Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Zcxa-wcmGJQEbWCPWNRy_S9kAeA.roa
File: Zcxa-wcmGJQEbWCPWNRy_S9kAeA.roa (raw, json)
Hash identifier: cR+01K9zK2mMvRiOd2NbvFpy3P7pPHXeI9e4ZoZCoSE=
Subject key identifier: 65:CC:5A:FB:07:26:18:94:04:6D:60:8F:58:D4:72:FD:2F:64:01:E0
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 019D6C857B6CADD168865016E65D16D47EF7
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Zcxa-wcmGJQEbWCPWNRy_S9kAeA.roa
Signing time: Wed 08 Apr 2026 09:56:20 +0000
ROA not before: Wed 08 Apr 2026 09:56:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210489
IP address blocks: 45.135.96.0/23 maxlen: 23
45.135.98.0/23 maxlen: 23
45.136.64.0/22 maxlen: 23
45.136.64.0/23 maxlen: 23
45.136.66.0/23 maxlen: 23
45.140.8.0/23 maxlen: 23
45.141.16.0/23 maxlen: 23
45.141.18.0/23 maxlen: 23
45.141.62.0/23 maxlen: 23
45.141.206.0/23 maxlen: 23
45.149.88.0/22 maxlen: 24
45.152.8.0/23 maxlen: 23
45.157.202.0/23 maxlen: 23
46.161.210.0/23 maxlen: 23
46.161.220.0/23 maxlen: 23
46.161.222.0/23 maxlen: 23
91.244.204.0/22 maxlen: 23
91.244.204.0/23 maxlen: 23
91.244.206.0/23 maxlen: 23
185.222.32.0/23 maxlen: 23
185.222.34.0/23 maxlen: 23
193.110.4.0/23 maxlen: 24
193.110.4.0/24 maxlen: 24
193.110.5.0/24 maxlen: 24
195.62.22.0/23 maxlen: 24
195.62.22.0/24 maxlen: 24
195.62.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6c:85:7b:6c:ad:d1:68:86:50:16:e6:5d:16:d4:7e:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Apr 8 09:56:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=65cc5afb07261894046d608f58d472fd2f6401e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1e:26:35:f6:2a:d5:32:1b:7d:c0:30:ba:0e:
27:f9:7b:72:84:47:94:0e:ae:21:e0:df:14:3f:9d:
cd:4d:15:f9:22:ce:d4:04:2b:81:66:8b:ff:89:f6:
fc:f5:fa:1d:7b:73:8b:44:85:10:dd:40:cf:27:f8:
ad:31:64:20:ce:3e:e6:e4:bd:c9:8a:ef:94:2d:40:
9f:25:03:a5:c7:98:4a:d1:e6:fa:ab:c1:68:66:23:
78:03:15:92:2f:fa:fc:82:23:e6:2c:5f:6b:d3:66:
e4:93:c2:2b:1b:2e:ba:7c:a9:f9:94:b1:c8:71:ca:
42:45:26:f9:89:d3:c0:01:b4:5d:11:f1:9d:7b:17:
5d:91:4c:03:49:95:15:85:b9:88:0c:58:c6:4a:76:
0f:c2:02:cc:7e:31:64:46:26:51:44:06:08:20:9f:
ae:e4:e8:4d:66:99:83:10:b6:fa:52:1a:6c:6a:14:
69:bb:f0:a3:b2:36:bc:62:3a:a2:70:60:f6:98:9b:
4f:d1:47:2b:eb:f3:c7:15:e5:28:de:b9:aa:2e:d4:
91:dc:57:0d:6e:bc:fc:72:0f:84:0a:64:f2:81:eb:
df:15:d7:49:a9:e9:4e:49:bc:13:35:b0:fc:d9:5e:
a2:72:74:f1:df:2a:2b:c7:b1:d2:4b:f5:4d:e4:d7:
a8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:CC:5A:FB:07:26:18:94:04:6D:60:8F:58:D4:72:FD:2F:64:01:E0
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Zcxa-wcmGJQEbWCPWNRy_S9kAeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.96.0/22
45.136.64.0/22
45.140.8.0/23
45.141.16.0/22
45.141.62.0/23
45.141.206.0/23
45.149.88.0/22
45.152.8.0/23
45.157.202.0/23
46.161.210.0/23
46.161.220.0/22
91.244.204.0/22
185.222.32.0/22
193.110.4.0/23
195.62.22.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:17:b3:dd:36:57:7b:26:36:ff:52:3b:ca:70:eb:c5:93:15:
3a:f1:e6:5a:37:1b:c6:48:b5:ed:c8:ce:ff:7c:a3:de:39:bf:
80:21:53:c5:e2:c8:76:0a:a2:6b:d5:1b:f9:a0:35:b2:c3:36:
2e:b4:46:e6:50:2a:73:b1:1c:87:99:f0:e5:ca:2b:c3:34:9c:
28:d4:0e:b0:21:ec:a7:32:b5:72:59:1f:e3:17:70:7b:9c:f3:
0c:1a:8c:b2:0f:e1:5c:fc:9b:71:d3:fa:07:99:04:5d:4a:d2:
66:e4:1c:e5:3d:57:0b:8d:0b:a1:c1:52:f2:c2:75:5c:94:c1:
db:11:10:45:74:7c:32:5d:68:0b:9e:da:81:e9:82:85:d7:c3:
86:b5:1f:a7:9c:f3:64:b5:fd:2a:92:5d:08:d8:dc:e7:af:be:
32:17:b0:a6:a3:ae:17:c5:c2:96:6b:53:be:33:1c:9f:2a:5c:
32:9c:f3:98:fa:a5:78:44:89:bc:22:9c:75:70:d3:9d:aa:09:
43:c6:b8:d1:4a:d1:f2:8e:e0:08:b1:61:79:17:d0:c4:0e:77:
c3:37:bf:2f:cd:1b:27:73:85:55:17:20:e2:79:03:89:83:74:
bb:8e:99:6a:7f:5c:a6:cf:2b:1b:24:88:72:32:a6:23:e8:cd:
81:d6:96:12
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZ1shXtsrdFohlAW5l0W1H73MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjYwNDA4MDk1NjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWNjNWFmYjA3MjYxODk0MDQ2ZDYwOGY1OGQ0NzJmZDJmNjQwMWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR4mNfYq1TIbfcAwug4n+XtyhEeU
Dq4h4N8UP53NTRX5Is7UBCuBZov/ifb89fode3OLRIUQ3UDPJ/itMWQgzj7m5L3J
iu+ULUCfJQOlx5hK0eb6q8FoZiN4AxWSL/r8giPmLF9r02bkk8IrGy66fKn5lLHI
ccpCRSb5idPAAbRdEfGdexddkUwDSZUVhbmIDFjGSnYPwgLMfjFkRiZRRAYIIJ+u
5OhNZpmDELb6UhpsahRpu/Cjsja8YjqicGD2mJtP0Ucr6/PHFeUo3rmqLtSR3FcN
brz8cg+ECmTygevfFddJqelOSbwTNbD82V6icnTx3yorx7HSS/VN5NeoTwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFGXMWvsHJhiUBG1gj1jUcv0vZAHgMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvWmN4YS13Y21HSlFFYldDUFdOUnlfUzlrQWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQCLYdgAwQC
LYhAAwQBLYwIAwQCLY0QAwQBLY0+AwQBLY3OAwQCLZVYAwQBLZgIAwQBLZ3KAwQB
LqHSAwQCLqHcAwQCW/TMAwQCud4gAwQBwW4EAwQBwz4WMA0GCSqGSIb3DQEBCwUA
A4IBAQBqF7PdNld7Jjb/UjvKcOvFkxU68eZaNxvGSLXtyM7/fKPeOb+AIVPF4sh2
CqJr1Rv5oDWywzYutEbmUCpzsRyHmfDlyivDNJwo1A6wIeynMrVyWR/jF3B7nPMM
GoyyD+Fc/Jtx0/oHmQRdStJm5BzlPVcLjQuhwVLywnVclMHbERBFdHwyXWgLntqB
6YKF18OGtR+nnPNktf0qkl0I2Nznr74yF7Cmo64XxcKWa1O+MxyfKlwynPOY+qV4
RIm8Ipx1cNOdqglDxrjRStHyjuAIsWF5F9DEDnfDN78vzRsnc4VVFyDieQOJg3S7
jplqf1ymzysbJIhyMqYj6M2B1pYS
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:54:30 2026 by rpki-client