Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/GptoT_Z8Sdc2QCFhENJ0lBPqHgY.roa
File: GptoT_Z8Sdc2QCFhENJ0lBPqHgY.roa (raw, json)
Hash identifier: DL80CPM3GvfVo26n83tvKD2AYozKKWqnmUKy2gaT+nM=
Subject key identifier: 1A:9B:68:4F:F6:7C:49:D7:36:40:21:61:10:D2:74:94:13:EA:1E:06
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 019D0C85351A5D25EF51F7EE60AE0444657D
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/GptoT_Z8Sdc2QCFhENJ0lBPqHgY.roa
Signing time: Fri 20 Mar 2026 18:32:29 +0000
ROA not before: Fri 20 Mar 2026 18:32:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 1101
IP address blocks: 185.17.73.0/24 maxlen: 24
185.100.59.0/24 maxlen: 24
2001:67c:12d8::/48 maxlen: 64
2a04:601::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Mar 2026 15:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0c:85:35:1a:5d:25:ef:51:f7:ee:60:ae:04:44:65:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Mar 20 18:32:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1a9b684ff67c49d73640216110d2749413ea1e06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:84:37:17:bc:76:c2:02:e4:c2:6c:f5:56:d4:
0f:d6:a5:2f:c6:6d:95:0d:1a:7a:93:4b:ac:d3:36:
10:3e:8e:67:74:cf:1b:ed:67:2f:4e:21:e6:e2:93:
8d:5a:81:a0:c7:0a:7d:0f:f7:27:dd:7e:8d:9b:00:
96:22:5a:05:1d:f3:25:03:ff:45:b1:04:53:ce:8a:
52:ce:c4:3d:ef:76:46:b6:88:7f:52:26:30:37:0b:
ad:cc:94:41:c1:55:21:7b:ef:2d:f8:00:ab:3f:77:
91:00:b5:0b:70:4d:1f:c5:3d:ef:2e:51:b8:32:a8:
fe:91:fe:fc:0c:33:13:3b:6a:f8:93:85:08:5a:f6:
89:64:bf:da:06:b1:12:45:f8:48:77:56:25:a9:32:
ef:80:51:d0:71:ee:81:b9:44:fd:d5:f3:7c:a8:77:
f5:b2:9c:4a:ce:88:69:17:5c:23:19:83:57:c9:64:
7f:95:66:61:6f:cd:ae:d1:38:53:dc:5e:66:85:75:
f3:e9:e2:72:aa:14:0d:fd:b8:fc:8f:d9:89:62:87:
78:ab:50:82:2a:fa:25:4d:a4:f0:5a:13:28:4f:f4:
0f:6e:db:72:48:e9:ad:76:20:0e:b5:b9:74:f5:a4:
3e:ea:11:bb:20:ee:21:32:eb:3f:a9:93:e1:50:ce:
d5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:9B:68:4F:F6:7C:49:D7:36:40:21:61:10:D2:74:94:13:EA:1E:06
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/GptoT_Z8Sdc2QCFhENJ0lBPqHgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.73.0/24
185.100.59.0/24
IPv6:
2001:67c:12d8::/48
2a04:601::/32
Signature Algorithm: sha256WithRSAEncryption
69:46:92:e6:0e:94:5c:74:44:ef:9d:52:20:5b:3c:16:d1:82:
7f:c4:ef:6c:8d:90:c0:25:e2:60:06:73:ec:df:8d:c9:bc:81:
10:fa:96:4c:08:16:ef:62:09:c8:37:3e:5c:e2:aa:35:5d:7d:
69:a6:ab:2d:fe:05:87:56:7d:1a:6d:90:8b:e4:0a:43:c7:43:
35:05:62:2f:99:c6:b5:f1:4c:ee:00:7f:d0:5f:07:72:62:ed:
97:9f:52:bc:97:0e:71:af:f1:ab:42:52:2e:1b:87:da:65:df:
39:6c:9e:d1:c1:c9:27:4d:88:8a:04:bf:62:51:81:5c:d1:67:
b5:d0:4e:0e:1c:80:ef:3c:61:f6:85:fd:b8:9d:cc:e1:68:7e:
95:ca:3b:d7:3c:3b:d8:2f:c1:b3:0d:56:d2:36:fe:1d:5c:32:
24:63:49:f2:3e:c6:8e:48:be:3b:04:45:a5:b7:36:c6:b4:23:
cb:69:a9:bb:99:97:50:08:b5:39:d0:69:32:12:f1:02:62:a9:
d6:9c:c3:04:db:9b:36:77:07:80:43:2e:02:bb:45:6c:7e:72:
c5:56:b4:4a:46:a3:64:87:2d:7e:f8:aa:cd:73:e9:db:88:62:
eb:e8:41:9a:cb:d3:4b:6b:1d:7b:c2:42:67:87:a9:ca:17:cb:
d6:3f:ac:ab
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ0MhTUaXSXvUffuYK4ERGV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjYwMzIwMTgzMjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTliNjg0ZmY2N2M0OWQ3MzY0MDIxNjExMGQyNzQ5NDEzZWExZTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4Q3F7x2wgLkwmz1VtQP1qUvxm2V
DRp6k0us0zYQPo5ndM8b7WcvTiHm4pONWoGgxwp9D/cn3X6NmwCWIloFHfMlA/9F
sQRTzopSzsQ973ZGtoh/UiYwNwutzJRBwVUhe+8t+ACrP3eRALULcE0fxT3vLlG4
Mqj+kf78DDMTO2r4k4UIWvaJZL/aBrESRfhId1YlqTLvgFHQce6BuUT91fN8qHf1
spxKzohpF1wjGYNXyWR/lWZhb82u0ThT3F5mhXXz6eJyqhQN/bj8j9mJYod4q1CC
KvolTaTwWhMoT/QPbttySOmtdiAOtbl09aQ+6hG7IO4hMus/qZPhUM7VUwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBqbaE/2fEnXNkAhYRDSdJQT6h4GMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvR3B0b1RfWjhTZGMyUUNGaEVOSjBsQlBxSGdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAuRFJAwQA
uWQ7MBYEAgACMBADBwAgAQZ8EtgDBQAqBAYBMA0GCSqGSIb3DQEBCwUAA4IBAQBp
RpLmDpRcdETvnVIgWzwW0YJ/xO9sjZDAJeJgBnPs343JvIEQ+pZMCBbvYgnINz5c
4qo1XX1ppqst/gWHVn0abZCL5ApDx0M1BWIvmca18UzuAH/QXwdyYu2Xn1K8lw5x
r/GrQlIuG4faZd85bJ7RwcknTYiKBL9iUYFc0We10E4OHIDvPGH2hf24nczhaH6V
yjvXPDvYL8GzDVbSNv4dXDIkY0nyPsaOSL47BEWltzbGtCPLaam7mZdQCLU50Gky
EvECYqnWnMME25s2dweAQy4Cu0VsfnLFVrRKRqNkhy1++KrNc+nbiGLr6EGay9NL
ax17wkJnh6nKF8vWP6yr
-----END CERTIFICATE-----
Generated at Sun Mar 22 23:44:16 2026 by rpki-client