Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/gApx7_2-IVeTOgv2vlenRdRxu4A.roa
File: gApx7_2-IVeTOgv2vlenRdRxu4A.roa (raw, json)
Hash identifier: c6v6uoIsvWo8tgRVkkD7YA4iGmNGOGbbt0sNKC1bk1c=
Subject key identifier: 80:0A:71:EF:FD:BE:21:57:93:3A:0B:F6:BE:57:A7:45:D4:71:BB:80
Certificate issuer: /CN=77b8cf454b0962d16a4855808fd3abc15852bbd8
Certificate serial: 019CB84616658E9701C466443A164935219F
Authority key identifier: 77:B8:CF:45:4B:09:62:D1:6A:48:55:80:8F:D3:AB:C1:58:52:BB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/gApx7_2-IVeTOgv2vlenRdRxu4A.roa
Signing time: Wed 04 Mar 2026 09:55:26 +0000
ROA not before: Wed 04 Mar 2026 09:55:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8426
IP address blocks: 62.173.64.0/18 maxlen: 24
62.231.128.0/19 maxlen: 24
79.123.0.0/17 maxlen: 24
80.168.0.0/16 maxlen: 24
81.171.128.0/17 maxlen: 24
89.206.128.0/17 maxlen: 24
89.206.216.0/22 maxlen: 22
89.206.216.0/23 maxlen: 23
89.206.218.0/23 maxlen: 23
176.52.208.0/21 maxlen: 24
185.22.164.0/23 maxlen: 24
185.39.232.0/23 maxlen: 24
185.77.72.0/22 maxlen: 24
185.77.74.0/24 maxlen: 24
185.77.200.0/22 maxlen: 24
185.78.204.0/22 maxlen: 24
194.88.132.0/23 maxlen: 24
194.112.32.0/19 maxlen: 24
194.119.128.0/18 maxlen: 24
195.8.64.0/19 maxlen: 24
195.58.192.0/19 maxlen: 24
195.102.0.0/16 maxlen: 24
195.157.0.0/16 maxlen: 24
195.216.0.0/19 maxlen: 24
195.245.201.0/24 maxlen: 24
212.49.192.0/18 maxlen: 24
212.125.64.0/19 maxlen: 24
212.126.128.0/19 maxlen: 24
212.169.0.0/18 maxlen: 24
212.188.128.0/17 maxlen: 24
213.2.0.0/16 maxlen: 24
213.165.128.0/19 maxlen: 24
213.253.0.0/18 maxlen: 24
217.158.0.0/16 maxlen: 24
2001:67c:1088::/47 maxlen: 48
2001:67c:1089::/48 maxlen: 48
2001:67c:27dc::/48 maxlen: 48
2001:a88::/32 maxlen: 48
2a00:ed0::/32 maxlen: 32
2a00:62e0::/32 maxlen: 32
2a00:62e0::/33 maxlen: 33
2a00:62e0:8000::/33 maxlen: 33
2a02:e100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b8:46:16:65:8e:97:01:c4:66:44:3a:16:49:35:21:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77b8cf454b0962d16a4855808fd3abc15852bbd8
Validity
Not Before: Mar 4 09:55:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=800a71effdbe2157933a0bf6be57a745d471bb80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:30:12:e6:be:e3:c9:ef:0a:04:c3:69:af:92:
c8:c3:6a:a2:8e:95:48:f5:2f:6d:a2:dd:85:86:a3:
ac:8b:7b:18:de:47:af:1c:af:9a:f9:73:d6:1e:19:
ba:3e:96:38:92:10:db:fc:1f:7b:21:9d:d5:6c:5a:
d4:ec:83:dc:20:09:ca:cb:4f:0d:14:7c:dc:6e:6a:
18:29:61:18:91:cf:02:db:08:ab:46:de:28:6b:c0:
67:54:88:3c:06:59:10:03:e2:c1:1a:5a:79:3b:66:
b6:6a:f8:db:35:51:b5:3f:df:94:d5:2e:4d:e1:50:
b6:0f:92:a7:39:19:3b:2e:d8:f9:04:d1:67:a4:64:
f8:24:38:28:83:c3:f3:81:3f:7a:4c:78:26:f3:2b:
19:70:92:fc:4f:b8:10:de:bb:34:5d:3b:b8:5e:d2:
8d:cf:69:e0:fe:b1:9b:bd:34:3e:27:be:bc:ec:2c:
af:5f:08:a7:d2:27:01:a8:02:28:76:3d:c1:53:77:
4d:d0:43:b7:6b:c2:9a:e0:60:a8:94:c5:06:1d:82:
b9:1f:00:fd:b2:b3:9a:17:05:99:99:a8:dc:08:62:
77:c5:63:5c:9e:6a:ff:88:5f:44:f5:25:88:3c:46:
4c:11:87:27:b1:87:de:0a:7e:ce:9d:e9:ee:6d:8d:
4f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:0A:71:EF:FD:BE:21:57:93:3A:0B:F6:BE:57:A7:45:D4:71:BB:80
X509v3 Authority Key Identifier:
keyid:77:B8:CF:45:4B:09:62:D1:6A:48:55:80:8F:D3:AB:C1:58:52:BB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/gApx7_2-IVeTOgv2vlenRdRxu4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.173.64.0/18
62.231.128.0/19
79.123.0.0/17
80.168.0.0/16
81.171.128.0/17
89.206.128.0/17
176.52.208.0/21
185.22.164.0/23
185.39.232.0/23
185.77.72.0/22
185.77.200.0/22
185.78.204.0/22
194.88.132.0/23
194.112.32.0/19
194.119.128.0/18
195.8.64.0/19
195.58.192.0/19
195.102.0.0/16
195.157.0.0/16
195.216.0.0/19
195.245.201.0/24
212.49.192.0/18
212.125.64.0/19
212.126.128.0/19
212.169.0.0/18
212.188.128.0/17
213.2.0.0/16
213.165.128.0/19
213.253.0.0/18
217.158.0.0/16
IPv6:
2001:67c:1088::/47
2001:67c:27dc::/48
2001:a88::/32
2a00:ed0::/32
2a00:62e0::/32
2a02:e100::/29
Signature Algorithm: sha256WithRSAEncryption
99:c6:ce:e7:f0:b1:85:bb:9a:fc:8c:9c:93:b5:4d:90:ab:99:
4b:f3:e6:5a:9b:e4:42:43:76:7a:53:20:96:17:12:63:10:d0:
97:5b:5c:68:cd:c5:00:ba:ea:da:9f:1d:fa:94:04:c2:2f:5e:
43:a2:4d:ac:0c:2a:16:37:d7:fd:00:13:a7:a0:77:96:2d:ff:
39:17:8a:a5:ed:be:f0:45:ab:63:7c:89:c1:c1:47:ae:72:52:
c8:1b:47:28:c3:ed:52:7b:21:ab:5c:ab:78:bf:41:c2:98:bd:
52:84:84:63:29:10:5e:97:cd:ce:96:24:fb:0f:a8:8a:e1:c6:
af:22:6d:f7:4e:4c:8d:6f:36:a1:2e:bc:08:cb:0d:b4:6c:32:
82:5f:7c:b6:aa:db:59:fe:e9:a8:8f:55:e7:74:d6:dd:2c:ce:
1c:26:7f:03:94:76:73:42:8c:5b:81:4b:be:64:b6:32:ae:f8:
73:3f:17:0c:41:1b:e3:3f:f1:2e:47:6c:d9:86:8c:4f:12:9d:
9a:9c:6c:cc:1e:60:29:1f:2f:05:7a:cf:5f:0d:e3:7e:2c:df:
df:fa:65:a3:7d:f6:89:0a:2e:0f:ac:c5:53:a7:2e:f3:ec:e4:
83:dd:92:6e:de:71:b1:a1:de:d6:d0:b8:86:cf:37:c5:f0:4a:
ba:bf:ab:5e
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgISAZy4RhZljpcBxGZEOhZJNSGfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjhjZjQ1NGIwOTYyZDE2YTQ4NTU4MDhmZDNhYmMxNTg1
MmJiZDgwHhcNMjYwMzA0MDk1NTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDBhNzFlZmZkYmUyMTU3OTMzYTBiZjZiZTU3YTc0NWQ0NzFiYjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDAS5r7jye8KBMNpr5LIw2qijpVI
9S9tot2FhqOsi3sY3kevHK+a+XPWHhm6PpY4khDb/B97IZ3VbFrU7IPcIAnKy08N
FHzcbmoYKWEYkc8C2wirRt4oa8BnVIg8BlkQA+LBGlp5O2a2avjbNVG1P9+U1S5N
4VC2D5KnORk7Ltj5BNFnpGT4JDgog8PzgT96THgm8ysZcJL8T7gQ3rs0XTu4XtKN
z2ng/rGbvTQ+J7687CyvXwin0icBqAIodj3BU3dN0EO3a8Ka4GColMUGHYK5HwD9
srOaFwWZmajcCGJ3xWNcnmr/iF9E9SWIPEZMEYcnsYfeCn7OnenubY1PRwIDAQAB
o4IC7jCCAuowHQYDVR0OBBYEFIAKce/9viFXkzoL9r5Xp0XUcbuAMB8GA1UdIwQY
MBaAFHe4z0VLCWLRakhVgI/Tq8FYUrvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdqUFJVc0pZdEZxU0ZXQWo5T3J3VmhTdTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jMTcxY2EtNGIxYi00MTg3LWJhNDYt
YTRmYzllMjQ1OGVjLzEvZ0FweDdfMi1JVmVUT2d2MnZsZW5SZFJ4dTRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jMTcxY2EtNGIxYi00MTg3LWJhNDYtYTRmYzllMjQ1OGVj
LzEvZDdqUFJVc0pZdEZxU0ZXQWo5T3J3VmhTdTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAgYIKwYBBQUHAQcBAf8EgfIwge8wgbYEAgABMIGvAwQG
Pq1AAwQFPueAAwQHT3sAAwMAUKgDBAdRq4ADBAdZzoADBAOwNNADBAG5FqQDBAG5
J+gDBAK5TUgDBAK5TcgDBAK5TswDBAHCWIQDBAXCcCADBAbCd4ADBAXDCEADBAXD
OsADAwDDZgMDAMOdAwQFw9gAAwQAw/XJAwQG1DHAAwQF1H1AAwQF1H6AAwQG1KkA
AwQH1LyAAwMA1QIDBAXVpYADBAbV/QADAwDZnjA0BAIAAjAuAwcBIAEGfBCIAwcA
IAEGfCfcAwUAIAEKiAMFACoADtADBQAqAGLgAwUDKgLhADANBgkqhkiG9w0BAQsF
AAOCAQEAmcbO5/Cxhbua/Iyck7VNkKuZS/PmWpvkQkN2elMglhcSYxDQl1tcaM3F
ALrq2p8d+pQEwi9eQ6JNrAwqFjfX/QATp6B3li3/OReKpe2+8EWrY3yJwcFHrnJS
yBtHKMPtUnshq1yreL9Bwpi9UoSEYykQXpfNzpYk+w+oiuHGryJt905MjW82oS68
CMsNtGwygl98tqrbWf7pqI9V53TW3SzOHCZ/A5R2c0KMW4FLvmS2Mq74cz8XDEEb
4z/xLkds2YaMTxKdmpxszB5gKR8vBXrPXw3jfizf3/plo332iQouD6zFU6cu8+zk
g92Sbt5xsaHe1tC4hs83xfBKur+rXg==
-----END CERTIFICATE-----
Generated at Fri Mar 13 13:11:37 2026 by rpki-client