Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/c5467b-3962-4b74-ae0d-34473bc91d80/1/GGZjVcrh7o5QnLA3XYwWxwIPlsw.roa
File: GGZjVcrh7o5QnLA3XYwWxwIPlsw.roa (raw, json)
Hash identifier: RM/Nw8R0IKgYPKDSKvz2CTTdZeBN9XNA59dgKmXAkeU=
Subject key identifier: 18:66:63:55:CA:E1:EE:8E:50:9C:B0:37:5D:8C:16:C7:02:0F:96:CC
Certificate issuer: /CN=7f35d5ae417f45ee8505d76ceaa1b34c458394a0
Certificate serial: 019D6D6D1A85AED6676E6B629CDD21B366B6
Authority key identifier: 7F:35:D5:AE:41:7F:45:EE:85:05:D7:6C:EA:A1:B3:4C:45:83:94:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fzXVrkF_Re6FBdds6qGzTEWDlKA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/c5467b-3962-4b74-ae0d-34473bc91d80/1/GGZjVcrh7o5QnLA3XYwWxwIPlsw.roa
Signing time: Wed 08 Apr 2026 14:09:19 +0000
ROA not before: Wed 08 Apr 2026 14:09:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 21221
IP address blocks: 89.106.160.0/21 maxlen: 24
139.28.112.0/22 maxlen: 24
185.3.176.0/22 maxlen: 24
2a00:1bc8::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/c5467b-3962-4b74-ae0d-34473bc91d80/1/fzXVrkF_Re6FBdds6qGzTEWDlKA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/c5467b-3962-4b74-ae0d-34473bc91d80/1/fzXVrkF_Re6FBdds6qGzTEWDlKA.mft
rsync://rpki.ripe.net/repository/DEFAULT/fzXVrkF_Re6FBdds6qGzTEWDlKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 05:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6d:6d:1a:85:ae:d6:67:6e:6b:62:9c:dd:21:b3:66:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f35d5ae417f45ee8505d76ceaa1b34c458394a0
Validity
Not Before: Apr 8 14:09:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=18666355cae1ee8e509cb0375d8c16c7020f96cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b5:1b:68:d3:b5:ea:1c:13:68:3d:8f:54:07:
f0:b0:17:09:fa:f0:2a:26:48:18:3d:d1:8d:2a:4e:
22:e4:2d:9c:34:3d:d2:97:a2:61:25:1d:e0:e0:91:
b2:d0:21:c7:95:67:ff:73:84:02:46:69:08:65:7d:
f6:14:36:46:f0:d0:de:9b:57:5e:33:4b:33:40:c1:
4e:15:f6:e5:f2:95:aa:c4:45:57:aa:05:6a:26:5b:
42:fd:5a:6c:f5:fe:25:77:12:87:f3:4a:e9:1b:56:
93:0f:97:4d:32:22:eb:f8:43:c0:e0:1f:60:68:2b:
7a:b8:cf:94:f8:6e:d5:ea:1a:87:69:27:f7:68:5b:
84:f8:d9:cc:ab:70:85:38:19:86:5b:c5:4b:fd:1d:
06:71:c9:10:cb:02:11:4a:d0:a9:84:4c:fb:44:fb:
a7:42:d7:41:28:fb:c1:3d:f9:2e:48:10:7e:79:34:
e3:62:3b:54:73:6c:20:63:d5:32:6e:d2:d6:a5:6d:
ba:6a:d6:a6:43:26:75:12:e4:4c:83:de:5a:03:30:
7d:97:b5:9d:8c:b2:b0:c6:4d:c5:f2:a6:1f:94:57:
cd:9d:68:40:9a:e8:67:64:4a:9d:46:5d:2f:5d:c1:
17:88:d8:18:90:9a:e7:8b:6f:0e:1c:ee:6b:a2:b0:
61:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:66:63:55:CA:E1:EE:8E:50:9C:B0:37:5D:8C:16:C7:02:0F:96:CC
X509v3 Authority Key Identifier:
keyid:7F:35:D5:AE:41:7F:45:EE:85:05:D7:6C:EA:A1:B3:4C:45:83:94:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fzXVrkF_Re6FBdds6qGzTEWDlKA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c5467b-3962-4b74-ae0d-34473bc91d80/1/GGZjVcrh7o5QnLA3XYwWxwIPlsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/c5467b-3962-4b74-ae0d-34473bc91d80/1/fzXVrkF_Re6FBdds6qGzTEWDlKA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.160.0/21
139.28.112.0/22
185.3.176.0/22
IPv6:
2a00:1bc8::/29
Signature Algorithm: sha256WithRSAEncryption
49:2b:51:5b:bb:5c:24:c6:90:f6:23:62:d3:b3:99:ba:67:38:
77:a8:f8:15:7b:e0:c7:a9:f8:e8:b6:fc:1c:13:bf:6b:d4:9c:
1e:60:da:4a:c8:7f:8d:cf:54:4a:a8:05:2a:46:fa:14:70:f6:
7b:03:a9:41:4d:d4:2f:0b:f1:00:41:de:d6:27:9c:4e:c7:40:
7c:33:42:34:0d:7d:a0:05:b3:50:23:83:5b:44:a1:d7:fa:77:
61:15:46:9b:d4:82:60:d5:6b:dc:ea:f5:5a:fc:7d:7e:c7:5f:
f8:14:81:07:e4:6d:74:68:08:8c:ab:b6:7c:49:92:ef:90:aa:
c2:5b:e0:a6:91:21:fe:c9:30:32:5c:75:6d:74:a6:e0:51:f4:
41:48:d4:67:6a:9f:c5:1f:0c:0d:ea:a0:9e:d8:04:85:39:3b:
c7:62:29:67:6e:24:20:87:84:68:30:f4:b1:89:0b:f1:1a:d2:
d9:e8:b7:57:ab:0e:d1:86:0a:91:e7:cc:c9:3f:b7:3e:73:a5:
31:27:7b:36:97:b6:de:ca:be:5a:00:3f:98:8c:be:b2:be:57:
3c:22:d9:86:f8:4c:e3:37:81:b6:90:b5:06:e3:b3:9a:64:c2:
0c:e4:18:d5:66:eb:a4:fa:c4:f6:15:9d:2c:51:35:63:78:93:
e9:45:9a:82
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZ1tbRqFrtZnbmtinN0hs2a2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMzVkNWFlNDE3ZjQ1ZWU4NTA1ZDc2Y2VhYTFiMzRjNDU4
Mzk0YTAwHhcNMjYwNDA4MTQwOTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODY2NjM1NWNhZTFlZThlNTA5Y2IwMzc1ZDhjMTZjNzAyMGY5NmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7UbaNO16hwTaD2PVAfwsBcJ+vAq
JkgYPdGNKk4i5C2cND3Sl6JhJR3g4JGy0CHHlWf/c4QCRmkIZX32FDZG8NDem1de
M0szQMFOFfbl8pWqxEVXqgVqJltC/Vps9f4ldxKH80rpG1aTD5dNMiLr+EPA4B9g
aCt6uM+U+G7V6hqHaSf3aFuE+NnMq3CFOBmGW8VL/R0GcckQywIRStCphEz7RPun
QtdBKPvBPfkuSBB+eTTjYjtUc2wgY9UybtLWpW26atamQyZ1EuRMg95aAzB9l7Wd
jLKwxk3F8qYflFfNnWhAmuhnZEqdRl0vXcEXiNgYkJrni28OHO5rorBh5wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBhmY1XK4e6OUJywN12MFscCD5bMMB8GA1UdIwQY
MBaAFH811a5Bf0XuhQXXbOqhs0xFg5SgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnpYVnJrRl9SZTZGQmRkczZxR3pURVdEbEtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jNTQ2N2ItMzk2Mi00Yjc0LWFlMGQt
MzQ0NzNiYzkxZDgwLzEvR0daalZjcmg3bzVRbkxBM1hZd1d4d0lQbHN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jNTQ2N2ItMzk2Mi00Yjc0LWFlMGQtMzQ0NzNiYzkxZDgw
LzEvZnpYVnJrRl9SZTZGQmRkczZxR3pURVdEbEtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDWWqgAwQC
ixxwAwQCuQOwMA0EAgACMAcDBQMqABvIMA0GCSqGSIb3DQEBCwUAA4IBAQBJK1Fb
u1wkxpD2I2LTs5m6Zzh3qPgVe+DHqfjotvwcE79r1JweYNpKyH+Nz1RKqAUqRvoU
cPZ7A6lBTdQvC/EAQd7WJ5xOx0B8M0I0DX2gBbNQI4NbRKHX+ndhFUab1IJg1Wvc
6vVa/H1+x1/4FIEH5G10aAiMq7Z8SZLvkKrCW+CmkSH+yTAyXHVtdKbgUfRBSNRn
ap/FHwwN6qCe2ASFOTvHYilnbiQgh4RoMPSxiQvxGtLZ6LdXqw7RhgqR58zJP7c+
c6UxJ3s2l7beyr5aAD+YjL6yvlc8ItmG+EzjN4G2kLUG47OaZMIM5BjVZuuk+sT2
FZ0sUTVjeJPpRZqC
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:31:59 2026 by rpki-client