Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/zByDWqzQes6Qf_5yruyAW6l4NA8.roa
File: zByDWqzQes6Qf_5yruyAW6l4NA8.roa (raw, json)
Hash identifier: 4mGvD80bIUslVCK/Nf88S+YHOSjLonqjJpu89t+7Om0=
Subject key identifier: CC:1C:83:5A:AC:D0:7A:CE:90:7F:FE:72:AE:EC:80:5B:A9:78:34:0F
Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Certificate serial: 019C6729B7558FF7AA0430E105449D7FCEA2
Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/zByDWqzQes6Qf_5yruyAW6l4NA8.roa
Signing time: Mon 16 Feb 2026 15:55:12 +0000
ROA not before: Mon 16 Feb 2026 15:55:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58232
IP address blocks: 45.135.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 16:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:67:29:b7:55:8f:f7:aa:04:30:e1:05:44:9d:7f:ce:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Validity
Not Before: Feb 16 15:55:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cc1c835aacd07ace907ffe72aeec805ba978340f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:c4:20:c8:64:6a:97:a2:79:f9:fb:18:71:8a:
55:d7:98:f4:43:e8:b3:47:09:64:dc:5c:58:96:af:
8e:26:8e:98:51:da:9a:8c:5e:f5:50:9d:be:a6:a6:
f6:4f:9e:63:16:f5:19:bb:3a:27:d2:2b:15:57:87:
7e:2c:ab:d4:4a:b3:89:3a:a2:2d:31:14:44:8f:d1:
67:78:ca:c4:90:31:72:cc:14:a0:4b:72:0d:75:2d:
14:c0:c1:6c:f2:d2:b6:7f:40:c6:a7:74:03:31:18:
7d:28:49:8b:5f:55:b1:c1:f1:d5:5c:52:1b:98:d6:
73:f9:a7:74:c8:4d:0a:84:13:05:74:b5:8b:21:d7:
f4:8b:aa:7a:aa:54:88:1f:60:68:94:6b:62:ec:69:
ab:e5:96:05:ac:e2:9e:21:ce:51:a5:e4:e3:13:3b:
6c:e5:36:e9:c4:58:8f:d4:3e:5e:47:9b:b8:b6:34:
30:b7:7c:2b:4b:70:9b:12:18:ad:dd:df:e5:2e:75:
e9:ae:8f:ef:64:9c:e0:e9:6e:c1:41:00:ab:2c:4a:
b4:b1:d8:e3:f9:70:1e:42:86:26:2e:57:ec:0e:55:
7c:63:11:32:3d:d9:7a:83:6f:38:46:20:4e:fb:33:
0a:4e:bf:cc:77:e1:6d:5a:1a:6b:c5:11:66:68:ba:
8e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:1C:83:5A:AC:D0:7A:CE:90:7F:FE:72:AE:EC:80:5B:A9:78:34:0F
X509v3 Authority Key Identifier:
keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/zByDWqzQes6Qf_5yruyAW6l4NA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.195.0/24
Signature Algorithm: sha256WithRSAEncryption
62:34:9a:56:53:67:a9:55:f3:4b:0f:00:89:da:18:c0:3e:48:
fa:77:69:c5:2a:5a:e2:47:c4:36:87:66:ea:74:8e:71:91:47:
b9:e9:41:77:b3:83:7a:e4:c9:fb:23:3f:5b:d8:4d:91:74:04:
60:a2:b6:09:8f:99:aa:c0:ad:c8:a0:35:1e:52:92:88:f8:34:
f2:bd:e6:2f:5e:62:0b:6e:ae:82:c3:7e:49:5d:a0:71:8e:b9:
63:fd:9f:8a:5c:07:1b:66:61:75:22:05:b6:7b:26:ad:f2:be:
3a:11:5a:d4:a6:b4:d1:58:8a:10:37:6d:bc:97:b5:6a:a1:e2:
ca:45:c6:1a:98:a4:74:77:4d:b8:86:89:ba:08:ad:da:f4:f9:
3c:60:6e:7b:6d:dc:f2:b5:03:f9:91:9a:3d:4c:40:99:fa:bc:
6d:f4:a6:61:94:9f:e6:cc:32:a4:a8:93:d1:6f:1c:81:79:8e:
5a:a9:76:b7:fb:3e:67:ed:cd:35:7b:83:c0:25:36:cf:10:24:
00:d3:48:2c:82:5f:51:7a:a9:97:82:ee:8c:20:e8:82:95:8f:
9e:09:2d:fc:3d:70:9c:08:2a:b4:9f:44:c8:80:cb:bc:5d:b5:
b0:0a:25:89:62:21:68:1b:b8:2e:f1:91:6c:13:c7:3d:6b:0b:
a8:d2:09:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZxnKbdVj/eqBDDhBUSdf86iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5
ZTc1MzAwHhcNMjYwMjE2MTU1NTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzFjODM1YWFjZDA3YWNlOTA3ZmZlNzJhZWVjODA1YmE5NzgzNDBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA38QgyGRql6J5+fsYcYpV15j0Q+iz
Rwlk3FxYlq+OJo6YUdqajF71UJ2+pqb2T55jFvUZuzon0isVV4d+LKvUSrOJOqIt
MRREj9FneMrEkDFyzBSgS3INdS0UwMFs8tK2f0DGp3QDMRh9KEmLX1WxwfHVXFIb
mNZz+ad0yE0KhBMFdLWLIdf0i6p6qlSIH2BolGti7Gmr5ZYFrOKeIc5RpeTjEzts
5TbpxFiP1D5eR5u4tjQwt3wrS3CbEhit3d/lLnXpro/vZJzg6W7BQQCrLEq0sdjj
+XAeQoYmLlfsDlV8YxEyPdl6g284RiBO+zMKTr/Md+FtWhprxRFmaLqOVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMwcg1qs0HrOkH/+cq7sgFupeDQPMB8GA1UdIwQY
MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt
NDg1MmM4ZmY4YWYyLzEvekJ5RFdxelFlczZRZl81eXJ1eUFXNmw0TkE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy
LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYfDMA0G
CSqGSIb3DQEBCwUAA4IBAQBiNJpWU2epVfNLDwCJ2hjAPkj6d2nFKlriR8Q2h2bq
dI5xkUe56UF3s4N65Mn7Iz9b2E2RdARgorYJj5mqwK3IoDUeUpKI+DTyveYvXmIL
bq6Cw35JXaBxjrlj/Z+KXAcbZmF1IgW2eyat8r46EVrUprTRWIoQN228l7VqoeLK
RcYamKR0d024hom6CK3a9Pk8YG57bdzytQP5kZo9TECZ+rxt9KZhlJ/mzDKkqJPR
bxyBeY5aqXa3+z5n7c01e4PAJTbPECQA00gsgl9ReqmXgu6MIOiClY+eCS38PXCc
CCq0n0TIgMu8XbWwCiWJYiFoG7gu8ZFsE8c9awuo0gnK
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:16:04 2026 by rpki-client