Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/gNAyrBVoFaWeREXzr33gHPdjLuc.roa
File: gNAyrBVoFaWeREXzr33gHPdjLuc.roa (raw, json)
Hash identifier: 9t3cAZDPUcX15JFGLDAbTwFu6aPFTfX5yposYhTNwLc=
Subject key identifier: 80:D0:32:AC:15:68:15:A5:9E:44:45:F3:AF:7D:E0:1C:F7:63:2E:E7
Certificate issuer: /CN=43015654082578c4946cd27be1e89a3dd7562fa4
Certificate serial: 019E2B9B46D6E67334E660200C47A879AC26
Authority key identifier: 43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/gNAyrBVoFaWeREXzr33gHPdjLuc.roa
Signing time: Fri 15 May 2026 12:27:36 +0000
ROA not before: Fri 15 May 2026 12:27:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48635
IP address blocks: 85.92.132.0/24 maxlen: 24
85.92.139.0/24 maxlen: 24
85.92.145.0/24 maxlen: 24
89.18.168.0/24 maxlen: 24
213.189.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2b:9b:46:d6:e6:73:34:e6:60:20:0c:47:a8:79:ac:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43015654082578c4946cd27be1e89a3dd7562fa4
Validity
Not Before: May 15 12:27:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=80d032ac156815a59e4445f3af7de01cf7632ee7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:34:2c:1c:cf:f9:ed:fb:a2:b3:e9:02:88:bd:
49:5d:3e:cf:d2:44:25:77:22:4a:51:91:b5:0f:f0:
7e:a8:52:25:70:b0:7c:d9:a9:ec:34:61:18:14:8f:
17:36:32:5a:33:f4:4b:5d:c6:d4:3f:a0:83:7a:b1:
05:bc:8a:b7:09:1e:29:a7:c5:8e:8d:ac:13:49:64:
6f:3f:0b:b0:bb:64:7e:b6:1d:c6:57:f4:a8:39:fa:
cc:2a:2e:70:54:db:bd:89:d5:5c:85:37:34:3d:a7:
80:06:d5:2c:93:ed:9e:1c:70:94:ae:9c:ff:8f:74:
ca:51:39:c7:38:89:ce:af:6e:f4:b8:f6:36:b1:2f:
dc:c3:5b:02:99:e1:87:89:28:a0:80:83:d4:7b:20:
79:ba:75:81:45:9c:cf:f6:f5:0a:5a:43:c6:66:f3:
c2:56:44:02:1e:46:43:80:7c:55:4f:af:87:22:e0:
bd:79:b6:5c:52:38:ae:e9:73:9e:29:53:f0:e6:15:
85:e6:1a:54:d8:fd:84:e1:a6:c2:47:af:6f:34:c3:
2f:de:f8:76:fd:94:c8:b6:a3:ab:6a:36:74:54:45:
4c:5f:8f:d7:c8:8c:02:71:e9:0e:3c:c9:aa:f6:10:
b5:fa:17:be:cb:d8:45:2d:37:be:6e:d8:19:b7:2b:
1d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:D0:32:AC:15:68:15:A5:9E:44:45:F3:AF:7D:E0:1C:F7:63:2E:E7
X509v3 Authority Key Identifier:
keyid:43:01:56:54:08:25:78:C4:94:6C:D2:7B:E1:E8:9A:3D:D7:56:2F:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QwFWVAgleMSUbNJ74eiaPddWL6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/gNAyrBVoFaWeREXzr33gHPdjLuc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c27fa6-b2b0-4dcb-a899-1030cdbe6bd4/1/QwFWVAgleMSUbNJ74eiaPddWL6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.92.132.0/24
85.92.139.0/24
85.92.145.0/24
89.18.168.0/24
213.189.29.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:f0:dc:23:02:0b:3f:cf:46:1c:c6:25:e5:98:7d:8a:4e:b1:
9d:1a:6b:af:fd:00:39:85:12:dc:57:01:f3:71:66:d4:56:79:
62:64:13:2d:7c:d7:95:ce:52:ca:2f:8e:14:87:ab:d5:90:e8:
9e:93:c1:7c:d7:ac:ec:da:53:70:bc:a9:48:56:5b:e9:3f:75:
a1:45:ba:de:0e:ab:21:6f:42:dd:07:ce:71:52:2e:86:ac:bb:
6b:6e:18:cf:06:18:31:8f:c5:81:93:30:5f:c9:59:8f:fa:ce:
45:48:fd:28:a6:df:b9:57:cf:77:76:92:63:61:6f:34:94:f0:
43:e0:3b:10:b0:99:ad:3e:bd:da:97:e8:c2:8e:fe:36:7e:81:
9a:fe:32:16:e9:0e:18:5c:32:17:64:4b:45:da:8b:11:2a:75:
0a:7f:57:81:e7:6a:8a:18:d7:41:0a:4c:d1:29:94:03:2b:29:
03:49:ea:7a:b0:5a:8b:d6:ea:00:f2:28:05:1c:8f:07:89:83:
79:7e:5d:3c:1d:06:bb:d2:2c:50:3a:ff:2b:b8:a1:80:bc:b3:
db:ba:9c:18:00:be:62:7b:d1:d7:25:c3:eb:48:c8:c7:1a:18:
3a:f5:3d:5c:dd:c5:73:f6:7e:79:91:eb:92:34:46:87:07:e1:
8a:4d:ff:58
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ4rm0bW5nM05mAgDEeoeawmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMDE1NjU0MDgyNTc4YzQ5NDZjZDI3YmUxZTg5YTNkZDc1
NjJmYTQwHhcNMjYwNTE1MTIyNzM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGQwMzJhYzE1NjgxNWE1OWU0NDQ1ZjNhZjdkZTAxY2Y3NjMyZWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjQsHM/57fuis+kCiL1JXT7P0kQl
dyJKUZG1D/B+qFIlcLB82ansNGEYFI8XNjJaM/RLXcbUP6CDerEFvIq3CR4pp8WO
jawTSWRvPwuwu2R+th3GV/SoOfrMKi5wVNu9idVchTc0PaeABtUsk+2eHHCUrpz/
j3TKUTnHOInOr270uPY2sS/cw1sCmeGHiSiggIPUeyB5unWBRZzP9vUKWkPGZvPC
VkQCHkZDgHxVT6+HIuC9ebZcUjiu6XOeKVPw5hWF5hpU2P2E4abCR69vNMMv3vh2
/ZTItqOrajZ0VEVMX4/XyIwCcekOPMmq9hC1+he+y9hFLTe+btgZtysd3wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIDQMqwVaBWlnkRF86994Bz3Yy7nMB8GA1UdIwQY
MBaAFEMBVlQIJXjElGzSe+Homj3XVi+kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTkt
MTAzMGNkYmU2YmQ0LzEvZ05BeXJCVm9GYVdlUkVYenIzM2dIUGRqTHVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jMjdmYTYtYjJiMC00ZGNiLWE4OTktMTAzMGNkYmU2YmQ0
LzEvUXdGV1ZBZ2xlTVNVYk5KNzRlaWFQZGRXTDZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVVyEAwQA
VVyLAwQAVVyRAwQAWRKoAwQA1b0dMA0GCSqGSIb3DQEBCwUAA4IBAQCx8NwjAgs/
z0YcxiXlmH2KTrGdGmuv/QA5hRLcVwHzcWbUVnliZBMtfNeVzlLKL44Uh6vVkOie
k8F816zs2lNwvKlIVlvpP3WhRbreDqshb0LdB85xUi6GrLtrbhjPBhgxj8WBkzBf
yVmP+s5FSP0opt+5V893dpJjYW80lPBD4DsQsJmtPr3al+jCjv42foGa/jIW6Q4Y
XDIXZEtF2osRKnUKf1eB52qKGNdBCkzRKZQDKykDSep6sFqL1uoA8igFHI8HiYN5
fl08HQa70ixQOv8ruKGAvLPbupwYAL5ie9HXJcPrSMjHGhg69T1c3cVz9n55keuS
NEaHB+GKTf9Y
-----END CERTIFICATE-----
Generated at Fri Jun 12 01:48:34 2026 by rpki-client