Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/ZVswBtjqTPAHJwsg9x0J2gXGUJc.roa
File: ZVswBtjqTPAHJwsg9x0J2gXGUJc.roa (raw, json)
Hash identifier: /3EEsNzaR8y9IMYHxdGbT7uX8JB4pYmU2IaMc8ZKSDA=
Subject key identifier: 65:5B:30:06:D8:EA:4C:F0:07:27:0B:20:F7:1D:09:DA:05:C6:50:97
Certificate issuer: /CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Certificate serial: 019D9A590D883617815966DDF95ADDCB20F4
Authority key identifier: 20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/ZVswBtjqTPAHJwsg9x0J2gXGUJc.roa
Signing time: Fri 17 Apr 2026 07:30:20 +0000
ROA not before: Fri 17 Apr 2026 07:30:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 95.170.20.0/24 maxlen: 24
95.170.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:59:0d:88:36:17:81:59:66:dd:f9:5a:dd:cb:20:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Validity
Not Before: Apr 17 07:30:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=655b3006d8ea4cf007270b20f71d09da05c65097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:3b:de:e9:f9:78:64:24:87:91:b8:08:d3:b3:
bb:77:e1:86:31:0c:60:f0:a9:71:fa:24:af:90:1d:
e8:49:f8:3f:9f:79:01:7f:ca:bf:86:1d:5a:9e:a4:
c5:a4:cb:04:57:38:e6:74:d6:2f:90:92:11:88:68:
2b:25:be:72:7a:b8:4e:37:05:99:d9:1c:23:af:4a:
12:99:80:80:18:86:b1:83:5e:0a:e6:41:ca:fb:bf:
40:09:3b:63:d5:88:41:c7:1b:45:c2:95:b2:fb:24:
93:eb:0c:4a:d2:d7:34:3f:a4:29:d0:f7:1c:f7:a1:
47:b4:5f:0e:e6:e8:6b:41:a8:22:06:34:71:21:3b:
52:d1:a0:89:52:36:c6:81:3e:ff:2f:05:5d:3a:aa:
bd:2c:fd:92:17:f2:48:1d:df:07:41:e8:30:f7:45:
5a:f6:93:5a:00:98:9d:47:d8:ef:45:c9:08:64:0e:
ff:d6:00:06:19:35:2e:0a:0e:8b:35:83:13:14:5f:
9d:fe:58:87:52:f1:f5:81:ab:d4:52:19:ea:76:94:
47:8d:9a:fe:51:73:97:19:41:fd:39:96:0b:2c:c4:
cf:0c:0d:0f:79:ae:91:5a:28:80:a0:59:a7:c7:c4:
bc:dd:79:34:b0:4b:83:16:73:f6:6e:f7:5d:b6:07:
21:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:5B:30:06:D8:EA:4C:F0:07:27:0B:20:F7:1D:09:DA:05:C6:50:97
X509v3 Authority Key Identifier:
keyid:20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/ZVswBtjqTPAHJwsg9x0J2gXGUJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.170.20.0/24
95.170.27.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:fb:8f:f4:d7:63:d2:b6:2a:ca:8f:f2:63:db:7f:0e:e2:bd:
34:76:f2:b2:5d:c5:9b:17:a6:f8:f6:85:6d:09:9e:82:cc:03:
94:14:55:8c:c6:ac:26:06:fa:29:cd:9f:5f:70:df:52:d0:12:
4b:41:66:c1:7b:75:21:c4:d3:94:09:ca:22:00:d8:79:f1:07:
59:5d:04:db:5f:61:9f:ae:86:d9:2a:e0:65:09:16:4d:3a:27:
19:2d:8d:03:35:b0:46:f7:a4:28:40:d8:72:c8:78:41:08:95:
4c:e0:8c:4e:29:8c:4f:ba:d3:27:3c:2f:4b:fc:a5:ef:a4:7b:
94:4d:2d:5e:26:e1:c7:ff:53:13:c9:33:d1:81:5f:73:53:35:
5a:2f:a6:2a:61:ad:92:6a:b9:91:0b:f1:d4:b0:55:45:71:75:
55:32:9d:5e:e0:10:56:b3:ab:32:5c:db:c8:a9:71:9d:0d:0c:
f3:78:1a:f3:8e:3a:2e:b7:dd:1c:82:99:b1:eb:93:e4:77:4c:
07:a6:f9:11:37:65:ee:2c:ab:2d:1d:a6:64:da:dc:85:91:de:
db:c9:64:74:c8:cc:c7:c0:50:c3:d7:1a:ab:1e:c5:ae:d6:19:
f9:62:92:95:ae:45:ff:b0:9e:b6:9e:96:fc:0b:63:4c:41:ca:
5d:42:21:d5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ2aWQ2INheBWWbd+VrdyyD0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTQyNWEzMmI2MmQzOTgxOGM0Y2JiMDA4MTA3NTY4NmZj
NGM4ZTgwHhcNMjYwNDE3MDczMDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTViMzAwNmQ4ZWE0Y2YwMDcyNzBiMjBmNzFkMDlkYTA1YzY1MDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Dve6fl4ZCSHkbgI07O7d+GGMQxg
8Klx+iSvkB3oSfg/n3kBf8q/hh1anqTFpMsEVzjmdNYvkJIRiGgrJb5yerhONwWZ
2Rwjr0oSmYCAGIaxg14K5kHK+79ACTtj1YhBxxtFwpWy+yST6wxK0tc0P6Qp0Pcc
96FHtF8O5uhrQagiBjRxITtS0aCJUjbGgT7/LwVdOqq9LP2SF/JIHd8HQegw90Va
9pNaAJidR9jvRckIZA7/1gAGGTUuCg6LNYMTFF+d/liHUvH1gavUUhnqdpRHjZr+
UXOXGUH9OZYLLMTPDA0Pea6RWiiAoFmnx8S83Xk0sEuDFnP2bvddtgchzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGVbMAbY6kzwBycLIPcdCdoFxlCXMB8GA1UdIwQY
MBaAFCDkJaMrYtOYGMTLsAgQdWhvxMjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGIt
ZWNkMjk2NWNiN2U3LzEvWlZzd0J0anFUUEFISndzZzl4MEoyZ1hHVUpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGItZWNkMjk2NWNiN2U3
LzEvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX6oUAwQA
X6obMA0GCSqGSIb3DQEBCwUAA4IBAQAP+4/012PStirKj/Jj238O4r00dvKyXcWb
F6b49oVtCZ6CzAOUFFWMxqwmBvopzZ9fcN9S0BJLQWbBe3UhxNOUCcoiANh58QdZ
XQTbX2GfrobZKuBlCRZNOicZLY0DNbBG96QoQNhyyHhBCJVM4IxOKYxPutMnPC9L
/KXvpHuUTS1eJuHH/1MTyTPRgV9zUzVaL6YqYa2SarmRC/HUsFVFcXVVMp1e4BBW
s6syXNvIqXGdDQzzeBrzjjout90cgpmx65Pkd0wHpvkRN2XuLKstHaZk2tyFkd7b
yWR0yMzHwFDD1xqrHsWu1hn5YpKVrkX/sJ62npb8C2NMQcpdQiHV
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:09:41 2026 by rpki-client