Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5fd72f-ef77-4537-89e9-9fbd963a513c/1/zfEmQThXQQemumuyrh4dc64Ljpo.roa
File: zfEmQThXQQemumuyrh4dc64Ljpo.roa (raw, json)
Hash identifier: l1StJqEcmI3IdHWyUspZlBSORRI1cMJESHxgjnRlaoo=
Subject key identifier: CD:F1:26:41:38:57:41:07:A6:BA:6B:B2:AE:1E:1D:73:AE:0B:8E:9A
Certificate issuer: /CN=b039ab8298fa363ae837e530028969cc5cbf104e
Certificate serial: 019C46F1BC89CAF8E3F58FA67E17919C8BA2
Authority key identifier: B0:39:AB:82:98:FA:36:3A:E8:37:E5:30:02:89:69:CC:5C:BF:10:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sDmrgpj6NjroN-UwAolpzFy_EE4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5fd72f-ef77-4537-89e9-9fbd963a513c/1/zfEmQThXQQemumuyrh4dc64Ljpo.roa
Signing time: Tue 10 Feb 2026 09:46:13 +0000
ROA not before: Tue 10 Feb 2026 09:46:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214865
IP address blocks: 62.169.139.0/24 maxlen: 24
109.71.156.0/24 maxlen: 24
2a14:5140::/32 maxlen: 32
2a14:5140::/40 maxlen: 40
2a14:5140:100::/40 maxlen: 40
2a14:5140:200::/40 maxlen: 40
2a14:5140:300::/40 maxlen: 40
2a14:5140:400::/40 maxlen: 40
2a14:5140:500::/40 maxlen: 40
2a14:5140:600::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5fd72f-ef77-4537-89e9-9fbd963a513c/1/sDmrgpj6NjroN-UwAolpzFy_EE4.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5fd72f-ef77-4537-89e9-9fbd963a513c/1/sDmrgpj6NjroN-UwAolpzFy_EE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/sDmrgpj6NjroN-UwAolpzFy_EE4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:46:f1:bc:89:ca:f8:e3:f5:8f:a6:7e:17:91:9c:8b:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b039ab8298fa363ae837e530028969cc5cbf104e
Validity
Not Before: Feb 10 09:46:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cdf1264138574107a6ba6bb2ae1e1d73ae0b8e9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:63:18:82:cb:25:2c:39:56:32:5f:25:a6:42:
b0:e3:6c:5e:08:28:7a:77:4e:ba:3d:ff:b1:6a:bd:
05:48:f5:29:a0:71:87:e4:5b:5b:d6:fb:b8:3a:db:
90:31:3d:aa:d2:c5:59:da:12:5a:ee:c8:fa:40:da:
47:1e:12:5b:91:c6:c7:dd:3f:c3:f7:3f:b9:56:86:
ae:66:fe:59:ff:ea:0f:cf:5a:74:fa:df:eb:13:19:
c0:47:c6:21:e9:69:d8:59:7e:72:e2:92:ee:65:f9:
ea:d8:1a:33:76:99:a2:57:e0:64:be:7d:f7:55:c9:
db:0a:96:29:28:5b:d1:32:da:15:67:e0:b8:96:3e:
9d:19:a8:78:7b:19:49:52:cf:cd:65:85:a6:60:02:
1d:be:a6:59:b0:82:c7:59:38:67:17:1c:8e:0e:36:
84:8d:a0:a6:25:63:d6:dd:95:ba:98:91:20:e7:5f:
d6:0a:4b:19:9d:78:a0:28:10:45:ff:5e:c4:ca:69:
40:95:b5:6f:ba:c0:57:45:ad:cb:a5:01:a3:5d:dc:
fc:4a:71:da:44:15:ba:1e:c3:f9:8a:fe:75:d6:3d:
1d:6a:ba:39:25:3a:68:bf:39:2a:1c:a8:26:58:a0:
18:c2:2f:b9:a1:89:25:cf:26:de:e6:8c:b6:bb:fd:
8f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F1:26:41:38:57:41:07:A6:BA:6B:B2:AE:1E:1D:73:AE:0B:8E:9A
X509v3 Authority Key Identifier:
keyid:B0:39:AB:82:98:FA:36:3A:E8:37:E5:30:02:89:69:CC:5C:BF:10:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sDmrgpj6NjroN-UwAolpzFy_EE4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5fd72f-ef77-4537-89e9-9fbd963a513c/1/zfEmQThXQQemumuyrh4dc64Ljpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5fd72f-ef77-4537-89e9-9fbd963a513c/1/sDmrgpj6NjroN-UwAolpzFy_EE4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.169.139.0/24
109.71.156.0/24
IPv6:
2a14:5140::/32
Signature Algorithm: sha256WithRSAEncryption
61:be:73:37:58:aa:84:12:bb:b3:bd:40:68:b9:f1:1f:7d:81:
42:62:55:49:85:62:64:25:e5:c8:ba:29:c4:a4:76:30:bd:db:
88:c5:b6:42:7f:63:01:74:0c:3c:82:c4:c2:ba:cb:be:6f:ed:
df:f6:63:10:ef:b2:b0:43:ff:db:d4:ee:32:a7:0f:d7:f4:12:
f8:6e:fd:14:13:f2:7a:d8:5c:79:44:24:dc:00:38:41:1b:5a:
e7:d2:69:8a:fb:1e:b9:39:63:38:e7:de:29:5b:92:3e:6c:d8:
da:5b:8d:09:c2:f6:a9:56:df:17:b7:28:7f:7d:da:fb:13:78:
2e:37:2a:62:30:57:70:19:ac:3b:72:0e:a7:ef:5a:15:5d:28:
58:99:28:38:c1:4a:3f:e2:3b:8c:be:58:db:f0:87:ef:2e:61:
ed:1c:21:59:8c:6c:60:a1:d5:6d:17:59:22:71:65:ee:7a:45:
5c:f1:a5:80:8b:dc:bb:40:e7:a6:e3:7d:04:00:3c:17:43:3b:
11:60:4b:46:be:92:7f:0d:81:54:98:4f:da:fb:4a:ba:7e:c7:
4b:d6:1d:e5:ef:7d:fd:0c:f9:37:b7:fb:81:8d:2f:42:1e:72:
d9:6b:9c:13:1b:d4:5c:12:98:b5:56:9a:a5:7a:07:d8:9e:aa:
3c:2e:54:ad
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZxG8byJyvjj9Y+mfheRnIuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMzlhYjgyOThmYTM2M2FlODM3ZTUzMDAyODk2OWNjNWNi
ZjEwNGUwHhcNMjYwMjEwMDk0NjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGYxMjY0MTM4NTc0MTA3YTZiYTZiYjJhZTFlMWQ3M2FlMGI4ZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomMYgsslLDlWMl8lpkKw42xeCCh6
d066Pf+xar0FSPUpoHGH5Ftb1vu4OtuQMT2q0sVZ2hJa7sj6QNpHHhJbkcbH3T/D
9z+5VoauZv5Z/+oPz1p0+t/rExnAR8Yh6WnYWX5y4pLuZfnq2BozdpmiV+Bkvn33
VcnbCpYpKFvRMtoVZ+C4lj6dGah4exlJUs/NZYWmYAIdvqZZsILHWThnFxyODjaE
jaCmJWPW3ZW6mJEg51/WCksZnXigKBBF/17EymlAlbVvusBXRa3LpQGjXdz8SnHa
RBW6HsP5iv511j0daro5JTpovzkqHKgmWKAYwi+5oYklzybe5oy2u/2PSQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM3xJkE4V0EHprprsq4eHXOuC46aMB8GA1UdIwQY
MBaAFLA5q4KY+jY66DflMAKJacxcvxBOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0RtcmdwajZOanJvTi1Vd0FvbHB6RnlfRUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZmQ3MmYtZWY3Ny00NTM3LTg5ZTkt
OWZiZDk2M2E1MTNjLzEvemZFbVFUaFhRUWVtdW11eXJoNGRjNjRManBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZmQ3MmYtZWY3Ny00NTM3LTg5ZTktOWZiZDk2M2E1MTNj
LzEvc0RtcmdwajZOanJvTi1Vd0FvbHB6RnlfRUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAPqmLAwQA
bUecMA0EAgACMAcDBQAqFFFAMA0GCSqGSIb3DQEBCwUAA4IBAQBhvnM3WKqEEruz
vUBoufEffYFCYlVJhWJkJeXIuinEpHYwvduIxbZCf2MBdAw8gsTCusu+b+3f9mMQ
77KwQ//b1O4ypw/X9BL4bv0UE/J62Fx5RCTcADhBG1rn0mmK+x65OWM4594pW5I+
bNjaW40JwvapVt8Xtyh/fdr7E3guNypiMFdwGaw7cg6n71oVXShYmSg4wUo/4juM
vljb8IfvLmHtHCFZjGxgodVtF1kicWXuekVc8aWAi9y7QOem430EADwXQzsRYEtG
vpJ/DYFUmE/a+0q6fsdL1h3l7339DPk3t/uBjS9CHnLZa5wTG9RcEpi1VpqlegfY
nqo8LlSt
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:43:12 2026 by rpki-client