Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/2GyceDm_XAmgavG6-5vW6sV6cj8.roa
File: 2GyceDm_XAmgavG6-5vW6sV6cj8.roa (raw, json)
Hash identifier: kTGmpubLRdREIFhz3PYfU7sXxSrDuw6tha9TW2osTVI=
Subject key identifier: D8:6C:9C:78:39:BF:5C:09:A0:6A:F1:BA:FB:9B:D6:EA:C5:7A:72:3F
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 019D522678CFD1DC3083B978873D316E50CE
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/2GyceDm_XAmgavG6-5vW6sV6cj8.roa
Signing time: Fri 03 Apr 2026 07:02:25 +0000
ROA not before: Fri 03 Apr 2026 07:02:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42894
IP address blocks: 131.237.0.0/16 maxlen: 24
131.237.0.0/24 maxlen: 24
131.237.1.0/24 maxlen: 24
131.237.8.0/24 maxlen: 24
131.237.26.0/23 maxlen: 23
131.237.26.0/24 maxlen: 24
131.237.27.0/24 maxlen: 24
131.237.32.0/24 maxlen: 24
131.237.40.0/24 maxlen: 24
131.237.41.0/24 maxlen: 24
131.237.42.0/24 maxlen: 24
131.237.43.0/24 maxlen: 24
131.237.70.0/24 maxlen: 24
131.237.71.0/24 maxlen: 24
131.237.72.0/24 maxlen: 24
131.237.73.0/24 maxlen: 24
131.237.74.0/24 maxlen: 24
131.237.77.0/24 maxlen: 24
131.237.78.0/24 maxlen: 24
131.237.80.0/24 maxlen: 24
131.237.83.0/24 maxlen: 24
131.237.84.0/24 maxlen: 24
131.237.96.0/24 maxlen: 24
131.237.120.0/24 maxlen: 24
131.237.121.0/24 maxlen: 24
131.237.163.0/24 maxlen: 24
145.31.0.0/16 maxlen: 24
145.31.192.0/24 maxlen: 24
145.31.193.0/24 maxlen: 24
145.31.194.0/24 maxlen: 24
145.31.195.0/24 maxlen: 24
145.31.196.0/24 maxlen: 24
145.31.197.0/24 maxlen: 24
145.31.198.0/24 maxlen: 24
145.31.199.0/24 maxlen: 24
145.31.200.0/24 maxlen: 24
145.31.201.0/24 maxlen: 24
145.31.202.0/24 maxlen: 24
145.31.203.0/24 maxlen: 24
145.45.0.0/17 maxlen: 24
145.45.0.0/24 maxlen: 24
145.45.48.0/24 maxlen: 24
145.45.110.0/24 maxlen: 24
145.50.0.0/16 maxlen: 24
145.50.37.0/24 maxlen: 24
145.50.39.0/24 maxlen: 24
145.50.40.0/24 maxlen: 24
145.50.41.0/24 maxlen: 24
145.50.52.0/24 maxlen: 24
145.50.105.0/24 maxlen: 24
145.50.144.0/24 maxlen: 24
145.50.233.0/24 maxlen: 24
194.104.116.0/22 maxlen: 24
194.104.116.0/24 maxlen: 24
194.104.117.0/24 maxlen: 24
194.104.118.0/24 maxlen: 24
194.104.119.0/24 maxlen: 24
2a13:e080::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:52:26:78:cf:d1:dc:30:83:b9:78:87:3d:31:6e:50:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Apr 3 07:02:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d86c9c7839bf5c09a06af1bafb9bd6eac57a723f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:98:59:36:e3:80:61:22:5a:c6:69:51:38:81:
32:d0:d0:54:47:42:76:86:f1:85:f2:df:f3:12:29:
d9:1c:8d:95:44:ee:05:f9:b6:20:24:40:7d:f9:36:
65:98:bc:c0:4b:03:91:cc:3e:8e:8e:1d:10:de:08:
bd:45:a9:e8:4a:dc:58:07:74:66:39:05:62:4b:e1:
14:d0:1e:3e:7e:0e:10:82:d0:a0:06:34:8e:dc:ab:
07:2b:09:e4:9d:7a:3d:f1:34:53:d8:08:f8:77:47:
a6:18:31:83:85:8d:40:4f:53:28:13:79:cd:39:e3:
1a:21:6a:46:39:6c:fa:3b:51:e8:d8:44:a0:81:ff:
3c:88:23:fb:c4:9e:e1:2e:86:76:2c:4e:49:35:3e:
2a:17:14:86:ad:70:96:1d:65:c5:a0:3d:6c:80:6a:
11:7e:de:4d:05:cb:33:5b:62:97:dc:5d:d0:e8:b8:
31:78:c2:81:f2:cf:bc:8d:06:d9:3a:65:ec:c6:7b:
62:0c:5c:82:2c:3b:90:a6:15:5b:2f:bb:2c:7b:f3:
bc:8f:7e:34:1f:1d:2a:6e:19:87:6b:1b:0a:c0:30:
37:f2:95:44:74:00:d2:16:c2:1c:e0:6a:b8:39:d2:
b8:b3:6f:7e:13:80:46:2b:02:71:45:f3:7f:87:a4:
71:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:6C:9C:78:39:BF:5C:09:A0:6A:F1:BA:FB:9B:D6:EA:C5:7A:72:3F
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/2GyceDm_XAmgavG6-5vW6sV6cj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.237.0.0/16
145.31.0.0/16
145.45.0.0/17
145.50.0.0/16
194.104.116.0/22
IPv6:
2a13:e080::/32
Signature Algorithm: sha256WithRSAEncryption
7a:a3:24:1f:f6:82:bf:7c:7d:d0:86:ca:9e:9e:33:2a:41:f5:
b3:97:c1:e3:6c:78:fc:b7:13:09:64:e8:a9:ee:6f:3d:8d:ae:
6f:45:bb:80:06:07:de:0b:1e:f6:c5:93:ab:46:fb:e0:4f:95:
1c:aa:a1:1f:78:e9:9f:51:fa:c2:fa:56:f2:93:a3:e3:3c:72:
1d:55:f4:24:85:4e:19:cb:8f:38:2c:56:17:fa:db:f9:5e:55:
c7:fb:3b:b0:f2:75:5c:d9:3e:b4:37:ef:b7:04:7e:56:d1:bd:
07:22:21:8b:fe:3b:45:dd:41:cf:2c:29:c9:6b:6e:d7:ea:73:
bb:a8:f4:85:0c:fc:68:43:8b:42:19:f9:7a:ce:1d:ca:33:5d:
53:65:67:ec:bb:0a:5b:69:39:8f:d2:d4:db:cb:d1:06:a9:55:
ee:ce:84:05:2b:1e:4f:83:08:2f:20:ec:5f:14:58:c9:eb:c1:
3a:4b:29:c1:16:ed:1a:40:be:fb:c4:e7:f4:6d:cf:88:e9:e2:
34:49:2a:b9:a0:51:e5:33:37:fa:dd:d5:29:15:c0:47:e6:6b:
7d:a3:43:29:b5:d0:77:df:d9:7c:dd:7b:69:1d:08:15:66:88:
6f:da:ff:33:67:c2:89:39:31:09:39:58:59:00:57:ff:6d:e5:
22:66:2e:50
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ1SJnjP0dwwg7l4hz0xblDOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl
MTEzOTYwHhcNMjYwNDAzMDcwMjI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODZjOWM3ODM5YmY1YzA5YTA2YWYxYmFmYjliZDZlYWM1N2E3MjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJhZNuOAYSJaxmlROIEy0NBUR0J2
hvGF8t/zEinZHI2VRO4F+bYgJEB9+TZlmLzASwORzD6Ojh0Q3gi9RanoStxYB3Rm
OQViS+EU0B4+fg4QgtCgBjSO3KsHKwnknXo98TRT2Aj4d0emGDGDhY1AT1MoE3nN
OeMaIWpGOWz6O1Ho2ESggf88iCP7xJ7hLoZ2LE5JNT4qFxSGrXCWHWXFoD1sgGoR
ft5NBcszW2KX3F3Q6LgxeMKB8s+8jQbZOmXsxntiDFyCLDuQphVbL7sse/O8j340
Hx0qbhmHaxsKwDA38pVEdADSFsIc4Gq4OdK4s29+E4BGKwJxRfN/h6RxmwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNhsnHg5v1wJoGrxuvub1urFenI/MB8GA1UdIwQY
MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt
N2JmZjI5NmM2YjAyLzEvMkd5Y2VEbV9YQW1nYXZHNi01dlc2c1Y2Y2o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy
LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAhBAIAATAbAwMAg+0DAwCR
HwMEB5EtAAMDAJEyAwQCwmh0MA0EAgACMAcDBQAqE+CAMA0GCSqGSIb3DQEBCwUA
A4IBAQB6oyQf9oK/fH3QhsqenjMqQfWzl8HjbHj8txMJZOip7m89ja5vRbuABgfe
Cx72xZOrRvvgT5UcqqEfeOmfUfrC+lbyk6PjPHIdVfQkhU4Zy484LFYX+tv5XlXH
+zuw8nVc2T60N++3BH5W0b0HIiGL/jtF3UHPLCnJa27X6nO7qPSFDPxoQ4tCGfl6
zh3KM11TZWfsuwpbaTmP0tTby9EGqVXuzoQFKx5PgwgvIOxfFFjJ68E6SynBFu0a
QL77xOf0bc+I6eI0SSq5oFHlMzf63dUpFcBH5mt9o0MptdB339l83XtpHQgVZohv
2v8zZ8KJOTEJOVhZAFf/beUiZi5Q
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:36:42 2026 by rpki-client