Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/GcVxcZS2Dn5fOApacE-hcaBxtrc.roa
File: GcVxcZS2Dn5fOApacE-hcaBxtrc.roa (raw, json)
Hash identifier: 2EXkiLz6NRgOK/Cg3E0Xt6jhmxXnQuh3e/jokwdJS8k=
Subject key identifier: 19:C5:71:71:94:B6:0E:7E:5F:38:0A:5A:70:4F:A1:71:A0:71:B6:B7
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019C5FE1B594E5DF2AE8AE56C4531AFF6BCD
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/GcVxcZS2Dn5fOApacE-hcaBxtrc.roa
Signing time: Sun 15 Feb 2026 05:59:13 +0000
ROA not before: Sun 15 Feb 2026 05:59:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202736
IP address blocks: 212.134.42.0/24 maxlen: 24
212.134.43.0/24 maxlen: 24
212.134.49.0/24 maxlen: 24
212.134.178.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Feb 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:5f:e1:b5:94:e5:df:2a:e8:ae:56:c4:53:1a:ff:6b:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Feb 15 05:59:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=19c5717194b60e7e5f380a5a704fa171a071b6b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:36:3a:16:9d:3e:d3:91:e9:6f:09:6e:45:cd:
36:fb:25:3d:88:7c:65:a1:9b:d4:6c:bf:d4:a6:cb:
fe:13:7d:29:82:7f:a4:e0:0d:30:a2:db:39:90:75:
83:dc:8e:2a:4a:69:56:ca:26:c2:a2:d3:f0:c1:d4:
7a:e4:92:84:0f:fb:3b:16:6e:db:d6:6d:5c:34:be:
eb:27:8e:9a:d8:41:2e:d2:e0:83:fb:bd:fb:85:0b:
3a:b0:2b:fd:7b:7d:27:54:4e:6c:dd:0d:89:fb:1a:
05:dc:30:f8:5b:36:42:2c:02:c9:44:e9:37:ee:29:
8f:ad:41:dc:66:42:2e:9e:8f:48:af:e9:63:18:4d:
40:a9:61:d1:11:ae:bf:b5:2a:6e:c9:be:d7:3c:c0:
b2:40:27:b8:e8:11:ad:8e:e8:30:bd:82:04:26:d5:
c7:b1:d8:41:51:c4:8e:8f:02:74:fe:05:75:0a:25:
57:25:90:9b:53:8a:0a:62:57:f9:76:0f:b1:d9:6f:
05:39:7d:52:5f:e0:1a:e3:90:ed:3b:85:78:69:df:
49:7e:3c:74:7e:c3:aa:23:f1:0d:e6:df:19:d6:8a:
e3:19:d7:67:0a:ff:af:73:1e:1e:8c:9d:e4:32:55:
07:41:0d:89:87:ce:0f:54:00:a8:5e:fd:2c:22:9b:
4d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:C5:71:71:94:B6:0E:7E:5F:38:0A:5A:70:4F:A1:71:A0:71:B6:B7
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/GcVxcZS2Dn5fOApacE-hcaBxtrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.134.42.0/23
212.134.49.0/24
212.134.178.0/24
Signature Algorithm: sha256WithRSAEncryption
43:5f:23:15:5b:86:67:c8:9a:5e:c0:b6:be:bf:60:a7:17:26:
f9:37:03:b9:3a:48:c3:a1:3d:84:a8:42:b0:64:23:17:e7:79:
3e:7b:6d:2a:ce:fb:7f:9f:46:12:bb:32:33:2c:89:59:98:2b:
57:4a:a3:03:c1:3d:e2:1d:28:aa:1a:bc:dd:8e:0a:a3:84:a4:
dc:04:c4:ac:79:71:15:73:4f:8b:80:dd:af:32:26:22:e5:d8:
cc:c9:2e:14:de:57:92:97:7c:c3:7d:b3:af:a2:27:34:15:52:
e8:36:c0:74:9a:27:ca:ff:b8:82:87:81:49:7d:a4:ee:cc:c2:
e8:a7:38:4f:67:cc:4a:3e:97:df:e7:72:b7:1b:bd:7f:82:03:
87:15:c2:56:fb:0f:79:65:d5:72:46:db:50:5a:80:3e:49:77:
80:37:be:87:e9:a0:15:bd:54:46:5d:bc:dd:bd:7e:04:90:6e:
36:21:72:6a:f8:d8:af:ad:84:90:d0:04:98:40:aa:e3:9d:c8:
82:4d:38:f2:da:49:02:ad:de:c5:68:46:90:4c:e8:98:64:6e:
87:fa:15:7c:fb:4a:22:75:fa:50:55:9c:71:e8:56:b9:29:34:
c9:aa:18:51:b3:c4:f8:fa:49:e4:60:d6:72:bf:7c:d8:8a:54:
8e:e1:0b:63
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZxf4bWU5d8q6K5WxFMa/2vNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjYwMjE1MDU1OTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWM1NzE3MTk0YjYwZTdlNWYzODBhNWE3MDRmYTE3MWEwNzFiNmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6TY6Fp0+05HpbwluRc02+yU9iHxl
oZvUbL/Upsv+E30pgn+k4A0wots5kHWD3I4qSmlWyibCotPwwdR65JKED/s7Fm7b
1m1cNL7rJ46a2EEu0uCD+737hQs6sCv9e30nVE5s3Q2J+xoF3DD4WzZCLALJROk3
7imPrUHcZkIuno9Ir+ljGE1AqWHREa6/tSpuyb7XPMCyQCe46BGtjugwvYIEJtXH
sdhBUcSOjwJ0/gV1CiVXJZCbU4oKYlf5dg+x2W8FOX1SX+Aa45DtO4V4ad9Jfjx0
fsOqI/EN5t8Z1orjGddnCv+vcx4ejJ3kMlUHQQ2Jh84PVACoXv0sIptN3wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBnFcXGUtg5+XzgKWnBPoXGgcba3MB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvR2NWeGNaUzJEbjVmT0FwYWNFLWhjYUJ4dHJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQB1IYqAwQA
1IYxAwQA1IayMA0GCSqGSIb3DQEBCwUAA4IBAQBDXyMVW4ZnyJpewLa+v2CnFyb5
NwO5OkjDoT2EqEKwZCMX53k+e20qzvt/n0YSuzIzLIlZmCtXSqMDwT3iHSiqGrzd
jgqjhKTcBMSseXEVc0+LgN2vMiYi5djMyS4U3leSl3zDfbOvoic0FVLoNsB0mifK
/7iCh4FJfaTuzMLopzhPZ8xKPpff53K3G71/ggOHFcJW+w95ZdVyRttQWoA+SXeA
N76H6aAVvVRGXbzdvX4EkG42IXJq+NivrYSQ0ASYQKrjnciCTTjy2kkCrd7FaEaQ
TOiYZG6H+hV8+0oidfpQVZxx6Fa5KTTJqhhRs8T4+knkYNZyv3zYilSO4Qtj
-----END CERTIFICATE-----
Generated at Thu Feb 26 15:34:17 2026 by rpki-client