Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/GI33crLs1YhbryhcezjNjDVjS1g.roa
File: GI33crLs1YhbryhcezjNjDVjS1g.roa (raw, json)
Hash identifier: KA1gXvMpl17ErTAeepPr4wN+L34jC9m0lf4C1BjqtxU=
Subject key identifier: 18:8D:F7:72:B2:EC:D5:88:5B:AF:28:5C:7B:38:CD:8C:35:63:4B:58
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 019CCE4BE7DC76E5A4C70D42D37D45DA124C
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/GI33crLs1YhbryhcezjNjDVjS1g.roa
Signing time: Sun 08 Mar 2026 16:33:26 +0000
ROA not before: Sun 08 Mar 2026 16:33:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 194.41.114.0/24 maxlen: 24
217.147.14.0/23 maxlen: 23
2a0e:f180::/29 maxlen: 29
2a10:eac0::/29 maxlen: 29
2a11:400::/29 maxlen: 29
2a11:1440::/29 maxlen: 29
2a11:2500::/29 maxlen: 29
2a11:4200::/29 maxlen: 29
2a11:5280::/29 maxlen: 29
2a11:8240::/29 maxlen: 29
2a11:e800::/29 maxlen: 29
2a11:e940::/29 maxlen: 29
2a12:d500::/29 maxlen: 29
2a12:de00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 20:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ce:4b:e7:dc:76:e5:a4:c7:0d:42:d3:7d:45:da:12:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Mar 8 16:33:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=188df772b2ecd5885baf285c7b38cd8c35634b58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:6d:8a:01:f3:01:7d:1b:4c:11:60:15:4a:18:
f6:a9:cc:8b:b1:e2:a3:27:e6:7d:eb:56:32:13:3c:
17:66:45:f9:c8:30:a6:ee:47:97:57:51:45:55:c5:
d2:0d:dc:a5:7f:63:7a:20:f2:d6:bb:6b:69:d6:c4:
91:4b:7b:38:4f:7c:bc:11:f3:e7:fa:f8:f5:f8:2d:
8a:66:4e:31:43:9d:2b:c9:1c:49:67:37:2f:cf:f8:
de:65:5f:ca:7c:f3:04:6f:74:7d:e8:64:79:90:ea:
d7:b1:f7:09:13:a9:54:9f:27:a5:91:8d:cd:c5:79:
d9:c4:1b:1a:42:1e:7d:f1:b1:a0:7f:44:91:25:c0:
ef:e9:4d:72:47:91:68:b3:61:cf:1b:02:4c:20:61:
0e:da:7e:df:70:f7:e5:57:5b:10:8a:1f:87:18:cc:
d6:a7:6a:78:20:f3:c3:9a:31:6e:e0:61:1a:7c:1f:
aa:64:b6:f5:96:fd:e3:5a:ec:76:40:b2:93:c1:1e:
6e:38:0f:b9:f6:87:40:27:f9:bd:04:95:6b:a2:d7:
25:d5:dc:0f:77:79:bd:2e:f0:b7:f9:3d:a4:7b:4d:
b8:e2:d8:7e:44:44:57:e6:ce:ef:5b:07:89:e9:0a:
9d:58:4f:b3:13:6a:2d:23:be:c4:2b:e4:c4:fb:34:
62:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:8D:F7:72:B2:EC:D5:88:5B:AF:28:5C:7B:38:CD:8C:35:63:4B:58
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/GI33crLs1YhbryhcezjNjDVjS1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.41.114.0/24
217.147.14.0/23
IPv6:
2a0e:f180::/29
2a10:eac0::/29
2a11:400::/29
2a11:1440::/29
2a11:2500::/29
2a11:4200::/29
2a11:5280::/29
2a11:8240::/29
2a11:e800::/29
2a11:e940::/29
2a12:d500::/29
2a12:de00::/29
Signature Algorithm: sha256WithRSAEncryption
6e:24:7c:37:85:d3:ba:e3:d5:70:94:e2:48:3e:81:61:55:7e:
2a:69:7d:7e:b6:06:c0:46:9d:1d:2f:dc:0f:db:d5:ee:a2:08:
9c:09:c9:be:08:33:3f:46:75:65:1a:6f:d3:b4:de:a2:0c:a1:
39:9f:10:bc:02:ef:27:3c:2a:a0:bf:37:4f:ac:5a:7a:3b:f2:
41:30:09:7b:39:e1:66:6a:06:5c:99:57:68:39:76:1d:4a:0b:
71:db:9c:f2:2d:d3:84:29:04:c1:95:bc:1d:b2:ff:0c:2f:81:
0e:4d:46:18:29:46:d4:d5:87:2b:6c:b4:83:05:e8:56:a6:dc:
4f:eb:33:cd:5d:66:39:c1:8a:47:04:ab:2b:02:ce:03:f4:64:
85:70:56:6f:3c:2a:9b:d2:f1:fd:bf:6b:c8:47:e2:b3:dc:c1:
95:1c:a2:8d:03:dc:38:81:fe:d6:15:86:19:28:e3:92:81:6d:
3b:2e:c2:f8:b6:4f:62:b0:36:2e:bd:c5:f6:2d:92:b2:ad:f3:
66:7e:9d:1b:d7:e4:c4:64:21:29:34:c5:35:b2:5e:60:30:47:
d2:76:38:ab:38:58:26:f1:4d:4f:6a:9c:ba:75:30:53:3c:6b:
b6:0c:ed:9c:85:0e:9a:38:f7:2f:4f:c6:13:94:2a:37:cc:35:
87:47:82:77
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZzOS+fcduWkxw1C031F2hJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjYwMzA4MTYzMzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODhkZjc3MmIyZWNkNTg4NWJhZjI4NWM3YjM4Y2Q4YzM1NjM0YjU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA422KAfMBfRtMEWAVShj2qcyLseKj
J+Z961YyEzwXZkX5yDCm7keXV1FFVcXSDdylf2N6IPLWu2tp1sSRS3s4T3y8EfPn
+vj1+C2KZk4xQ50ryRxJZzcvz/jeZV/KfPMEb3R96GR5kOrXsfcJE6lUnyelkY3N
xXnZxBsaQh598bGgf0SRJcDv6U1yR5Fos2HPGwJMIGEO2n7fcPflV1sQih+HGMzW
p2p4IPPDmjFu4GEafB+qZLb1lv3jWux2QLKTwR5uOA+59odAJ/m9BJVrotcl1dwP
d3m9LvC3+T2ke0244th+RERX5s7vWweJ6QqdWE+zE2otI77EK+TE+zRiFQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFBiN93Ky7NWIW68oXHs4zYw1Y0tYMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvR0kzM2NyTHMxWWhicnloY2V6ak5qRFZqUzFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwEgQCAAEwDAMEAMIpcgME
AdmTDjBaBAIAAjBUAwUDKg7xgAMFAyoQ6sADBQMqEQQAAwUDKhEUQAMFAyoRJQAD
BQMqEUIAAwUDKhFSgAMFAyoRgkADBQMqEegAAwUDKhHpQAMFAyoS1QADBQMqEt4A
MA0GCSqGSIb3DQEBCwUAA4IBAQBuJHw3hdO649VwlOJIPoFhVX4qaX1+tgbARp0d
L9wP29XuogicCcm+CDM/RnVlGm/TtN6iDKE5nxC8Au8nPCqgvzdPrFp6O/JBMAl7
OeFmagZcmVdoOXYdSgtx25zyLdOEKQTBlbwdsv8ML4EOTUYYKUbU1YcrbLSDBehW
ptxP6zPNXWY5wYpHBKsrAs4D9GSFcFZvPCqb0vH9v2vIR+Kz3MGVHKKNA9w4gf7W
FYYZKOOSgW07LsL4tk9isDYuvcX2LZKyrfNmfp0b1+TEZCEpNMU1sl5gMEfSdjir
OFgm8U1Papy6dTBTPGu2DO2chQ6aOPcvT8YTlCo3zDWHR4J3
-----END CERTIFICATE-----
Generated at Sat Mar 14 22:56:58 2026 by rpki-client