Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/ZaoBRhEk4qwSlrNHwHjHDnxoCuw.roa
File: ZaoBRhEk4qwSlrNHwHjHDnxoCuw.roa (raw, json)
Hash identifier: hrtzgv1xQmtiIBmcMPVBG0zFyTl5NLUuW7yV6R+9HtE=
Subject key identifier: 65:AA:01:46:11:24:E2:AC:12:96:B3:47:C0:78:C7:0E:7C:68:0A:EC
Certificate issuer: /CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Certificate serial: 019D3D9BCBACD657308DA5B7906CAA1F716E
Authority key identifier: 20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/ZaoBRhEk4qwSlrNHwHjHDnxoCuw.roa
Signing time: Mon 30 Mar 2026 07:18:33 +0000
ROA not before: Mon 30 Mar 2026 07:18:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213479
IP address blocks: 62.113.58.0/24 maxlen: 24
111.88.132.0/24 maxlen: 24
111.88.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.mft
rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3d:9b:cb:ac:d6:57:30:8d:a5:b7:90:6c:aa:1f:71:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Validity
Not Before: Mar 30 07:18:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=65aa01461124e2ac1296b347c078c70e7c680aec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a6:da:61:2f:c5:f7:ca:7b:e3:e3:9e:78:b7:
2d:20:03:a1:69:59:91:d3:eb:35:97:c3:c9:fb:b4:
04:8c:59:b4:07:83:f6:2a:13:ac:3d:aa:84:d4:d7:
9f:1d:f5:cc:f7:ee:89:b5:7b:70:4b:2a:f2:75:68:
c6:31:f8:db:c3:77:c0:af:06:d3:0e:f4:d7:30:72:
dd:1b:a1:53:a8:1e:b0:55:7d:a7:7f:c0:75:87:cc:
60:c3:e2:db:04:a5:9b:3f:29:80:51:09:93:15:05:
a0:b7:83:e0:21:d1:6f:7c:47:dc:4c:87:b5:26:3c:
5f:76:52:8f:84:fa:9b:b4:93:a6:f9:59:13:eb:70:
b1:c0:d5:67:74:01:e7:9b:aa:2d:a9:bc:3e:d5:13:
ed:32:15:d9:28:6b:54:c5:02:97:21:38:f3:da:cf:
53:24:be:1c:d4:7d:eb:c8:68:a4:28:c1:81:fb:2e:
bc:f6:aa:81:91:2e:74:39:6f:96:1a:4a:74:08:08:
ad:af:1b:60:08:9e:aa:b6:b1:07:2f:23:6d:73:85:
69:b1:49:60:23:32:09:b9:4b:a1:af:fb:b8:1e:8b:
a9:e9:e1:b5:e8:48:f7:14:77:47:4f:5d:90:a1:22:
c8:00:58:70:48:2a:c5:ed:e3:d8:07:cd:7b:66:bf:
53:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:AA:01:46:11:24:E2:AC:12:96:B3:47:C0:78:C7:0E:7C:68:0A:EC
X509v3 Authority Key Identifier:
keyid:20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/ZaoBRhEk4qwSlrNHwHjHDnxoCuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.113.58.0/24
111.88.132.0/23
Signature Algorithm: sha256WithRSAEncryption
18:18:bb:fe:c5:98:94:7c:49:d9:ca:4e:62:3b:41:26:6a:a8:
5b:7f:28:14:6e:1a:80:08:ce:52:99:94:76:52:4c:f3:d4:26:
b4:b7:89:8a:14:94:43:a9:5e:1d:bd:c3:2a:21:a3:44:ee:df:
d8:39:54:e5:5f:f5:c6:7c:ee:b3:e7:ed:01:49:10:e3:4d:c8:
24:9f:e5:15:09:47:fc:fc:7a:e0:d5:82:5e:d6:d4:d3:1c:69:
f7:d7:40:4b:ee:01:d2:0d:52:86:ed:6a:6c:2b:0d:fa:5b:76:
e3:71:99:b1:89:cd:b5:79:15:18:c1:e5:ce:ef:b2:58:dc:8d:
f7:51:88:6c:7e:99:06:33:da:16:db:28:a3:30:02:03:ba:db:
02:74:78:86:b2:2c:bb:47:5a:c0:9c:7b:d1:73:e0:56:5e:83:
f9:5b:a4:87:66:dc:78:dd:0d:83:0c:52:2b:35:ee:21:ae:4c:
73:f7:07:8a:0f:cc:8a:bc:98:fe:d4:b4:ce:4f:2f:c7:27:89:
b0:e3:32:50:14:0e:94:5f:71:5a:de:27:9d:85:33:d8:98:98:
4f:8d:93:ba:b9:ce:03:dc:3c:af:60:b9:4b:65:cb:7b:b0:4d:
67:87:f5:29:c0:99:00:d8:3d:62:8e:f3:68:99:13:f8:06:50:
e8:50:c3:08
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ09m8us1lcwjaW3kGyqH3FuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2EyZDRjYjNlNTZiNWQyOTk3MGE5N2ZjNjQ1ZWIyZmQ2
ODc2YTEwHhcNMjYwMzMwMDcxODMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWFhMDE0NjExMjRlMmFjMTI5NmIzNDdjMDc4YzcwZTdjNjgwYWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKbaYS/F98p74+OeeLctIAOhaVmR
0+s1l8PJ+7QEjFm0B4P2KhOsPaqE1NefHfXM9+6JtXtwSyrydWjGMfjbw3fArwbT
DvTXMHLdG6FTqB6wVX2nf8B1h8xgw+LbBKWbPymAUQmTFQWgt4PgIdFvfEfcTIe1
JjxfdlKPhPqbtJOm+VkT63CxwNVndAHnm6otqbw+1RPtMhXZKGtUxQKXITjz2s9T
JL4c1H3ryGikKMGB+y689qqBkS50OW+WGkp0CAitrxtgCJ6qtrEHLyNtc4VpsUlg
IzIJuUuhr/u4Houp6eG16Ej3FHdHT12QoSLIAFhwSCrF7ePYB817Zr9TqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGWqAUYRJOKsEpazR8B4xw58aArsMB8GA1UdIwQY
MBaAFCDKLUyz5WtdKZcKl/xkXrL9aHahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU1vdFRMUGxhMTBwbHdxWF9HUmVzdjFvZHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8yYzI4MTctMzcwMS00NzgzLThmYmQt
ZWVjNDg4NWM0ZjhkLzEvWmFvQlJoRWs0cXdTbHJOSHdIakhEbnhvQ3V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8yYzI4MTctMzcwMS00NzgzLThmYmQtZWVjNDg4NWM0Zjhk
LzEvSU1vdFRMUGxhMTBwbHdxWF9HUmVzdjFvZHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPnE6AwQB
b1iEMA0GCSqGSIb3DQEBCwUAA4IBAQAYGLv+xZiUfEnZyk5iO0EmaqhbfygUbhqA
CM5SmZR2Ukzz1Ca0t4mKFJRDqV4dvcMqIaNE7t/YOVTlX/XGfO6z5+0BSRDjTcgk
n+UVCUf8/Hrg1YJe1tTTHGn310BL7gHSDVKG7WpsKw36W3bjcZmxic21eRUYweXO
77JY3I33UYhsfpkGM9oW2yijMAIDutsCdHiGsiy7R1rAnHvRc+BWXoP5W6SHZtx4
3Q2DDFIrNe4hrkxz9weKD8yKvJj+1LTOTy/HJ4mw4zJQFA6UX3Fa3iedhTPYmJhP
jZO6uc4D3DyvYLlLZct7sE1nh/UpwJkA2D1ijvNomRP4BlDoUMMI
-----END CERTIFICATE-----
Generated at Fri Apr 17 10:17:07 2026 by rpki-client