Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/1a3f91-15bc-4eb8-97dd-58f1cbf3cac3/1/0ZYnGlB1sX-tIT-_McEHbMjcHh8.roa
File: 0ZYnGlB1sX-tIT-_McEHbMjcHh8.roa (raw, json)
Hash identifier: 2qWVIKYHaVj8bsZAAH+azzAq9wcQ/nQgKKzUX3Hr+1A=
Subject key identifier: D1:96:27:1A:50:75:B1:7F:AD:21:3F:BF:31:C1:07:6C:C8:DC:1E:1F
Certificate issuer: /CN=05d4d49da3e14855a7b883603ff148c1bb21f690
Certificate serial: 019C911C257951426DC141FF672584699CFA
Authority key identifier: 05:D4:D4:9D:A3:E1:48:55:A7:B8:83:60:3F:F1:48:C1:BB:21:F6:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BdTUnaPhSFWnuINgP_FIwbsh9pA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/1a3f91-15bc-4eb8-97dd-58f1cbf3cac3/1/0ZYnGlB1sX-tIT-_McEHbMjcHh8.roa
Signing time: Tue 24 Feb 2026 19:24:26 +0000
ROA not before: Tue 24 Feb 2026 19:24:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42375
IP address blocks: 2a0e:5381::/32 maxlen: 32
2a0e:8080::/32 maxlen: 32
2a0f:6fc1::/32 maxlen: 32
2a0f:6fc3::/32 maxlen: 32
2a0f:6fc4::/32 maxlen: 32
2a0f:b4c0::/32 maxlen: 32
2a0f:b4c1::/32 maxlen: 32
2a0f:b4c2::/32 maxlen: 32
2a0f:c080::/32 maxlen: 32
2a0f:c081::/32 maxlen: 32
2a14:e602::/32 maxlen: 32
2a14:e604::/32 maxlen: 32
2a14:e606::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/1a3f91-15bc-4eb8-97dd-58f1cbf3cac3/1/BdTUnaPhSFWnuINgP_FIwbsh9pA.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/1a3f91-15bc-4eb8-97dd-58f1cbf3cac3/1/BdTUnaPhSFWnuINgP_FIwbsh9pA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BdTUnaPhSFWnuINgP_FIwbsh9pA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 14:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:91:1c:25:79:51:42:6d:c1:41:ff:67:25:84:69:9c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05d4d49da3e14855a7b883603ff148c1bb21f690
Validity
Not Before: Feb 24 19:24:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d196271a5075b17fad213fbf31c1076cc8dc1e1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:2f:e3:20:f1:3a:65:7e:e8:e2:a0:19:2f:65:
e5:68:6a:8d:a7:cf:7b:a5:0c:9f:92:88:44:1c:ea:
9a:59:5d:b8:88:0e:bd:79:39:e0:96:24:68:b4:46:
97:2a:4b:66:d4:1b:77:b7:42:ad:a7:f9:4e:31:97:
2f:42:64:04:88:5d:33:3c:6a:53:68:d6:29:14:4c:
20:34:38:8a:f0:2d:26:69:c2:e7:62:72:47:48:02:
35:22:ba:fc:27:88:f9:f6:c1:19:e1:db:b2:89:f0:
a9:d0:ed:d3:87:86:68:31:34:85:f2:7f:b7:1e:3c:
fc:74:ef:5c:3f:09:eb:08:8d:b6:a9:c4:8c:98:96:
8b:1c:3a:6a:2f:89:0c:1d:0e:1a:41:93:d3:27:d4:
82:71:88:d7:70:23:a0:b4:de:4c:a2:8e:b4:8f:5d:
48:46:b7:10:ba:9c:0e:1a:00:09:6e:44:2c:5e:93:
33:0f:e4:1f:d8:ee:ef:0c:8d:b0:77:82:5d:b0:45:
bb:da:19:85:5c:f6:98:ad:56:9b:c5:9d:c6:75:50:
fd:b5:13:0c:77:f3:f7:10:d8:b1:81:fd:33:75:85:
2d:2c:cf:71:1a:a3:94:41:ea:29:c0:6b:50:79:cd:
7a:c4:68:7a:4e:4a:77:9d:c6:b9:1a:5a:27:d5:59:
a3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:96:27:1A:50:75:B1:7F:AD:21:3F:BF:31:C1:07:6C:C8:DC:1E:1F
X509v3 Authority Key Identifier:
keyid:05:D4:D4:9D:A3:E1:48:55:A7:B8:83:60:3F:F1:48:C1:BB:21:F6:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BdTUnaPhSFWnuINgP_FIwbsh9pA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/1a3f91-15bc-4eb8-97dd-58f1cbf3cac3/1/0ZYnGlB1sX-tIT-_McEHbMjcHh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/1a3f91-15bc-4eb8-97dd-58f1cbf3cac3/1/BdTUnaPhSFWnuINgP_FIwbsh9pA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:5381::/32
2a0e:8080::/32
2a0f:6fc1::/32
2a0f:6fc3::-2a0f:6fc4:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:b4c0::-2a0f:b4c2:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:c080::/31
2a14:e602::/32
2a14:e604::/32
2a14:e606::/32
Signature Algorithm: sha256WithRSAEncryption
96:7b:04:73:1c:12:bd:7e:f3:01:bf:1e:67:70:46:0e:5e:bd:
7e:18:9f:15:c6:ef:b7:ac:fc:0e:2f:05:34:c4:aa:bb:f8:ab:
02:02:c0:44:f4:99:99:a6:ff:4a:00:8a:76:0b:c9:09:66:f7:
9c:01:27:61:22:95:36:f5:10:72:01:7b:15:0c:c4:09:41:e2:
0b:3f:b1:db:d1:42:c9:e9:5a:49:01:d6:e0:cb:ef:d0:0c:0c:
32:2f:59:49:c1:c6:cf:f6:d6:6c:2e:09:42:2b:26:fa:59:1c:
13:92:2d:d0:90:4f:e4:d6:93:e0:49:5a:cb:0e:0e:ae:5a:45:
db:61:70:61:b2:6c:9e:5a:06:11:b9:7c:9b:1e:4a:66:60:4a:
2c:b0:6c:3c:c8:39:e6:8a:d8:8d:9b:7e:78:2a:9f:53:e2:49:
44:54:f7:c0:f3:94:5c:6e:3e:3a:a8:e6:50:b0:20:f0:74:17:
9e:ca:44:54:50:ba:e1:2d:59:ee:ac:43:a2:c9:55:63:77:76:
43:c9:5a:51:ad:94:c3:a1:5a:d6:54:3b:ae:ae:8c:57:d7:f1:
e3:44:b9:ae:b9:cd:34:16:e9:d1:bf:85:d8:c3:ce:4f:56:51:
f2:94:90:df:3d:4e:c4:2e:47:6c:da:2f:e3:54:02:15:28:63:
43:2d:97:d4
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZyRHCV5UUJtwUH/ZyWEaZz6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZDRkNDlkYTNlMTQ4NTVhN2I4ODM2MDNmZjE0OGMxYmIy
MWY2OTAwHhcNMjYwMjI0MTkyNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTk2MjcxYTUwNzViMTdmYWQyMTNmYmYzMWMxMDc2Y2M4ZGMxZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAti/jIPE6ZX7o4qAZL2XlaGqNp897
pQyfkohEHOqaWV24iA69eTngliRotEaXKktm1Bt3t0Ktp/lOMZcvQmQEiF0zPGpT
aNYpFEwgNDiK8C0macLnYnJHSAI1Irr8J4j59sEZ4duyifCp0O3Th4ZoMTSF8n+3
Hjz8dO9cPwnrCI22qcSMmJaLHDpqL4kMHQ4aQZPTJ9SCcYjXcCOgtN5Moo60j11I
RrcQupwOGgAJbkQsXpMzD+Qf2O7vDI2wd4JdsEW72hmFXPaYrVabxZ3GdVD9tRMM
d/P3ENixgf0zdYUtLM9xGqOUQeopwGtQec16xGh6Tkp3nca5Glon1VmjwQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFNGWJxpQdbF/rSE/vzHBB2zI3B4fMB8GA1UdIwQY
MBaAFAXU1J2j4UhVp7iDYD/xSMG7IfaQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmRUVW5hUGhTRldudUlOZ1BfRkl3YnNoOXBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC8xYTNmOTEtMTViYy00ZWI4LTk3ZGQt
NThmMWNiZjNjYWMzLzEvMFpZbkdsQjFzWC10SVQtX01jRUhiTWpjSGg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC8xYTNmOTEtMTViYy00ZWI4LTk3ZGQtNThmMWNiZjNjYWMz
LzEvQmRUVW5hUGhTRldudUlOZ1BfRkl3YnNoOXBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBXBAIAAjBRAwUAKg5TgQMF
ACoOgIADBQAqD2/BMA4DBQAqD2/DAwUAKg9vxDAOAwUGKg+0wAMFACoPtMIDBQEq
D8CAAwUAKhTmAgMFACoU5gQDBQAqFOYGMA0GCSqGSIb3DQEBCwUAA4IBAQCWewRz
HBK9fvMBvx5ncEYOXr1+GJ8Vxu+3rPwOLwU0xKq7+KsCAsBE9JmZpv9KAIp2C8kJ
ZvecASdhIpU29RByAXsVDMQJQeILP7Hb0ULJ6VpJAdbgy+/QDAwyL1lJwcbP9tZs
LglCKyb6WRwTki3QkE/k1pPgSVrLDg6uWkXbYXBhsmyeWgYRuXybHkpmYEossGw8
yDnmitiNm354Kp9T4klEVPfA85Rcbj46qOZQsCDwdBeeykRUULrhLVnurEOiyVVj
d3ZDyVpRrZTDoVrWVDuuroxX1/HjRLmuuc00FunRv4XYw85PVlHylJDfPU7ELkds
2i/jVAIVKGNDLZfU
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:23:43 2026 by rpki-client