Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zpnmY5XLYf5v7jnE2ednNLT97S4.roa
File: zpnmY5XLYf5v7jnE2ednNLT97S4.roa (raw, json)
Hash identifier: t/rnb3Jrf6POFL3if4w6CjNnSuGEAY9YBu7w3nzSzk0=
Subject key identifier: CE:99:E6:63:95:CB:61:FE:6F:EE:39:C4:D9:E7:67:34:B4:FD:ED:2E
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019EBAA453D492919D9B39C303A440EF2451
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zpnmY5XLYf5v7jnE2ednNLT97S4.roa
Signing time: Fri 12 Jun 2026 07:03:11 +0000
ROA not before: Fri 12 Jun 2026 07:03:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 62.76.226.0/24 maxlen: 24
185.72.10.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
192.124.190.0/24 maxlen: 24
193.124.3.0/24 maxlen: 24
193.124.5.0/24 maxlen: 24
193.124.6.0/24 maxlen: 24
193.124.7.0/24 maxlen: 24
193.124.91.0/24 maxlen: 24
194.58.58.0/24 maxlen: 24
194.58.67.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.52.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.59.0/24 maxlen: 24
194.87.75.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.120.0/24 maxlen: 24
194.87.121.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
194.87.126.0/24 maxlen: 24
194.87.136.0/24 maxlen: 24
194.87.152.0/24 maxlen: 24
194.87.176.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
194.87.183.0/24 maxlen: 24
194.87.185.0/24 maxlen: 24
194.87.192.0/24 maxlen: 24
194.87.193.0/24 maxlen: 24
194.87.194.0/24 maxlen: 24
194.87.195.0/24 maxlen: 24
194.87.211.0/24 maxlen: 24
194.87.212.0/24 maxlen: 24
194.87.229.0/24 maxlen: 24
194.87.231.0/24 maxlen: 24
194.135.23.0/24 maxlen: 24
194.135.24.0/24 maxlen: 24
195.58.55.0/24 maxlen: 24
195.133.12.0/24 maxlen: 24
195.133.19.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.29.0/24 maxlen: 24
195.133.35.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.57.0/24 maxlen: 24
195.133.58.0/24 maxlen: 24
195.133.72.0/24 maxlen: 24
195.133.92.0/23 maxlen: 23
195.133.95.0/24 maxlen: 24
212.192.210.0/24 maxlen: 24
212.192.211.0/24 maxlen: 24
212.192.241.0/24 maxlen: 24
212.192.242.0/24 maxlen: 24
212.192.247.0/24 maxlen: 24
212.192.249.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.15.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
212.193.28.0/24 maxlen: 24
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ba:a4:53:d4:92:91:9d:9b:39:c3:03:a4:40:ef:24:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 12 07:03:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ce99e66395cb61fe6fee39c4d9e76734b4fded2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:d1:cf:27:8d:06:75:18:cb:96:84:bb:27:e7:
af:3e:fd:38:5b:ca:7a:49:60:d2:05:80:54:4d:79:
9f:eb:b5:1c:c1:69:9a:dd:77:a6:1d:2d:b8:78:ce:
65:9d:ab:c7:73:f4:31:fb:ef:31:c2:68:d1:68:69:
59:3c:b0:8d:72:85:fe:d2:06:c0:47:ae:ab:3c:2e:
92:90:3f:08:cb:7e:71:e8:4d:09:fa:5d:52:17:db:
46:bd:58:85:a6:74:7a:77:14:6c:af:8a:ba:8e:33:
aa:1b:3f:85:c7:5b:af:17:fb:6b:2d:95:0c:f5:77:
ed:d8:c4:f4:30:73:db:fa:c0:c4:de:76:98:3c:63:
f3:4b:60:78:ec:99:60:de:72:c5:4a:73:50:d5:26:
19:71:34:14:9b:cc:de:f2:08:4e:9a:91:27:4b:e4:
98:28:2e:ec:57:04:36:c6:b1:a1:71:ba:3e:88:a2:
9a:f7:5b:08:90:37:4a:ab:1d:e1:c0:17:18:ed:46:
74:32:e7:d8:e1:0b:32:1b:21:e2:a2:e6:9a:a2:a0:
28:b4:21:3f:d1:fb:a4:e7:c5:08:9e:c6:1a:94:04:
ef:f5:78:e5:f0:f9:10:16:86:5a:e7:52:72:55:d0:
73:cb:9d:39:ff:8a:cd:fe:2a:ae:1d:4e:bc:e1:2b:
c1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:99:E6:63:95:CB:61:FE:6F:EE:39:C4:D9:E7:67:34:B4:FD:ED:2E
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zpnmY5XLYf5v7jnE2ednNLT97S4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.226.0/24
185.72.10.0/24
192.124.183.0/24
192.124.190.0/24
193.124.3.0/24
193.124.5.0-193.124.7.255
193.124.91.0/24
194.58.58.0/24
194.58.67.0/24
194.58.155.0/24
194.58.223.0/24
194.87.52.0/23
194.87.59.0/24
194.87.75.0/24
194.87.119.0-194.87.122.255
194.87.126.0/24
194.87.136.0/24
194.87.152.0/24
194.87.176.0/24
194.87.179.0/24
194.87.183.0/24
194.87.185.0/24
194.87.192.0/22
194.87.211.0-194.87.212.255
194.87.229.0/24
194.87.231.0/24
194.135.23.0-194.135.24.255
195.58.55.0/24
195.133.12.0/24
195.133.19.0/24
195.133.24.0/23
195.133.29.0/24
195.133.35.0/24
195.133.40.0/23
195.133.50.0/23
195.133.57.0-195.133.58.255
195.133.72.0/24
195.133.92.0/23
195.133.95.0/24
212.192.210.0/23
212.192.241.0-212.192.242.255
212.192.247.0/24
212.192.249.0/24
212.193.0.0/24
212.193.15.0/24
212.193.26.0-212.193.28.255
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
20:e3:eb:90:4f:d4:4e:e8:bb:06:ac:22:1b:1f:46:4b:1e:b6:
d1:24:17:a0:85:a5:cd:ac:5b:1d:34:b4:1d:af:6e:6f:5a:7f:
4c:3d:e0:57:8a:2a:8f:b7:fd:7c:32:ca:b4:6a:84:6d:bf:45:
2f:d5:5e:a2:71:52:af:1c:d1:d3:f0:58:e6:7a:56:13:c9:9a:
c0:1f:1e:f3:c4:9f:06:f8:87:5a:50:a7:42:6f:2b:5a:6e:ed:
2c:d0:9f:9b:cf:37:23:d7:c9:f6:b7:0e:74:fa:51:87:35:9b:
cc:34:f1:be:6c:bf:1e:26:ad:e5:dc:ff:9c:b0:fd:60:5d:01:
e3:00:fd:fd:5d:16:c4:41:18:12:c8:cf:e8:d2:52:4f:ec:46:
ea:45:de:bc:4f:45:fb:2f:6b:fb:2c:34:07:9d:95:11:70:22:
2e:b4:e0:e8:c1:39:20:12:24:ec:55:e0:f3:f3:4a:1e:9e:46:
93:60:1e:c7:ef:dd:f8:c7:b1:06:2b:95:65:a7:31:4d:0a:d9:
3c:07:51:6d:42:ad:30:17:6f:ae:1f:a5:b2:b9:4b:92:a8:77:
64:33:7a:5c:55:cd:bb:06:87:8d:7d:06:a8:d0:af:c0:4c:2b:
f5:37:bd:1c:15:1e:5f:45:46:bc:a1:5d:86:33:a6:3e:6e:f3:
bd:a1:88:69
-----BEGIN CERTIFICATE-----
MIIGYzCCBUugAwIBAgISAZ66pFPUkpGdmznDA6RA7yRRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjYwNjEyMDcwMzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTk5ZTY2Mzk1Y2I2MWZlNmZlZTM5YzRkOWU3NjczNGI0ZmRlZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NHPJ40GdRjLloS7J+evPv04W8p6
SWDSBYBUTXmf67UcwWma3XemHS24eM5lnavHc/Qx++8xwmjRaGlZPLCNcoX+0gbA
R66rPC6SkD8Iy35x6E0J+l1SF9tGvViFpnR6dxRsr4q6jjOqGz+Fx1uvF/trLZUM
9Xft2MT0MHPb+sDE3naYPGPzS2B47Jlg3nLFSnNQ1SYZcTQUm8ze8ghOmpEnS+SY
KC7sVwQ2xrGhcbo+iKKa91sIkDdKqx3hwBcY7UZ0MufY4QsyGyHiouaaoqAotCE/
0fuk58UInsYalATv9Xjl8PkQFoZa51JyVdBzy505/4rN/iquHU684SvB+wIDAQAB
o4IDbzCCA2swHQYDVR0OBBYEFM6Z5mOVy2H+b+45xNnnZzS0/e0uMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvenBubVk1WExZZjV2N2puRTJlZG5OTFQ5N1M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBgwYIKwYBBQUHAQcBAf8EggFyMIIBbjCCAVQEAgABMIIB
TAMEAD5M4gMEALlICgMEAMB8twMEAMB8vgMEAMF8AzAMAwQAwXwFAwQDwXwAAwQA
wXxbAwQAwjo6AwQAwjpDAwQAwjqbAwQAwjrfAwQBwlc0AwQAwlc7AwQAwldLMAwD
BADCV3cDBADCV3oDBADCV34DBADCV4gDBADCV5gDBADCV7ADBADCV7MDBADCV7cD
BADCV7kDBALCV8AwDAMEAMJX0wMEAMJX1AMEAMJX5QMEAMJX5zAMAwQAwocXAwQA
wocYAwQAwzo3AwQAw4UMAwQAw4UTAwQBw4UYAwQAw4UdAwQAw4UjAwQBw4UoAwQB
w4UyMAwDBADDhTkDBADDhToDBADDhUgDBAHDhVwDBADDhV8DBAHUwNIwDAMEANTA
8QMEANTA8gMEANTA9wMEANTA+QMEANTBAAMEANTBDzAMAwQB1MEaAwQA1MEcMBQE
AgACMA4DBQMqAVfAAwUDKgz/QDANBgkqhkiG9w0BAQsFAAOCAQEAIOPrkE/UTui7
BqwiGx9GSx620SQXoIWlzaxbHTS0Ha9ub1p/TD3gV4oqj7f9fDLKtGqEbb9FL9Ve
onFSrxzR0/BY5npWE8mawB8e88SfBviHWlCnQm8rWm7tLNCfm883I9fJ9rcOdPpR
hzWbzDTxvmy/Hiat5dz/nLD9YF0B4wD9/V0WxEEYEsjP6NJST+xG6kXevE9F+y9r
+yw0B52VEXAiLrTg6ME5IBIk7FXg8/NKHp5Gk2Aex+/d+MexBiuVZacxTQrZPAdR
bUKtMBdvrh+lsrlLkqh3ZDN6XFXNuwaHjX0GqNCvwEwr9Te9HBUeX0VGvKFdhjOm
Pm7zvaGIaQ==
-----END CERTIFICATE-----
Generated at Sun Jun 14 02:45:03 2026 by rpki-client