Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/gozbr4UgB-08kovMPY3uAOal00w.roa
File: gozbr4UgB-08kovMPY3uAOal00w.roa (raw, json)
Hash identifier: umdkp9hNx8UQiddB43dZmA/rvSexrPQ2jrWdEUV0vYw=
Subject key identifier: 82:8C:DB:AF:85:20:07:ED:3C:92:8B:CC:3D:8D:EE:00:E6:A5:D3:4C
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 019E6B1C249B5C87E3FC6443EE9F4CDB01DB
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/gozbr4UgB-08kovMPY3uAOal00w.roa
Signing time: Wed 27 May 2026 20:24:26 +0000
ROA not before: Wed 27 May 2026 20:24:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12989
IP address blocks: 2.59.21.0/24 maxlen: 24
2.59.22.0/24 maxlen: 24
45.12.60.0/24 maxlen: 24
86.54.28.0/24 maxlen: 24
86.54.29.0/24 maxlen: 24
86.54.30.0/24 maxlen: 24
86.54.31.0/24 maxlen: 24
168.222.185.0/24 maxlen: 24
168.222.186.0/24 maxlen: 24
168.222.187.0/24 maxlen: 24
212.104.140.0/24 maxlen: 24
212.104.141.0/24 maxlen: 24
213.254.179.0/24 maxlen: 24
2a01:e940::/48 maxlen: 48
2a01:e943::/48 maxlen: 48
2a01:e944::/48 maxlen: 48
2a01:e945::/48 maxlen: 48
2a01:e946::/48 maxlen: 48
2a01:e947::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 31 May 2026 05:18:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6b:1c:24:9b:5c:87:e3:fc:64:43:ee:9f:4c:db:01:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: May 27 20:24:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=828cdbaf852007ed3c928bcc3d8dee00e6a5d34c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:74:9d:ca:52:86:5d:23:63:6b:39:25:07:ba:
70:59:d2:f5:90:10:ef:c1:0f:14:ad:46:6e:cb:09:
06:23:39:67:9b:f2:fa:ae:de:1d:dc:a5:19:dc:0b:
e6:bd:47:4d:63:45:95:37:ac:51:dc:d3:2b:86:b6:
48:d1:71:8b:33:f2:c3:e2:7c:00:57:37:0d:82:4e:
0c:67:31:21:5b:fd:eb:75:47:9e:33:a7:5a:7c:8c:
c0:f0:7e:42:36:55:d7:f3:8f:35:fc:e0:e9:de:1b:
ec:11:6c:70:74:d9:81:5a:c1:7e:47:6d:aa:16:7a:
3c:fd:24:60:a0:7d:63:67:a3:84:0a:b3:2d:24:ca:
ac:cf:8d:60:91:a5:b2:4f:34:f1:aa:85:9c:d5:64:
63:8a:f0:ad:95:32:ec:cc:b4:3c:36:16:a2:96:ca:
08:77:68:1d:0c:52:99:4f:b6:59:40:30:66:ae:dd:
1e:bb:9e:4c:72:73:7e:fe:21:1f:fd:93:c5:28:ac:
36:9f:6e:78:78:6e:d7:a6:e3:4d:ba:88:c5:c7:1e:
d8:1e:ef:54:b4:ac:5e:cd:9d:f6:2f:56:b2:a6:85:
47:2c:be:d6:5c:c2:32:ae:0b:d2:11:3d:4b:d5:45:
b8:b1:f4:25:a5:7d:57:ea:9c:d5:cc:e3:ad:8a:6a:
99:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:8C:DB:AF:85:20:07:ED:3C:92:8B:CC:3D:8D:EE:00:E6:A5:D3:4C
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/gozbr4UgB-08kovMPY3uAOal00w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.21.0-2.59.22.255
45.12.60.0/24
86.54.28.0/22
168.222.185.0-168.222.187.255
212.104.140.0/23
213.254.179.0/24
IPv6:
2a01:e940::/48
2a01:e943::/48
2a01:e944::/48
2a01:e945::/48
2a01:e946::/48
2a01:e947::/48
Signature Algorithm: sha256WithRSAEncryption
62:1f:84:e4:db:61:7a:89:48:e0:28:cb:b2:19:b0:05:6b:bb:
5f:b2:81:a4:47:c3:0d:c8:e9:e3:c2:11:8c:78:2d:d1:c9:1f:
c6:ac:66:05:6f:2d:6f:d9:be:ce:a5:d3:4d:bc:4f:67:95:da:
9d:22:53:44:39:68:e5:3b:1f:d2:2d:ec:68:88:fa:a6:ce:b1:
38:66:a1:23:2f:54:e6:17:d2:8e:39:47:1a:81:67:8f:ef:63:
7d:2b:22:e9:28:0b:ac:3c:0d:00:cf:b8:c6:36:e1:a3:da:89:
a9:73:b9:3a:f1:20:ed:9b:f9:cb:1d:cb:b6:85:6e:dc:3e:db:
e8:9f:71:3a:24:a2:1f:b5:ff:b2:22:04:3c:e6:ed:94:2c:99:
ec:29:c0:06:5b:a2:b5:0e:6c:bf:31:01:72:96:2a:43:45:33:
72:43:64:b8:b9:db:f2:12:74:85:e3:ff:0c:be:98:d3:61:88:
76:09:6a:86:0a:4a:d7:d3:6a:03:5c:66:03:ab:7c:33:79:e3:
e6:e2:a3:21:b1:63:7f:59:ae:30:ea:40:77:2c:53:cb:45:98:
be:76:ef:63:b4:d2:05:42:b1:8e:9e:8a:d0:d4:76:a1:b3:39:
10:ef:80:57:f8:65:01:7d:40:78:95:e3:b0:36:5d:02:3d:0b:
a7:f9:73:ef
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZ5rHCSbXIfj/GRD7p9M2wHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjYwNTI3MjAyNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjhjZGJhZjg1MjAwN2VkM2M5MjhiY2MzZDhkZWUwMGU2YTVkMzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXSdylKGXSNjazklB7pwWdL1kBDv
wQ8UrUZuywkGIzlnm/L6rt4d3KUZ3AvmvUdNY0WVN6xR3NMrhrZI0XGLM/LD4nwA
VzcNgk4MZzEhW/3rdUeeM6dafIzA8H5CNlXX8481/ODp3hvsEWxwdNmBWsF+R22q
Fno8/SRgoH1jZ6OECrMtJMqsz41gkaWyTzTxqoWc1WRjivCtlTLszLQ8NhailsoI
d2gdDFKZT7ZZQDBmrt0eu55McnN+/iEf/ZPFKKw2n254eG7XpuNNuojFxx7YHu9U
tKxezZ32L1aypoVHLL7WXMIyrgvSET1L1UW4sfQlpX1X6pzVzOOtimqZ1wIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFIKM26+FIAftPJKLzD2N7gDmpdNMMB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvZ296YnI0VWdCLTA4a292TVBZM3VBT2FsMDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowOgQCAAEwNDAMAwQAAjsV
AwQAAjsWAwQALQw8AwQCVjYcMAwDBACo3rkDBAKo3rgDBAHUaIwDBADV/rMwPAQC
AAIwNgMHACoB6UAAAAMHACoB6UMAAAMHACoB6UQAAAMHACoB6UUAAAMHACoB6UYA
AAMHACoB6UcAADANBgkqhkiG9w0BAQsFAAOCAQEAYh+E5NtheolI4CjLshmwBWu7
X7KBpEfDDcjp48IRjHgt0ckfxqxmBW8tb9m+zqXTTbxPZ5XanSJTRDlo5Tsf0i3s
aIj6ps6xOGahIy9U5hfSjjlHGoFnj+9jfSsi6SgLrDwNAM+4xjbho9qJqXO5OvEg
7Zv5yx3LtoVu3D7b6J9xOiSiH7X/siIEPObtlCyZ7CnABluitQ5svzEBcpYqQ0Uz
ckNkuLnb8hJ0heP/DL6Y02GIdglqhgpK19NqA1xmA6t8M3nj5uKjIbFjf1muMOpA
dyxTy0WYvnbvY7TSBUKxjp6K0NR2obM5EO+AV/hlAX1AeJXjsDZdAj0Lp/lz7w==
-----END CERTIFICATE-----
Generated at Sat May 30 13:47:15 2026 by rpki-client