Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/bbfa19-debc-4c77-8d63-908b250cba79/1/ZHNg-iGHdhJIyPbT0YesOHZSckA.roa
File: ZHNg-iGHdhJIyPbT0YesOHZSckA.roa (raw, json)
Hash identifier: jtRC2+2eYimT7dpLaE8cbiYXDkhbQMmqL54jAdK1K3Y=
Subject key identifier: 64:73:60:FA:21:87:76:12:48:C8:F6:D3:D1:87:AC:38:76:52:72:40
Certificate issuer: /CN=f2ab0b585b9c396288d20e9cf665ae1de39f7833
Certificate serial: 019C1EF2085501F7C2092C0FA7751B4586F2
Authority key identifier: F2:AB:0B:58:5B:9C:39:62:88:D2:0E:9C:F6:65:AE:1D:E3:9F:78:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8qsLWFucOWKI0g6c9mWuHeOfeDM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/bbfa19-debc-4c77-8d63-908b250cba79/1/ZHNg-iGHdhJIyPbT0YesOHZSckA.roa
Signing time: Mon 02 Feb 2026 15:21:44 +0000
ROA not before: Mon 02 Feb 2026 15:21:44 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203592
IP address blocks: 94.198.185.0/24 maxlen: 24
185.128.116.0/22 maxlen: 22
2a0c:2c0::/29 maxlen: 29
2a0c:2c0:dd80::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/bbfa19-debc-4c77-8d63-908b250cba79/1/8qsLWFucOWKI0g6c9mWuHeOfeDM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/bbfa19-debc-4c77-8d63-908b250cba79/1/8qsLWFucOWKI0g6c9mWuHeOfeDM.mft
rsync://rpki.ripe.net/repository/DEFAULT/8qsLWFucOWKI0g6c9mWuHeOfeDM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:1e:f2:08:55:01:f7:c2:09:2c:0f:a7:75:1b:45:86:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2ab0b585b9c396288d20e9cf665ae1de39f7833
Validity
Not Before: Feb 2 15:21:44 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=647360fa2187761248c8f6d3d187ac3876527240
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:41:8b:60:50:86:a4:e2:74:3c:9c:5c:22:61:
dc:f7:67:0b:2f:ca:72:39:d0:e8:89:ac:01:40:a7:
9b:03:c1:6d:63:ba:23:a7:6f:bc:ee:25:4c:6c:0a:
da:52:aa:b0:4a:5d:c8:3c:72:66:27:0e:bf:c1:ea:
60:02:cd:3f:fc:92:66:77:63:49:8b:c2:3c:03:48:
e1:6c:c1:ae:3c:4c:1b:18:a3:8d:54:84:45:4b:fb:
68:dd:f5:36:a1:1f:56:50:21:35:42:91:5d:35:71:
0c:da:b3:44:48:51:eb:44:19:7f:9e:39:19:2e:9c:
a6:c8:40:72:2a:78:44:b9:4c:2b:f7:dd:7d:70:db:
8e:00:98:a3:7d:f7:ac:aa:11:41:b4:f2:15:4e:94:
66:e7:34:cb:83:18:8a:bf:69:46:3a:d7:96:a3:09:
df:d1:14:20:f4:a6:8a:8c:80:a7:bb:ed:96:14:62:
81:53:85:cc:4c:f8:55:69:87:a2:f2:25:8f:d7:b3:
d6:73:79:e4:1a:20:02:fb:36:dc:6c:7e:30:30:41:
10:59:14:56:5b:8e:a4:47:07:ab:98:77:bb:a2:5c:
8e:25:42:51:80:02:88:b4:ef:0d:6c:3e:3f:e4:1e:
96:66:72:2b:8e:29:7a:ac:55:e2:b1:d8:21:9a:e2:
b4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:73:60:FA:21:87:76:12:48:C8:F6:D3:D1:87:AC:38:76:52:72:40
X509v3 Authority Key Identifier:
keyid:F2:AB:0B:58:5B:9C:39:62:88:D2:0E:9C:F6:65:AE:1D:E3:9F:78:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8qsLWFucOWKI0g6c9mWuHeOfeDM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/bbfa19-debc-4c77-8d63-908b250cba79/1/ZHNg-iGHdhJIyPbT0YesOHZSckA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/bbfa19-debc-4c77-8d63-908b250cba79/1/8qsLWFucOWKI0g6c9mWuHeOfeDM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.198.185.0/24
185.128.116.0/22
IPv6:
2a0c:2c0::/29
Signature Algorithm: sha256WithRSAEncryption
64:8c:c4:12:57:a5:83:27:b4:17:d7:53:18:54:e0:98:be:03:
f5:c7:42:aa:f6:34:47:aa:22:51:24:76:3e:07:a3:cb:95:dd:
60:cb:07:bc:8a:77:76:54:0f:3e:74:22:b5:d6:c3:6c:d3:ef:
68:6d:00:04:fe:51:64:dc:a6:03:c1:0e:8e:95:91:1a:e0:fe:
5f:fd:6f:2b:3b:64:c3:b8:fd:04:ea:1e:fb:1d:1c:81:34:dc:
d6:2e:21:72:cc:33:74:b5:4e:64:33:f2:30:ce:8e:1c:5a:22:
df:39:0a:fd:2d:22:7a:bd:da:08:be:de:98:91:90:b8:10:67:
df:fd:3b:84:92:64:39:56:e4:f8:8d:dc:e0:5f:fb:a1:8c:00:
84:51:c1:30:c6:c2:40:f1:10:91:18:54:eb:1b:11:f5:bd:dd:
8f:99:f1:7a:e3:45:9e:b2:f9:c6:55:4a:4f:47:3d:7c:2d:94:
45:a1:01:62:49:22:b6:c2:05:a4:dd:93:6e:3d:8f:e0:c6:fb:
44:d5:6f:d7:1e:af:84:24:17:5d:1d:88:6b:89:e5:4a:8b:83:
6a:35:f3:0c:e7:98:65:7a:18:24:29:0d:77:d5:da:87:e8:a0:
71:1a:b7:af:49:75:c9:d6:a9:fe:4e:ad:9e:98:81:6f:91:f4:
b2:3e:0e:96
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZwe8ghVAffCCSwPp3UbRYbyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyYWIwYjU4NWI5YzM5NjI4OGQyMGU5Y2Y2NjVhZTFkZTM5
Zjc4MzMwHhcNMjYwMjAyMTUyMTQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDczNjBmYTIxODc3NjEyNDhjOGY2ZDNkMTg3YWMzODc2NTI3MjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00GLYFCGpOJ0PJxcImHc92cLL8py
OdDoiawBQKebA8FtY7ojp2+87iVMbAraUqqwSl3IPHJmJw6/wepgAs0//JJmd2NJ
i8I8A0jhbMGuPEwbGKONVIRFS/to3fU2oR9WUCE1QpFdNXEM2rNESFHrRBl/njkZ
LpymyEByKnhEuUwr9919cNuOAJijffesqhFBtPIVTpRm5zTLgxiKv2lGOteWownf
0RQg9KaKjICnu+2WFGKBU4XMTPhVaYei8iWP17PWc3nkGiAC+zbcbH4wMEEQWRRW
W46kRwermHe7olyOJUJRgAKItO8NbD4/5B6WZnIrjil6rFXisdghmuK0sQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGRzYPohh3YSSMj209GHrDh2UnJAMB8GA1UdIwQY
MBaAFPKrC1hbnDliiNIOnPZlrh3jn3gzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHFzTFdGdWNPV0tJMGc2YzltV3VIZU9mZURNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9iYmZhMTktZGViYy00Yzc3LThkNjMt
OTA4YjI1MGNiYTc5LzEvWkhOZy1pR0hkaEpJeVBiVDBZZXNPSFpTY2tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9iYmZhMTktZGViYy00Yzc3LThkNjMtOTA4YjI1MGNiYTc5
LzEvOHFzTFdGdWNPV0tJMGc2YzltV3VIZU9mZURNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAXsa5AwQC
uYB0MA0EAgACMAcDBQMqDALAMA0GCSqGSIb3DQEBCwUAA4IBAQBkjMQSV6WDJ7QX
11MYVOCYvgP1x0Kq9jRHqiJRJHY+B6PLld1gywe8ind2VA8+dCK11sNs0+9obQAE
/lFk3KYDwQ6OlZEa4P5f/W8rO2TDuP0E6h77HRyBNNzWLiFyzDN0tU5kM/Iwzo4c
WiLfOQr9LSJ6vdoIvt6YkZC4EGff/TuEkmQ5VuT4jdzgX/uhjACEUcEwxsJA8RCR
GFTrGxH1vd2PmfF640WesvnGVUpPRz18LZRFoQFiSSK2wgWk3ZNuPY/gxvtE1W/X
Hq+EJBddHYhrieVKi4NqNfMM55hlehgkKQ131dqH6KBxGrevSXXJ1qn+Tq2emIFv
kfSyPg6W
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:01:03 2026 by rpki-client