Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/dc450f-11a8-4e92-b6e8-d2da517a96fd/1/GlfjtyID3JWD6gfRCet0c13y4oE.roa
File: GlfjtyID3JWD6gfRCet0c13y4oE.roa (raw, json)
Hash identifier: LlD9D2Qj80+2x3YcRcDhNjcjPr/rKerCLr5sHKh6tkA=
Subject key identifier: 1A:57:E3:B7:22:03:DC:95:83:EA:07:D1:09:EB:74:73:5D:F2:E2:81
Certificate issuer: /CN=054ab196a5b113660d401f806b32be66625afbaa
Certificate serial: 019E8CF4B1A62B250720A8A6F29E28001932
Authority key identifier: 05:4A:B1:96:A5:B1:13:66:0D:40:1F:80:6B:32:BE:66:62:5A:FB:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUqxlqWxE2YNQB-AazK-ZmJa-6o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/dc450f-11a8-4e92-b6e8-d2da517a96fd/1/GlfjtyID3JWD6gfRCet0c13y4oE.roa
Signing time: Wed 03 Jun 2026 10:08:26 +0000
ROA not before: Wed 03 Jun 2026 10:08:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51248
IP address blocks: 85.137.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/dc450f-11a8-4e92-b6e8-d2da517a96fd/1/BUqxlqWxE2YNQB-AazK-ZmJa-6o.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/dc450f-11a8-4e92-b6e8-d2da517a96fd/1/BUqxlqWxE2YNQB-AazK-ZmJa-6o.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUqxlqWxE2YNQB-AazK-ZmJa-6o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 03:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8c:f4:b1:a6:2b:25:07:20:a8:a6:f2:9e:28:00:19:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=054ab196a5b113660d401f806b32be66625afbaa
Validity
Not Before: Jun 3 10:08:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1a57e3b72203dc9583ea07d109eb74735df2e281
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e8:d5:09:bf:4d:f5:3f:60:a0:9a:56:e2:94:
e0:bc:df:e1:b0:bd:7c:e0:30:9d:0c:d8:59:01:61:
89:0a:08:53:ea:59:d7:cc:fb:15:21:8c:79:27:37:
21:72:48:41:6e:b0:ab:8b:33:74:32:d6:7c:07:78:
87:fa:94:07:b1:40:d3:16:7a:96:50:1a:77:10:4d:
f2:78:cc:52:ea:3c:08:f2:d9:e5:51:3c:31:69:3d:
41:51:c7:f7:fd:a6:65:9e:13:68:2f:e9:8e:41:a0:
94:3d:db:cb:44:0c:47:db:36:8d:a5:c5:31:f7:35:
3b:d1:8e:3b:66:2b:da:2d:f4:34:04:6a:8b:1b:f1:
0e:42:6b:86:ea:e8:65:3a:b3:d4:90:4a:9e:94:2d:
a8:3a:e9:6f:33:19:07:50:35:2e:f9:e8:9a:45:d5:
94:f5:48:0a:d0:93:9b:16:30:c3:5d:2e:dd:80:86:
1f:79:4a:52:fe:39:48:a3:cd:94:55:92:67:ee:f8:
9c:f9:01:c5:ba:e1:15:7b:7c:15:a2:7f:ee:5f:22:
cf:1b:de:c2:23:b1:da:89:5b:9d:75:dd:03:d7:7f:
82:52:05:e3:31:c7:05:84:0b:1d:24:c6:94:45:80:
b6:94:10:37:ed:79:31:f0:b3:0d:5c:dd:ce:29:40:
ef:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:57:E3:B7:22:03:DC:95:83:EA:07:D1:09:EB:74:73:5D:F2:E2:81
X509v3 Authority Key Identifier:
keyid:05:4A:B1:96:A5:B1:13:66:0D:40:1F:80:6B:32:BE:66:62:5A:FB:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUqxlqWxE2YNQB-AazK-ZmJa-6o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/dc450f-11a8-4e92-b6e8-d2da517a96fd/1/GlfjtyID3JWD6gfRCet0c13y4oE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/dc450f-11a8-4e92-b6e8-d2da517a96fd/1/BUqxlqWxE2YNQB-AazK-ZmJa-6o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.137.25.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:da:01:ef:ed:de:f4:2f:69:62:4e:6d:78:7e:54:40:0d:93:
f4:ba:62:89:e1:53:30:7f:d5:7d:32:38:3d:68:1e:1a:11:93:
49:98:c9:03:22:5a:94:e8:9b:20:c8:18:e2:1d:98:63:ff:6d:
80:11:4d:83:52:e9:dc:b2:9e:85:ef:09:02:5a:43:39:01:0c:
a1:06:c3:83:dc:a3:18:f0:5c:66:ea:6d:11:bf:4f:3d:c5:e7:
d0:a6:83:5f:a4:7a:d8:7f:fd:15:10:81:a9:2a:18:47:61:3e:
36:fd:6f:af:d4:03:1e:53:fb:c7:64:9c:90:77:15:69:3e:63:
08:51:8f:6c:9c:0b:94:41:97:54:d1:08:b9:67:2f:95:ae:c1:
e3:7e:f3:78:a0:6e:a4:b3:f9:b7:9c:68:6d:14:8c:82:e6:2e:
e8:e9:bd:fe:bc:7d:36:27:1a:bd:d1:66:78:a2:85:fb:9e:3c:
dc:4f:31:e1:c9:77:2d:86:fa:a6:51:97:1f:ea:ba:e2:99:2d:
7e:7b:3f:a4:dc:dc:5a:d8:34:e2:dd:9c:7f:6d:ed:6e:68:37:
f8:9c:86:4c:86:5e:a3:30:65:6a:ac:26:a2:b1:03:25:03:43:
77:2c:ba:3a:61:0e:aa:65:9c:97:a0:03:be:5d:6c:a0:25:82:
37:99:8b:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ6M9LGmKyUHIKim8p4oABkyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NGFiMTk2YTViMTEzNjYwZDQwMWY4MDZiMzJiZTY2NjI1
YWZiYWEwHhcNMjYwNjAzMTAwODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTU3ZTNiNzIyMDNkYzk1ODNlYTA3ZDEwOWViNzQ3MzVkZjJlMjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmejVCb9N9T9goJpW4pTgvN/hsL18
4DCdDNhZAWGJCghT6lnXzPsVIYx5JzchckhBbrCrizN0MtZ8B3iH+pQHsUDTFnqW
UBp3EE3yeMxS6jwI8tnlUTwxaT1BUcf3/aZlnhNoL+mOQaCUPdvLRAxH2zaNpcUx
9zU70Y47ZivaLfQ0BGqLG/EOQmuG6uhlOrPUkEqelC2oOulvMxkHUDUu+eiaRdWU
9UgK0JObFjDDXS7dgIYfeUpS/jlIo82UVZJn7vic+QHFuuEVe3wVon/uXyLPG97C
I7HaiVuddd0D13+CUgXjMccFhAsdJMaURYC2lBA37Xkx8LMNXN3OKUDv2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBpX47ciA9yVg+oH0QnrdHNd8uKBMB8GA1UdIwQY
MBaAFAVKsZalsRNmDUAfgGsyvmZiWvuqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVxeGxxV3hFMllOUUItQWF6Sy1abUphLTZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9kYzQ1MGYtMTFhOC00ZTkyLWI2ZTgt
ZDJkYTUxN2E5NmZkLzEvR2xmanR5SUQzSldENmdmUkNldDBjMTN5NG9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9kYzQ1MGYtMTFhOC00ZTkyLWI2ZTgtZDJkYTUxN2E5NmZk
LzEvQlVxeGxxV3hFMllOUUItQWF6Sy1abUphLTZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYkZMA0G
CSqGSIb3DQEBCwUAA4IBAQCi2gHv7d70L2liTm14flRADZP0umKJ4VMwf9V9Mjg9
aB4aEZNJmMkDIlqU6JsgyBjiHZhj/22AEU2DUuncsp6F7wkCWkM5AQyhBsOD3KMY
8Fxm6m0Rv089xefQpoNfpHrYf/0VEIGpKhhHYT42/W+v1AMeU/vHZJyQdxVpPmMI
UY9snAuUQZdU0Qi5Zy+VrsHjfvN4oG6ks/m3nGhtFIyC5i7o6b3+vH02Jxq90WZ4
ooX7njzcTzHhyXcthvqmUZcf6rrimS1+ez+k3Nxa2DTi3Zx/be1uaDf4nIZMhl6j
MGVqrCaisQMlA0N3LLo6YQ6qZZyXoAO+XWygJYI3mYup
-----END CERTIFICATE-----
Generated at Wed Jun 17 10:36:59 2026 by rpki-client