Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/zHxy4rNUsfcfrCMMueahjYvqzHI.roa
File: zHxy4rNUsfcfrCMMueahjYvqzHI.roa (raw, json)
Hash identifier: 6WlFirCENIDksJ6hQBdSjo423r0RyjscXizsqmUp0a8=
Subject key identifier: CC:7C:72:E2:B3:54:B1:F7:1F:AC:23:0C:B9:E6:A1:8D:8B:EA:CC:72
Certificate issuer: /CN=d275d7a8bac0477f5509dff11b9195ca60df87da
Certificate serial: 019D82FCD3340AFF73EC2622B7ADFA87E7D5
Authority key identifier: D2:75:D7:A8:BA:C0:47:7F:55:09:DF:F1:1B:91:95:CA:60:DF:87:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0nXXqLrAR39VCd_xG5GVymDfh9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/zHxy4rNUsfcfrCMMueahjYvqzHI.roa
Signing time: Sun 12 Apr 2026 18:38:20 +0000
ROA not before: Sun 12 Apr 2026 18:38:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213466
IP address blocks: 91.135.176.0/23 maxlen: 23
91.135.176.0/24 maxlen: 24
91.135.177.0/24 maxlen: 24
91.135.182.0/23 maxlen: 23
91.135.182.0/24 maxlen: 24
91.135.183.0/24 maxlen: 24
91.135.184.0/24 maxlen: 24
91.135.185.0/24 maxlen: 24
91.135.186.0/24 maxlen: 24
91.135.188.0/23 maxlen: 23
91.135.188.0/24 maxlen: 24
91.135.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/0nXXqLrAR39VCd_xG5GVymDfh9o.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/0nXXqLrAR39VCd_xG5GVymDfh9o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0nXXqLrAR39VCd_xG5GVymDfh9o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:82:fc:d3:34:0a:ff:73:ec:26:22:b7:ad:fa:87:e7:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d275d7a8bac0477f5509dff11b9195ca60df87da
Validity
Not Before: Apr 12 18:38:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cc7c72e2b354b1f71fac230cb9e6a18d8beacc72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c6:4d:43:73:7b:67:18:5b:5d:9b:73:8d:5a:
6d:d1:9b:95:7f:7b:7a:1c:a6:37:75:bc:8b:2e:8c:
58:65:2f:19:2c:0b:93:95:2d:0d:cb:c5:02:1a:35:
22:d2:d1:e5:49:3c:a8:7a:34:5d:38:46:be:34:6c:
cf:95:7c:dd:1f:a9:3c:6b:b4:c9:ae:01:36:55:ac:
1d:ed:82:b3:0e:45:51:c4:53:8d:47:e6:0b:c0:d6:
f0:80:a0:69:01:f2:db:8a:26:a6:1a:de:be:9e:a5:
e9:47:a3:97:60:f6:59:f0:12:db:f7:ac:ee:33:7c:
2e:cc:79:f3:01:6b:e8:28:27:28:6d:b2:c0:57:43:
aa:99:22:22:33:21:d3:2a:d1:5b:dd:1d:9f:0b:f4:
30:79:ed:4b:eb:57:50:50:54:f9:c7:09:a9:56:70:
ed:1a:24:2f:ff:46:a9:e1:99:f9:52:9a:a1:34:a7:
ca:4a:04:12:d2:ba:47:44:7d:97:8c:0b:f8:e6:bb:
15:87:00:6a:5b:62:98:cc:14:1e:e1:13:1b:0a:7a:
83:c5:06:0f:8a:d3:7c:0a:50:4c:9a:7f:e5:c0:7f:
71:d1:3b:b6:8c:42:0e:6b:82:ed:ef:b9:e9:b0:8a:
84:f2:6a:d6:9f:97:48:e4:52:07:58:a1:01:39:9a:
2d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:7C:72:E2:B3:54:B1:F7:1F:AC:23:0C:B9:E6:A1:8D:8B:EA:CC:72
X509v3 Authority Key Identifier:
keyid:D2:75:D7:A8:BA:C0:47:7F:55:09:DF:F1:1B:91:95:CA:60:DF:87:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0nXXqLrAR39VCd_xG5GVymDfh9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/zHxy4rNUsfcfrCMMueahjYvqzHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/7beb04-317b-448a-82ed-565b1447037b/1/0nXXqLrAR39VCd_xG5GVymDfh9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.135.176.0/23
91.135.182.0-91.135.186.255
91.135.188.0/23
Signature Algorithm: sha256WithRSAEncryption
c5:16:5c:8c:5e:94:0d:db:86:58:6a:24:47:3c:a0:81:93:69:
35:b3:cd:e2:d9:84:f4:fd:db:82:48:ef:3a:13:2a:9a:5e:e7:
e7:d7:3f:80:70:58:ee:95:2e:a4:04:d7:5d:fa:8b:d2:b7:3c:
54:c8:ef:77:6c:00:c1:64:12:90:25:6b:95:cb:63:e8:26:d3:
6a:dc:75:84:85:d9:cc:8c:45:7e:67:e5:d4:b8:ed:e5:c9:c5:
6e:8e:30:d4:ec:f2:48:b6:c3:90:37:3f:5a:7a:ed:de:e2:0a:
29:da:8b:a7:aa:e0:05:0b:c8:9a:17:59:16:a7:93:cc:48:0a:
52:80:9e:8d:76:c5:ec:93:ef:2d:05:ee:35:bd:5e:46:2b:7a:
e8:5c:f5:a9:c6:cf:52:95:e8:11:cc:a4:71:c6:19:70:8f:bf:
48:eb:b9:22:2b:62:34:a1:89:61:73:fe:57:a5:68:16:21:9e:
f9:b7:48:04:d4:91:c6:e1:7a:f5:1c:b0:ef:1f:88:65:ad:5e:
4a:fb:87:a7:e5:cd:53:76:ee:8e:50:65:75:95:cd:a3:6d:e8:
2b:19:ff:ac:97:7b:37:be:9b:fe:a7:dd:41:82:cf:39:51:a7:
4d:78:f2:ab:44:dd:29:49:2f:45:3c:cf:d9:a1:d3:c4:16:ae:
a8:56:2c:2e
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ2C/NM0Cv9z7CYit636h+fVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyNzVkN2E4YmFjMDQ3N2Y1NTA5ZGZmMTFiOTE5NWNhNjBk
Zjg3ZGEwHhcNMjYwNDEyMTgzODIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzdjNzJlMmIzNTRiMWY3MWZhYzIzMGNiOWU2YTE4ZDhiZWFjYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsZNQ3N7ZxhbXZtzjVpt0ZuVf3t6
HKY3dbyLLoxYZS8ZLAuTlS0Ny8UCGjUi0tHlSTyoejRdOEa+NGzPlXzdH6k8a7TJ
rgE2Vawd7YKzDkVRxFONR+YLwNbwgKBpAfLbiiamGt6+nqXpR6OXYPZZ8BLb96zu
M3wuzHnzAWvoKCcobbLAV0OqmSIiMyHTKtFb3R2fC/Qwee1L61dQUFT5xwmpVnDt
GiQv/0ap4Zn5UpqhNKfKSgQS0rpHRH2XjAv45rsVhwBqW2KYzBQe4RMbCnqDxQYP
itN8ClBMmn/lwH9x0Tu2jEIOa4Lt77npsIqE8mrWn5dI5FIHWKEBOZotEQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMx8cuKzVLH3H6wjDLnmoY2L6sxyMB8GA1UdIwQY
MBaAFNJ116i6wEd/VQnf8RuRlcpg34faMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMG5YWHFMckFSMzlWQ2RfeEc1R1Z5bURmaDlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS83YmViMDQtMzE3Yi00NDhhLTgyZWQt
NTY1YjE0NDcwMzdiLzEvekh4eTRyTlVzZmNmckNNTXVlYWhqWXZxekhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS83YmViMDQtMzE3Yi00NDhhLTgyZWQtNTY1YjE0NDcwMzdi
LzEvMG5YWHFMckFSMzlWQ2RfeEc1R1Z5bURmaDlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBW4ewMAwD
BAFbh7YDBABbh7oDBAFbh7wwDQYJKoZIhvcNAQELBQADggEBAMUWXIxelA3bhlhq
JEc8oIGTaTWzzeLZhPT924JI7zoTKppe5+fXP4BwWO6VLqQE1136i9K3PFTI73ds
AMFkEpAla5XLY+gm02rcdYSF2cyMRX5n5dS47eXJxW6OMNTs8ki2w5A3P1p67d7i
Cinai6eq4AULyJoXWRank8xIClKAno12xeyT7y0F7jW9XkYreuhc9anGz1KV6BHM
pHHGGXCPv0jruSIrYjShiWFz/lelaBYhnvm3SATUkcbhevUcsO8fiGWtXkr7h6fl
zVN27o5QZXWVzaNt6CsZ/6yXeze+m/6n3UGCzzlRp0148qtE3SlJL0U8z9mh08QW
rqhWLC4=
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:30:29 2026 by rpki-client