Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GTREmACXQPb0KJLW6dGK5SUL4Lo.roa
File: GTREmACXQPb0KJLW6dGK5SUL4Lo.roa (raw, json)
Hash identifier: jSnJOuoiX6a7YYBQbjLyqPa4IKd0EfMD17cZJ/6HjgQ=
Subject key identifier: 19:34:44:98:00:97:40:F6:F4:28:92:D6:E9:D1:8A:E5:25:0B:E0:BA
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019D077EE6017815B735EB78EBB1FE5A738A
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GTREmACXQPb0KJLW6dGK5SUL4Lo.roa
Signing time: Thu 19 Mar 2026 19:07:30 +0000
ROA not before: Thu 19 Mar 2026 19:07:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50053
IP address blocks: 45.90.236.0/24 maxlen: 24
185.121.13.0/24 maxlen: 24
185.121.14.0/24 maxlen: 24
185.196.41.0/24 maxlen: 24
185.202.207.0/24 maxlen: 24
185.218.17.0/24 maxlen: 24
185.218.19.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.232.204.0/24 maxlen: 24
185.236.24.0/24 maxlen: 24
185.239.141.0/24 maxlen: 24
185.239.142.0/24 maxlen: 24
185.250.181.0/24 maxlen: 24
185.254.158.0/24 maxlen: 24
193.17.182.0/24 maxlen: 24
194.48.140.0/23 maxlen: 24
194.48.143.0/24 maxlen: 24
194.124.210.0/24 maxlen: 24
194.124.211.0/24 maxlen: 24
194.146.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Mar 2026 16:33:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:07:7e:e6:01:78:15:b7:35:eb:78:eb:b1:fe:5a:73:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 19 19:07:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=19344498009740f6f42892d6e9d18ae5250be0ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:12:e8:8a:f6:a5:5a:4c:68:fe:f5:41:ac:0a:
dc:ed:cf:35:eb:74:93:b8:47:61:02:dd:ce:7e:9c:
4e:12:cb:33:01:37:62:7d:5a:0b:09:ca:81:b4:5c:
0d:cd:06:f4:6b:af:19:c2:a6:e2:40:09:ee:43:f8:
b9:4a:78:bd:77:53:28:52:0a:fe:01:02:6a:c5:e2:
bd:96:9f:15:4f:8b:69:70:4c:8a:ef:67:0a:e8:90:
e1:79:2e:18:c0:ef:f8:46:3c:0d:ec:f3:05:80:9f:
ed:ff:32:3b:9d:d6:89:ec:f8:12:eb:59:21:e1:1f:
6a:fe:05:94:60:bc:62:1a:e7:21:56:cd:7b:c7:9b:
15:e7:60:6e:6f:72:da:ea:8d:cd:07:dd:e1:39:5f:
cd:90:f3:a2:df:24:1f:dd:52:b5:46:7f:82:a8:5d:
df:7d:fd:6a:f5:4d:c1:a2:11:94:bc:50:0d:0d:87:
c9:7a:42:ef:49:7d:4c:40:3c:1a:20:fd:f9:cd:53:
fc:b9:40:12:d6:36:cd:f9:b0:c0:08:5b:85:3a:9e:
13:3f:c8:fc:27:bc:75:16:c4:af:86:3a:ff:f0:68:
4a:11:18:91:2c:0c:c4:1f:f1:3f:70:38:b7:88:f4:
34:07:35:c0:00:d5:3a:56:de:bc:7a:39:c3:29:62:
4d:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:34:44:98:00:97:40:F6:F4:28:92:D6:E9:D1:8A:E5:25:0B:E0:BA
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/GTREmACXQPb0KJLW6dGK5SUL4Lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.236.0/24
185.121.13.0-185.121.14.255
185.196.41.0/24
185.202.207.0/24
185.218.17.0/24
185.218.19.0/24
185.227.144.0/24
185.232.204.0/24
185.236.24.0/24
185.239.141.0-185.239.142.255
185.250.181.0/24
185.254.158.0/24
193.17.182.0/24
194.48.140.0/23
194.48.143.0/24
194.124.210.0/23
194.146.223.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:7f:1e:7d:c7:78:94:86:27:4f:93:5a:1d:61:c2:f6:97:d3:
3e:fb:d5:ce:f9:36:c2:a3:a0:10:5d:33:00:6f:7f:c2:28:80:
2d:0c:18:8e:47:b6:26:68:26:97:18:4f:3a:97:8e:73:19:83:
83:08:4a:50:14:76:0d:8e:cf:65:22:8d:a0:d2:92:48:a4:a1:
69:c9:d8:63:5f:dc:a5:b4:34:8f:45:cb:d1:e5:03:14:0f:f4:
9f:17:79:9c:ab:3e:37:74:cb:7d:34:a7:9e:9e:a3:70:51:ea:
de:11:a7:08:2d:6d:48:7d:67:23:f6:bc:4a:b9:27:99:d7:de:
85:83:eb:95:b7:94:21:85:29:02:f6:96:be:02:e5:a0:0e:fb:
55:e2:b4:64:87:09:fc:94:f7:ab:e9:57:b6:32:8b:75:d0:a1:
b6:1a:de:81:1f:2b:64:c7:0c:63:92:05:84:97:e0:33:6e:41:
a0:d5:82:7e:3c:4d:99:98:06:3c:8e:d8:52:47:f7:d6:46:53:
69:7f:20:98:cf:5c:4e:f7:0c:00:29:c1:42:7d:39:83:b9:bb:
93:44:bc:02:c4:b1:79:e2:f6:6a:16:a1:49:0d:75:91:14:ae:
dd:fa:8d:52:3b:8f:01:ae:ca:b1:7c:73:35:18:c8:78:32:99:
61:92:17:1b
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZ0HfuYBeBW3Net467H+WnOKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwMzE5MTkwNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTM0NDQ5ODAwOTc0MGY2ZjQyODkyZDZlOWQxOGFlNTI1MGJlMGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBLoivalWkxo/vVBrArc7c8163ST
uEdhAt3OfpxOEsszATdifVoLCcqBtFwNzQb0a68ZwqbiQAnuQ/i5Sni9d1MoUgr+
AQJqxeK9lp8VT4tpcEyK72cK6JDheS4YwO/4RjwN7PMFgJ/t/zI7ndaJ7PgS61kh
4R9q/gWUYLxiGuchVs17x5sV52Bub3La6o3NB93hOV/NkPOi3yQf3VK1Rn+CqF3f
ff1q9U3BohGUvFANDYfJekLvSX1MQDwaIP35zVP8uUAS1jbN+bDACFuFOp4TP8j8
J7x1FsSvhjr/8GhKERiRLAzEH/E/cDi3iPQ0BzXAANU6Vt68ejnDKWJNJQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFBk0RJgAl0D29CiS1unRiuUlC+C6MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvR1RSRW1BQ1hRUGIwS0pMVzZkR0s1U1VMNExvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAAtWuww
DAMEALl5DQMEALl5DgMEALnEKQMEALnKzwMEALnaEQMEALnaEwMEALnjkAMEALno
zAMEALnsGDAMAwQAue+NAwQAue+OAwQAufq1AwQAuf6eAwQAwRG2AwQBwjCMAwQA
wjCPAwQBwnzSAwQAwpLfMA0GCSqGSIb3DQEBCwUAA4IBAQCufx59x3iUhidPk1od
YcL2l9M++9XO+TbCo6AQXTMAb3/CKIAtDBiOR7YmaCaXGE86l45zGYODCEpQFHYN
js9lIo2g0pJIpKFpydhjX9yltDSPRcvR5QMUD/SfF3mcqz43dMt9NKeenqNwUere
EacILW1IfWcj9rxKuSeZ196Fg+uVt5QhhSkC9pa+AuWgDvtV4rRkhwn8lPer6Ve2
Mot10KG2Gt6BHytkxwxjkgWEl+AzbkGg1YJ+PE2ZmAY8jthSR/fWRlNpfyCYz1xO
9wwAKcFCfTmDubuTRLwCxLF54vZqFqFJDXWRFK7d+o1SO48BrsqxfHM1GMh4Mplh
khcb
-----END CERTIFICATE-----
Generated at Thu Mar 19 22:35:10 2026 by rpki-client