Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/GfxkS2K6bpBkpuzC0376hBbXUlk.roa
File: GfxkS2K6bpBkpuzC0376hBbXUlk.roa (raw, json)
Hash identifier: J+Z21dJYBOM51LPU+ya0g/MXujhtG4pDOLjeLt4cOJo=
Subject key identifier: 19:FC:64:4B:62:BA:6E:90:64:A6:EC:C2:D3:7E:FA:84:16:D7:52:59
Certificate issuer: /CN=338c1868b56380e08c45f81ffe61dd3281d6697e
Certificate serial: 019C81BC4CD8C6956A833310DB646290A321
Authority key identifier: 33:8C:18:68:B5:63:80:E0:8C:45:F8:1F:FE:61:DD:32:81:D6:69:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M4wYaLVjgOCMRfgf_mHdMoHWaX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/GfxkS2K6bpBkpuzC0376hBbXUlk.roa
Signing time: Sat 21 Feb 2026 19:45:27 +0000
ROA not before: Sat 21 Feb 2026 19:45:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204936
IP address blocks: 2a13:a740::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/M4wYaLVjgOCMRfgf_mHdMoHWaX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/M4wYaLVjgOCMRfgf_mHdMoHWaX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/M4wYaLVjgOCMRfgf_mHdMoHWaX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Feb 2026 15:05:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:81:bc:4c:d8:c6:95:6a:83:33:10:db:64:62:90:a3:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=338c1868b56380e08c45f81ffe61dd3281d6697e
Validity
Not Before: Feb 21 19:45:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=19fc644b62ba6e9064a6ecc2d37efa8416d75259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:32:27:27:86:e1:ca:ff:5b:cf:9b:e7:77:4c:
6d:b1:69:b1:98:d8:ff:d7:df:e7:85:d5:65:2a:65:
fd:bd:c2:2c:a0:6f:a3:9e:7b:b0:4c:f8:c5:42:7d:
3a:9e:33:36:2c:8c:ea:47:26:9a:bb:9a:54:ff:31:
84:69:16:44:c4:dd:db:41:40:56:a7:15:e0:c9:06:
41:6b:c6:dc:c5:63:02:07:1b:96:36:3b:d3:75:77:
bb:52:68:66:1e:d9:38:0e:56:c3:10:4f:a6:8b:14:
12:09:64:62:01:05:20:bd:59:18:a4:46:64:1b:2b:
29:4a:be:3a:57:43:f8:fa:14:a6:f2:47:c5:7b:ae:
d5:c0:28:fd:f8:6d:04:a2:f7:ce:aa:b7:06:84:73:
e8:e7:50:ef:65:e2:0a:9b:a9:bc:5a:7c:08:9b:01:
29:b3:7e:16:f1:4a:2c:40:3f:1f:8f:c2:dc:46:30:
79:cd:47:e2:34:39:2d:2d:bb:83:7c:ad:87:69:3e:
25:8e:68:04:73:6d:fd:cc:1f:29:64:1e:2b:21:0d:
f4:76:f8:d8:05:cf:c1:b1:94:bc:d9:8d:fc:b4:69:
31:1c:2a:3e:e5:92:a8:e8:50:32:32:84:df:ae:6e:
18:9b:85:4e:04:70:c3:0d:5b:dc:98:26:8c:a2:eb:
34:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:FC:64:4B:62:BA:6E:90:64:A6:EC:C2:D3:7E:FA:84:16:D7:52:59
X509v3 Authority Key Identifier:
keyid:33:8C:18:68:B5:63:80:E0:8C:45:F8:1F:FE:61:DD:32:81:D6:69:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M4wYaLVjgOCMRfgf_mHdMoHWaX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/GfxkS2K6bpBkpuzC0376hBbXUlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/42411e-e7ab-4645-9a4b-16dba543b558/1/M4wYaLVjgOCMRfgf_mHdMoHWaX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a740::/29
Signature Algorithm: sha256WithRSAEncryption
0e:e9:30:8a:7a:fa:27:2c:07:16:b2:32:b0:0f:bb:bc:5f:5f:
04:39:3a:48:27:72:38:ad:91:a0:97:13:3d:94:98:a0:22:07:
33:d8:1d:36:e6:e5:af:86:b3:d4:00:9a:d1:56:22:84:2b:0e:
4f:f8:c2:a4:df:b0:16:9d:77:2c:86:29:e6:ed:c4:63:c2:ca:
9b:05:4d:49:8b:ed:36:06:29:11:6a:e1:b5:71:e1:6f:21:b1:
eb:b9:9b:ae:ce:51:28:c5:87:9d:dd:fd:da:e2:98:0e:bd:26:
64:1e:72:4f:d3:72:d7:3e:9f:c4:0e:c7:59:30:b1:d3:7f:33:
46:e7:25:64:30:25:26:2e:15:f1:dd:2a:3f:ce:69:ab:88:ad:
71:f8:54:61:14:48:e8:c5:f0:4d:0a:4e:eb:39:bb:5b:16:cd:
92:48:e9:9e:0f:b0:84:72:11:be:54:3a:36:a9:61:09:9c:6d:
2d:5d:23:65:c8:56:28:7f:3c:a8:b5:e6:4e:58:df:66:d4:0f:
6e:b5:f9:f7:69:95:85:8f:df:90:84:ce:a3:00:a3:de:bf:f1:
58:6f:64:34:d1:4d:a8:34:7e:d4:fe:67:45:4d:69:43:da:d0:
30:a0:02:e7:7c:9f:39:98:4b:2a:b6:ad:45:81:3d:96:c1:ab:
b8:27:0e:19
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZyBvEzYxpVqgzMQ22RikKMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzOGMxODY4YjU2MzgwZTA4YzQ1ZjgxZmZlNjFkZDMyODFk
NjY5N2UwHhcNMjYwMjIxMTk0NTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWZjNjQ0YjYyYmE2ZTkwNjRhNmVjYzJkMzdlZmE4NDE2ZDc1MjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqTInJ4bhyv9bz5vnd0xtsWmxmNj/
19/nhdVlKmX9vcIsoG+jnnuwTPjFQn06njM2LIzqRyaau5pU/zGEaRZExN3bQUBW
pxXgyQZBa8bcxWMCBxuWNjvTdXe7UmhmHtk4DlbDEE+mixQSCWRiAQUgvVkYpEZk
GyspSr46V0P4+hSm8kfFe67VwCj9+G0EovfOqrcGhHPo51DvZeIKm6m8WnwImwEp
s34W8UosQD8fj8LcRjB5zUfiNDktLbuDfK2HaT4ljmgEc239zB8pZB4rIQ30dvjY
Bc/BsZS82Y38tGkxHCo+5ZKo6FAyMoTfrm4Ym4VOBHDDDVvcmCaMous0qQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFBn8ZEtium6QZKbswtN++oQW11JZMB8GA1UdIwQY
MBaAFDOMGGi1Y4DgjEX4H/5h3TKB1ml+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTR3WWFMVmpnT0NNUmZnZl9tSGRNb0hXYVg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi80MjQxMWUtZTdhYi00NjQ1LTlhNGIt
MTZkYmE1NDNiNTU4LzEvR2Z4a1MySzZicEJrcHV6QzAzNzZoQmJYVWxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi80MjQxMWUtZTdhYi00NjQ1LTlhNGItMTZkYmE1NDNiNTU4
LzEvTTR3WWFMVmpnT0NNUmZnZl9tSGRNb0hXYVg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOnQDAN
BgkqhkiG9w0BAQsFAAOCAQEADukwinr6JywHFrIysA+7vF9fBDk6SCdyOK2RoJcT
PZSYoCIHM9gdNublr4az1ACa0VYihCsOT/jCpN+wFp13LIYp5u3EY8LKmwVNSYvt
NgYpEWrhtXHhbyGx67mbrs5RKMWHnd392uKYDr0mZB5yT9Ny1z6fxA7HWTCx038z
RuclZDAlJi4V8d0qP85pq4itcfhUYRRI6MXwTQpO6zm7WxbNkkjpng+whHIRvlQ6
NqlhCZxtLV0jZchWKH88qLXmTljfZtQPbrX592mVhY/fkITOowCj3r/xWG9kNNFN
qDR+1P5nRU1pQ9rQMKAC53yfOZhLKratRYE9lsGruCcOGQ==
-----END CERTIFICATE-----
Generated at Thu Feb 26 18:52:46 2026 by rpki-client