Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/G4Q0ftaLYf-EjRQVWNNo1EyTI0c.roa
File: G4Q0ftaLYf-EjRQVWNNo1EyTI0c.roa (raw, json)
Hash identifier: 8Jb3ZYMVlknATH38MzFuz1Q6pHIYl2ZzTNsRt7eZWz8=
Subject key identifier: 1B:84:34:7E:D6:8B:61:FF:84:8D:14:15:58:D3:68:D4:4C:93:23:47
Certificate issuer: /CN=de87d35bdcab123affc1a91d1736867969709a23
Certificate serial: 019B7C11BE7F6E0D5862E33B4FCE34ED1F45
Authority key identifier: DE:87:D3:5B:DC:AB:12:3A:FF:C1:A9:1D:17:36:86:79:69:70:9A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/G4Q0ftaLYf-EjRQVWNNo1EyTI0c.roa
Signing time: Fri 02 Jan 2026 00:18:16 +0000
ROA not before: Fri 02 Jan 2026 00:18:16 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43399
IP address blocks: 91.194.226.0/23 maxlen: 24
91.194.226.0/24 maxlen: 24
91.194.227.0/24 maxlen: 24
91.218.132.0/22 maxlen: 24
91.218.132.0/23 maxlen: 23
91.218.132.0/24 maxlen: 24
91.218.133.0/24 maxlen: 24
91.218.134.0/23 maxlen: 23
91.218.134.0/24 maxlen: 24
91.218.135.0/24 maxlen: 24
212.233.80.0/22 maxlen: 24
212.233.80.0/24 maxlen: 24
212.233.81.0/24 maxlen: 24
212.233.82.0/23 maxlen: 23
212.233.82.0/24 maxlen: 24
212.233.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:11:be:7f:6e:0d:58:62:e3:3b:4f:ce:34:ed:1f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de87d35bdcab123affc1a91d1736867969709a23
Validity
Not Before: Jan 2 00:18:16 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1b84347ed68b61ff848d141558d368d44c932347
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6a:59:1c:73:c1:eb:f3:6b:9c:3b:7a:98:da:
b9:f8:05:f2:0c:c1:a5:55:2e:b3:3c:aa:da:8c:d3:
0b:90:3e:e6:17:8d:98:f0:d0:3e:26:4d:2d:b2:59:
3b:a0:0f:6f:84:8c:d4:76:7e:e4:e5:85:4c:31:14:
f6:33:33:49:5f:12:e7:8b:e3:52:95:88:c7:8d:97:
b7:57:80:36:08:17:4b:0d:76:77:fb:1f:3a:aa:c2:
62:67:be:71:2c:9f:db:e8:42:ba:90:fa:8a:69:48:
cb:f9:f7:49:e0:39:7a:4d:a8:ef:34:33:36:1c:01:
8f:21:4b:55:9e:f8:75:ce:f9:3f:bc:f3:a7:bd:31:
0d:b0:2d:1a:00:8b:06:58:90:10:80:ca:12:48:16:
f4:64:54:8b:36:95:30:b8:f4:b8:c1:69:15:35:b6:
38:7a:b4:e7:bc:ef:07:49:00:fb:71:ef:cd:24:50:
fa:88:5a:0a:ec:89:e2:cb:d8:31:82:9e:fe:74:3d:
d4:1c:3f:0f:a4:8e:31:61:ee:37:43:66:b5:47:58:
5f:83:16:9f:6e:f1:9c:b9:4d:d2:de:8d:cd:a3:22:
41:c5:bb:33:2d:2d:2b:de:cb:0b:68:aa:b5:2e:d0:
16:a7:01:57:4f:91:3f:48:7a:ec:28:8e:47:ea:68:
f1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:84:34:7E:D6:8B:61:FF:84:8D:14:15:58:D3:68:D4:4C:93:23:47
X509v3 Authority Key Identifier:
keyid:DE:87:D3:5B:DC:AB:12:3A:FF:C1:A9:1D:17:36:86:79:69:70:9A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/G4Q0ftaLYf-EjRQVWNNo1EyTI0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.226.0/23
91.218.132.0/22
212.233.80.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:99:a9:b4:c8:7d:a4:55:58:46:a8:70:c7:f1:29:5f:88:a9:
94:52:44:a1:f3:b0:a6:d5:db:de:4d:2e:2c:8a:b4:96:d7:6e:
35:8c:e4:30:d0:92:b2:4e:2a:48:3e:09:9c:bc:d5:42:c1:45:
cb:ba:40:87:ee:59:1c:07:7f:36:6b:30:2a:49:fc:11:96:ed:
02:90:32:41:df:d5:6b:50:ae:53:25:8f:bf:f3:aa:31:4d:8d:
f8:6b:9d:73:02:f6:be:5b:06:bc:0f:b8:fd:db:a4:c0:a1:8a:
db:a6:ad:63:52:88:5a:5f:5b:0c:fc:42:3e:9f:fa:5a:2a:cf:
49:07:ac:0f:dc:9a:ad:07:6d:bd:17:1c:4b:ac:24:d2:bc:c5:
3e:49:de:75:77:20:c6:d3:57:67:5f:7c:41:08:15:a3:a1:04:
e8:a4:5e:3e:93:5f:da:1f:e4:f1:b9:fc:b7:80:8d:f3:3d:f8:
a9:7f:fb:f3:9f:13:e7:6a:78:b5:7e:ab:4d:5a:e4:7c:4a:ec:
52:a7:6b:ca:53:61:2e:dc:f0:a0:e8:a5:69:c2:c0:c1:2e:90:
80:94:9a:21:0b:c0:e7:ce:a9:30:5d:c1:6d:b2:13:b9:f7:4c:
af:e3:51:e1:61:d1:00:06:f1:47:f9:4c:06:85:e3:14:e5:1e:
65:2c:6c:d0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZt8Eb5/bg1YYuM7T8407R9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODdkMzViZGNhYjEyM2FmZmMxYTkxZDE3MzY4Njc5Njk3
MDlhMjMwHhcNMjYwMTAyMDAxODE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjg0MzQ3ZWQ2OGI2MWZmODQ4ZDE0MTU1OGQzNjhkNDRjOTMyMzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2pZHHPB6/NrnDt6mNq5+AXyDMGl
VS6zPKrajNMLkD7mF42Y8NA+Jk0tslk7oA9vhIzUdn7k5YVMMRT2MzNJXxLni+NS
lYjHjZe3V4A2CBdLDXZ3+x86qsJiZ75xLJ/b6EK6kPqKaUjL+fdJ4Dl6TajvNDM2
HAGPIUtVnvh1zvk/vPOnvTENsC0aAIsGWJAQgMoSSBb0ZFSLNpUwuPS4wWkVNbY4
erTnvO8HSQD7ce/NJFD6iFoK7Iniy9gxgp7+dD3UHD8PpI4xYe43Q2a1R1hfgxaf
bvGcuU3S3o3NoyJBxbszLS0r3ssLaKq1LtAWpwFXT5E/SHrsKI5H6mjxSwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBuENH7Wi2H/hI0UFVjTaNRMkyNHMB8GA1UdIwQY
MBaAFN6H01vcqxI6/8GpHRc2hnlpcJojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29mVFc5eXJFanJfd2FrZEZ6YUdlV2x3bWlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS85MTA3MTYtZjI2Ni00N2YwLTliYWQt
YzIyMzkwZThkOWE2LzEvRzRRMGZ0YUxZZi1FalJRVldOTm8xRXlUSTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS85MTA3MTYtZjI2Ni00N2YwLTliYWQtYzIyMzkwZThkOWE2
LzEvM29mVFc5eXJFanJfd2FrZEZ6YUdlV2x3bWlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW8LiAwQC
W9qEAwQC1OlQMA0GCSqGSIb3DQEBCwUAA4IBAQB6mam0yH2kVVhGqHDH8SlfiKmU
UkSh87Cm1dveTS4sirSW1241jOQw0JKyTipIPgmcvNVCwUXLukCH7lkcB382azAq
SfwRlu0CkDJB39VrUK5TJY+/86oxTY34a51zAva+Wwa8D7j926TAoYrbpq1jUoha
X1sM/EI+n/paKs9JB6wP3JqtB229FxxLrCTSvMU+Sd51dyDG01dnX3xBCBWjoQTo
pF4+k1/aH+Txufy3gI3zPfipf/vznxPnani1fqtNWuR8SuxSp2vKU2Eu3PCg6KVp
wsDBLpCAlJohC8DnzqkwXcFtshO590yv41HhYdEABvFH+UwGheMU5R5lLGzQ
-----END CERTIFICATE-----
Generated at Mon Mar 2 23:37:56 2026 by rpki-client