Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/GcvVWNFfgF0wu0Nfjs_BudGQw9Y.roa
File: GcvVWNFfgF0wu0Nfjs_BudGQw9Y.roa (raw, json)
Hash identifier: KB0pqrvO6Erz4/rIYGhqqlfhiTfb86tI38IPNb7s0Ow=
Subject key identifier: 19:CB:D5:58:D1:5F:80:5D:30:BB:43:5F:8E:CF:C1:B9:D1:90:C3:D6
Certificate issuer: /CN=ca290db2f72905f0db626b005bacf08878d17bac
Certificate serial: 019C806E20D4CC261439B61369A7BDE8841F
Authority key identifier: CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/GcvVWNFfgF0wu0Nfjs_BudGQw9Y.roa
Signing time: Sat 21 Feb 2026 13:40:26 +0000
ROA not before: Sat 21 Feb 2026 13:40:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 146943
IP address blocks: 185.131.53.0/24 maxlen: 24
185.131.54.0/24 maxlen: 24
185.131.55.0/24 maxlen: 24
188.241.61.0/24 maxlen: 24
188.241.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:80:6e:20:d4:cc:26:14:39:b6:13:69:a7:bd:e8:84:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca290db2f72905f0db626b005bacf08878d17bac
Validity
Not Before: Feb 21 13:40:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=19cbd558d15f805d30bb435f8ecfc1b9d190c3d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e1:0c:9c:bf:af:a1:27:0e:63:b8:0d:ad:e8:
af:cc:0a:a8:72:08:30:11:ef:3d:19:fb:83:79:00:
50:50:ea:2e:c6:90:79:35:e3:d1:97:b7:d1:bd:82:
ce:25:cf:88:81:cf:13:9f:2d:46:d7:80:26:5a:39:
92:98:43:c4:d6:f8:fd:3f:ae:55:a1:dd:b2:99:e2:
cb:d4:22:ed:55:e6:63:c2:ec:f2:3c:d5:39:dc:4d:
00:48:a9:5b:f5:d2:d8:94:cc:50:f1:b2:b8:45:1d:
66:29:9f:b6:16:49:d0:c4:f4:fc:05:16:81:07:cc:
2e:8b:02:8d:c3:e5:11:99:c6:26:f8:03:4d:e6:98:
d8:fa:4d:c0:b6:23:8f:1f:ea:83:4f:7b:7d:50:8d:
b2:3b:1e:31:32:b6:1b:df:24:ce:05:61:92:b9:d0:
fc:ed:86:28:bf:a6:2f:4e:24:fc:31:e5:bc:33:32:
80:19:15:6f:e1:ac:c2:7c:b4:90:ca:e7:db:e0:07:
ff:97:71:4b:8c:3a:79:2a:52:9b:da:f9:c2:a9:c2:
46:63:10:00:1e:e8:84:af:3d:13:e9:41:d8:6f:21:
0b:4c:f8:66:60:dc:c4:7e:2a:d0:17:3a:29:1f:c4:
6e:de:db:85:0f:1e:47:fb:1b:9a:c6:8c:ec:50:5b:
34:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:CB:D5:58:D1:5F:80:5D:30:BB:43:5F:8E:CF:C1:B9:D1:90:C3:D6
X509v3 Authority Key Identifier:
keyid:CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/GcvVWNFfgF0wu0Nfjs_BudGQw9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.53.0-185.131.55.255
188.241.61.0/24
188.241.187.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:5d:ce:5d:ef:12:22:f4:de:87:3b:6e:97:0b:03:63:0b:33:
7b:92:f6:e3:c8:2f:d2:0f:ed:cc:63:da:8f:c9:ef:72:77:5f:
f1:16:2d:76:ee:32:9d:22:5e:7b:aa:f1:b7:3a:78:2b:6a:38:
9c:62:05:b9:5e:0f:b6:18:ee:1a:aa:40:8a:1e:8e:3a:67:93:
8b:d1:a8:bb:f9:da:aa:78:af:74:c5:0f:e3:8e:24:ad:af:85:
c1:4e:26:94:cd:e0:d8:6d:1b:a1:9f:f8:72:f8:82:e8:b0:fc:
b4:84:5d:5e:f4:ef:ab:be:34:31:11:19:60:15:64:54:26:5d:
b5:5a:6f:bf:c0:0f:2f:85:36:c1:07:5d:63:54:13:a6:0a:d4:
e3:08:f8:58:18:de:4a:62:16:72:a5:73:db:33:c6:08:c1:9a:
71:33:58:1e:00:ee:1a:4a:f8:eb:db:f6:45:26:90:35:f0:89:
da:c9:10:c0:59:1d:e6:f3:33:c4:61:0e:43:37:5a:8b:8e:a6:
54:2f:44:c1:72:2f:ca:02:0e:73:13:ec:02:94:df:88:56:00:
a1:89:ec:cc:1c:63:1c:4a:68:d8:46:dc:bc:66:a9:4d:67:70:
35:f6:9c:10:a9:06:a3:83:5a:5b:93:f2:07:af:9d:e4:79:a8:
54:71:93:74
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZyAbiDUzCYUObYTaae96IQfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjkwZGIyZjcyOTA1ZjBkYjYyNmIwMDViYWNmMDg4Nzhk
MTdiYWMwHhcNMjYwMjIxMTM0MDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWNiZDU1OGQxNWY4MDVkMzBiYjQzNWY4ZWNmYzFiOWQxOTBjM2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+EMnL+voScOY7gNreivzAqocggw
Ee89GfuDeQBQUOouxpB5NePRl7fRvYLOJc+Igc8Tny1G14AmWjmSmEPE1vj9P65V
od2ymeLL1CLtVeZjwuzyPNU53E0ASKlb9dLYlMxQ8bK4RR1mKZ+2FknQxPT8BRaB
B8wuiwKNw+URmcYm+ANN5pjY+k3AtiOPH+qDT3t9UI2yOx4xMrYb3yTOBWGSudD8
7YYov6YvTiT8MeW8MzKAGRVv4azCfLSQyufb4Af/l3FLjDp5KlKb2vnCqcJGYxAA
HuiErz0T6UHYbyELTPhmYNzEfirQFzopH8Ru3tuFDx5H+xuaxozsUFs0mQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBnL1VjRX4BdMLtDX47PwbnRkMPWMB8GA1UdIwQY
MBaAFMopDbL3KQXw22JrAFus8Ih40XusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQt
N2Y0MzViZjU1MDFjLzEvR2N2VldORmZnRjB3dTBOZmpzX0J1ZEdRdzlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQtN2Y0MzViZjU1MDFj
LzEveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAC5gzUD
BAO5gzADBAC88T0DBAC88bswDQYJKoZIhvcNAQELBQADggEBAB5dzl3vEiL03oc7
bpcLA2MLM3uS9uPIL9IP7cxj2o/J73J3X/EWLXbuMp0iXnuq8bc6eCtqOJxiBble
D7YY7hqqQIoejjpnk4vRqLv52qp4r3TFD+OOJK2vhcFOJpTN4NhtG6Gf+HL4guiw
/LSEXV7076u+NDERGWAVZFQmXbVab7/ADy+FNsEHXWNUE6YK1OMI+FgY3kpiFnKl
c9szxgjBmnEzWB4A7hpK+Ovb9kUmkDXwidrJEMBZHebzM8RhDkM3WouOplQvRMFy
L8oCDnMT7AKU34hWAKGJ7MwcYxxKaNhG3LxmqU1ncDX2nBCpBqODWluT8gevneR5
qFRxk3Q=
-----END CERTIFICATE-----
Generated at Mon Mar 2 04:48:01 2026 by rpki-client