Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/GacqXUKlxyFCN3iRGsh5r8QtX8c.roa
File: GacqXUKlxyFCN3iRGsh5r8QtX8c.roa (raw, json)
Hash identifier: c7rKxZ3135SLzDKJLfScVXDzCGPZhUKThOMw3qO//fA=
Subject key identifier: 19:A7:2A:5D:42:A5:C7:21:42:37:78:91:1A:C8:79:AF:C4:2D:5F:C7
Certificate issuer: /CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Certificate serial: 019D62A79FE9DF074400F9EF3F6D8020D1A1
Authority key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/GacqXUKlxyFCN3iRGsh5r8QtX8c.roa
Signing time: Mon 06 Apr 2026 11:57:25 +0000
ROA not before: Mon 06 Apr 2026 11:57:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59711
IP address blocks: 5.149.248.0/23 maxlen: 23
5.149.254.0/23 maxlen: 23
77.83.196.0/24 maxlen: 24
77.83.197.0/24 maxlen: 24
77.83.198.0/24 maxlen: 24
79.141.164.0/23 maxlen: 23
79.141.174.0/23 maxlen: 23
80.75.215.0/24 maxlen: 24
85.158.108.0/24 maxlen: 24
85.158.109.0/24 maxlen: 24
85.158.110.0/24 maxlen: 24
89.44.80.0/24 maxlen: 24
89.150.40.0/24 maxlen: 24
89.150.45.0/24 maxlen: 24
89.150.48.0/24 maxlen: 24
89.150.57.0/24 maxlen: 24
91.193.18.0/24 maxlen: 24
91.220.8.0/24 maxlen: 24
94.126.224.0/24 maxlen: 24
94.126.225.0/24 maxlen: 24
94.126.226.0/24 maxlen: 24
94.126.227.0/24 maxlen: 24
185.40.86.0/24 maxlen: 24
185.80.52.0/23 maxlen: 23
185.80.54.0/23 maxlen: 23
185.81.114.0/23 maxlen: 23
185.81.114.0/24 maxlen: 24
185.81.115.0/24 maxlen: 24
185.104.192.0/24 maxlen: 24
185.104.193.0/24 maxlen: 24
185.104.194.0/24 maxlen: 24
185.117.88.0/23 maxlen: 23
185.117.90.0/23 maxlen: 23
185.123.102.0/24 maxlen: 24
185.174.133.0/24 maxlen: 24
185.174.135.0/24 maxlen: 24
185.221.222.0/24 maxlen: 24
185.221.223.0/24 maxlen: 24
185.223.57.0/24 maxlen: 24
185.235.137.0/24 maxlen: 24
185.235.138.0/24 maxlen: 24
185.253.116.0/24 maxlen: 24
185.253.117.0/24 maxlen: 24
185.253.118.0/24 maxlen: 24
193.42.36.0/24 maxlen: 24
193.42.39.0/24 maxlen: 24
193.111.208.0/24 maxlen: 24
194.33.28.0/24 maxlen: 24
195.95.155.0/24 maxlen: 24
2a01:8640::/48 maxlen: 48
2a01:8640:2::/48 maxlen: 48
2a01:8640:6::/48 maxlen: 48
2a01:8640:9::/48 maxlen: 48
2a01:8640:a::/48 maxlen: 48
2a01:8640:f::/48 maxlen: 48
2a01:8640:11::/48 maxlen: 48
2a01:8640:12::/48 maxlen: 48
2a01:8640:13::/48 maxlen: 48
2a01:8640:14::/48 maxlen: 48
2a01:8640:15::/48 maxlen: 48
2a01:8640:17::/48 maxlen: 48
2a01:8640:18::/48 maxlen: 48
2a01:8640:1a::/48 maxlen: 48
2a01:8640:1b::/48 maxlen: 48
2a01:8640:1c::/48 maxlen: 48
2a01:8640:1d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:62:a7:9f:e9:df:07:44:00:f9:ef:3f:6d:80:20:d1:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Validity
Not Before: Apr 6 11:57:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=19a72a5d42a5c721423778911ac879afc42d5fc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:97:68:44:ce:3f:0a:0f:8e:21:b0:3d:67:fe:
0f:80:92:c3:32:ef:16:2d:fc:b9:d3:3a:58:fd:35:
05:bb:d6:72:19:d7:f1:67:a1:a6:24:90:1e:b7:1f:
c8:ba:77:f6:40:b3:b8:f1:44:f9:cf:59:15:ed:18:
17:5f:aa:e0:85:c1:50:15:a2:b2:18:ba:7e:18:9e:
bf:2e:97:8a:ab:9a:6b:3c:2e:3b:01:c5:89:09:be:
20:13:9e:ef:b2:9d:cc:42:17:02:85:92:54:e8:8d:
7c:ad:7b:94:af:a6:5d:37:3c:62:19:30:86:15:8c:
c9:36:32:66:ef:29:85:06:41:c9:5d:54:fa:32:86:
bf:c9:2f:e3:0f:cf:1e:83:56:c9:d1:53:cb:78:b3:
74:90:dc:e7:da:1c:0a:17:e2:96:b2:c5:77:44:72:
8e:25:b3:07:54:dc:30:72:8d:0b:e7:5e:23:7e:c2:
31:69:79:fc:5d:1a:a1:20:10:df:a5:3e:5c:6d:66:
0e:a3:37:77:87:8e:f1:05:c6:6c:1e:61:e5:ce:fd:
ed:4e:35:5a:18:06:18:ed:ef:07:22:fb:63:d5:c3:
85:fd:5a:38:61:e5:fe:32:68:c7:9e:5b:f6:7a:a7:
8a:ff:c0:4e:d5:46:af:d8:a3:e9:4a:d7:0e:a9:6b:
fe:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:A7:2A:5D:42:A5:C7:21:42:37:78:91:1A:C8:79:AF:C4:2D:5F:C7
X509v3 Authority Key Identifier:
keyid:69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/GacqXUKlxyFCN3iRGsh5r8QtX8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.248.0/23
5.149.254.0/23
77.83.196.0-77.83.198.255
79.141.164.0/23
79.141.174.0/23
80.75.215.0/24
85.158.108.0-85.158.110.255
89.44.80.0/24
89.150.40.0/24
89.150.45.0/24
89.150.48.0/24
89.150.57.0/24
91.193.18.0/24
91.220.8.0/24
94.126.224.0/22
185.40.86.0/24
185.80.52.0/22
185.81.114.0/23
185.104.192.0-185.104.194.255
185.117.88.0/22
185.123.102.0/24
185.174.133.0/24
185.174.135.0/24
185.221.222.0/23
185.223.57.0/24
185.235.137.0-185.235.138.255
185.253.116.0-185.253.118.255
193.42.36.0/24
193.42.39.0/24
193.111.208.0/24
194.33.28.0/24
195.95.155.0/24
IPv6:
2a01:8640::/48
2a01:8640:2::/48
2a01:8640:6::/48
2a01:8640:9::-2a01:8640:a:ffff:ffff:ffff:ffff:ffff
2a01:8640:f::/48
2a01:8640:11::-2a01:8640:15:ffff:ffff:ffff:ffff:ffff
2a01:8640:17::-2a01:8640:18:ffff:ffff:ffff:ffff:ffff
2a01:8640:1a::-2a01:8640:1d:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
53:c1:d0:f5:2c:07:36:ac:df:20:f1:fc:5c:cd:a2:6d:43:a8:
ed:60:18:50:9d:5c:8d:f1:72:75:2c:c8:6b:d1:dd:67:8f:1a:
86:46:f6:16:1f:36:73:62:c1:1c:a1:71:ae:d6:52:3e:ec:56:
e7:ae:86:0c:c7:f0:d9:be:22:e7:50:03:09:5d:ff:0e:b5:4e:
59:78:a3:9d:84:99:60:b6:ab:f1:d3:a4:11:eb:b3:4b:26:44:
ed:17:1b:45:0c:11:b1:33:b7:a6:eb:26:38:08:ff:6a:e0:76:
73:6a:72:a7:43:84:6a:48:e1:6b:64:3d:d5:ba:92:d2:b7:c2:
55:9f:52:97:12:d5:61:1a:0e:0c:8d:6e:8e:96:cc:7f:af:7e:
c7:59:a7:af:51:6b:6e:26:f6:a0:98:e9:df:62:9f:0c:ac:2f:
6d:49:d7:5e:49:28:5d:a4:58:20:2d:e1:20:35:d7:fc:96:83:
7c:74:1e:fb:c2:e4:38:e5:10:5b:78:0f:33:89:d5:e9:04:62:
2c:33:20:33:a2:ac:c9:a9:50:52:22:f7:04:ff:9b:50:8f:e4:
84:98:7b:68:3f:52:39:d9:56:75:d3:c9:90:eb:bb:d5:65:e6:
40:f0:f2:1c:08:a6:5c:3d:38:4b:f4:43:da:12:f3:83:7b:88:
d5:87:91:d9
-----BEGIN CERTIFICATE-----
MIIGYzCCBUugAwIBAgISAZ1ip5/p3wdEAPnvP22AINGhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTI0MmMzM2JjMmUyZTllNDU4NTBhMGZjNjRhYjJjNzUw
NmE0YjgwHhcNMjYwNDA2MTE1NzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWE3MmE1ZDQyYTVjNzIxNDIzNzc4OTExYWM4NzlhZmM0MmQ1ZmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpdoRM4/Cg+OIbA9Z/4PgJLDMu8W
Lfy50zpY/TUFu9ZyGdfxZ6GmJJAetx/Iunf2QLO48UT5z1kV7RgXX6rghcFQFaKy
GLp+GJ6/LpeKq5prPC47AcWJCb4gE57vsp3MQhcChZJU6I18rXuUr6ZdNzxiGTCG
FYzJNjJm7ymFBkHJXVT6Moa/yS/jD88eg1bJ0VPLeLN0kNzn2hwKF+KWssV3RHKO
JbMHVNwwco0L514jfsIxaXn8XRqhIBDfpT5cbWYOozd3h47xBcZsHmHlzv3tTjVa
GAYY7e8HIvtj1cOF/Vo4YeX+MmjHnlv2eqeK/8BO1Uav2KPpStcOqWv+8wIDAQAB
o4IDbzCCA2swHQYDVR0OBBYEFBmnKl1CpcchQjd4kRrIea/ELV/HMB8GA1UdIwQY
MBaAFGkSQsM7wuLp5FhQoPxkqyx1BqS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjkt
MzYyZmZlOGVlMjcwLzEvR2FjcVhVS2x4eUZDTjNpUkdzaDVyOFF0WDhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjktMzYyZmZlOGVlMjcw
LzEvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBgwYIKwYBBQUHAQcBAf8EggFyMIIBbjCB7wQCAAEwgegD
BAEFlfgDBAEFlf4wDAMEAk1TxAMEAE1TxgMEAU+NpAMEAU+NrgMEAFBL1zAMAwQC
VZ5sAwQAVZ5uAwQAWSxQAwQAWZYoAwQAWZYtAwQAWZYwAwQAWZY5AwQAW8ESAwQA
W9wIAwQCXn7gAwQAuShWAwQCuVA0AwQBuVFyMAwDBAa5aMADBAC5aMIDBAK5dVgD
BAC5e2YDBAC5roUDBAC5rocDBAG53d4DBAC53zkwDAMEALnriQMEALnrijAMAwQC
uf10AwQAuf12AwQAwSokAwQAwSonAwQAwW/QAwQAwiEcAwQAw1+bMHoEAgACMHQD
BwAqAYZAAAADBwAqAYZAAAIDBwAqAYZAAAYwEgMHACoBhkAACQMHACoBhkAACgMH
ACoBhkAADzASAwcAKgGGQAARAwcBKgGGQAAUMBIDBwAqAYZAABcDBwAqAYZAABgw
EgMHASoBhkAAGgMHASoBhkAAHDANBgkqhkiG9w0BAQsFAAOCAQEAU8HQ9SwHNqzf
IPH8XM2ibUOo7WAYUJ1cjfFydSzIa9HdZ48ahkb2Fh82c2LBHKFxrtZSPuxW566G
DMfw2b4i51ADCV3/DrVOWXijnYSZYLar8dOkEeuzSyZE7RcbRQwRsTO3pusmOAj/
auB2c2pyp0OEakjha2Q91bqS0rfCVZ9SlxLVYRoODI1ujpbMf69+x1mnr1Frbib2
oJjp32KfDKwvbUnXXkkoXaRYIC3hIDXX/JaDfHQe+8LkOOUQW3gPM4nV6QRiLDMg
M6KsyalQUiL3BP+bUI/khJh7aD9SOdlWddPJkOu71WXmQPDyHAimXD04S/RD2hLz
g3uI1YeR2Q==
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:28:16 2026 by rpki-client