Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/ZDNuDNGFbOoaMuM4Tz-R6K--o3I.roa
File: ZDNuDNGFbOoaMuM4Tz-R6K--o3I.roa (raw, json)
Hash identifier: tX3XwKVvtYfKIrgLHdjij/Tc3SYJBNi1giZgqqMLZJY=
Subject key identifier: 64:33:6E:0C:D1:85:6C:EA:1A:32:E3:38:4F:3F:91:E8:AF:BE:A3:72
Certificate issuer: /CN=9fb4a8b93af9ea9cf18aaca4e73f116ec26eb357
Certificate serial: 019C6B527894227F4DCC93D2F16AB0CD7524
Authority key identifier: 9F:B4:A8:B9:3A:F9:EA:9C:F1:8A:AC:A4:E7:3F:11:6E:C2:6E:B3:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n7SouTr56pzxiqyk5z8RbsJus1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/ZDNuDNGFbOoaMuM4Tz-R6K--o3I.roa
Signing time: Tue 17 Feb 2026 11:18:12 +0000
ROA not before: Tue 17 Feb 2026 11:18:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43060
IP address blocks: 91.196.76.0/23 maxlen: 24
91.196.77.0/24 maxlen: 24
94.158.48.0/20 maxlen: 20
94.158.48.0/21 maxlen: 21
94.158.56.0/24 maxlen: 24
94.158.57.0/24 maxlen: 24
94.158.58.0/24 maxlen: 24
94.158.59.0/24 maxlen: 24
94.158.60.0/24 maxlen: 24
94.158.61.0/24 maxlen: 24
94.158.62.0/24 maxlen: 24
94.158.63.0/24 maxlen: 24
109.207.243.0/24 maxlen: 24
109.207.244.0/24 maxlen: 24
185.196.216.0/22 maxlen: 22
2a04:1b80::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/n7SouTr56pzxiqyk5z8RbsJus1c.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/n7SouTr56pzxiqyk5z8RbsJus1c.mft
rsync://rpki.ripe.net/repository/DEFAULT/n7SouTr56pzxiqyk5z8RbsJus1c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 14:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6b:52:78:94:22:7f:4d:cc:93:d2:f1:6a:b0:cd:75:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fb4a8b93af9ea9cf18aaca4e73f116ec26eb357
Validity
Not Before: Feb 17 11:18:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=64336e0cd1856cea1a32e3384f3f91e8afbea372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:1d:0e:2d:f0:f4:96:2d:82:b9:81:c2:07:64:
ca:d4:f2:ec:1a:f3:ea:61:fe:ef:c9:13:98:c1:e5:
75:b7:85:1e:5b:0f:90:71:0f:b2:54:0d:9f:4d:e2:
57:29:b5:fa:14:93:96:fd:ea:57:e5:25:67:44:50:
a9:c1:63:b3:aa:41:2b:c4:6a:12:a0:19:2b:82:1f:
1b:d3:b5:53:4b:dd:3c:a3:ce:36:fa:17:ad:c0:05:
3c:0d:10:c3:d6:57:59:44:47:47:03:1c:5f:e3:ba:
ab:e4:50:2f:58:25:d8:55:e1:9e:58:95:ad:b6:24:
52:01:e3:cd:6e:1e:83:78:67:c6:83:71:eb:58:e9:
54:e4:56:df:65:64:4d:bf:d6:a8:b4:3e:14:84:3b:
01:a6:cf:10:49:22:c2:dc:71:65:f2:52:16:ce:ad:
7b:d5:5a:ec:75:48:84:42:ad:45:c6:38:d6:7f:57:
46:62:c3:31:10:86:7c:2c:10:12:ec:3d:a6:94:ae:
1f:f2:d5:e0:d1:b1:94:60:90:bc:2f:ef:28:f0:5b:
f8:0e:f2:be:85:71:ad:f9:31:25:8e:c0:65:71:de:
3b:a0:71:56:61:76:53:f0:69:ee:9b:4e:6e:10:59:
8d:06:cb:94:e1:da:38:59:58:02:28:bd:2e:97:cb:
c6:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:33:6E:0C:D1:85:6C:EA:1A:32:E3:38:4F:3F:91:E8:AF:BE:A3:72
X509v3 Authority Key Identifier:
keyid:9F:B4:A8:B9:3A:F9:EA:9C:F1:8A:AC:A4:E7:3F:11:6E:C2:6E:B3:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n7SouTr56pzxiqyk5z8RbsJus1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/ZDNuDNGFbOoaMuM4Tz-R6K--o3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/n7SouTr56pzxiqyk5z8RbsJus1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.76.0/23
94.158.48.0/20
109.207.243.0-109.207.244.255
185.196.216.0/22
IPv6:
2a04:1b80::/32
Signature Algorithm: sha256WithRSAEncryption
b8:b6:4f:33:92:f8:8e:5a:0b:2c:ab:f2:b3:7d:66:90:84:60:
d3:64:d5:30:46:03:27:8d:5a:a0:2e:20:a0:bd:b7:9c:fb:d8:
10:89:11:60:d0:e1:05:50:85:3e:a4:d4:ca:f3:b9:f2:29:61:
fa:3c:ac:32:65:7c:fa:4f:24:d3:f3:14:1a:63:bb:d9:17:01:
de:13:4d:80:bc:39:7b:6f:b3:10:59:0c:96:ec:f1:ce:53:45:
67:c6:45:f9:50:c3:56:f1:97:c1:d7:82:92:53:96:67:fe:db:
3b:8d:e3:5f:ff:ec:46:ce:90:1f:29:3f:a6:f2:f6:42:40:b1:
60:cd:32:b5:39:e9:2f:a3:f6:9a:c4:e2:d3:e2:b4:06:3b:bd:
ff:17:34:13:37:c7:8c:8a:8a:10:d6:65:30:62:fd:1d:b1:60:
95:cd:b7:10:64:3c:44:0b:3e:33:b7:b8:c6:86:ed:59:de:ed:
e2:2c:cb:63:6f:82:39:65:fe:bb:26:e1:67:d8:0e:77:6e:1d:
1c:71:d3:ae:05:8f:77:ce:78:a5:ad:0b:a8:94:ac:b8:93:98:
2f:75:1b:75:45:97:8d:8a:8c:a5:45:d0:d9:fb:39:22:7c:b3:
b9:e0:5f:a6:84:0e:2a:ea:15:5f:79:6c:30:c9:71:f8:72:0a:
70:d0:12:b3
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZxrUniUIn9NzJPS8WqwzXUkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYjRhOGI5M2FmOWVhOWNmMThhYWNhNGU3M2YxMTZlYzI2
ZWIzNTcwHhcNMjYwMjE3MTExODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDMzNmUwY2QxODU2Y2VhMWEzMmUzMzg0ZjNmOTFlOGFmYmVhMzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxR0OLfD0li2CuYHCB2TK1PLsGvPq
Yf7vyROYweV1t4UeWw+QcQ+yVA2fTeJXKbX6FJOW/epX5SVnRFCpwWOzqkErxGoS
oBkrgh8b07VTS908o842+hetwAU8DRDD1ldZREdHAxxf47qr5FAvWCXYVeGeWJWt
tiRSAePNbh6DeGfGg3HrWOlU5FbfZWRNv9aotD4UhDsBps8QSSLC3HFl8lIWzq17
1VrsdUiEQq1FxjjWf1dGYsMxEIZ8LBAS7D2mlK4f8tXg0bGUYJC8L+8o8Fv4DvK+
hXGt+TEljsBlcd47oHFWYXZT8Gnum05uEFmNBsuU4do4WVgCKL0ul8vGFwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFGQzbgzRhWzqGjLjOE8/keivvqNyMB8GA1UdIwQY
MBaAFJ+0qLk6+eqc8YqspOc/EW7CbrNXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjdTb3VUcjU2cHp4aXF5azV6OFJic0p1czFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84OTg3NDEtZWRhNC00YzVkLWFmOWYt
OGQ2OGViMjBmYmRkLzEvWkROdUROR0ZiT29hTXVNNFR6LVI2Sy0tbzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84OTg3NDEtZWRhNC00YzVkLWFmOWYtOGQ2OGViMjBmYmRk
LzEvbjdTb3VUcjU2cHp4aXF5azV6OFJic0p1czFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQBW8RMAwQE
Xp4wMAwDBABtz/MDBABtz/QDBAK5xNgwDQQCAAIwBwMFACoEG4AwDQYJKoZIhvcN
AQELBQADggEBALi2TzOS+I5aCyyr8rN9ZpCEYNNk1TBGAyeNWqAuIKC9t5z72BCJ
EWDQ4QVQhT6k1MrzufIpYfo8rDJlfPpPJNPzFBpju9kXAd4TTYC8OXtvsxBZDJbs
8c5TRWfGRflQw1bxl8HXgpJTlmf+2zuN41//7EbOkB8pP6by9kJAsWDNMrU56S+j
9prE4tPitAY7vf8XNBM3x4yKihDWZTBi/R2xYJXNtxBkPEQLPjO3uMaG7Vne7eIs
y2Nvgjll/rsm4WfYDnduHRxx064Fj3fOeKWtC6iUrLiTmC91G3VFl42KjKVF0Nn7
OSJ8s7ngX6aEDirqFV95bDDJcfhyCnDQErM=
-----END CERTIFICATE-----
Generated at Mon Mar 2 22:29:55 2026 by rpki-client