Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/d51adf-1492-4c14-8821-b9bd0659483a/1/gDMK6bL4SN2yFigRTp_-VpvBGkI.roa
File: gDMK6bL4SN2yFigRTp_-VpvBGkI.roa (raw, json)
Hash identifier: rI6Nu8YONQKTOxDhp9yJL+hYObuArCNmN7bddusmuuY=
Subject key identifier: 80:33:0A:E9:B2:F8:48:DD:B2:16:28:11:4E:9F:FE:56:9B:C1:1A:42
Certificate issuer: /CN=b2a48af3d96931bd90c3bfd55f1fa3047b356014
Certificate serial: 019B7C132F79E19359C1A7250A248C81AC3B
Authority key identifier: B2:A4:8A:F3:D9:69:31:BD:90:C3:BF:D5:5F:1F:A3:04:7B:35:60:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sqSK89lpMb2Qw7_VXx-jBHs1YBQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/d51adf-1492-4c14-8821-b9bd0659483a/1/gDMK6bL4SN2yFigRTp_-VpvBGkI.roa
Signing time: Fri 02 Jan 2026 00:19:50 +0000
ROA not before: Fri 02 Jan 2026 00:19:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34515
IP address blocks: 185.95.184.0/24 maxlen: 24
185.95.185.0/24 maxlen: 24
185.95.186.0/24 maxlen: 24
185.95.187.0/24 maxlen: 24
2a09:a0c0::/32 maxlen: 32
2a09:a0c1::/32 maxlen: 32
2a09:a0c2::/32 maxlen: 32
2a09:a0c3::/32 maxlen: 32
2a09:a0c4::/32 maxlen: 32
2a09:a0c5::/32 maxlen: 32
2a09:a0c6::/32 maxlen: 32
2a09:a0c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/d51adf-1492-4c14-8821-b9bd0659483a/1/sqSK89lpMb2Qw7_VXx-jBHs1YBQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/d51adf-1492-4c14-8821-b9bd0659483a/1/sqSK89lpMb2Qw7_VXx-jBHs1YBQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/sqSK89lpMb2Qw7_VXx-jBHs1YBQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 21:16:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:13:2f:79:e1:93:59:c1:a7:25:0a:24:8c:81:ac:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2a48af3d96931bd90c3bfd55f1fa3047b356014
Validity
Not Before: Jan 2 00:19:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=80330ae9b2f848ddb21628114e9ffe569bc11a42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:9d:40:00:13:b3:e4:6c:3b:74:34:6b:98:b0:
a7:f4:82:28:41:59:f1:35:4a:e1:0a:45:c4:7a:a8:
8b:3e:44:5f:17:ef:c8:93:bd:bd:99:75:98:9c:26:
ce:4b:72:31:b5:a6:5b:7a:fd:c1:3b:56:00:73:2d:
22:5f:e4:7f:00:df:24:16:1f:a1:e0:56:16:aa:ea:
74:1e:ae:b8:56:87:ef:1b:82:e4:7e:78:ec:e4:b8:
27:e1:4c:57:d5:3c:03:ba:c8:88:eb:0d:88:cb:ef:
33:59:f1:01:71:7f:6b:ff:58:6b:64:30:71:df:f1:
67:3f:b0:e4:f3:f6:d1:4c:64:87:e9:bd:d4:c7:23:
93:5a:3a:3a:fb:13:87:7b:87:ea:6b:20:4a:88:0c:
58:35:dc:a6:8d:6c:e8:c1:b7:ed:9a:90:00:fa:58:
86:c6:34:94:f0:8e:4b:d1:44:40:4c:aa:3b:df:de:
8e:9b:e2:41:8c:87:dc:dc:28:4f:bd:ce:83:25:d5:
7f:b4:8b:05:32:34:09:7e:d1:eb:52:a8:3a:95:56:
28:0c:c2:59:f4:99:f2:78:1d:77:0f:de:79:e9:10:
f3:38:8d:5c:a0:0d:89:63:0e:55:96:94:19:29:67:
0f:b7:37:a0:08:a3:bb:e4:51:44:cf:d1:61:4f:39:
55:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:33:0A:E9:B2:F8:48:DD:B2:16:28:11:4E:9F:FE:56:9B:C1:1A:42
X509v3 Authority Key Identifier:
keyid:B2:A4:8A:F3:D9:69:31:BD:90:C3:BF:D5:5F:1F:A3:04:7B:35:60:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sqSK89lpMb2Qw7_VXx-jBHs1YBQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/d51adf-1492-4c14-8821-b9bd0659483a/1/gDMK6bL4SN2yFigRTp_-VpvBGkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/d51adf-1492-4c14-8821-b9bd0659483a/1/sqSK89lpMb2Qw7_VXx-jBHs1YBQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.184.0/22
IPv6:
2a09:a0c0::/29
Signature Algorithm: sha256WithRSAEncryption
4a:f7:e0:a8:26:a8:3a:5e:a3:bb:d6:bd:12:e9:b6:7d:2f:6c:
69:24:a9:ac:8f:3c:9e:03:ab:e1:a1:a3:14:08:d9:18:ab:3b:
d6:3a:cb:0a:5b:76:09:70:c3:ee:71:6a:1c:d1:c6:e6:e7:34:
8b:5a:82:89:98:a4:86:71:03:08:cd:70:d9:f0:3a:eb:66:07:
94:54:85:4d:da:a1:a2:eb:d9:35:0c:69:b6:c2:82:55:2a:a4:
1e:26:c8:4c:29:00:3f:86:ed:6c:97:62:df:34:70:f5:9d:ba:
12:80:71:d3:fe:9f:cc:2a:95:91:50:6d:e8:de:a6:df:94:ef:
c5:1f:ff:a9:a1:8c:74:ea:18:5e:83:9b:83:95:79:5b:85:22:
9e:d5:6a:5c:fa:65:c4:fa:82:63:8e:9c:8b:48:c7:9e:20:44:
2c:23:52:29:2a:12:27:75:45:63:7c:0f:df:bf:07:0b:15:ce:
0e:53:da:6f:40:4b:61:dd:d6:d1:ab:35:60:79:56:ae:19:69:
90:83:a5:70:b0:3d:02:45:e1:96:0c:ad:24:85:bd:8f:6d:0a:
f4:75:20:c2:d6:91:33:75:9d:3b:40:b6:46:07:0e:6d:af:ac:
12:73:83:22:8e:b2:1e:d1:07:da:7f:ef:19:4d:c9:e8:1b:b4:
3c:e7:60:c6
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZt8Ey954ZNZwaclCiSMgaw7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyYTQ4YWYzZDk2OTMxYmQ5MGMzYmZkNTVmMWZhMzA0N2Iz
NTYwMTQwHhcNMjYwMTAyMDAxOTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDMzMGFlOWIyZjg0OGRkYjIxNjI4MTE0ZTlmZmU1NjliYzExYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArZ1AABOz5Gw7dDRrmLCn9IIoQVnx
NUrhCkXEeqiLPkRfF+/Ik729mXWYnCbOS3IxtaZbev3BO1YAcy0iX+R/AN8kFh+h
4FYWqup0Hq64VofvG4Lkfnjs5Lgn4UxX1TwDusiI6w2Iy+8zWfEBcX9r/1hrZDBx
3/FnP7Dk8/bRTGSH6b3UxyOTWjo6+xOHe4fqayBKiAxYNdymjWzowbftmpAA+liG
xjSU8I5L0URATKo7396Om+JBjIfc3ChPvc6DJdV/tIsFMjQJftHrUqg6lVYoDMJZ
9JnyeB13D9556RDzOI1coA2JYw5VlpQZKWcPtzegCKO75FFEz9FhTzlVWwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIAzCumy+EjdshYoEU6f/labwRpCMB8GA1UdIwQY
MBaAFLKkivPZaTG9kMO/1V8fowR7NWAUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3FTSzg5bHBNYjJRdzdfVlh4LWpCSHMxWUJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kNTFhZGYtMTQ5Mi00YzE0LTg4MjEt
YjliZDA2NTk0ODNhLzEvZ0RNSzZiTDRTTjJ5RmlnUlRwXy1WcHZCR2tJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kNTFhZGYtMTQ5Mi00YzE0LTg4MjEtYjliZDA2NTk0ODNh
LzEvc3FTSzg5bHBNYjJRdzdfVlh4LWpCSHMxWUJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuV+4MA0E
AgACMAcDBQMqCaDAMA0GCSqGSIb3DQEBCwUAA4IBAQBK9+CoJqg6XqO71r0S6bZ9
L2xpJKmsjzyeA6vhoaMUCNkYqzvWOssKW3YJcMPucWoc0cbm5zSLWoKJmKSGcQMI
zXDZ8DrrZgeUVIVN2qGi69k1DGm2woJVKqQeJshMKQA/hu1sl2LfNHD1nboSgHHT
/p/MKpWRUG3o3qbflO/FH/+poYx06hheg5uDlXlbhSKe1Wpc+mXE+oJjjpyLSMee
IEQsI1IpKhIndUVjfA/fvwcLFc4OU9pvQEth3dbRqzVgeVauGWmQg6VwsD0CReGW
DK0khb2PbQr0dSDC1pEzdZ07QLZGBw5tr6wSc4MijrIe0Qfaf+8ZTcnoG7Q852DG
-----END CERTIFICATE-----
Generated at Tue Mar 3 05:38:29 2026 by rpki-client