Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/GSZrRVy15G6PvUYZWynpc2gz_hk.roa
File: GSZrRVy15G6PvUYZWynpc2gz_hk.roa (raw, json)
Hash identifier: ZzSmu2LODxU1RdfKwu6hA1/fexn4kkckl+EdSV9u3ng=
Subject key identifier: 19:26:6B:45:5C:B5:E4:6E:8F:BD:46:19:5B:29:E9:73:68:33:FE:19
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019D96062E78FB558E879F0A9F0F7A818AF1
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/GSZrRVy15G6PvUYZWynpc2gz_hk.roa
Signing time: Thu 16 Apr 2026 11:21:20 +0000
ROA not before: Thu 16 Apr 2026 11:21:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.11.184.0/24 maxlen: 24
45.11.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 11:21:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:96:06:2e:78:fb:55:8e:87:9f:0a:9f:0f:7a:81:8a:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Apr 16 11:21:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=19266b455cb5e46e8fbd46195b29e9736833fe19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:a4:e0:33:d3:dc:c9:bd:63:d0:3a:4f:a5:b7:
00:9a:37:db:35:56:9d:86:28:09:40:d9:ef:1f:fd:
0d:4f:68:81:11:05:95:ea:ac:89:6c:94:9a:2f:fc:
df:b0:14:15:1a:95:1a:4c:6a:f7:84:a5:f2:8d:c7:
51:d5:3d:e7:ca:31:ae:8c:d8:9d:eb:83:42:27:da:
ed:db:23:c6:b4:89:3e:d3:6a:cb:85:6d:0a:31:6a:
af:6d:c7:95:c0:ee:45:da:06:8f:d8:1d:c3:13:55:
2e:4e:4a:99:4e:da:78:c0:2d:ca:5c:0d:72:3e:b1:
05:7a:33:d6:50:58:58:64:d3:79:af:4b:16:25:80:
ea:43:58:77:ca:d0:59:23:53:6a:29:33:e9:11:c7:
da:d2:42:bf:84:cd:fa:27:79:6c:c0:c1:42:10:a8:
2f:9d:11:ed:df:ab:79:63:32:ab:90:c0:fb:40:ea:
a2:03:2c:ac:7d:c6:29:16:dc:8b:d8:3d:b7:03:b0:
35:8c:00:01:42:1f:4d:c3:b6:be:05:74:09:b5:3e:
a8:39:af:07:86:15:fe:46:3b:96:5c:3c:8e:93:81:
96:9f:c1:fb:73:0f:64:d6:ff:8c:e2:bc:d7:7d:c8:
bf:91:29:82:67:68:e6:2a:9d:3e:2b:d2:50:41:88:
9b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:26:6B:45:5C:B5:E4:6E:8F:BD:46:19:5B:29:E9:73:68:33:FE:19
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/GSZrRVy15G6PvUYZWynpc2gz_hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.184.0/24
45.11.186.0/24
Signature Algorithm: sha256WithRSAEncryption
80:76:d8:19:4b:7f:17:a3:65:60:32:17:45:c7:5d:45:ba:83:
fc:48:53:ab:e0:08:e5:9d:d8:ea:4f:c8:91:ed:b9:22:3d:38:
7b:f8:e3:8e:47:9b:9f:f8:1a:81:79:8f:e5:3e:e7:ba:0a:d3:
7f:a9:b9:c5:d4:af:04:61:56:02:40:7e:1b:42:88:e6:cc:51:
83:21:52:2e:ac:9b:a8:34:dd:09:e5:24:f4:fc:57:83:aa:f7:
9f:12:ed:60:95:90:4f:e8:78:a3:de:86:13:35:71:61:04:41:
9a:cd:08:f3:0e:60:95:ff:de:63:74:4e:63:be:a4:1e:1f:e9:
83:c8:15:48:1c:6a:84:60:77:28:cd:e6:f4:93:28:f1:a9:ef:
ff:fe:e7:32:08:7e:d3:ec:9b:12:ff:51:49:13:d6:a5:b5:9a:
43:97:b4:af:3e:e1:e3:e0:1d:c7:cf:e6:81:a1:d6:37:a4:c6:
65:0f:0b:ae:a8:76:a4:29:70:08:6a:64:76:85:9b:0f:36:11:
6b:13:d3:53:68:18:4c:06:8d:b5:02:fb:de:5b:1b:64:d7:89:
76:4d:b3:3e:83:c2:d1:67:3b:b5:49:36:67:f7:0d:16:ab:61:
52:d0:b5:71:80:3f:dd:41:c3:91:e1:3c:73:77:9b:aa:8e:b5:
88:0e:89:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ2WBi54+1WOh58Knw96gYrxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjYwNDE2MTEyMTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTI2NmI0NTVjYjVlNDZlOGZiZDQ2MTk1YjI5ZTk3MzY4MzNmZTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApaTgM9Pcyb1j0DpPpbcAmjfbNVad
higJQNnvH/0NT2iBEQWV6qyJbJSaL/zfsBQVGpUaTGr3hKXyjcdR1T3nyjGujNid
64NCJ9rt2yPGtIk+02rLhW0KMWqvbceVwO5F2gaP2B3DE1UuTkqZTtp4wC3KXA1y
PrEFejPWUFhYZNN5r0sWJYDqQ1h3ytBZI1NqKTPpEcfa0kK/hM36J3lswMFCEKgv
nRHt36t5YzKrkMD7QOqiAyysfcYpFtyL2D23A7A1jAABQh9Nw7a+BXQJtT6oOa8H
hhX+RjuWXDyOk4GWn8H7cw9k1v+M4rzXfci/kSmCZ2jmKp0+K9JQQYibQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBkma0VcteRuj71GGVsp6XNoM/4ZMB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvR1NaclJWeTE1RzZQdlVZWld5bnBjMmd6X2hrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQu4AwQA
LQu6MA0GCSqGSIb3DQEBCwUAA4IBAQCAdtgZS38Xo2VgMhdFx11FuoP8SFOr4Ajl
ndjqT8iR7bkiPTh7+OOOR5uf+BqBeY/lPue6CtN/qbnF1K8EYVYCQH4bQojmzFGD
IVIurJuoNN0J5ST0/FeDqvefEu1glZBP6Hij3oYTNXFhBEGazQjzDmCV/95jdE5j
vqQeH+mDyBVIHGqEYHcozeb0kyjxqe///ucyCH7T7JsS/1FJE9altZpDl7SvPuHj
4B3Hz+aBodY3pMZlDwuuqHakKXAIamR2hZsPNhFrE9NTaBhMBo21AvveWxtk14l2
TbM+g8LRZzu1STZn9w0Wq2FS0LVxgD/dQcOR4Txzd5uqjrWIDolq
-----END CERTIFICATE-----
Generated at Thu Apr 16 21:51:41 2026 by rpki-client