Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/ZCa0oXLHgmdQDY529fpiGBOomr4.roa
File: ZCa0oXLHgmdQDY529fpiGBOomr4.roa (raw, json)
Hash identifier: u7mNvKGZMbSRSPtj0Y7KFlGbWSVJTIPgvoy3VLouWL0=
Subject key identifier: 64:26:B4:A1:72:C7:82:67:50:0D:8E:76:F5:FA:62:18:13:A8:9A:BE
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 019D3EC086DEBDAE3653B6D35EAAD738EB71
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/ZCa0oXLHgmdQDY529fpiGBOomr4.roa
Signing time: Mon 30 Mar 2026 12:38:17 +0000
ROA not before: Mon 30 Mar 2026 12:38:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214369
IP address blocks: 88.220.248.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft
rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 18:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3e:c0:86:de:bd:ae:36:53:b6:d3:5e:aa:d7:38:eb:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Mar 30 12:38:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6426b4a172c78267500d8e76f5fa621813a89abe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:29:d8:2a:f3:25:6c:fd:9f:9e:b4:3a:f2:15:
0d:55:0c:1e:b5:58:c6:fb:80:6b:00:d5:63:b3:18:
50:73:77:42:b3:18:01:a1:ff:27:5b:e1:d0:cd:e8:
8b:37:23:72:bc:36:2d:b9:dc:a3:9e:c3:5c:30:c8:
3f:c1:59:f5:8c:ab:6c:9b:a0:00:ee:ab:0a:04:ba:
d8:55:b8:15:0c:18:af:75:c6:11:66:90:44:4e:64:
94:45:98:17:5b:ea:40:16:6a:48:b8:33:84:3d:44:
54:43:ff:dc:4a:a2:58:06:7a:b9:e9:60:b5:d0:42:
53:11:03:4e:d7:ad:4a:00:9b:49:54:f0:40:b4:f1:
ac:e1:bb:bb:68:17:4d:9d:65:45:c7:d7:02:4e:2d:
ba:e8:cf:4e:b5:58:e6:8d:36:d2:68:16:74:42:0d:
7d:b8:1c:e9:e4:0d:1c:5a:39:e7:36:41:2a:cc:61:
8d:68:5d:bc:34:39:66:40:68:40:b6:ba:c7:8b:ec:
02:d4:bc:47:ee:20:21:0b:32:fa:63:59:8c:d0:c9:
41:c6:09:ec:85:79:40:b2:cd:2b:01:26:12:65:89:
48:57:b2:88:45:02:76:48:23:f0:80:1b:f4:f9:96:
d2:b6:93:fb:77:29:fd:a1:87:1a:39:b1:bd:e2:59:
aa:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:26:B4:A1:72:C7:82:67:50:0D:8E:76:F5:FA:62:18:13:A8:9A:BE
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/ZCa0oXLHgmdQDY529fpiGBOomr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.220.248.0/23
Signature Algorithm: sha256WithRSAEncryption
31:ef:98:fe:b0:15:55:8d:ea:45:82:75:bb:09:94:0c:c3:7c:
61:6e:62:2b:56:ac:8d:de:97:85:26:6a:95:b4:f7:d7:5b:5b:
e1:eb:ae:7a:f2:6a:19:b3:41:27:0b:8b:15:45:ce:06:53:43:
df:87:93:08:c0:8c:40:c3:16:31:cd:cc:fd:0f:65:d4:c9:11:
bf:47:7f:70:0b:8c:1c:c4:f1:67:ae:35:2a:a2:f2:39:a3:43:
8a:d1:32:a8:88:02:45:f1:70:5b:60:42:be:b6:57:0d:fd:27:
37:4a:43:49:14:f4:af:70:10:0d:bf:bd:49:9c:7f:17:1c:6d:
86:fb:89:99:03:71:af:58:ef:c1:a4:75:b6:e8:5a:74:57:3c:
f9:1a:34:ae:13:12:70:c8:58:86:a7:45:33:df:72:50:f1:cd:
e8:04:ad:b2:43:75:2f:9e:b1:a1:d0:31:e7:4e:75:1d:04:45:
3c:6e:e8:36:bc:f8:91:94:da:f5:0a:e0:64:6d:3d:dc:d7:f5:
da:57:f0:0e:44:fb:bc:b9:59:8a:a6:da:58:bf:0f:db:96:f2:
53:0f:31:f5:d0:c5:2f:94:3b:cc:4c:e3:33:bb:e8:9d:c0:2a:
a4:40:21:30:50:95:81:08:3d:26:6d:85:9b:42:0c:68:b4:02:
0f:03:bd:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0+wIbeva42U7bTXqrXOOtxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjYwMzMwMTIzODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDI2YjRhMTcyYzc4MjY3NTAwZDhlNzZmNWZhNjIxODEzYTg5YWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkinYKvMlbP2fnrQ68hUNVQwetVjG
+4BrANVjsxhQc3dCsxgBof8nW+HQzeiLNyNyvDYtudyjnsNcMMg/wVn1jKtsm6AA
7qsKBLrYVbgVDBivdcYRZpBETmSURZgXW+pAFmpIuDOEPURUQ//cSqJYBnq56WC1
0EJTEQNO161KAJtJVPBAtPGs4bu7aBdNnWVFx9cCTi266M9OtVjmjTbSaBZ0Qg19
uBzp5A0cWjnnNkEqzGGNaF28NDlmQGhAtrrHi+wC1LxH7iAhCzL6Y1mM0MlBxgns
hXlAss0rASYSZYlIV7KIRQJ2SCPwgBv0+ZbStpP7dyn9oYcaObG94lmq4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQmtKFyx4JnUA2OdvX6YhgTqJq+MB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvWkNhMG9YTEhnbWRRRFk1MjlmcGlHQk9vbXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWNz4MA0G
CSqGSIb3DQEBCwUAA4IBAQAx75j+sBVVjepFgnW7CZQMw3xhbmIrVqyN3peFJmqV
tPfXW1vh66568moZs0EnC4sVRc4GU0Pfh5MIwIxAwxYxzcz9D2XUyRG/R39wC4wc
xPFnrjUqovI5o0OK0TKoiAJF8XBbYEK+tlcN/Sc3SkNJFPSvcBANv71JnH8XHG2G
+4mZA3GvWO/BpHW26Fp0Vzz5GjSuExJwyFiGp0Uz33JQ8c3oBK2yQ3UvnrGh0DHn
TnUdBEU8bug2vPiRlNr1CuBkbT3c1/XaV/AORPu8uVmKptpYvw/blvJTDzH10MUv
lDvMTOMzu+idwCqkQCEwUJWBCD0mbYWbQgxotAIPA73W
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:36:19 2026 by rpki-client