Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/ba4640-163e-465f-90f9-ea587fd658b2/1/ZapQiAtJnc9a1-GW4H20whNpSZw.roa
File: ZapQiAtJnc9a1-GW4H20whNpSZw.roa (raw, json)
Hash identifier: hZ+kaGEM7fGXJLA7SsYpcn/FFyPh/7kbyCyQAEi9eHM=
Subject key identifier: 65:AA:50:88:0B:49:9D:CF:5A:D7:E1:96:E0:7D:B4:C2:13:69:49:9C
Certificate issuer: /CN=6beb6094bcab4bd3b1f6f56c5182ba1220e22b6f
Certificate serial: 019C46BCA1890616D358D6DA95DD586D46DA
Authority key identifier: 6B:EB:60:94:BC:AB:4B:D3:B1:F6:F5:6C:51:82:BA:12:20:E2:2B:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a-tglLyrS9Ox9vVsUYK6EiDiK28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/ba4640-163e-465f-90f9-ea587fd658b2/1/ZapQiAtJnc9a1-GW4H20whNpSZw.roa
Signing time: Tue 10 Feb 2026 08:48:13 +0000
ROA not before: Tue 10 Feb 2026 08:48:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 28928
IP address blocks: 194.11.172.0/22 maxlen: 22
194.11.176.0/21 maxlen: 21
194.11.179.0/24 maxlen: 24
194.11.184.0/23 maxlen: 23
194.11.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/ba4640-163e-465f-90f9-ea587fd658b2/1/a-tglLyrS9Ox9vVsUYK6EiDiK28.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/ba4640-163e-465f-90f9-ea587fd658b2/1/a-tglLyrS9Ox9vVsUYK6EiDiK28.mft
rsync://rpki.ripe.net/repository/DEFAULT/a-tglLyrS9Ox9vVsUYK6EiDiK28.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:46:bc:a1:89:06:16:d3:58:d6:da:95:dd:58:6d:46:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6beb6094bcab4bd3b1f6f56c5182ba1220e22b6f
Validity
Not Before: Feb 10 08:48:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=65aa50880b499dcf5ad7e196e07db4c21369499c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:44:03:30:e1:3b:79:c5:74:80:e9:b6:4d:7d:
38:59:3f:7e:bd:63:46:84:72:ad:6e:ca:45:bf:75:
06:b1:e5:da:bb:ee:96:81:f6:97:ab:55:63:e2:e8:
41:67:8a:80:d9:e6:aa:c4:c6:ec:07:b2:08:5e:32:
36:7b:a3:15:24:48:76:22:e1:b9:92:0b:77:09:c2:
a4:c0:ae:d4:76:06:8d:ea:10:78:e7:22:a7:59:6e:
f1:33:26:cc:75:a4:26:ae:e2:a8:7f:bd:d7:c7:a7:
9c:82:fa:f3:04:99:71:63:89:19:5f:16:05:21:09:
4a:83:12:31:96:e7:02:a4:78:cf:d7:3e:a0:67:b0:
40:17:35:a1:7e:cd:c3:36:8f:03:d4:5d:6d:ba:97:
d6:bb:08:6a:4b:43:2d:55:56:6e:52:60:0c:fb:d4:
20:23:43:82:02:7e:61:fa:7c:4d:fb:e9:94:5c:a7:
76:87:6a:80:83:aa:b1:bd:dd:7a:01:32:72:91:88:
c6:85:5a:a4:48:41:15:13:51:e2:4c:6a:1a:dc:1b:
39:d3:51:34:56:cd:12:44:56:41:81:be:1b:77:63:
c2:55:96:ee:8d:8f:75:b2:fe:bd:13:46:a1:dc:b0:
42:aa:4a:0d:ac:a3:bc:78:3c:8c:20:8c:67:88:e4:
03:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:AA:50:88:0B:49:9D:CF:5A:D7:E1:96:E0:7D:B4:C2:13:69:49:9C
X509v3 Authority Key Identifier:
keyid:6B:EB:60:94:BC:AB:4B:D3:B1:F6:F5:6C:51:82:BA:12:20:E2:2B:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a-tglLyrS9Ox9vVsUYK6EiDiK28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/ba4640-163e-465f-90f9-ea587fd658b2/1/ZapQiAtJnc9a1-GW4H20whNpSZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/ba4640-163e-465f-90f9-ea587fd658b2/1/a-tglLyrS9Ox9vVsUYK6EiDiK28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.11.172.0-194.11.186.255
Signature Algorithm: sha256WithRSAEncryption
4a:f1:0b:b9:d7:bd:78:da:d0:8c:45:eb:5d:4c:a6:e9:23:0f:
ef:17:cf:40:ff:aa:86:73:8a:e7:1b:fc:2a:5b:2e:62:98:34:
80:d1:e6:9a:51:8b:3b:65:48:d5:a2:bb:33:5c:f0:a5:80:17:
e8:82:8b:92:f1:48:83:ab:d7:fc:02:b2:b6:b9:a6:b9:8f:51:
94:00:06:7f:40:e5:29:3b:ad:a7:da:f3:23:af:55:b0:c7:49:
6c:85:0c:c0:7a:58:e8:85:7b:53:c1:16:cc:68:40:76:c7:43:
d0:90:e1:2b:9a:ac:33:a8:18:46:68:d2:49:ca:a0:13:f1:18:
b7:c9:f0:95:84:1d:5b:90:0c:0f:6e:eb:07:e9:24:5d:95:1b:
53:5c:bd:97:af:93:bd:b8:c2:31:f5:fd:e1:e8:1f:b2:79:76:
b7:f9:95:e2:35:92:b1:08:b6:2b:65:40:a8:22:eb:d4:2b:3b:
fe:ca:f0:2a:1f:3b:9f:97:67:80:d2:aa:5b:33:35:d1:b3:aa:
d5:bc:34:48:76:95:91:aa:3a:8f:cf:b8:aa:57:5b:66:1e:13:
14:88:51:2d:f0:4a:f6:fb:3d:67:4f:fb:2b:2c:d5:83:e9:a2:
1e:ef:e4:74:b8:2f:8f:53:04:4b:99:7b:fd:97:33:14:41:a3:
cc:d2:56:52
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZxGvKGJBhbTWNbald1YbUbaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiZWI2MDk0YmNhYjRiZDNiMWY2ZjU2YzUxODJiYTEyMjBl
MjJiNmYwHhcNMjYwMjEwMDg0ODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWFhNTA4ODBiNDk5ZGNmNWFkN2UxOTZlMDdkYjRjMjEzNjk0OTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4kQDMOE7ecV0gOm2TX04WT9+vWNG
hHKtbspFv3UGseXau+6WgfaXq1Vj4uhBZ4qA2eaqxMbsB7IIXjI2e6MVJEh2IuG5
kgt3CcKkwK7UdgaN6hB45yKnWW7xMybMdaQmruKof73Xx6ecgvrzBJlxY4kZXxYF
IQlKgxIxlucCpHjP1z6gZ7BAFzWhfs3DNo8D1F1tupfWuwhqS0MtVVZuUmAM+9Qg
I0OCAn5h+nxN++mUXKd2h2qAg6qxvd16ATJykYjGhVqkSEEVE1HiTGoa3Bs501E0
Vs0SRFZBgb4bd2PCVZbujY91sv69E0ah3LBCqkoNrKO8eDyMIIxniOQDAQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGWqUIgLSZ3PWtfhluB9tMITaUmcMB8GA1UdIwQY
MBaAFGvrYJS8q0vTsfb1bFGCuhIg4itvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYS10Z2xMeXJTOU94OXZWc1VZSzZFaURpSzI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9iYTQ2NDAtMTYzZS00NjVmLTkwZjkt
ZWE1ODdmZDY1OGIyLzEvWmFwUWlBdEpuYzlhMS1HVzRIMjB3aE5wU1p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9iYTQ2NDAtMTYzZS00NjVmLTkwZjktZWE1ODdmZDY1OGIy
LzEvYS10Z2xMeXJTOU94OXZWc1VZSzZFaURpSzI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBALCC6wD
BADCC7owDQYJKoZIhvcNAQELBQADggEBAErxC7nXvXja0IxF611MpukjD+8Xz0D/
qoZziucb/CpbLmKYNIDR5ppRiztlSNWiuzNc8KWAF+iCi5LxSIOr1/wCsra5prmP
UZQABn9A5Sk7rafa8yOvVbDHSWyFDMB6WOiFe1PBFsxoQHbHQ9CQ4SuarDOoGEZo
0knKoBPxGLfJ8JWEHVuQDA9u6wfpJF2VG1NcvZevk724wjH1/eHoH7J5drf5leI1
krEItitlQKgi69QrO/7K8CofO5+XZ4DSqlszNdGzqtW8NEh2lZGqOo/PuKpXW2Ye
ExSIUS3wSvb7PWdP+yss1YPpoh7v5HS4L49TBEuZe/2XMxRBo8zSVlI=
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:56:56 2026 by rpki-client