Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/GpZ_JJ0qQRSbMPSJaImROpZ5DP0.roa
File: GpZ_JJ0qQRSbMPSJaImROpZ5DP0.roa (raw, json)
Hash identifier: Y10gFxQgCMPE/vMBdYwWXWoqtl6fBzJVRJfb6zNeQ+k=
Subject key identifier: 1A:96:7F:24:9D:2A:41:14:9B:30:F4:89:68:89:91:3A:96:79:0C:FD
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019C7F70880DAD5B3A5211A60314BBF8FB8B
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/GpZ_JJ0qQRSbMPSJaImROpZ5DP0.roa
Signing time: Sat 21 Feb 2026 09:03:27 +0000
ROA not before: Sat 21 Feb 2026 09:03:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210815
IP address blocks: 2a13:c440::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 24 Feb 2026 15:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7f:70:88:0d:ad:5b:3a:52:11:a6:03:14:bb:f8:fb:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Feb 21 09:03:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1a967f249d2a41149b30f4896889913a96790cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:94:1c:38:81:be:a7:f5:34:bd:0a:44:6b:9f:
a1:44:5e:8c:6a:cc:52:26:8c:05:cc:c4:e3:c5:51:
c7:c1:ce:bc:9a:5d:c9:80:9f:c4:2c:94:7f:e8:91:
5b:e7:fd:10:5e:f1:8c:7e:2e:d0:c4:5c:d1:0a:e2:
fb:09:20:c0:b9:b5:5c:07:16:64:12:81:26:c3:71:
d4:06:06:f7:28:05:77:06:ce:c0:b4:61:2d:89:77:
fa:3d:71:6b:c7:de:0f:58:d9:4a:d4:c4:ca:b0:b6:
fd:09:79:00:d4:fa:93:e0:ee:61:c4:b3:e8:f8:cb:
20:61:df:9c:46:f7:68:91:f5:98:05:dd:73:2a:60:
06:38:99:35:97:c9:d4:0f:7e:55:e6:f6:98:e7:9a:
1a:ba:92:56:9e:24:02:22:e0:4a:90:44:3f:67:a4:
ce:a6:ff:e1:22:58:48:c6:07:05:a7:0c:80:53:a2:
1f:72:30:74:3c:d0:60:42:f1:76:0b:4e:24:9a:68:
0a:6f:22:9e:d7:7e:6a:28:44:7b:df:d1:53:00:b6:
fd:df:8c:ed:4a:eb:67:d8:42:c6:1f:4e:4c:f2:3c:
0a:f1:d5:ce:2a:14:af:9e:f7:9a:f5:02:23:ba:cb:
fa:19:fd:46:51:69:61:70:b5:6f:be:5f:22:1f:f9:
39:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:96:7F:24:9D:2A:41:14:9B:30:F4:89:68:89:91:3A:96:79:0C:FD
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/GpZ_JJ0qQRSbMPSJaImROpZ5DP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:c440::/29
Signature Algorithm: sha256WithRSAEncryption
30:3e:f7:c4:aa:1c:a5:d4:fd:f8:f2:29:5c:d8:2c:92:95:46:
28:67:54:fd:ad:81:fb:6a:1c:03:b5:0e:6d:3f:8f:a9:81:fb:
a3:2e:42:37:f3:65:ac:07:c6:48:a4:fa:33:f4:49:c5:d1:1e:
bd:14:66:03:18:af:18:8e:ba:1e:54:b9:3e:e1:0f:e2:76:d8:
51:1b:56:da:c4:64:f1:27:1d:7c:45:00:5e:2c:54:65:18:c7:
e9:46:2a:0a:f8:c8:01:cf:72:9f:10:3a:27:ab:6a:f2:0e:19:
33:d1:8b:f1:33:76:41:4a:df:f0:1b:7b:b1:1c:69:71:10:cc:
16:e2:c1:3d:90:72:8d:09:53:ce:2e:81:40:17:e1:ef:ea:e3:
6b:29:b5:67:1d:d8:04:f3:a0:93:6f:e8:48:69:b7:04:13:b9:
9d:0d:31:03:3a:ac:16:4b:b3:0e:02:07:f5:0f:f1:e5:4e:a0:
ee:11:d6:4f:11:74:dd:21:af:df:82:c1:20:78:08:f2:e0:ab:
54:32:f1:53:ea:14:0d:6f:c1:97:2b:29:aa:99:2a:ad:3a:38:
2a:b7:d5:9d:8c:30:02:26:49:c8:1b:7c:2e:23:39:cb:31:0f:
9d:9d:72:66:cf:1f:34:17:02:b3:94:0c:99:0a:5f:5d:2f:ac:
4a:8a:80:16
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZx/cIgNrVs6UhGmAxS7+PuLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwMjIxMDkwMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTk2N2YyNDlkMmE0MTE0OWIzMGY0ODk2ODg5OTEzYTk2NzkwY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppQcOIG+p/U0vQpEa5+hRF6MasxS
JowFzMTjxVHHwc68ml3JgJ/ELJR/6JFb5/0QXvGMfi7QxFzRCuL7CSDAubVcBxZk
EoEmw3HUBgb3KAV3Bs7AtGEtiXf6PXFrx94PWNlK1MTKsLb9CXkA1PqT4O5hxLPo
+MsgYd+cRvdokfWYBd1zKmAGOJk1l8nUD35V5vaY55oaupJWniQCIuBKkEQ/Z6TO
pv/hIlhIxgcFpwyAU6IfcjB0PNBgQvF2C04kmmgKbyKe135qKER739FTALb934zt
Sutn2ELGH05M8jwK8dXOKhSvnvea9QIjusv6Gf1GUWlhcLVvvl8iH/k5DQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBqWfySdKkEUmzD0iWiJkTqWeQz9MB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvR3BaX0pKMHFRUlNiTVBTSmFJbVJPcFo1RFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhPEQDAN
BgkqhkiG9w0BAQsFAAOCAQEAMD73xKocpdT9+PIpXNgskpVGKGdU/a2B+2ocA7UO
bT+PqYH7oy5CN/NlrAfGSKT6M/RJxdEevRRmAxivGI66HlS5PuEP4nbYURtW2sRk
8ScdfEUAXixUZRjH6UYqCvjIAc9ynxA6J6tq8g4ZM9GL8TN2QUrf8Bt7sRxpcRDM
FuLBPZByjQlTzi6BQBfh7+rjaym1Zx3YBPOgk2/oSGm3BBO5nQ0xAzqsFkuzDgIH
9Q/x5U6g7hHWTxF03SGv34LBIHgI8uCrVDLxU+oUDW/BlyspqpkqrTo4KrfVnYww
AiZJyBt8LiM5yzEPnZ1yZs8fNBcCs5QMmQpfXS+sSoqAFg==
-----END CERTIFICATE-----
Generated at Mon Feb 23 20:59:51 2026 by rpki-client