDAwAlOwMDACW7AwMALmkDAwAzJgMDADNEAwMAM0sD
AwAzTQMDADNTAwMAM1kDAwAzWwMDADOyAwMAM8MDAwAz0gMDATP+MAoDAwI2JAMD
ADYmMAsDAwc5gAMEBzmDAAMEB0+JAAMEB1digAMDAFt5AwMAW4YDAwBc3gMDAF4X
AwMAh30DAwCJSgMDAY1eAwQEjeOAMAwDBAKN45QDBAaN44ADAwCR7wMDAJI7AwQH
k4eAAwMAlcoDAwCXUAMEB5jkgAMDAKITAwMApIQDAwCwHwMDAbIgAwMAvKUDBAfB
RgADBAfG9IADBAfVIAADBAXVuiADBAbV+4ADAwDZtjANBAIAAjAHAwUAIAFB0DAN
BgkqhkiG9w0BAQsFAAOCAQEATlOxC3lUB3xaa/TDbN5jg8i6fSjA8rCgsP4fivRM
BuZWJnU4ujqZ4VpTSsw+4H/iqg3WXDOlV46ybc4uxkyWSZRP4MPgN70MUM2WiFkZ
xxCHphsKKB36jgCiKA5+oG2iCapSCj8ODPE2eUBNmd/h5QfZ+M1O3xAGzC/o/gI5
3/bbRcFfj0b9yRzQDBX88rJPZkzvz+FFwAErUWBjgk9rcv4bf1aJ1fxyW9rITS1o
Vm3hRDa32GSgrP/u0vZvcQ/bfSxGElwf10Bit2PL85+2S1cwrrmAf/sNGnxvKM1Y
GJZ60xKr620x5feMg7OpadD/k3DH909rzUEShfEAe8RyCg==
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:34:26 2026 by rpki-client