Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/Z0_zAV1Qro2ldozAcdxyKQi0OQU.roa
File: Z0_zAV1Qro2ldozAcdxyKQi0OQU.roa (raw, json)
Hash identifier: xEsTqLQfCCv7FY6OZ8FW4GDtw57riHCFBltpmR9h+Kc=
Subject key identifier: 67:4F:F3:01:5D:50:AE:8D:A5:76:8C:C0:71:DC:72:29:08:B4:39:05
Certificate issuer: /CN=19a43d81657a3c38c150de55797f1c7b5f0c2ebb
Certificate serial: 019EA5CE6F7861A9C3AE3752461D68EDB443
Authority key identifier: 19:A4:3D:81:65:7A:3C:38:C1:50:DE:55:79:7F:1C:7B:5F:0C:2E:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GaQ9gWV6PDjBUN5VeX8ce18MLrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/Z0_zAV1Qro2ldozAcdxyKQi0OQU.roa
Signing time: Mon 08 Jun 2026 05:57:09 +0000
ROA not before: Mon 08 Jun 2026 05:57:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207375
IP address blocks: 45.145.108.0/22 maxlen: 25
80.64.232.0/21 maxlen: 25
91.236.231.0/24 maxlen: 24
93.88.24.0/22 maxlen: 25
146.19.16.0/24 maxlen: 24
178.211.143.0/24 maxlen: 24
185.11.60.0/24 maxlen: 24
185.80.88.0/24 maxlen: 24
185.145.53.0/24 maxlen: 24
185.205.201.0/24 maxlen: 24
185.234.217.0/24 maxlen: 24
193.33.34.0/24 maxlen: 24
193.178.114.0/24 maxlen: 24
193.243.146.0/24 maxlen: 24
194.31.110.0/24 maxlen: 24
2a0e:fdc0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/GaQ9gWV6PDjBUN5VeX8ce18MLrs.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/GaQ9gWV6PDjBUN5VeX8ce18MLrs.mft
rsync://rpki.ripe.net/repository/DEFAULT/GaQ9gWV6PDjBUN5VeX8ce18MLrs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 17:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a5:ce:6f:78:61:a9:c3:ae:37:52:46:1d:68:ed:b4:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19a43d81657a3c38c150de55797f1c7b5f0c2ebb
Validity
Not Before: Jun 8 05:57:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=674ff3015d50ae8da5768cc071dc722908b43905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ff:f7:d7:67:a4:cb:1a:58:f8:17:ca:bd:d6:
ab:25:26:4f:34:d9:39:b6:be:b2:b0:18:c0:f9:a1:
98:ab:a6:e1:bf:3c:bf:dd:db:62:e8:3c:08:46:35:
f2:9a:6c:a6:bf:cb:8e:c1:9e:c2:8a:2c:8a:f2:b9:
ac:72:25:f7:68:91:99:b2:bd:49:3e:1f:dc:70:69:
67:21:5f:48:0d:e9:a3:60:86:52:49:e0:e8:f1:ca:
72:d2:72:d3:a9:41:c2:61:d7:1f:ee:59:9e:b8:49:
52:51:87:f1:2e:e3:94:8b:b8:b1:90:7c:72:fc:78:
49:20:c9:c2:da:01:f1:83:b2:0d:92:ae:a2:5e:62:
68:12:99:b6:7d:ab:95:62:46:53:15:11:30:6a:79:
a6:07:64:7d:dc:13:85:e6:4a:ee:83:e3:eb:11:ea:
70:ac:f1:b4:8f:63:6b:b4:64:26:e4:99:fd:ea:b5:
af:cf:17:14:6e:ef:0e:45:c9:99:f8:5a:38:50:9d:
35:f0:b6:51:6f:6e:16:9c:ab:68:04:36:43:d3:1e:
81:f9:1c:ef:7b:73:54:b6:ba:39:81:7f:80:a6:f8:
4f:21:c1:ec:c0:98:39:3d:67:a7:af:2f:77:c0:05:
32:e5:9c:7c:fb:76:cd:10:7c:b4:65:8e:a0:d7:03:
62:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:4F:F3:01:5D:50:AE:8D:A5:76:8C:C0:71:DC:72:29:08:B4:39:05
X509v3 Authority Key Identifier:
keyid:19:A4:3D:81:65:7A:3C:38:C1:50:DE:55:79:7F:1C:7B:5F:0C:2E:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GaQ9gWV6PDjBUN5VeX8ce18MLrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/Z0_zAV1Qro2ldozAcdxyKQi0OQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/GaQ9gWV6PDjBUN5VeX8ce18MLrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.108.0/22
80.64.232.0/21
91.236.231.0/24
93.88.24.0/22
146.19.16.0/24
178.211.143.0/24
185.11.60.0/24
185.80.88.0/24
185.145.53.0/24
185.205.201.0/24
185.234.217.0/24
193.33.34.0/24
193.178.114.0/24
193.243.146.0/24
194.31.110.0/24
IPv6:
2a0e:fdc0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:ed:cc:0b:2c:4a:a3:ef:07:77:02:e0:fe:4c:ce:5a:b2:62:
b8:a9:5d:dc:73:0c:7b:0a:80:22:26:d1:c6:10:73:e6:86:1e:
ca:70:89:83:3f:f9:0c:b8:85:c5:fd:49:21:d6:09:f9:6e:96:
b8:e9:7a:80:83:ba:c3:06:89:5d:45:4e:67:b4:4a:d7:e4:6b:
f7:83:fe:fb:bd:87:73:9a:c4:28:99:69:01:1d:c5:4d:1f:53:
2a:b1:8c:b4:8b:c7:30:24:27:7c:dc:e7:ed:30:95:9b:12:ca:
83:61:f7:1a:21:03:51:77:d1:60:80:d2:d9:dc:66:11:e1:4e:
23:dd:15:31:1f:d2:bc:62:67:3b:07:4d:bb:70:93:66:85:29:
46:bf:a6:c6:15:70:e3:24:58:3d:2b:92:44:aa:84:4b:d6:cf:
55:b3:9c:bc:af:ad:11:58:a0:d2:05:4e:2f:4f:93:f1:73:28:
8f:19:fd:ca:66:32:33:06:03:e9:42:fc:4f:09:9b:a6:e1:d4:
0e:c1:ec:0d:a2:46:b5:65:61:ca:f5:1a:b5:64:24:34:8d:aa:
99:64:23:06:bd:14:a9:39:6d:70:a7:95:18:42:68:f8:63:1b:
c8:d0:23:62:54:87:87:35:98:03:1b:e3:ae:b7:2b:53:98:05:
90:f4:37:88
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZ6lzm94YanDrjdSRh1o7bRDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YTQzZDgxNjU3YTNjMzhjMTUwZGU1NTc5N2YxYzdiNWYw
YzJlYmIwHhcNMjYwNjA4MDU1NzA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzRmZjMwMTVkNTBhZThkYTU3NjhjYzA3MWRjNzIyOTA4YjQzOTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1f/312ekyxpY+BfKvdarJSZPNNk5
tr6ysBjA+aGYq6bhvzy/3dti6DwIRjXymmymv8uOwZ7CiiyK8rmsciX3aJGZsr1J
Ph/ccGlnIV9IDemjYIZSSeDo8cpy0nLTqUHCYdcf7lmeuElSUYfxLuOUi7ixkHxy
/HhJIMnC2gHxg7INkq6iXmJoEpm2fauVYkZTFREwanmmB2R93BOF5krug+PrEepw
rPG0j2NrtGQm5Jn96rWvzxcUbu8ORcmZ+Fo4UJ018LZRb24WnKtoBDZD0x6B+Rzv
e3NUtro5gX+ApvhPIcHswJg5PWenry93wAUy5Zx8+3bNEHy0ZY6g1wNi2QIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFGdP8wFdUK6NpXaMwHHccikItDkFMB8GA1UdIwQY
MBaAFBmkPYFlejw4wVDeVXl/HHtfDC67MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2FROWdXVjZQRGpCVU41VmVYOGNlMThNTHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8wZjNjNjEtMDJkZi00YWY3LWI5M2Yt
MDdmNzRjMDE5NzMyLzEvWjBfekFWMVFybzJsZG96QWNkeHlLUWkwT1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8wZjNjNjEtMDJkZi00YWY3LWI5M2YtMDdmNzRjMDE5NzMy
LzEvR2FROWdXVjZQRGpCVU41VmVYOGNlMThNTHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAi2RbAME
A1BA6AMEAFvs5wMEAl1YGAMEAJITEAMEALLTjwMEALkLPAMEALlQWAMEALmRNQME
ALnNyQMEALnq2QMEAMEhIgMEAMGycgMEAMHzkgMEAMIfbjANBAIAAjAHAwUDKg79
wDANBgkqhkiG9w0BAQsFAAOCAQEAju3MCyxKo+8HdwLg/kzOWrJiuKld3HMMewqA
IibRxhBz5oYeynCJgz/5DLiFxf1JIdYJ+W6WuOl6gIO6wwaJXUVOZ7RK1+Rr94P+
+72Hc5rEKJlpAR3FTR9TKrGMtIvHMCQnfNzn7TCVmxLKg2H3GiEDUXfRYIDS2dxm
EeFOI90VMR/SvGJnOwdNu3CTZoUpRr+mxhVw4yRYPSuSRKqES9bPVbOcvK+tEVig
0gVOL0+T8XMojxn9ymYyMwYD6UL8TwmbpuHUDsHsDaJGtWVhyvUatWQkNI2qmWQj
Br0UqTltcKeVGEJo+GMbyNAjYlSHhzWYAxvjrrcrU5gFkPQ3iA==
-----END CERTIFICATE-----
Generated at Sun Jun 14 02:44:49 2026 by rpki-client