Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/zwdeHuhgY6uvXo13c8_RsdLmAYc.roa
File: zwdeHuhgY6uvXo13c8_RsdLmAYc.roa (raw, json)
Hash identifier: vevpKAfplHt+CmX4fiMmXxGk/JKPHjUFpqpxW5YsXwA=
Subject key identifier: CF:07:5E:1E:E8:60:63:AB:AF:5E:8D:77:73:CF:D1:B1:D2:E6:01:87
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 019D43D752600D5817E23A30FA622121B632
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/zwdeHuhgY6uvXo13c8_RsdLmAYc.roa
Signing time: Tue 31 Mar 2026 12:21:18 +0000
ROA not before: Tue 31 Mar 2026 12:21:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29802
IP address blocks: 45.147.194.0/24 maxlen: 24
91.224.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 01:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:43:d7:52:60:0d:58:17:e2:3a:30:fa:62:21:21:b6:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Mar 31 12:21:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cf075e1ee86063abaf5e8d7773cfd1b1d2e60187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:45:05:d4:21:d0:a3:28:81:ca:c3:57:1a:2b:
07:b5:b5:6d:00:24:dc:b3:83:34:71:a9:54:fa:29:
f6:c1:05:f5:27:61:eb:f7:05:4c:ba:7c:cb:fc:ed:
9b:10:ca:56:77:35:14:6d:e3:2c:2c:14:e8:e3:ed:
25:55:af:d5:b7:0b:22:c3:f6:9a:54:05:7e:f0:f0:
a2:d5:cf:c0:d6:7d:ab:8b:75:83:97:4c:6d:1a:93:
6b:33:eb:c2:7d:ce:84:e9:07:6d:5f:85:e8:79:df:
4b:01:2f:3f:41:74:cf:c3:9e:7c:d1:df:67:5f:31:
bc:d6:f9:5f:18:20:27:cb:45:75:36:fa:aa:b6:ed:
78:ce:7e:dc:0e:6f:41:ab:79:a4:3d:47:78:79:92:
ac:17:1f:1c:19:03:90:74:4c:95:73:72:df:26:0c:
33:70:bf:f2:85:35:91:72:b3:4f:c6:54:49:6f:c8:
dd:19:0c:f1:30:18:3c:5b:0b:91:9f:e3:2e:ec:8f:
7c:c6:66:f2:11:cb:1d:98:cc:c6:c6:c0:89:0c:57:
8c:65:ab:04:7a:77:a7:13:0d:6d:f4:ff:79:aa:d6:
3d:e8:4b:8c:ca:19:15:34:7d:fb:34:ae:b6:c2:30:
11:a5:8b:b9:c4:6b:b8:db:fc:b1:5f:d8:5c:48:3a:
6c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:07:5E:1E:E8:60:63:AB:AF:5E:8D:77:73:CF:D1:B1:D2:E6:01:87
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/zwdeHuhgY6uvXo13c8_RsdLmAYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.194.0/24
91.224.22.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:b0:3e:9a:d2:ab:ac:a9:1b:7e:70:22:cc:cb:96:a3:a4:47:
e6:a5:13:c6:05:d2:0c:5e:e6:27:12:fd:19:82:b4:95:8e:66:
d7:fd:2b:aa:46:68:53:0c:df:47:f2:37:47:7a:07:4c:4e:78:
6e:3e:4a:35:85:78:66:b9:7a:5d:33:a5:c8:d3:72:5d:a0:5a:
50:e4:ef:4a:19:b9:d8:fa:d3:e2:b0:52:a8:04:98:95:f5:aa:
22:76:52:4f:3a:19:50:51:3f:88:78:6e:04:37:59:b3:21:56:
f6:08:e3:7c:9e:40:3b:15:5a:9c:c2:c8:e7:fb:d7:e1:e4:4e:
3b:07:85:54:1d:a5:5f:45:0a:43:9b:fc:6c:0d:a2:6a:18:cc:
ee:bc:dc:f3:08:d9:37:f1:d3:45:b2:db:14:2a:94:c6:62:72:
f9:a6:cd:9c:7e:4a:fe:ea:a1:3f:c9:15:d8:39:ab:6e:c6:26:
06:d2:92:06:df:b4:d2:c0:4a:a0:ee:82:d0:f6:0e:62:0c:4b:
39:b2:75:a8:d5:51:d0:24:dc:1c:90:c6:0d:14:fe:80:33:e5:
f8:85:98:3f:de:78:d8:d0:b1:39:87:27:8c:62:29:3a:6a:c2:
b4:29:c7:d1:de:71:a4:a4:a2:fc:6c:5f:79:21:ac:61:60:18:
ca:c7:27:55
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ1D11JgDVgX4jow+mIhIbYyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjYwMzMxMTIyMTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjA3NWUxZWU4NjA2M2FiYWY1ZThkNzc3M2NmZDFiMWQyZTYwMTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UUF1CHQoyiBysNXGisHtbVtACTc
s4M0calU+in2wQX1J2Hr9wVMunzL/O2bEMpWdzUUbeMsLBTo4+0lVa/Vtwsiw/aa
VAV+8PCi1c/A1n2ri3WDl0xtGpNrM+vCfc6E6QdtX4Xoed9LAS8/QXTPw5580d9n
XzG81vlfGCAny0V1Nvqqtu14zn7cDm9Bq3mkPUd4eZKsFx8cGQOQdEyVc3LfJgwz
cL/yhTWRcrNPxlRJb8jdGQzxMBg8WwuRn+Mu7I98xmbyEcsdmMzGxsCJDFeMZasE
enenEw1t9P95qtY96EuMyhkVNH37NK62wjARpYu5xGu42/yxX9hcSDpsewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM8HXh7oYGOrr16Nd3PP0bHS5gGHMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvendkZUh1aGdZNnV2WG8xM2M4X1JzZExtQVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZPCAwQA
W+AWMA0GCSqGSIb3DQEBCwUAA4IBAQAqsD6a0qusqRt+cCLMy5ajpEfmpRPGBdIM
XuYnEv0ZgrSVjmbX/SuqRmhTDN9H8jdHegdMTnhuPko1hXhmuXpdM6XI03JdoFpQ
5O9KGbnY+tPisFKoBJiV9aoidlJPOhlQUT+IeG4EN1mzIVb2CON8nkA7FVqcwsjn
+9fh5E47B4VUHaVfRQpDm/xsDaJqGMzuvNzzCNk38dNFstsUKpTGYnL5ps2cfkr+
6qE/yRXYOatuxiYG0pIG37TSwEqg7oLQ9g5iDEs5snWo1VHQJNwckMYNFP6AM+X4
hZg/3njY0LE5hyeMYik6asK0KcfR3nGkpKL8bF95IaxhYBjKxydV
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:15:50 2026 by rpki-client