Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/2Zg_-dpcqfmzuDStyGzldA-iv1s.roa
File: 2Zg_-dpcqfmzuDStyGzldA-iv1s.roa (raw, json)
Hash identifier: rO88dw5SEIUE2fPQKc2On6kad3jKSdwxG+JqeHFebNY=
Subject key identifier: D9:98:3F:F9:DA:5C:A9:F9:B3:B8:34:AD:C8:6C:E5:74:0F:A2:BF:5B
Certificate issuer: /CN=ccca763f3db2965a1e4eb0bf76c1cb868baae46d
Certificate serial: 019D443109B1F6FB099DE2408E9F762D6B83
Authority key identifier: CC:CA:76:3F:3D:B2:96:5A:1E:4E:B0:BF:76:C1:CB:86:8B:AA:E4:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zMp2Pz2ylloeTrC_dsHLhouq5G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/2Zg_-dpcqfmzuDStyGzldA-iv1s.roa
Signing time: Tue 31 Mar 2026 13:59:17 +0000
ROA not before: Tue 31 Mar 2026 13:59:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58243
IP address blocks: 217.147.48.0/22 maxlen: 22
217.147.48.0/23 maxlen: 23
217.147.50.0/23 maxlen: 23
217.147.52.0/23 maxlen: 23
217.147.54.0/24 maxlen: 24
217.147.56.0/22 maxlen: 22
217.147.56.0/23 maxlen: 23
217.147.58.0/23 maxlen: 23
217.147.58.0/24 maxlen: 24
217.147.59.0/24 maxlen: 24
217.147.61.0/24 maxlen: 24
217.147.62.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/zMp2Pz2ylloeTrC_dsHLhouq5G0.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/zMp2Pz2ylloeTrC_dsHLhouq5G0.mft
rsync://rpki.ripe.net/repository/DEFAULT/zMp2Pz2ylloeTrC_dsHLhouq5G0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:44:31:09:b1:f6:fb:09:9d:e2:40:8e:9f:76:2d:6b:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccca763f3db2965a1e4eb0bf76c1cb868baae46d
Validity
Not Before: Mar 31 13:59:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d9983ff9da5ca9f9b3b834adc86ce5740fa2bf5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4e:cf:e8:87:b0:03:14:cf:11:da:da:23:df:
bd:1c:6b:f7:a3:6a:d4:4e:79:09:ba:16:5a:e5:3f:
ad:40:7d:ee:43:50:f6:ba:7f:55:86:c8:1c:b0:27:
07:30:32:d3:65:ed:e3:06:a1:53:f8:75:ce:d5:98:
ec:fe:42:af:5f:fd:79:5c:bb:bd:ce:93:cb:07:59:
16:c7:ea:23:67:42:38:df:74:67:d1:76:22:05:82:
09:01:63:f2:64:09:d2:77:50:54:38:d6:d6:2d:e8:
6b:09:99:39:d5:b3:d2:97:79:e7:ea:25:f5:77:80:
81:14:af:37:91:7e:35:1a:42:37:63:81:ad:54:34:
04:86:23:bf:6d:a1:d5:12:1d:bf:ab:27:1f:db:5e:
10:8d:5c:da:20:4a:b7:eb:4d:d1:18:eb:b3:ab:d7:
56:76:d2:d8:73:57:b9:2d:9d:cb:12:4d:e7:99:75:
bc:72:fd:4a:ad:6c:d2:d0:86:87:9f:d1:dc:82:16:
d7:28:19:e4:1e:ef:52:e0:8b:05:8b:43:e3:ce:c9:
2d:09:8f:8b:9b:11:9c:56:4b:7b:28:cd:1f:ae:de:
60:f6:dc:84:66:9a:c8:36:e8:c6:cc:8e:74:8a:37:
bf:10:9c:21:d3:8e:fd:91:88:5a:c1:ef:02:85:8f:
35:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:98:3F:F9:DA:5C:A9:F9:B3:B8:34:AD:C8:6C:E5:74:0F:A2:BF:5B
X509v3 Authority Key Identifier:
keyid:CC:CA:76:3F:3D:B2:96:5A:1E:4E:B0:BF:76:C1:CB:86:8B:AA:E4:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zMp2Pz2ylloeTrC_dsHLhouq5G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/2Zg_-dpcqfmzuDStyGzldA-iv1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/1c090c-74db-4531-96f7-fac63c03c25a/1/zMp2Pz2ylloeTrC_dsHLhouq5G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.48.0-217.147.54.255
217.147.56.0/22
217.147.61.0-217.147.63.255
Signature Algorithm: sha256WithRSAEncryption
28:7d:e2:41:31:cb:16:0a:ee:de:cc:f3:6d:85:20:7e:f8:e4:
fb:f8:9c:9d:74:86:a4:28:35:8e:58:92:3a:40:98:dd:92:e4:
d1:ef:ca:e5:74:87:fa:5a:29:1f:84:1b:92:8b:d2:86:4e:70:
70:ed:78:f2:e9:4c:3d:24:f0:ed:4b:64:16:06:68:e8:6f:ff:
ee:bc:1a:b2:cf:43:6d:89:fb:6b:6b:d3:5c:4b:2d:5a:7e:06:
74:6f:ef:53:18:42:b2:df:48:c5:9a:f4:cc:b9:de:9e:ae:9b:
7d:62:14:67:4c:c0:c7:a4:c3:3f:7a:4a:87:f3:ff:c6:d5:3a:
16:e8:cc:eb:01:c8:be:f0:91:33:f2:84:8e:04:a5:3f:c3:54:
d6:1e:2e:8d:47:0f:4f:c3:d1:09:65:4f:3a:80:65:45:a0:74:
89:a7:50:8e:35:21:46:26:f6:38:13:2d:e3:c0:1f:8f:39:b9:
f4:f6:5b:3a:21:21:f2:e7:4f:36:29:41:d8:c7:24:ae:b9:e1:
fc:05:f2:c7:4b:c0:5f:e8:3c:e5:be:2e:c4:06:20:0c:55:92:
8c:88:42:a4:eb:16:66:72:bb:f1:0e:5a:7b:5d:ae:58:5e:02:
d9:a9:f2:74:0e:91:a7:74:92:25:10:e0:57:a0:c9:ee:5a:7f:
96:bd:cc:92
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ1EMQmx9vsJneJAjp92LWuDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjY2E3NjNmM2RiMjk2NWExZTRlYjBiZjc2YzFjYjg2OGJh
YWU0NmQwHhcNMjYwMzMxMTM1OTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTk4M2ZmOWRhNWNhOWY5YjNiODM0YWRjODZjZTU3NDBmYTJiZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq07P6IewAxTPEdraI9+9HGv3o2rU
TnkJuhZa5T+tQH3uQ1D2un9VhsgcsCcHMDLTZe3jBqFT+HXO1Zjs/kKvX/15XLu9
zpPLB1kWx+ojZ0I433Rn0XYiBYIJAWPyZAnSd1BUONbWLehrCZk51bPSl3nn6iX1
d4CBFK83kX41GkI3Y4GtVDQEhiO/baHVEh2/qycf214QjVzaIEq3603RGOuzq9dW
dtLYc1e5LZ3LEk3nmXW8cv1KrWzS0IaHn9HcghbXKBnkHu9S4IsFi0PjzsktCY+L
mxGcVkt7KM0frt5g9tyEZprINujGzI50ije/EJwh0479kYhawe8ChY81cQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNmYP/naXKn5s7g0rchs5XQPor9bMB8GA1UdIwQY
MBaAFMzKdj89spZaHk6wv3bBy4aLquRtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek1wMlB6MnlsbG9lVHJDX2RzSExob3VxNUcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8xYzA5MGMtNzRkYi00NTMxLTk2Zjct
ZmFjNjNjMDNjMjVhLzEvMlpnXy1kcGNxZm16dURTdHlHemxkQS1pdjFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8xYzA5MGMtNzRkYi00NTMxLTk2ZjctZmFjNjNjMDNjMjVh
LzEvek1wMlB6MnlsbG9lVHJDX2RzSExob3VxNUcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBATZkzAD
BADZkzYDBALZkzgwDAMEANmTPQMEBtmTADANBgkqhkiG9w0BAQsFAAOCAQEAKH3i
QTHLFgru3szzbYUgfvjk+/icnXSGpCg1jliSOkCY3ZLk0e/K5XSH+lopH4QbkovS
hk5wcO148ulMPSTw7UtkFgZo6G//7rwass9DbYn7a2vTXEstWn4GdG/vUxhCst9I
xZr0zLnenq6bfWIUZ0zAx6TDP3pKh/P/xtU6FujM6wHIvvCRM/KEjgSlP8NU1h4u
jUcPT8PRCWVPOoBlRaB0iadQjjUhRib2OBMt48Afjzm59PZbOiEh8udPNilB2Mck
rrnh/AXyx0vAX+g85b4uxAYgDFWSjIhCpOsWZnK78Q5ae12uWF4C2anydA6Rp3SS
JRDgV6DJ7lp/lr3Mkg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:25:46 2026 by rpki-client