Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/GiRdQqoeGgURRXKILb86Iu5pf3Y.roa
File: GiRdQqoeGgURRXKILb86Iu5pf3Y.roa (raw, json)
Hash identifier: MCRhUR6Cyp8s4Yz6IdTa/epffl/2MZ1BmWLmkXzW178=
Subject key identifier: 1A:24:5D:42:AA:1E:1A:05:11:45:72:88:2D:BF:3A:22:EE:69:7F:76
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019D2BA79C478D6C957C6C3C1B4CB021E1E1
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/GiRdQqoeGgURRXKILb86Iu5pf3Y.roa
Signing time: Thu 26 Mar 2026 19:38:17 +0000
ROA not before: Thu 26 Mar 2026 19:38:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29066
IP address blocks: 2.56.102.0/24 maxlen: 24
2.59.23.0/24 maxlen: 24
45.86.14.0/24 maxlen: 24
45.133.220.0/24 maxlen: 24
45.133.221.0/24 maxlen: 24
45.133.222.0/24 maxlen: 24
45.133.223.0/24 maxlen: 24
45.152.203.0/24 maxlen: 24
193.39.244.0/24 maxlen: 24
2a07:f300::/29 maxlen: 29
2a0f:2d84::/32 maxlen: 32
2a0f:4a00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:a7:9c:47:8d:6c:95:7c:6c:3c:1b:4c:b0:21:e1:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 26 19:38:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1a245d42aa1e1a05114572882dbf3a22ee697f76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0f:a2:a3:5f:00:6f:df:be:6e:15:3a:59:a9:
a9:87:be:8b:3d:53:78:b6:07:67:10:df:20:af:27:
5e:30:59:84:87:18:c6:84:b6:b2:ce:7f:f3:c0:7c:
8a:64:45:49:48:a2:d6:0d:50:de:65:e2:c6:13:b6:
04:64:88:25:ff:2b:29:0c:bb:8f:8b:a9:e9:c5:4d:
d6:4c:fd:69:c6:76:da:94:b6:1e:ad:02:de:3e:d6:
5f:c6:ed:40:fa:a2:a4:c7:de:fd:44:96:81:50:3c:
26:d6:a5:5e:fa:3b:89:88:82:2c:a9:53:a4:c1:27:
3f:d4:07:30:6e:05:4e:8b:1a:2d:5f:e2:20:fa:68:
f6:2e:74:19:b2:ab:52:64:ae:1a:0c:2f:1c:06:dc:
d4:58:a4:94:f0:a8:b5:d1:46:1b:ee:97:20:be:7c:
1b:91:f0:8a:88:7e:5b:e4:64:c2:1d:cd:c3:97:0b:
e0:55:3e:36:e8:50:25:55:2c:da:be:d4:ef:b7:01:
f4:1e:47:cc:99:35:b5:ca:9c:9b:f8:88:04:5e:9b:
24:5d:ea:17:94:c3:3c:6d:9e:bb:be:06:3b:49:a8:
ab:59:41:44:ab:07:5f:0c:4f:bb:78:c4:b2:38:eb:
73:2c:8b:71:69:8f:ab:7b:7a:e5:54:92:a3:23:dc:
35:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:24:5D:42:AA:1E:1A:05:11:45:72:88:2D:BF:3A:22:EE:69:7F:76
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/GiRdQqoeGgURRXKILb86Iu5pf3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.102.0/24
2.59.23.0/24
45.86.14.0/24
45.133.220.0/22
45.152.203.0/24
193.39.244.0/24
IPv6:
2a07:f300::/29
2a0f:2d84::/32
2a0f:4a00::/29
Signature Algorithm: sha256WithRSAEncryption
14:2a:e0:44:68:34:bb:7d:cc:63:11:15:7b:33:20:0b:6a:e6:
50:0d:a6:cc:b1:d2:d3:0f:38:90:d0:90:3b:ee:89:14:66:e3:
89:d6:c8:e1:d4:06:87:2f:11:b2:2f:67:b4:e4:75:78:62:c8:
5c:da:7f:4e:35:24:29:e7:37:59:f4:28:fe:dc:99:da:02:8c:
e0:86:34:f0:4e:88:c9:77:75:7a:9a:c7:a3:6e:a4:0c:d0:2c:
1e:82:a5:80:fa:35:b9:ec:6c:dd:92:fd:b6:5c:90:25:fb:50:
28:56:fa:46:3e:ea:04:fb:47:b4:6d:05:c1:37:b6:be:9a:db:
b4:60:6a:53:44:1c:c1:38:8a:88:38:d9:f5:03:c1:47:33:64:
c0:3e:f3:91:e6:f8:bf:28:55:92:e9:67:35:aa:62:7c:3f:b2:
28:3e:de:b0:d1:86:1a:83:7b:8b:53:4d:05:de:76:19:7a:53:
83:71:74:72:a7:7e:80:db:4b:0a:05:7b:66:a3:f7:7b:8e:ab:
dc:dc:bc:57:4e:a0:50:ec:0e:af:b8:e0:cf:f8:67:3e:c0:09:
38:cc:18:3b:47:ff:17:b1:fb:d7:8c:af:f2:05:ac:70:d6:01:
79:09:d7:d9:78:90:d8:cd:a6:69:67:d8:85:f9:96:5b:68:58:
63:70:e3:65
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZ0rp5xHjWyVfGw8G0ywIeHhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwMzI2MTkzODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTI0NWQ0MmFhMWUxYTA1MTE0NTcyODgyZGJmM2EyMmVlNjk3Zjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwg+io18Ab9++bhU6Wamph76LPVN4
tgdnEN8grydeMFmEhxjGhLayzn/zwHyKZEVJSKLWDVDeZeLGE7YEZIgl/yspDLuP
i6npxU3WTP1pxnbalLYerQLePtZfxu1A+qKkx979RJaBUDwm1qVe+juJiIIsqVOk
wSc/1AcwbgVOixotX+Ig+mj2LnQZsqtSZK4aDC8cBtzUWKSU8Ki10UYb7pcgvnwb
kfCKiH5b5GTCHc3DlwvgVT426FAlVSzavtTvtwH0HkfMmTW1ypyb+IgEXpskXeoX
lMM8bZ67vgY7SairWUFEqwdfDE+7eMSyOOtzLItxaY+re3rlVJKjI9w1IQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFBokXUKqHhoFEUVyiC2/OiLuaX92MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvR2lSZFFxb2VHZ1VSUlhLSUxiODZJdTVwZjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQAAjhmAwQA
AjsXAwQALVYOAwQCLYXcAwQALZjLAwQAwSf0MBsEAgACMBUDBQMqB/MAAwUAKg8t
hAMFAyoPSgAwDQYJKoZIhvcNAQELBQADggEBABQq4ERoNLt9zGMRFXszIAtq5lAN
psyx0tMPOJDQkDvuiRRm44nWyOHUBocvEbIvZ7TkdXhiyFzaf041JCnnN1n0KP7c
mdoCjOCGNPBOiMl3dXqax6NupAzQLB6CpYD6NbnsbN2S/bZckCX7UChW+kY+6gT7
R7RtBcE3tr6a27RgalNEHME4iog42fUDwUczZMA+85Hm+L8oVZLpZzWqYnw/sig+
3rDRhhqDe4tTTQXedhl6U4NxdHKnfoDbSwoFe2aj93uOq9zcvFdOoFDsDq+44M/4
Zz7ACTjMGDtH/xex+9eMr/IFrHDWAXkJ19l4kNjNpmln2IX5lltoWGNw42U=
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:25:06 2026 by rpki-client