Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/Gz_1bJto4c1yEF2Q0CAMMKyQM04.roa
File: Gz_1bJto4c1yEF2Q0CAMMKyQM04.roa (raw, json)
Hash identifier: XtyCodmY8171cj6WcCGbm/ih1IwcnbUwaLWquFazgPc=
Subject key identifier: 1B:3F:F5:6C:9B:68:E1:CD:72:10:5D:90:D0:20:0C:30:AC:90:33:4E
Certificate issuer: /CN=5fc90518df70b13d706bfe237aa5a76926a576d1
Certificate serial: 019CD3D979A7FD111F5F1D72687FDF388190
Authority key identifier: 5F:C9:05:18:DF:70:B1:3D:70:6B:FE:23:7A:A5:A7:69:26:A5:76:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X8kFGN9wsT1wa_4jeqWnaSaldtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/Gz_1bJto4c1yEF2Q0CAMMKyQM04.roa
Signing time: Mon 09 Mar 2026 18:26:10 +0000
ROA not before: Mon 09 Mar 2026 18:26:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 31130
IP address blocks: 70.40.188.0/24 maxlen: 24
70.40.189.0/24 maxlen: 24
91.92.250.0/24 maxlen: 24
151.123.187.0/24 maxlen: 24
2001:3780::/32 maxlen: 32
2001:3785::/32 maxlen: 32
2a12:4044::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/X8kFGN9wsT1wa_4jeqWnaSaldtE.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/X8kFGN9wsT1wa_4jeqWnaSaldtE.mft
rsync://rpki.ripe.net/repository/DEFAULT/X8kFGN9wsT1wa_4jeqWnaSaldtE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Mar 2026 00:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d3:d9:79:a7:fd:11:1f:5f:1d:72:68:7f:df:38:81:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fc90518df70b13d706bfe237aa5a76926a576d1
Validity
Not Before: Mar 9 18:26:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1b3ff56c9b68e1cd72105d90d0200c30ac90334e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f3:c4:6d:3e:eb:57:0e:57:17:49:bc:7c:ee:
8e:e6:eb:ab:ee:73:cd:82:fe:f8:ad:77:3b:a1:a2:
4e:77:85:5a:e4:4f:97:ee:6a:fa:fc:7d:76:ae:41:
13:79:98:96:1d:87:48:45:e1:1b:7b:be:85:dd:80:
73:67:31:fd:4e:78:c0:c0:05:6b:c8:fc:41:68:39:
60:1b:75:a4:44:6c:64:88:38:3b:04:dd:e5:10:e4:
f3:14:f9:f9:83:6f:a1:a6:2f:e5:f5:7b:1f:2b:ea:
6c:9e:1c:45:6d:39:e5:51:c1:81:d6:e9:58:1e:42:
8a:39:e1:43:47:d8:bb:d5:90:9f:d4:3f:fb:e3:56:
d9:3a:4e:47:4c:89:2f:e0:ba:6e:fd:84:f4:2b:6a:
7c:3a:c0:ba:b6:a4:54:48:c3:f0:cb:e1:0c:ce:f6:
ed:ed:52:cf:d9:91:fa:ad:d1:f8:7c:de:e8:16:4e:
69:1c:1e:e2:5b:11:f8:17:58:e8:e1:23:38:cc:91:
79:c9:35:9e:9d:69:da:44:d2:87:49:ae:b9:f5:47:
6d:0d:eb:72:98:31:d7:b6:71:71:e0:58:2e:61:bc:
79:65:8b:a6:89:80:4d:06:e7:06:c7:37:de:61:16:
cb:c2:ee:e2:de:dd:aa:19:49:d5:1d:1f:e3:9b:19:
53:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:3F:F5:6C:9B:68:E1:CD:72:10:5D:90:D0:20:0C:30:AC:90:33:4E
X509v3 Authority Key Identifier:
keyid:5F:C9:05:18:DF:70:B1:3D:70:6B:FE:23:7A:A5:A7:69:26:A5:76:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X8kFGN9wsT1wa_4jeqWnaSaldtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/Gz_1bJto4c1yEF2Q0CAMMKyQM04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/65cc20-0dfb-4180-9ac1-c8302e82ea22/1/X8kFGN9wsT1wa_4jeqWnaSaldtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
70.40.188.0/23
91.92.250.0/24
151.123.187.0/24
IPv6:
2001:3780::/32
2001:3785::/32
2a12:4044::/32
Signature Algorithm: sha256WithRSAEncryption
42:03:8f:8d:eb:ef:97:9b:79:5d:95:36:ae:1e:89:f7:2a:0f:
50:6d:5f:fc:5d:02:a3:aa:25:c5:2d:05:d4:e3:64:84:76:12:
a8:d9:f2:54:11:56:15:14:38:2d:f8:0c:82:69:31:80:31:63:
de:ec:05:69:0e:18:a8:08:3c:3e:80:91:f4:bb:0b:22:ad:1c:
ae:c1:d0:69:2d:78:7e:39:40:08:a5:cc:b2:18:17:fe:1b:ba:
4e:cb:65:2e:41:2c:2a:d9:48:a0:b3:65:e7:9b:c2:1a:5d:fc:
c2:6a:15:54:98:4d:24:68:04:79:ae:b3:0c:47:54:38:9c:c0:
5b:b0:1b:22:ad:96:5f:aa:bb:62:eb:e6:75:1f:ee:54:f1:a2:
c3:61:f7:60:99:78:90:28:bf:59:3a:49:60:a6:3a:88:8b:be:
f9:2c:68:98:1f:f0:47:9a:68:9f:40:01:14:ec:68:26:a9:2c:
9b:c4:9f:30:6c:55:6f:73:eb:3a:81:6c:5a:84:7a:49:38:c2:
d8:08:84:3b:c2:f4:2f:4a:45:5b:46:8e:26:08:b5:10:1a:4d:
4a:be:4b:34:f1:51:88:20:95:b1:0e:0a:83:bb:ca:e0:90:77:
d6:05:89:34:d2:d0:15:3f:2f:f8:5b:85:3c:9f:2b:f9:1b:ed:
d7:99:41:22
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZzT2Xmn/REfXx1yaH/fOIGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYzkwNTE4ZGY3MGIxM2Q3MDZiZmUyMzdhYTVhNzY5MjZh
NTc2ZDEwHhcNMjYwMzA5MTgyNjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjNmZjU2YzliNjhlMWNkNzIxMDVkOTBkMDIwMGMzMGFjOTAzMzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/PEbT7rVw5XF0m8fO6O5uur7nPN
gv74rXc7oaJOd4Va5E+X7mr6/H12rkETeZiWHYdIReEbe76F3YBzZzH9TnjAwAVr
yPxBaDlgG3WkRGxkiDg7BN3lEOTzFPn5g2+hpi/l9XsfK+psnhxFbTnlUcGB1ulY
HkKKOeFDR9i71ZCf1D/741bZOk5HTIkv4Lpu/YT0K2p8OsC6tqRUSMPwy+EMzvbt
7VLP2ZH6rdH4fN7oFk5pHB7iWxH4F1jo4SM4zJF5yTWenWnaRNKHSa659UdtDety
mDHXtnFx4FguYbx5ZYumiYBNBucGxzfeYRbLwu7i3t2qGUnVHR/jmxlTVQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFBs/9WybaOHNchBdkNAgDDCskDNOMB8GA1UdIwQY
MBaAFF/JBRjfcLE9cGv+I3qlp2kmpXbRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDhrRkdOOXdzVDF3YV80amVxV25hU2FsZHRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82NWNjMjAtMGRmYi00MTgwLTlhYzEt
YzgzMDJlODJlYTIyLzEvR3pfMWJKdG80YzF5RUYyUTBDQU1NS3lRTTA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82NWNjMjAtMGRmYi00MTgwLTlhYzEtYzgzMDJlODJlYTIy
LzEvWDhrRkdOOXdzVDF3YV80amVxV25hU2FsZHRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQBRii8AwQA
W1z6AwQAl3u7MBsEAgACMBUDBQAgATeAAwUAIAE3hQMFACoSQEQwDQYJKoZIhvcN
AQELBQADggEBAEIDj43r75ebeV2VNq4eifcqD1BtX/xdAqOqJcUtBdTjZIR2EqjZ
8lQRVhUUOC34DIJpMYAxY97sBWkOGKgIPD6AkfS7CyKtHK7B0GkteH45QAilzLIY
F/4buk7LZS5BLCrZSKCzZeebwhpd/MJqFVSYTSRoBHmuswxHVDicwFuwGyKtll+q
u2Lr5nUf7lTxosNh92CZeJAov1k6SWCmOoiLvvksaJgf8EeaaJ9AARTsaCapLJvE
nzBsVW9z6zqBbFqEekk4wtgIhDvC9C9KRVtGjiYItRAaTUq+SzTxUYgglbEOCoO7
yuCQd9YFiTTS0BU/L/hbhTyfK/kb7deZQSI=
-----END CERTIFICATE-----
Generated at Mon Mar 16 07:59:08 2026 by rpki-client