Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/b2064b-be09-43d9-b087-a4e991b0f144/1/2ZltyCHDVI3o8f35qb479SDHuLI.roa
File: 2ZltyCHDVI3o8f35qb479SDHuLI.roa (raw, json)
Hash identifier: zdh1zWwx2K8ElbVNeH4pG3Lkf0uwVj+CGjtuVDmvtEY=
Subject key identifier: D9:99:6D:C8:21:C3:54:8D:E8:F1:FD:F9:A9:BE:3B:F5:20:C7:B8:B2
Certificate issuer: /CN=02930f8c688c04d17433a2b9c7249bc625bce316
Certificate serial: 019C945509A21729FFD47BE7E6AB02432DFE
Authority key identifier: 02:93:0F:8C:68:8C:04:D1:74:33:A2:B9:C7:24:9B:C6:25:BC:E3:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ApMPjGiMBNF0M6K5xySbxiW84xY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/b2064b-be09-43d9-b087-a4e991b0f144/1/2ZltyCHDVI3o8f35qb479SDHuLI.roa
Signing time: Wed 25 Feb 2026 10:25:26 +0000
ROA not before: Wed 25 Feb 2026 10:25:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49800
IP address blocks: 5.63.160.0/21 maxlen: 21
5.63.160.0/24 maxlen: 24
31.47.192.0/21 maxlen: 21
37.186.64.0/18 maxlen: 18
37.186.80.0/22 maxlen: 22
37.186.84.0/23 maxlen: 23
37.186.93.0/24 maxlen: 24
46.19.96.0/21 maxlen: 21
62.89.0.0/19 maxlen: 19
78.109.64.0/20 maxlen: 20
93.185.32.0/20 maxlen: 20
130.193.120.0/21 maxlen: 21
185.8.0.0/22 maxlen: 22
185.8.2.0/24 maxlen: 24
195.250.64.0/19 maxlen: 19
2a02:2a50::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/b2064b-be09-43d9-b087-a4e991b0f144/1/ApMPjGiMBNF0M6K5xySbxiW84xY.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/b2064b-be09-43d9-b087-a4e991b0f144/1/ApMPjGiMBNF0M6K5xySbxiW84xY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ApMPjGiMBNF0M6K5xySbxiW84xY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:94:55:09:a2:17:29:ff:d4:7b:e7:e6:ab:02:43:2d:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02930f8c688c04d17433a2b9c7249bc625bce316
Validity
Not Before: Feb 25 10:25:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d9996dc821c3548de8f1fdf9a9be3bf520c7b8b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:61:2e:2c:16:a4:ab:3b:17:51:13:d1:7e:7c:
ca:51:e6:bb:76:49:e6:91:dc:e1:4b:93:18:e7:ab:
0e:c0:1c:45:09:26:c1:d9:68:a8:75:dc:bc:54:04:
42:3c:47:fd:1e:4c:c9:6d:78:10:8b:62:e3:1d:0e:
3e:88:6a:85:94:17:29:86:99:c2:54:99:6c:7b:01:
1e:83:7b:73:28:aa:97:8a:ae:d4:bb:95:6d:7d:2b:
ae:da:c7:60:88:44:18:e9:61:d3:76:fb:03:76:39:
12:1c:2a:78:1e:ff:ba:fc:f4:e6:b2:0e:89:d5:7e:
f9:d3:7d:fc:1f:be:01:ca:da:b9:62:c2:54:3d:80:
ed:35:74:8a:4c:49:c5:9d:a3:02:dc:5d:34:5f:98:
96:f9:d3:08:3e:ee:69:56:60:94:5c:5f:f3:51:f3:
09:f5:56:53:52:2d:7b:d1:cc:9b:e6:fb:d8:64:f3:
27:dd:fd:42:1a:73:54:af:f4:7e:68:29:3d:ce:e9:
5d:5b:3a:4f:96:8e:b1:d6:c6:7e:49:ca:04:95:fb:
3d:36:25:55:3d:66:62:c5:fe:5e:63:3b:8d:92:85:
09:72:fc:9b:21:73:8c:67:13:a1:8f:8c:16:3e:ed:
b8:66:b6:c9:57:9e:ad:b9:4a:8c:b8:98:77:9a:4b:
dc:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:99:6D:C8:21:C3:54:8D:E8:F1:FD:F9:A9:BE:3B:F5:20:C7:B8:B2
X509v3 Authority Key Identifier:
keyid:02:93:0F:8C:68:8C:04:D1:74:33:A2:B9:C7:24:9B:C6:25:BC:E3:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ApMPjGiMBNF0M6K5xySbxiW84xY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b2064b-be09-43d9-b087-a4e991b0f144/1/2ZltyCHDVI3o8f35qb479SDHuLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b2064b-be09-43d9-b087-a4e991b0f144/1/ApMPjGiMBNF0M6K5xySbxiW84xY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.160.0/21
31.47.192.0/21
37.186.64.0/18
46.19.96.0/21
62.89.0.0/19
78.109.64.0/20
93.185.32.0/20
130.193.120.0/21
185.8.0.0/22
195.250.64.0/19
IPv6:
2a02:2a50::/29
Signature Algorithm: sha256WithRSAEncryption
7a:b5:63:4f:7e:a8:15:df:14:6d:bd:45:de:bf:c4:39:7d:c5:
40:af:d7:8a:04:e4:0c:86:4f:e4:31:42:c8:55:1c:a7:4e:b5:
4b:d3:d5:85:55:09:ca:d7:11:00:02:85:81:fd:9a:49:55:c5:
bc:a6:9b:c4:ea:53:a3:48:e2:51:53:3a:53:8e:25:4c:eb:37:
6f:a7:2c:19:26:e5:6d:58:a7:da:da:5b:89:8b:3a:0c:da:e9:
72:75:65:a6:09:15:a6:c5:71:cd:fa:a3:ce:1e:e4:14:cc:f4:
6a:53:c6:fe:bc:0d:06:f9:b9:83:96:4d:df:ba:7e:eb:46:c0:
d0:7e:2a:79:9f:63:56:fa:f4:33:ab:b6:81:3a:d9:a9:30:a2:
9e:66:52:2e:29:59:c6:b5:fd:d1:1d:6b:1b:ea:1e:bd:c8:cf:
4c:b3:3c:40:3c:06:dd:a0:31:09:72:bc:4a:88:2a:bd:28:fb:
12:e2:e7:04:72:ec:9c:a8:9f:de:42:e1:05:fa:36:09:d8:b8:
99:62:34:8c:7c:04:42:6d:d5:f6:25:0e:e7:b8:8f:da:31:c2:
fb:59:76:19:d5:2f:be:b9:fb:5f:d8:1b:70:60:32:9e:17:36:
00:7e:64:b8:59:f8:64:4f:f3:b8:f8:8a:e5:73:26:5f:39:13:
14:1c:cb:52
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZyUVQmiFyn/1Hvn5qsCQy3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyOTMwZjhjNjg4YzA0ZDE3NDMzYTJiOWM3MjQ5YmM2MjVi
Y2UzMTYwHhcNMjYwMjI1MTAyNTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTk5NmRjODIxYzM1NDhkZThmMWZkZjlhOWJlM2JmNTIwYzdiOGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mEuLBakqzsXURPRfnzKUea7dknm
kdzhS5MY56sOwBxFCSbB2Wioddy8VARCPEf9HkzJbXgQi2LjHQ4+iGqFlBcphpnC
VJlsewEeg3tzKKqXiq7Uu5VtfSuu2sdgiEQY6WHTdvsDdjkSHCp4Hv+6/PTmsg6J
1X750338H74Bytq5YsJUPYDtNXSKTEnFnaMC3F00X5iW+dMIPu5pVmCUXF/zUfMJ
9VZTUi170cyb5vvYZPMn3f1CGnNUr/R+aCk9zuldWzpPlo6x1sZ+ScoElfs9NiVV
PWZixf5eYzuNkoUJcvybIXOMZxOhj4wWPu24ZrbJV56tuUqMuJh3mkvcewIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFNmZbcghw1SN6PH9+am+O/Ugx7iyMB8GA1UdIwQY
MBaAFAKTD4xojATRdDOiucckm8YlvOMWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXBNUGpHaU1CTkYwTTZLNXh5U2J4aVc4NHhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9iMjA2NGItYmUwOS00M2Q5LWIwODct
YTRlOTkxYjBmMTQ0LzEvMlpsdHlDSERWSTNvOGYzNXFiNDc5U0RIdUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9iMjA2NGItYmUwOS00M2Q5LWIwODctYTRlOTkxYjBmMTQ0
LzEvQXBNUGpHaU1CTkYwTTZLNXh5U2J4aVc4NHhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQDBT+gAwQD
Hy/AAwQGJbpAAwQDLhNgAwQFPlkAAwQETm1AAwQEXbkgAwQDgsF4AwQCuQgAAwQF
w/pAMA0EAgACMAcDBQMqAipQMA0GCSqGSIb3DQEBCwUAA4IBAQB6tWNPfqgV3xRt
vUXev8Q5fcVAr9eKBOQMhk/kMULIVRynTrVL09WFVQnK1xEAAoWB/ZpJVcW8ppvE
6lOjSOJRUzpTjiVM6zdvpywZJuVtWKfa2luJizoM2ulydWWmCRWmxXHN+qPOHuQU
zPRqU8b+vA0G+bmDlk3fun7rRsDQfip5n2NW+vQzq7aBOtmpMKKeZlIuKVnGtf3R
HWsb6h69yM9MszxAPAbdoDEJcrxKiCq9KPsS4ucEcuycqJ/eQuEF+jYJ2LiZYjSM
fARCbdX2JQ7nuI/aMcL7WXYZ1S++uftf2BtwYDKeFzYAfmS4WfhkT/O4+IrlcyZf
ORMUHMtS
-----END CERTIFICATE-----
Generated at Mon Mar 2 18:26:18 2026 by rpki-client