Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/00ddd7-0afa-41da-a339-b557862e5188/1/Rmzfw1Pn6oVl0YpHmqW6MW62cKY.roa
File: Rmzfw1Pn6oVl0YpHmqW6MW62cKY.roa (raw, json)
Hash identifier: ez1Yu6hc8zQKp0+BPfF1FCgIwY7OKVfVqthIubkAHaQ=
Subject key identifier: 46:6C:DF:C3:53:E7:EA:85:65:D1:8A:47:9A:A5:BA:31:6E:B6:70:A6
Certificate issuer: /CN=450cf1cc73826111ff975665b03a2648bb8c8d10
Certificate serial: 019D90AB057B59E65A2092D49D985C108F95
Authority key identifier: 45:0C:F1:CC:73:82:61:11:FF:97:56:65:B0:3A:26:48:BB:8C:8D:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RQzxzHOCYRH_l1ZlsDomSLuMjRA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/00ddd7-0afa-41da-a339-b557862e5188/1/Rmzfw1Pn6oVl0YpHmqW6MW62cKY.roa
Signing time: Wed 15 Apr 2026 10:23:40 +0000
ROA not before: Wed 15 Apr 2026 10:23:40 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15713
IP address blocks: 83.142.104.0/21 maxlen: 21
91.192.136.0/22 maxlen: 22
195.93.190.0/23 maxlen: 23
195.214.220.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/00ddd7-0afa-41da-a339-b557862e5188/1/RQzxzHOCYRH_l1ZlsDomSLuMjRA.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/00ddd7-0afa-41da-a339-b557862e5188/1/RQzxzHOCYRH_l1ZlsDomSLuMjRA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RQzxzHOCYRH_l1ZlsDomSLuMjRA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:90:ab:05:7b:59:e6:5a:20:92:d4:9d:98:5c:10:8f:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=450cf1cc73826111ff975665b03a2648bb8c8d10
Validity
Not Before: Apr 15 10:23:40 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=466cdfc353e7ea8565d18a479aa5ba316eb670a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:16:2a:d7:38:15:b9:ba:59:81:f8:43:98:38:
ec:14:1b:9e:a4:ed:d4:b0:f9:e3:c8:5e:6e:78:2f:
44:f2:26:33:3b:75:e0:5c:e8:ee:ca:24:e3:c9:f8:
51:de:c3:9f:ee:5b:ff:dd:48:8f:f6:93:69:8e:3d:
b5:75:ce:53:4b:10:1e:c7:aa:53:94:e7:83:ea:cb:
9f:b9:dd:f4:8e:79:b1:d4:04:ad:9c:ac:9b:75:65:
39:d8:aa:b6:df:c0:86:fa:ef:a7:16:f9:17:b2:eb:
89:dd:18:bf:4a:8d:cf:4f:57:91:a6:31:27:4a:ec:
7a:65:61:81:26:b3:fa:9f:8b:8d:4f:80:72:d1:b5:
80:b7:2d:f9:ec:a1:5f:65:18:19:8f:d9:a7:4f:95:
05:27:65:23:e7:5d:57:68:14:42:3b:00:6d:9f:d2:
77:61:b4:35:c1:2e:6b:cc:d9:d1:91:e2:f6:6c:4c:
9e:cc:f2:6f:b1:85:70:5d:1d:69:21:9b:6f:e8:d9:
f1:af:1a:87:ea:7f:5e:6c:f7:96:50:38:7e:55:67:
e2:a8:10:ba:1a:b4:57:12:85:36:ae:e0:88:24:58:
d0:39:2a:00:75:9a:81:4f:99:dc:63:b2:58:56:23:
10:24:93:5a:e8:c9:0f:49:72:ac:0a:72:05:d5:39:
c6:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:6C:DF:C3:53:E7:EA:85:65:D1:8A:47:9A:A5:BA:31:6E:B6:70:A6
X509v3 Authority Key Identifier:
keyid:45:0C:F1:CC:73:82:61:11:FF:97:56:65:B0:3A:26:48:BB:8C:8D:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RQzxzHOCYRH_l1ZlsDomSLuMjRA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/00ddd7-0afa-41da-a339-b557862e5188/1/Rmzfw1Pn6oVl0YpHmqW6MW62cKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/00ddd7-0afa-41da-a339-b557862e5188/1/RQzxzHOCYRH_l1ZlsDomSLuMjRA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.142.104.0/21
91.192.136.0/22
195.93.190.0/23
195.214.220.0/22
Signature Algorithm: sha256WithRSAEncryption
27:aa:dd:de:a9:bf:50:85:6c:70:b5:23:d3:a0:35:5c:48:ed:
94:59:b3:b8:37:3f:6c:a1:91:69:1f:7a:af:c2:54:b1:51:16:
51:a8:91:d9:db:e9:3a:73:25:5c:b1:cd:4f:62:55:6a:e0:02:
bc:cd:b2:86:6b:35:85:27:97:03:58:eb:be:1a:8f:af:1d:c0:
20:9a:4e:c7:5a:e5:ff:13:ed:cb:a0:bf:fc:3b:6e:1f:0d:f3:
96:75:27:8b:a5:79:7c:4a:7c:bc:3a:07:b1:64:17:ef:c7:42:
c3:df:04:86:a1:f1:53:a5:3e:4c:64:3a:2a:42:8b:49:71:44:
04:21:8d:e8:a3:4f:bd:98:17:da:a3:bb:fc:b9:e6:e1:29:8d:
17:de:98:93:cb:fa:34:46:ba:4d:f8:b1:20:a3:48:ca:26:27:
4e:1a:eb:7a:2d:b5:7c:ee:d7:a1:d3:84:19:4b:30:fe:2c:3b:
12:b6:73:53:4c:f7:fa:a6:52:cb:be:8d:32:6d:40:c4:a0:75:
55:80:44:a0:e4:c3:6c:d2:90:de:2b:ee:dc:d4:00:9b:e6:00:
31:82:f7:55:ac:2f:ff:61:cf:0a:ec:2b:ce:50:8e:5b:f5:ba:
91:d0:e7:23:48:37:6a:86:de:c1:7b:df:c1:ee:6b:62:8f:66:
ef:49:95:cf
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ2QqwV7WeZaIJLUnZhcEI+VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1MGNmMWNjNzM4MjYxMTFmZjk3NTY2NWIwM2EyNjQ4YmI4
YzhkMTAwHhcNMjYwNDE1MTAyMzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjZjZGZjMzUzZTdlYTg1NjVkMThhNDc5YWE1YmEzMTZlYjY3MGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhYq1zgVubpZgfhDmDjsFBuepO3U
sPnjyF5ueC9E8iYzO3XgXOjuyiTjyfhR3sOf7lv/3UiP9pNpjj21dc5TSxAex6pT
lOeD6sufud30jnmx1AStnKybdWU52Kq238CG+u+nFvkXsuuJ3Ri/So3PT1eRpjEn
Sux6ZWGBJrP6n4uNT4By0bWAty357KFfZRgZj9mnT5UFJ2Uj511XaBRCOwBtn9J3
YbQ1wS5rzNnRkeL2bEyezPJvsYVwXR1pIZtv6NnxrxqH6n9ebPeWUDh+VWfiqBC6
GrRXEoU2ruCIJFjQOSoAdZqBT5ncY7JYViMQJJNa6MkPSXKsCnIF1TnG9wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEZs38NT5+qFZdGKR5qlujFutnCmMB8GA1UdIwQY
MBaAFEUM8cxzgmER/5dWZbA6Jki7jI0QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlF6eHpIT0NZUkhfbDFabHNEb21TTHVNalJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8wMGRkZDctMGFmYS00MWRhLWEzMzkt
YjU1Nzg2MmU1MTg4LzEvUm16ZncxUG42b1ZsMFlwSG1xVzZNVzYyY0tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC8wMGRkZDctMGFmYS00MWRhLWEzMzktYjU1Nzg2MmU1MTg4
LzEvUlF6eHpIT0NZUkhfbDFabHNEb21TTHVNalJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDU45oAwQC
W8CIAwQBw12+AwQCw9bcMA0GCSqGSIb3DQEBCwUAA4IBAQAnqt3eqb9QhWxwtSPT
oDVcSO2UWbO4Nz9soZFpH3qvwlSxURZRqJHZ2+k6cyVcsc1PYlVq4AK8zbKGazWF
J5cDWOu+Go+vHcAgmk7HWuX/E+3LoL/8O24fDfOWdSeLpXl8Sny8OgexZBfvx0LD
3wSGofFTpT5MZDoqQotJcUQEIY3oo0+9mBfao7v8uebhKY0X3piTy/o0RrpN+LEg
o0jKJidOGut6LbV87teh04QZSzD+LDsStnNTTPf6plLLvo0ybUDEoHVVgESg5MNs
0pDeK+7c1ACb5gAxgvdVrC//Yc8K7CvOUI5b9bqR0OcjSDdqht7Be9/B7mtij2bv
SZXP
-----END CERTIFICATE-----
Generated at Sun Apr 19 14:41:59 2026 by rpki-client