Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/z13Fw4Baa0Cf6jqQgcmcdGaY9lY.roa
File: z13Fw4Baa0Cf6jqQgcmcdGaY9lY.roa (raw, json)
Hash identifier: N61RklKzFSZ71nW5Q0awQlylDE3NsNVur5bGxsKSODA=
Subject key identifier: CF:5D:C5:C3:80:5A:6B:40:9F:EA:3A:90:81:C9:9C:74:66:98:F6:56
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 019C27A80BA2375343EF027034FA531135EB
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/z13Fw4Baa0Cf6jqQgcmcdGaY9lY.roa
Signing time: Wed 04 Feb 2026 07:57:30 +0000
ROA not before: Wed 04 Feb 2026 07:57:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25198
IP address blocks: 194.152.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 21:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:27:a8:0b:a2:37:53:43:ef:02:70:34:fa:53:11:35:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Feb 4 07:57:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cf5dc5c3805a6b409fea3a9081c99c746698f656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:83:71:e5:17:b7:60:c0:2c:6e:2b:9f:bd:c3:
fd:48:79:3a:81:f2:80:c3:5f:14:0a:b3:88:53:df:
68:4c:95:58:a1:21:94:ed:bb:aa:2a:21:6f:48:25:
17:0f:15:fe:a8:2f:ff:ee:c4:78:92:ec:b3:d6:0f:
dc:42:91:5b:39:98:29:b7:12:a3:56:ec:78:9f:2d:
92:ef:39:4f:cb:38:d3:fd:b6:6c:a1:09:e9:f6:7e:
5e:6e:6c:6e:5b:09:e4:15:91:6f:f6:a6:a3:f3:47:
4f:a0:c5:b2:bd:d3:f8:ed:04:65:38:ad:5b:99:aa:
07:53:f3:32:5e:4d:7d:d2:ea:8e:2d:cd:1b:91:a1:
88:54:e2:ac:e2:ac:ab:2a:2d:68:40:2c:51:ca:8d:
60:4e:a6:59:e0:3b:6a:88:0b:ba:42:08:a2:d3:fd:
eb:17:39:35:90:3e:83:c7:e8:d8:16:49:b4:41:ec:
5a:27:77:bd:1c:9f:35:3f:dd:6e:e8:71:a0:30:ec:
94:ae:50:f1:9a:21:f0:95:5c:26:4a:36:1c:1a:72:
84:9d:79:9a:e9:12:dd:cd:eb:1f:ae:a4:ac:f5:79:
6e:ed:38:2d:e6:ff:9d:76:e7:6e:94:5c:57:a8:f2:
55:e7:b6:60:ac:b5:33:37:c4:4b:47:df:3d:ea:06:
4f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:5D:C5:C3:80:5A:6B:40:9F:EA:3A:90:81:C9:9C:74:66:98:F6:56
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/z13Fw4Baa0Cf6jqQgcmcdGaY9lY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.152.145.0/24
Signature Algorithm: sha256WithRSAEncryption
49:b8:45:4c:ea:93:ea:56:94:ce:1f:21:a0:ed:b1:94:ae:11:
e5:7e:7a:b3:ed:3f:84:af:6e:19:15:20:6d:9a:4c:ef:11:ad:
4f:9d:35:87:0a:2c:65:c6:75:4c:e1:e5:42:7c:33:98:3e:a3:
af:7b:17:e7:11:31:10:9b:20:97:a5:8b:56:be:c9:60:62:2c:
05:0f:4a:6d:2a:a2:b7:b0:cb:c5:f1:f0:ec:43:1c:1f:b0:83:
53:3c:14:8a:4c:9a:e5:8f:4b:df:be:5a:14:4d:62:2c:fb:4f:
48:9c:ac:86:4c:41:c4:96:ef:95:a4:ce:33:be:1d:ff:cd:68:
d7:25:12:af:67:58:e5:4a:44:1a:01:95:8d:5d:33:52:0c:19:
36:3e:a5:ac:1a:6d:bf:af:d7:88:74:6e:3c:2c:28:63:65:a7:
cf:75:e9:b1:60:ba:7d:78:e5:3d:1a:44:20:48:2b:78:e0:5b:
6c:a8:e4:8c:b6:fe:2f:01:81:52:31:de:37:ab:06:a6:4d:50:
8d:31:2b:48:13:0a:02:91:62:20:6a:ec:87:67:a0:53:4a:7f:
06:3f:69:d0:81:f7:e2:23:7b:9b:a0:74:74:48:2a:19:05:bd:
9f:5f:96:25:1a:07:f0:8f:74:a6:b7:79:aa:45:a0:95:5c:15:
38:da:cb:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZwnqAuiN1ND7wJwNPpTETXrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjYwMjA0MDc1NzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjVkYzVjMzgwNWE2YjQwOWZlYTNhOTA4MWM5OWM3NDY2OThmNjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroNx5Re3YMAsbiufvcP9SHk6gfKA
w18UCrOIU99oTJVYoSGU7buqKiFvSCUXDxX+qC//7sR4kuyz1g/cQpFbOZgptxKj
Vux4ny2S7zlPyzjT/bZsoQnp9n5ebmxuWwnkFZFv9qaj80dPoMWyvdP47QRlOK1b
maoHU/MyXk190uqOLc0bkaGIVOKs4qyrKi1oQCxRyo1gTqZZ4DtqiAu6Qgii0/3r
Fzk1kD6Dx+jYFkm0QexaJ3e9HJ81P91u6HGgMOyUrlDxmiHwlVwmSjYcGnKEnXma
6RLdzesfrqSs9Xlu7Tgt5v+ddudulFxXqPJV57ZgrLUzN8RLR9896gZP+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM9dxcOAWmtAn+o6kIHJnHRmmPZWMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvejEzRnc0QmFhMENmNmpxUWdjbWNkR2FZOWxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpiRMA0G
CSqGSIb3DQEBCwUAA4IBAQBJuEVM6pPqVpTOHyGg7bGUrhHlfnqz7T+Er24ZFSBt
mkzvEa1PnTWHCixlxnVM4eVCfDOYPqOvexfnETEQmyCXpYtWvslgYiwFD0ptKqK3
sMvF8fDsQxwfsINTPBSKTJrlj0vfvloUTWIs+09InKyGTEHElu+VpM4zvh3/zWjX
JRKvZ1jlSkQaAZWNXTNSDBk2PqWsGm2/r9eIdG48LChjZafPdemxYLp9eOU9GkQg
SCt44FtsqOSMtv4vAYFSMd43qwamTVCNMStIEwoCkWIgauyHZ6BTSn8GP2nQgffi
I3uboHR0SCoZBb2fX5YlGgfwj3Smt3mqRaCVXBU42suE
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:42:13 2026 by rpki-client