Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/_GRNAQTm72gHQq3bL7B41p2YrHs.roa
File: _GRNAQTm72gHQq3bL7B41p2YrHs.roa (raw, json)
Hash identifier: rvspb8Z2lGqTsEE3S985n0zOGBc3jLtF+UnFjeWtBHI=
Subject key identifier: FC:64:4D:01:04:E6:EF:68:07:42:AD:DB:2F:B0:78:D6:9D:98:AC:7B
Certificate issuer: /CN=15fd3804e00b9e06a82ced9f07b34fe3fd80394e
Certificate serial: 019C6535D62B5784654ED4F09D3CF30FB294
Authority key identifier: 15:FD:38:04:E0:0B:9E:06:A8:2C:ED:9F:07:B3:4F:E3:FD:80:39:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/_GRNAQTm72gHQq3bL7B41p2YrHs.roa
Signing time: Mon 16 Feb 2026 06:49:12 +0000
ROA not before: Mon 16 Feb 2026 06:49:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61173
IP address blocks: 5.182.44.0/24 maxlen: 24
5.182.45.0/24 maxlen: 24
5.182.46.0/24 maxlen: 24
45.159.112.0/24 maxlen: 24
45.159.113.0/24 maxlen: 24
45.159.114.0/24 maxlen: 24
45.159.115.0/24 maxlen: 24
62.3.42.0/24 maxlen: 24
85.208.252.0/24 maxlen: 24
85.208.253.0/24 maxlen: 24
85.208.254.0/24 maxlen: 24
85.208.255.0/24 maxlen: 24
185.4.28.0/24 maxlen: 24
185.4.29.0/24 maxlen: 24
185.4.30.0/24 maxlen: 24
185.4.31.0/24 maxlen: 24
185.50.37.0/24 maxlen: 24
185.50.38.0/24 maxlen: 24
185.50.39.0/24 maxlen: 24
185.116.160.0/24 maxlen: 24
185.116.161.0/24 maxlen: 24
185.116.162.0/24 maxlen: 24
185.116.163.0/24 maxlen: 24
185.213.164.0/24 maxlen: 24
185.213.165.0/24 maxlen: 24
185.213.166.0/24 maxlen: 24
185.213.167.0/24 maxlen: 24
185.255.88.0/24 maxlen: 24
185.255.89.0/24 maxlen: 24
185.255.90.0/24 maxlen: 24
185.255.91.0/24 maxlen: 24
193.141.64.0/24 maxlen: 24
193.141.65.0/24 maxlen: 24
193.141.126.0/24 maxlen: 24
193.141.127.0/24 maxlen: 24
2a05:ab80::/48 maxlen: 48
2a05:ab80:1::/48 maxlen: 48
2a05:ab80:3::/48 maxlen: 48
2a05:ab80:4::/48 maxlen: 48
2a05:ab80:100::/48 maxlen: 48
2a05:ab80:200::/48 maxlen: 48
2a05:ab80:300::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/Ff04BOALngaoLO2fB7NP4_2AOU4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/Ff04BOALngaoLO2fB7NP4_2AOU4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:65:35:d6:2b:57:84:65:4e:d4:f0:9d:3c:f3:0f:b2:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15fd3804e00b9e06a82ced9f07b34fe3fd80394e
Validity
Not Before: Feb 16 06:49:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fc644d0104e6ef680742addb2fb078d69d98ac7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:95:20:9e:48:03:b5:d0:a0:87:48:28:f7:b4:
dd:25:83:88:cd:c0:be:1b:ca:42:2e:f2:cd:cc:c9:
6d:43:f2:32:f1:71:22:ed:02:f7:63:67:72:36:b2:
4b:19:62:31:7f:f9:b0:6b:84:8c:62:25:a4:a4:36:
53:a4:42:94:14:5d:d6:cf:88:2e:53:46:2a:09:0c:
aa:09:83:bc:a0:46:5b:85:e4:90:c9:0f:9a:fb:23:
d3:d4:ee:f5:a4:74:3a:ea:ad:56:fd:c1:a0:a7:85:
68:0d:47:d1:e3:ce:88:aa:f3:7e:e7:cc:95:8c:f7:
5d:55:87:8c:c4:16:58:79:b4:6a:33:4e:0c:9c:53:
be:b2:57:5c:8d:18:0d:c2:9f:ad:68:77:3e:04:53:
bb:b7:5a:17:56:d8:56:bf:40:2a:fe:13:8f:5c:47:
7d:b4:2c:a9:41:15:46:cd:12:34:93:fd:87:b9:a5:
26:ae:08:56:e3:9d:1b:c1:99:fa:2e:aa:33:64:96:
0b:6a:45:33:25:31:52:4e:32:d6:70:8f:3f:1e:de:
79:25:ca:b2:ef:ee:a9:76:f0:9f:13:36:74:30:98:
2b:e5:21:3c:43:e9:8a:f6:99:93:8f:f1:4a:9b:9e:
d7:16:de:22:90:ef:09:f9:0f:98:53:e3:30:89:f6:
79:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:64:4D:01:04:E6:EF:68:07:42:AD:DB:2F:B0:78:D6:9D:98:AC:7B
X509v3 Authority Key Identifier:
keyid:15:FD:38:04:E0:0B:9E:06:A8:2C:ED:9F:07:B3:4F:E3:FD:80:39:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ff04BOALngaoLO2fB7NP4_2AOU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/_GRNAQTm72gHQq3bL7B41p2YrHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/be3c40-1210-4272-a5ea-7835d3208396/1/Ff04BOALngaoLO2fB7NP4_2AOU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.44.0-5.182.46.255
45.159.112.0/22
62.3.42.0/24
85.208.252.0/22
185.4.28.0/22
185.50.37.0-185.50.39.255
185.116.160.0/22
185.213.164.0/22
185.255.88.0/22
193.141.64.0/23
193.141.126.0/23
IPv6:
2a05:ab80::/47
2a05:ab80:3::-2a05:ab80:4:ffff:ffff:ffff:ffff:ffff
2a05:ab80:100::/48
2a05:ab80:200::/48
2a05:ab80:300::/48
Signature Algorithm: sha256WithRSAEncryption
79:3e:2e:63:1e:05:fa:76:8c:41:e0:07:3d:3d:87:07:ac:9a:
6c:ca:72:3a:91:6a:17:87:3b:9e:e6:4c:c4:97:9b:3e:ca:6e:
45:f8:e5:e6:df:4b:e1:dc:81:65:d8:c8:6b:d5:81:8c:68:04:
9d:2d:48:97:66:87:b8:fd:aa:1e:cc:c3:8b:9e:e8:07:2e:5b:
af:db:fc:da:05:bf:c9:09:da:1a:0b:1a:e4:6c:48:d4:7a:aa:
c2:d9:43:13:68:93:cc:5b:ce:49:6d:72:fc:eb:e0:d9:96:6c:
4c:c5:2c:0f:f0:60:7d:70:d2:84:a1:21:c2:b1:9d:5c:30:35:
9e:6b:9d:bf:ea:08:30:99:fd:38:77:30:63:2e:b0:f1:7c:f9:
13:af:4c:96:16:95:8e:4d:f9:ec:02:72:c7:db:7b:e3:d3:75:
56:c6:8c:4e:46:c7:ef:d7:84:b5:ae:75:b0:ff:68:d6:d4:92:
13:cc:41:2d:7e:52:77:13:71:f3:1f:53:1e:7f:e4:9b:5c:18:
33:41:c1:27:63:33:46:26:ad:ff:89:bb:fc:46:8a:30:69:66:
07:3b:0b:52:08:d0:c8:d8:6f:fe:9a:ba:af:bf:8e:83:65:0f:
b5:c1:ef:37:e3:7f:3c:fb:16:57:9e:c9:c3:43:2d:7f:06:c1:
18:02:63:17
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZxlNdYrV4RlTtTwnTzzD7KUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZmQzODA0ZTAwYjllMDZhODJjZWQ5ZjA3YjM0ZmUzZmQ4
MDM5NGUwHhcNMjYwMjE2MDY0OTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzY0NGQwMTA0ZTZlZjY4MDc0MmFkZGIyZmIwNzhkNjlkOThhYzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6JUgnkgDtdCgh0go97TdJYOIzcC+
G8pCLvLNzMltQ/Iy8XEi7QL3Y2dyNrJLGWIxf/mwa4SMYiWkpDZTpEKUFF3Wz4gu
U0YqCQyqCYO8oEZbheSQyQ+a+yPT1O71pHQ66q1W/cGgp4VoDUfR486IqvN+58yV
jPddVYeMxBZYebRqM04MnFO+sldcjRgNwp+taHc+BFO7t1oXVthWv0Aq/hOPXEd9
tCypQRVGzRI0k/2HuaUmrghW450bwZn6LqozZJYLakUzJTFSTjLWcI8/Ht55Jcqy
7+6pdvCfEzZ0MJgr5SE8Q+mK9pmTj/FKm57XFt4ikO8J+Q+YU+MwifZ5zQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFPxkTQEE5u9oB0Kt2y+weNadmKx7MB8GA1UdIwQY
MBaAFBX9OATgC54GqCztnwezT+P9gDlOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmYwNEJPQUxuZ2FvTE8yZkI3TlA0XzJBT1U0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iZTNjNDAtMTIxMC00MjcyLWE1ZWEt
NzgzNWQzMjA4Mzk2LzEvX0dSTkFRVG03MmdIUXEzYkw3QjQxcDJZckhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iZTNjNDAtMTIxMC00MjcyLWE1ZWEtNzgzNWQzMjA4Mzk2
LzEvRmYwNEJPQUxuZ2FvTE8yZkI3TlA0XzJBT1U0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjBYBAIAATBSMAwDBAIF
tiwDBAAFti4DBAItn3ADBAA+AyoDBAJV0PwDBAK5BBwwDAMEALkyJQMEA7kyIAME
Arl0oAMEArnVpAMEArn/WAMEAcGNQAMEAcGNfjA+BAIAAjA4AwcBKgWrgAAAMBID
BwAqBauAAAMDBwAqBauAAAQDBwAqBauAAQADBwAqBauAAgADBwAqBauAAwAwDQYJ
KoZIhvcNAQELBQADggEBAHk+LmMeBfp2jEHgBz09hwesmmzKcjqRaheHO57mTMSX
mz7KbkX45ebfS+HcgWXYyGvVgYxoBJ0tSJdmh7j9qh7Mw4ue6AcuW6/b/NoFv8kJ
2hoLGuRsSNR6qsLZQxNok8xbzkltcvzr4NmWbEzFLA/wYH1w0oShIcKxnVwwNZ5r
nb/qCDCZ/Th3MGMusPF8+ROvTJYWlY5N+ewCcsfbe+PTdVbGjE5Gx+/XhLWudbD/
aNbUkhPMQS1+UncTcfMfUx5/5JtcGDNBwSdjM0Ymrf+Ju/xGijBpZgc7C1II0MjY
b/6auq+/joNlD7XB7zfjfzz7FleeycNDLX8GwRgCYxc=
-----END CERTIFICATE-----
Generated at Mon Mar 2 23:05:08 2026 by rpki-client