Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/e29852-7e5c-452a-9e73-0c10dc507173/1/ZCvgjfcdUvB5emDgJUqlCNrfN4U.roa
File: ZCvgjfcdUvB5emDgJUqlCNrfN4U.roa (raw, json)
Hash identifier: 9CWeQ56fOiBQ0iE9QR8Rty2enOxfpS87kCa0J2lyyi8=
Subject key identifier: 64:2B:E0:8D:F7:1D:52:F0:79:7A:60:E0:25:4A:A5:08:DA:DF:37:85
Certificate issuer: /CN=36fd6e9e7acb3758325bb3e4245918f324ffeda1
Certificate serial: 019D86C91BD4C5474B2A32D9B2D3A7F9AD13
Authority key identifier: 36:FD:6E:9E:7A:CB:37:58:32:5B:B3:E4:24:59:18:F3:24:FF:ED:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nv1unnrLN1gyW7PkJFkY8yT_7aE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/e29852-7e5c-452a-9e73-0c10dc507173/1/ZCvgjfcdUvB5emDgJUqlCNrfN4U.roa
Signing time: Mon 13 Apr 2026 12:20:19 +0000
ROA not before: Mon 13 Apr 2026 12:20:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43133
IP address blocks: 91.196.132.0/24 maxlen: 24
91.196.133.0/24 maxlen: 24
91.196.134.0/24 maxlen: 24
91.196.135.0/24 maxlen: 24
185.102.85.0/24 maxlen: 24
2a14:9780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/e29852-7e5c-452a-9e73-0c10dc507173/1/Nv1unnrLN1gyW7PkJFkY8yT_7aE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/e29852-7e5c-452a-9e73-0c10dc507173/1/Nv1unnrLN1gyW7PkJFkY8yT_7aE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nv1unnrLN1gyW7PkJFkY8yT_7aE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:86:c9:1b:d4:c5:47:4b:2a:32:d9:b2:d3:a7:f9:ad:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36fd6e9e7acb3758325bb3e4245918f324ffeda1
Validity
Not Before: Apr 13 12:20:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=642be08df71d52f0797a60e0254aa508dadf3785
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bc:53:a3:77:8f:23:39:57:f9:1e:98:4d:d3:
da:83:0e:a0:d4:36:8a:3e:47:89:01:3f:0e:40:e2:
66:d6:a4:db:6b:b0:e4:f7:3d:ef:ca:9e:c0:0e:66:
4b:f9:ac:e3:28:40:a8:f9:08:43:4f:3b:e6:1d:ce:
ee:f7:8d:f2:29:b6:2c:e3:9b:92:db:27:8d:5d:03:
3c:50:a8:fb:e5:96:dd:b9:46:a7:60:73:64:04:30:
88:69:ae:1a:e0:43:ec:ef:88:07:38:43:62:a4:54:
62:8b:ab:27:a1:0c:f8:f4:4c:37:aa:3d:18:0d:48:
81:1b:23:66:3f:55:ad:bc:66:ed:82:c5:ce:0c:40:
dd:4e:23:aa:45:8e:35:7a:14:49:ab:94:10:c1:1e:
6b:ac:d8:5c:71:ea:91:58:55:80:28:b8:0e:34:ec:
ba:9f:c1:19:22:0d:65:26:b4:f0:c0:45:84:30:d4:
2b:6c:a2:00:fe:54:60:b0:38:49:40:1d:53:f0:97:
ff:40:b6:18:7b:0f:3a:cb:a5:7a:59:70:21:c1:7f:
c6:28:74:9b:7a:5a:40:91:e9:b9:88:f8:91:2a:0c:
84:af:d9:f8:f7:86:c2:70:f3:c4:4b:13:77:c4:63:
4d:1a:e0:d7:97:32:0c:c7:40:ff:12:0b:0c:73:fa:
7a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:2B:E0:8D:F7:1D:52:F0:79:7A:60:E0:25:4A:A5:08:DA:DF:37:85
X509v3 Authority Key Identifier:
keyid:36:FD:6E:9E:7A:CB:37:58:32:5B:B3:E4:24:59:18:F3:24:FF:ED:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nv1unnrLN1gyW7PkJFkY8yT_7aE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/e29852-7e5c-452a-9e73-0c10dc507173/1/ZCvgjfcdUvB5emDgJUqlCNrfN4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/e29852-7e5c-452a-9e73-0c10dc507173/1/Nv1unnrLN1gyW7PkJFkY8yT_7aE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.132.0/22
185.102.85.0/24
IPv6:
2a14:9780::/29
Signature Algorithm: sha256WithRSAEncryption
9b:6c:12:48:78:71:f1:05:e8:33:cc:f7:8f:cd:f4:f0:80:c7:
7c:33:eb:c3:2c:b0:b7:da:65:be:09:74:ad:21:59:4b:02:57:
95:b4:8e:f1:c8:a4:f3:be:8b:e3:b2:27:fb:e2:a8:7e:f5:44:
c0:f4:41:fa:ac:74:66:a2:5f:de:58:8c:f3:65:7d:b4:08:b4:
bb:d1:7c:4d:2d:f7:46:4b:ab:e0:81:a2:70:11:08:26:68:23:
9b:e7:d1:ae:c5:98:9c:4e:41:57:2a:35:52:83:47:48:b7:d6:
d3:d1:b4:61:a6:69:1f:2e:e8:e8:d6:ce:c9:7c:12:c9:90:aa:
32:3e:0e:f9:b2:e0:51:0a:8c:52:49:bf:10:83:c1:63:ab:b4:
0f:7c:9f:94:7c:34:c8:a3:55:0d:4a:60:29:2d:31:c7:83:12:
a2:b6:da:63:7a:3d:b9:de:3b:d4:6e:f1:09:fd:ac:5f:a9:90:
45:50:37:60:30:13:05:5e:7b:3d:ba:0a:a6:7b:f4:6b:c2:30:
f2:88:db:2b:42:15:63:3f:1d:6c:04:24:4e:13:d3:0e:37:c4:
83:f3:0f:87:66:5e:f2:10:21:cd:8b:ac:c0:ca:d3:4a:5b:88:
4a:b6:ee:da:c2:c7:3b:02:66:8e:0f:60:75:29:aa:47:18:a3:
b8:66:59:90
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ2GyRvUxUdLKjLZstOn+a0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2ZmQ2ZTllN2FjYjM3NTgzMjViYjNlNDI0NTkxOGYzMjRm
ZmVkYTEwHhcNMjYwNDEzMTIyMDE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDJiZTA4ZGY3MWQ1MmYwNzk3YTYwZTAyNTRhYTUwOGRhZGYzNzg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7xTo3ePIzlX+R6YTdPagw6g1DaK
PkeJAT8OQOJm1qTba7Dk9z3vyp7ADmZL+azjKECo+QhDTzvmHc7u943yKbYs45uS
2yeNXQM8UKj75ZbduUanYHNkBDCIaa4a4EPs74gHOENipFRii6snoQz49Ew3qj0Y
DUiBGyNmP1WtvGbtgsXODEDdTiOqRY41ehRJq5QQwR5rrNhcceqRWFWAKLgONOy6
n8EZIg1lJrTwwEWEMNQrbKIA/lRgsDhJQB1T8Jf/QLYYew86y6V6WXAhwX/GKHSb
elpAkem5iPiRKgyEr9n494bCcPPESxN3xGNNGuDXlzIMx0D/EgsMc/p6FwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGQr4I33HVLweXpg4CVKpQja3zeFMB8GA1UdIwQY
MBaAFDb9bp56yzdYMluz5CRZGPMk/+2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnYxdW5uckxOMWd5VzdQa0pGa1k4eVRfN2FFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9lMjk4NTItN2U1Yy00NTJhLTllNzMt
MGMxMGRjNTA3MTczLzEvWkN2Z2pmY2RVdkI1ZW1EZ0pVcWxDTnJmTjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9lMjk4NTItN2U1Yy00NTJhLTllNzMtMGMxMGRjNTA3MTcz
LzEvTnYxdW5uckxOMWd5VzdQa0pGa1k4eVRfN2FFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8SEAwQA
uWZVMA0EAgACMAcDBQMqFJeAMA0GCSqGSIb3DQEBCwUAA4IBAQCbbBJIeHHxBegz
zPePzfTwgMd8M+vDLLC32mW+CXStIVlLAleVtI7xyKTzvovjsif74qh+9UTA9EH6
rHRmol/eWIzzZX20CLS70XxNLfdGS6vggaJwEQgmaCOb59GuxZicTkFXKjVSg0dI
t9bT0bRhpmkfLujo1s7JfBLJkKoyPg75suBRCoxSSb8Qg8Fjq7QPfJ+UfDTIo1UN
SmApLTHHgxKittpjej253jvUbvEJ/axfqZBFUDdgMBMFXns9ugqme/RrwjDyiNsr
QhVjPx1sBCROE9MON8SD8w+HZl7yECHNi6zAytNKW4hKtu7awsc7AmaOD2B1KapH
GKO4ZlmQ
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:11:51 2026 by rpki-client