Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/gne3kq1o-I5H5isdKeVnYHfgRM8.roa
File: gne3kq1o-I5H5isdKeVnYHfgRM8.roa (raw, json)
Hash identifier: OHMcztr6MiSOs8pzNesHKIFuwuf6t31tDx5kJSWgBCw=
Subject key identifier: 82:77:B7:92:AD:68:F8:8E:47:E6:2B:1D:29:E5:67:60:77:E0:44:CF
Certificate issuer: /CN=7bbd51272064b63b2c663c0296ba11db5ea238c0
Certificate serial: 019DC33B7484B2FACB82C29F0CBE5D896B16
Authority key identifier: 7B:BD:51:27:20:64:B6:3B:2C:66:3C:02:96:BA:11:DB:5E:A2:38:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/gne3kq1o-I5H5isdKeVnYHfgRM8.roa
Signing time: Sat 25 Apr 2026 06:02:26 +0000
ROA not before: Sat 25 Apr 2026 06:02:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49100
IP address blocks: 109.125.128.0/19 maxlen: 19
109.125.128.0/22 maxlen: 22
109.125.132.0/22 maxlen: 22
185.82.28.0/22 maxlen: 22
185.82.28.0/24 maxlen: 24
185.129.184.0/21 maxlen: 21
185.129.196.0/22 maxlen: 22
185.129.197.0/24 maxlen: 24
185.129.200.0/22 maxlen: 22
185.129.212.0/22 maxlen: 22
185.129.216.0/22 maxlen: 22
185.129.228.0/22 maxlen: 22
185.129.230.0/23 maxlen: 23
185.129.232.0/21 maxlen: 21
185.129.237.0/24 maxlen: 24
185.129.240.0/22 maxlen: 22
2a03:54a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/e71RJyBktjssZjwClroR216iOMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/e71RJyBktjssZjwClroR216iOMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 15:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c3:3b:74:84:b2:fa:cb:82:c2:9f:0c:be:5d:89:6b:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bbd51272064b63b2c663c0296ba11db5ea238c0
Validity
Not Before: Apr 25 06:02:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8277b792ad68f88e47e62b1d29e5676077e044cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:dc:47:61:36:a7:09:56:83:0b:ca:1d:89:74:
cb:3f:d7:af:20:0c:73:e1:aa:c0:43:a8:9b:39:76:
d0:e8:04:48:7f:a5:6b:2d:d2:dc:71:6b:11:c0:ed:
be:10:46:19:32:59:10:bf:dc:48:ae:f7:81:87:a1:
cf:79:45:97:ac:05:63:04:0a:63:ce:73:92:eb:70:
38:46:f1:2a:04:12:c9:a6:a8:ea:fe:fe:4e:d3:9f:
65:25:50:c8:0f:ee:85:0e:b4:1a:e3:f6:28:62:f0:
42:3b:bb:2a:74:83:bb:54:49:4a:5f:81:9e:7b:35:
56:de:30:45:74:b8:96:63:82:08:8e:51:b8:b5:09:
57:15:ba:6f:59:44:83:9c:02:c4:7c:cc:85:f2:29:
54:08:38:0d:a6:91:11:43:a5:6f:4d:69:6e:90:ea:
9e:72:df:d2:7a:56:54:3b:dd:33:19:dd:7f:8c:94:
8d:ea:58:d4:83:ee:26:cd:cc:04:e8:6d:ff:5f:bb:
d4:33:d9:f0:63:62:0b:ba:64:f5:d9:f0:98:66:49:
9e:59:0d:ee:73:60:9a:4b:2e:45:df:82:2f:e8:87:
84:45:a7:61:df:4d:c5:c5:c6:a4:fd:b2:c4:5e:40:
cd:6c:84:bb:de:6c:9b:62:79:11:15:b9:68:1d:83:
cb:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:77:B7:92:AD:68:F8:8E:47:E6:2B:1D:29:E5:67:60:77:E0:44:CF
X509v3 Authority Key Identifier:
keyid:7B:BD:51:27:20:64:B6:3B:2C:66:3C:02:96:BA:11:DB:5E:A2:38:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e71RJyBktjssZjwClroR216iOMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/gne3kq1o-I5H5isdKeVnYHfgRM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/b82a06-ab0d-4adf-8a85-97c9aab828f2/1/e71RJyBktjssZjwClroR216iOMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.125.128.0/19
185.82.28.0/22
185.129.184.0/21
185.129.196.0-185.129.203.255
185.129.212.0-185.129.219.255
185.129.228.0-185.129.243.255
IPv6:
2a03:54a0::/32
Signature Algorithm: sha256WithRSAEncryption
c2:93:3c:5c:c9:5e:0a:a1:46:9f:b8:c4:a3:9e:05:58:d8:d7:
59:cb:03:8e:a6:b1:ca:d5:a5:c1:99:ed:80:72:c2:33:12:2b:
5f:15:49:51:c6:53:c4:ef:7e:bc:28:b5:28:ca:39:4a:be:48:
4d:c1:b5:44:d5:56:d5:e3:e9:bd:11:5d:00:45:fe:e1:af:7d:
e7:63:5c:39:98:4a:e8:5b:f8:15:84:e2:f7:76:b0:66:e3:c6:
14:c2:5a:e4:18:65:08:bd:1c:16:45:d8:f1:b1:94:2f:9c:c7:
25:16:4f:d7:1c:3c:ec:a1:d9:5a:95:e7:c0:f7:c0:ac:0c:d1:
83:7e:89:93:b2:7d:d0:20:95:f2:e7:ca:1f:4a:e7:52:47:a5:
51:73:4e:1d:db:30:75:f6:31:31:45:9a:e5:4b:b1:f9:af:ad:
0a:7c:be:5a:95:8e:1f:8b:13:85:96:00:3f:b8:55:d5:32:a3:
f0:5a:14:a3:7d:b7:0d:a7:dc:cd:5f:32:57:04:22:7b:5f:aa:
a2:20:16:82:10:6d:03:4d:d5:8c:91:68:0c:0f:2c:3f:c5:75:
62:3a:98:00:40:50:c5:0c:fe:83:6e:3f:41:df:66:8e:f9:07:
85:0d:7c:19:34:9b:b3:99:1e:7e:28:ad:01:8d:13:f2:fe:87:
f6:60:6d:8f
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZ3DO3SEsvrLgsKfDL5diWsWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYmQ1MTI3MjA2NGI2M2IyYzY2M2MwMjk2YmExMWRiNWVh
MjM4YzAwHhcNMjYwNDI1MDYwMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjc3Yjc5MmFkNjhmODhlNDdlNjJiMWQyOWU1Njc2MDc3ZTA0NGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3txHYTanCVaDC8odiXTLP9evIAxz
4arAQ6ibOXbQ6ARIf6VrLdLccWsRwO2+EEYZMlkQv9xIrveBh6HPeUWXrAVjBApj
znOS63A4RvEqBBLJpqjq/v5O059lJVDID+6FDrQa4/YoYvBCO7sqdIO7VElKX4Ge
ezVW3jBFdLiWY4IIjlG4tQlXFbpvWUSDnALEfMyF8ilUCDgNppERQ6VvTWlukOqe
ct/SelZUO90zGd1/jJSN6ljUg+4mzcwE6G3/X7vUM9nwY2ILumT12fCYZkmeWQ3u
c2CaSy5F34Iv6IeERadh303Fxcak/bLEXkDNbIS73mybYnkRFbloHYPLuQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFIJ3t5KtaPiOR+YrHSnlZ2B34ETPMB8GA1UdIwQY
MBaAFHu9UScgZLY7LGY8Apa6EdteojjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTcxUkp5Qmt0anNzWmp3Q2xyb1IyMTZpT01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9iODJhMDYtYWIwZC00YWRmLThhODUt
OTdjOWFhYjgyOGYyLzEvZ25lM2txMW8tSTVINWlzZEtlVm5ZSGZnUk04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9iODJhMDYtYWIwZC00YWRmLThhODUtOTdjOWFhYjgyOGYy
LzEvZTcxUkp5Qmt0anNzWmp3Q2xyb1IyMTZpT01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQFbX2AAwQC
uVIcAwQDuYG4MAwDBAK5gcQDBAK5gcgwDAMEArmB1AMEArmB2DAMAwQCuYHkAwQC
uYHwMA0EAgACMAcDBQAqA1SgMA0GCSqGSIb3DQEBCwUAA4IBAQDCkzxcyV4KoUaf
uMSjngVY2NdZywOOprHK1aXBme2AcsIzEitfFUlRxlPE7368KLUoyjlKvkhNwbVE
1VbV4+m9EV0ARf7hr33nY1w5mEroW/gVhOL3drBm48YUwlrkGGUIvRwWRdjxsZQv
nMclFk/XHDzsodlalefA98CsDNGDfomTsn3QIJXy58ofSudSR6VRc04d2zB19jEx
RZrlS7H5r60KfL5alY4fixOFlgA/uFXVMqPwWhSjfbcNp9zNXzJXBCJ7X6qiIBaC
EG0DTdWMkWgMDyw/xXViOpgAQFDFDP6Dbj9B32aO+QeFDXwZNJuzmR5+KK0BjRPy
/of2YG2P
-----END CERTIFICATE-----
Generated at Mon Apr 27 23:41:20 2026 by rpki-client