Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/zqH7PIwD2OvVz8liTRZueVFXmaE.roa
File: zqH7PIwD2OvVz8liTRZueVFXmaE.roa (raw, json)
Hash identifier: BXMW4vWk9nQ5Gp3KOtw8JP/3jdcQ4VprRgpXeJfYtDo=
Subject key identifier: CE:A1:FB:3C:8C:03:D8:EB:D5:CF:C9:62:4D:16:6E:79:51:57:99:A1
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 019D629ACF4455BC7EE3548291EA0E8BDBEE
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/zqH7PIwD2OvVz8liTRZueVFXmaE.roa
Signing time: Mon 06 Apr 2026 11:43:25 +0000
ROA not before: Mon 06 Apr 2026 11:43:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203312
IP address blocks: 78.83.211.0/24 maxlen: 24
82.103.79.0/24 maxlen: 24
151.251.61.0/24 maxlen: 24
195.34.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:62:9a:cf:44:55:bc:7e:e3:54:82:91:ea:0e:8b:db:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Apr 6 11:43:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cea1fb3c8c03d8ebd5cfc9624d166e79515799a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:92:1a:7d:c1:18:56:ba:32:98:d2:4e:70:07:
4d:72:5b:de:4b:49:58:ff:8d:40:b0:ad:c8:1d:e6:
47:20:c1:9d:c1:4b:cc:b8:01:ad:85:d6:c8:83:b5:
7f:81:2f:5e:fa:34:fc:4a:5d:4c:aa:95:1f:1d:df:
e5:f4:69:28:71:2a:9a:fb:b3:26:1e:92:8e:21:37:
d5:0f:a8:33:73:13:13:ec:7c:8c:c7:ab:91:3f:9c:
32:25:7f:c5:32:59:b5:66:60:27:85:43:10:50:ed:
c6:67:b9:b4:27:81:27:71:a3:70:8b:be:f6:17:39:
50:0b:19:5e:2e:a9:a4:a7:e4:d5:10:42:4c:a3:a2:
93:8f:78:71:e6:1f:86:e7:66:52:d6:1e:fc:f9:f0:
a6:7e:05:20:c6:f4:6d:f4:e3:16:41:1f:52:8b:e2:
8f:c9:0c:87:30:66:2e:17:02:27:be:e9:69:58:81:
88:13:95:2d:1e:a9:9b:a4:b9:b1:76:32:ce:e1:4a:
3d:76:99:3f:76:5e:00:9d:df:d7:e0:66:ab:4d:6c:
72:f6:48:99:9f:ee:77:da:c4:38:60:60:74:94:bd:
1c:f0:a8:35:27:2d:ce:0d:c5:08:c1:0c:b4:8c:00:
63:c3:11:5f:0d:73:eb:d7:4c:0b:92:6d:a5:4d:86:
25:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:A1:FB:3C:8C:03:D8:EB:D5:CF:C9:62:4D:16:6E:79:51:57:99:A1
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/zqH7PIwD2OvVz8liTRZueVFXmaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.83.211.0/24
82.103.79.0/24
151.251.61.0/24
195.34.122.0/24
Signature Algorithm: sha256WithRSAEncryption
87:92:cd:3b:13:1a:3e:db:96:c3:c1:86:f0:5d:58:9b:2c:d1:
08:63:15:cb:ee:bf:eb:31:e5:bd:da:51:64:80:85:03:7f:e9:
af:75:20:34:b7:7c:35:44:7e:55:c2:60:5d:c1:8e:f8:c9:58:
86:d1:23:05:ab:54:06:5b:f3:cd:2d:d6:13:ba:4f:ac:4f:e7:
45:39:e6:13:d3:1c:0d:f4:a1:41:cf:30:ea:2b:00:5b:86:73:
b8:c2:5b:fd:1c:62:8d:a3:b5:14:8d:58:7b:4a:3e:cb:8c:f0:
b3:5f:d9:7c:cf:f9:a7:81:87:3f:d3:ff:a8:59:0c:4a:56:ee:
35:ab:d1:0f:4e:87:13:e3:5e:f4:15:17:58:24:3b:d2:62:c9:
95:ab:d7:9a:6d:8f:1f:a7:21:fd:f0:27:84:a8:a8:1c:be:81:
c7:17:2e:db:a2:b3:a4:43:31:6e:09:67:17:c7:f9:be:3d:e7:
25:bb:c9:a8:6c:aa:d7:ba:c9:7d:48:0a:ac:0e:e6:00:bf:6c:
6d:56:6a:a7:4d:a4:a9:5e:64:6b:0b:6c:be:6b:c5:7a:29:b6:
f1:73:ab:bd:d9:49:05:96:af:ea:06:dc:85:7f:60:08:47:90:
23:98:21:2a:58:65:68:b7:1b:a2:09:c8:b2:c4:80:c9:56:9b:
8d:ce:6e:57
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ1ims9EVbx+41SCkeoOi9vuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjYwNDA2MTE0MzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWExZmIzYzhjMDNkOGViZDVjZmM5NjI0ZDE2NmU3OTUxNTc5OWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZIafcEYVroymNJOcAdNclveS0lY
/41AsK3IHeZHIMGdwUvMuAGthdbIg7V/gS9e+jT8Sl1MqpUfHd/l9GkocSqa+7Mm
HpKOITfVD6gzcxMT7HyMx6uRP5wyJX/FMlm1ZmAnhUMQUO3GZ7m0J4EncaNwi772
FzlQCxleLqmkp+TVEEJMo6KTj3hx5h+G52ZS1h78+fCmfgUgxvRt9OMWQR9Si+KP
yQyHMGYuFwInvulpWIGIE5UtHqmbpLmxdjLO4Uo9dpk/dl4And/X4GarTWxy9kiZ
n+532sQ4YGB0lL0c8Kg1Jy3ODcUIwQy0jABjwxFfDXPr10wLkm2lTYYlqwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM6h+zyMA9jr1c/JYk0WbnlRV5mhMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvenFIN1BJd0QyT3ZWejhsaVRSWnVlVkZYbWFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATlPTAwQA
UmdPAwQAl/s9AwQAwyJ6MA0GCSqGSIb3DQEBCwUAA4IBAQCHks07Exo+25bDwYbw
XVibLNEIYxXL7r/rMeW92lFkgIUDf+mvdSA0t3w1RH5VwmBdwY74yViG0SMFq1QG
W/PNLdYTuk+sT+dFOeYT0xwN9KFBzzDqKwBbhnO4wlv9HGKNo7UUjVh7Sj7LjPCz
X9l8z/mngYc/0/+oWQxKVu41q9EPTocT4170FRdYJDvSYsmVq9eabY8fpyH98CeE
qKgcvoHHFy7borOkQzFuCWcXx/m+Peclu8mobKrXusl9SAqsDuYAv2xtVmqnTaSp
XmRrC2y+a8V6Kbbxc6u92UkFlq/qBtyFf2AIR5AjmCEqWGVotxuiCciyxIDJVpuN
zm5X
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:19:43 2026 by rpki-client