Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/GM3ERJU6CIy7dwdH0zdNwprJcyY.roa
File: GM3ERJU6CIy7dwdH0zdNwprJcyY.roa (raw, json)
Hash identifier: IlzjX1IkwyvBmzjj9sSoXNpn+4Aebe2rR4YjxBC4Rpw=
Subject key identifier: 18:CD:C4:44:95:3A:08:8C:BB:77:07:47:D3:37:4D:C2:9A:C9:73:26
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 019C0AABB289CB8F3CEB2068635E28043F62
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/GM3ERJU6CIy7dwdH0zdNwprJcyY.roa
Signing time: Thu 29 Jan 2026 16:52:30 +0000
ROA not before: Thu 29 Jan 2026 16:52:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210976
IP address blocks: 5.44.46.0/24 maxlen: 24
5.44.47.0/24 maxlen: 24
37.220.81.0/24 maxlen: 24
37.220.82.0/24 maxlen: 24
37.220.83.0/24 maxlen: 24
37.220.84.0/24 maxlen: 24
37.220.85.0/24 maxlen: 24
45.82.15.0/24 maxlen: 24
45.95.235.0/24 maxlen: 24
46.19.68.0/24 maxlen: 24
46.19.69.0/24 maxlen: 24
81.200.154.0/24 maxlen: 24
81.200.155.0/24 maxlen: 24
81.200.156.0/24 maxlen: 24
81.200.157.0/24 maxlen: 24
85.92.108.0/24 maxlen: 24
89.191.226.0/24 maxlen: 24
141.98.235.0/24 maxlen: 24
185.142.99.0/24 maxlen: 24
185.166.196.0/24 maxlen: 24
185.166.197.0/24 maxlen: 24
194.31.173.0/24 maxlen: 24
194.31.174.0/24 maxlen: 24
194.31.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:0a:ab:b2:89:cb:8f:3c:eb:20:68:63:5e:28:04:3f:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 29 16:52:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=18cdc444953a088cbb770747d3374dc29ac97326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:4e:14:65:8e:ef:75:c2:22:c9:29:f7:b6:38:
5a:e3:e3:c8:1a:85:c8:f5:0f:54:f1:d2:5e:13:ae:
a2:b2:cb:bd:97:fe:7d:b3:15:d3:bb:64:cc:d2:b3:
31:f7:e4:d4:8e:43:25:f5:85:bc:83:8e:e9:a0:19:
64:15:0e:4b:9b:59:e3:49:14:cf:cb:2f:11:a4:0a:
ea:a1:e4:0b:4c:b9:d9:cf:87:7f:59:ac:88:ce:d8:
3d:b7:8a:7f:80:c1:4f:99:08:3f:3c:f4:c1:b9:df:
a7:53:42:67:77:aa:e4:5e:45:9a:22:da:68:61:ab:
86:ac:37:57:26:83:b2:f4:64:27:54:38:89:0c:5c:
a3:37:65:82:f5:b5:53:39:b1:b7:af:93:8f:11:cd:
b1:2c:11:42:21:1a:4d:b9:65:81:cc:93:98:02:94:
84:b9:e2:2a:b9:f6:43:08:e6:3d:35:8c:a1:8c:4e:
b0:1c:48:44:ae:c6:27:93:bf:43:c2:02:64:c4:2c:
14:dc:1d:11:f7:a9:49:55:a6:c4:c5:cb:6b:e5:5b:
ce:ed:89:c7:80:ab:f5:2a:6f:53:00:c9:11:4b:4f:
22:85:8c:c0:a5:30:11:53:34:35:1a:ae:44:41:fd:
5c:21:2a:56:5a:4a:3b:cf:8f:7f:49:98:a7:bb:2f:
53:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:CD:C4:44:95:3A:08:8C:BB:77:07:47:D3:37:4D:C2:9A:C9:73:26
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/GM3ERJU6CIy7dwdH0zdNwprJcyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.46.0/23
37.220.81.0-37.220.85.255
45.82.15.0/24
45.95.235.0/24
46.19.68.0/23
81.200.154.0-81.200.157.255
85.92.108.0/24
89.191.226.0/24
141.98.235.0/24
185.142.99.0/24
185.166.196.0/23
194.31.173.0-194.31.175.255
Signature Algorithm: sha256WithRSAEncryption
27:81:7d:b1:e9:b4:d8:61:9c:fb:64:66:06:cc:e5:a1:37:e8:
f3:88:b8:44:ee:ef:64:35:83:d8:d2:b8:f9:d3:db:d2:3a:31:
98:75:61:0b:06:c3:f9:3f:92:5f:66:c9:f0:c3:30:96:5e:54:
c8:83:ef:6b:0f:32:57:65:62:2a:c2:5f:59:1a:d8:7f:a0:7f:
a9:61:29:49:d2:17:b7:82:4e:3c:3a:a1:fd:5a:44:fa:da:5c:
88:ba:28:fd:b8:91:c5:d2:87:0a:ea:d8:54:b0:4d:c5:5a:be:
f1:bc:ff:a7:b0:d5:d1:b9:37:08:61:51:c5:a0:da:97:d4:5e:
8d:a1:a4:60:2b:49:e3:45:d4:5e:5f:d4:c9:a2:23:c2:82:fa:
65:e3:ea:3d:ce:94:ee:ca:ab:7a:e8:56:8c:5a:5a:c4:88:9f:
07:bf:f4:38:8a:4a:d5:0a:04:77:a6:c1:ec:cb:b5:c1:fe:41:
e7:a4:bd:97:a9:ea:eb:b1:99:8e:62:58:6e:01:7c:57:d2:51:
82:bf:02:fd:1a:ed:82:3d:46:cb:7c:2b:d1:f9:8a:60:8c:11:
09:2f:8e:70:f5:84:ed:96:af:8c:91:2c:4a:4f:9c:7c:15:13:
5a:1d:5a:1e:05:e8:86:aa:db:c2:de:28:f6:3f:79:4e:8e:87:
33:27:d5:5b
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZwKq7KJy4886yBoY14oBD9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjYwMTI5MTY1MjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOGNkYzQ0NDk1M2EwODhjYmI3NzA3NDdkMzM3NGRjMjlhYzk3MzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp04UZY7vdcIiySn3tjha4+PIGoXI
9Q9U8dJeE66issu9l/59sxXTu2TM0rMx9+TUjkMl9YW8g47poBlkFQ5Lm1njSRTP
yy8RpArqoeQLTLnZz4d/WayIztg9t4p/gMFPmQg/PPTBud+nU0Jnd6rkXkWaItpo
YauGrDdXJoOy9GQnVDiJDFyjN2WC9bVTObG3r5OPEc2xLBFCIRpNuWWBzJOYApSE
ueIqufZDCOY9NYyhjE6wHEhErsYnk79DwgJkxCwU3B0R96lJVabExctr5VvO7YnH
gKv1Km9TAMkRS08ihYzApTARUzQ1Gq5EQf1cISpWWko7z49/SZinuy9T5QIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFBjNxESVOgiMu3cHR9M3TcKayXMmMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvR00zRVJKVTZDSXk3ZHdkSDB6ZE53cHJKY3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQBBSwuMAwD
BAAl3FEDBAEl3FQDBAAtUg8DBAAtX+sDBAEuE0QwDAMEAVHImgMEAVHInAMEAFVc
bAMEAFm/4gMEAI1i6wMEALmOYwMEAbmmxDAMAwQAwh+tAwQEwh+gMA0GCSqGSIb3
DQEBCwUAA4IBAQAngX2x6bTYYZz7ZGYGzOWhN+jziLhE7u9kNYPY0rj509vSOjGY
dWELBsP5P5JfZsnwwzCWXlTIg+9rDzJXZWIqwl9ZGth/oH+pYSlJ0he3gk48OqH9
WkT62lyIuij9uJHF0ocK6thUsE3FWr7xvP+nsNXRuTcIYVHFoNqX1F6NoaRgK0nj
RdReX9TJoiPCgvpl4+o9zpTuyqt66FaMWlrEiJ8Hv/Q4ikrVCgR3psHsy7XB/kHn
pL2XqerrsZmOYlhuAXxX0lGCvwL9Gu2CPUbLfCvR+YpgjBEJL45w9YTtlq+MkSxK
T5x8FRNaHVoeBeiGqtvC3ij2P3lOjoczJ9Vb
-----END CERTIFICATE-----
Generated at Mon Mar 2 09:02:54 2026 by rpki-client