Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7e3025-8caf-402c-b54f-cbb8cfee6e3c/1/Zfv_5cAa3ri0Ax5p2vNE36rHpnE.roa
File: Zfv_5cAa3ri0Ax5p2vNE36rHpnE.roa (raw, json)
Hash identifier: Id3c2s4Nmji3usQrf3+l5D4JNCrYHAfvKHW7XcPkXa8=
Subject key identifier: 65:FB:FF:E5:C0:1A:DE:B8:B4:03:1E:69:DA:F3:44:DF:AA:C7:A6:71
Certificate issuer: /CN=e242c2b74d7575a228a7e64f0406f3a397c7ae56
Certificate serial: 019BF46270E11409DA49CB16184654F211DB
Authority key identifier: E2:42:C2:B7:4D:75:75:A2:28:A7:E6:4F:04:06:F3:A3:97:C7:AE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4kLCt011daIop-ZPBAbzo5fHrlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7e3025-8caf-402c-b54f-cbb8cfee6e3c/1/Zfv_5cAa3ri0Ax5p2vNE36rHpnE.roa
Signing time: Sun 25 Jan 2026 09:00:50 +0000
ROA not before: Sun 25 Jan 2026 09:00:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57871
IP address blocks: 176.110.128.0/20 maxlen: 20
176.110.128.0/24 maxlen: 24
176.110.129.0/24 maxlen: 24
176.110.130.0/24 maxlen: 24
176.110.131.0/24 maxlen: 24
176.110.132.0/24 maxlen: 24
176.110.133.0/24 maxlen: 24
176.110.134.0/23 maxlen: 23
176.110.136.0/23 maxlen: 23
176.110.136.0/24 maxlen: 24
176.110.137.0/24 maxlen: 24
176.110.138.0/23 maxlen: 23
176.110.140.0/23 maxlen: 23
176.110.142.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/7e3025-8caf-402c-b54f-cbb8cfee6e3c/1/4kLCt011daIop-ZPBAbzo5fHrlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/7e3025-8caf-402c-b54f-cbb8cfee6e3c/1/4kLCt011daIop-ZPBAbzo5fHrlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4kLCt011daIop-ZPBAbzo5fHrlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:f4:62:70:e1:14:09:da:49:cb:16:18:46:54:f2:11:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e242c2b74d7575a228a7e64f0406f3a397c7ae56
Validity
Not Before: Jan 25 09:00:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=65fbffe5c01adeb8b4031e69daf344dfaac7a671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e2:3e:d8:2f:12:15:8e:d5:93:85:a6:f3:c5:
ab:25:e5:d5:97:a3:a6:70:a3:cf:98:2c:0b:5e:d8:
b2:2f:72:59:2c:11:e4:c8:8b:78:37:ee:32:85:9d:
2b:f2:b9:f5:aa:c4:ef:eb:0f:14:2a:62:7a:00:9f:
fe:6b:a0:97:7a:4d:20:f9:e0:cf:b9:6c:b9:df:bc:
6c:1b:c0:90:fe:70:28:64:1c:c8:9d:a1:e8:a2:55:
cd:66:77:56:5e:d5:fa:15:00:13:f4:65:00:71:9b:
10:42:4d:66:9f:4f:0a:5a:91:7b:8c:1c:c3:56:f1:
96:3d:33:16:9f:57:63:32:0a:f5:92:ef:3e:75:db:
4f:9a:e0:70:7a:b4:5b:d9:32:5e:0c:19:82:82:a3:
1d:dd:07:70:9e:f0:f6:ee:7d:31:68:53:44:6f:85:
8c:44:6f:56:7e:9e:0a:4c:d4:5b:27:d8:02:14:03:
00:97:35:31:e9:4f:cc:38:69:fe:07:f8:e9:26:38:
8a:43:6a:f5:da:a7:e3:ef:20:5e:20:8d:7a:4e:21:
5a:60:e8:88:72:8e:99:b4:5e:39:57:64:e7:8b:dd:
a4:02:cc:22:43:bd:4c:97:2b:df:d8:c0:ff:66:7a:
b2:88:1f:9d:3e:5d:d3:a4:12:51:85:4f:4c:ee:7b:
14:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:FB:FF:E5:C0:1A:DE:B8:B4:03:1E:69:DA:F3:44:DF:AA:C7:A6:71
X509v3 Authority Key Identifier:
keyid:E2:42:C2:B7:4D:75:75:A2:28:A7:E6:4F:04:06:F3:A3:97:C7:AE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4kLCt011daIop-ZPBAbzo5fHrlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7e3025-8caf-402c-b54f-cbb8cfee6e3c/1/Zfv_5cAa3ri0Ax5p2vNE36rHpnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7e3025-8caf-402c-b54f-cbb8cfee6e3c/1/4kLCt011daIop-ZPBAbzo5fHrlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.110.128.0/20
Signature Algorithm: sha256WithRSAEncryption
df:a0:10:b2:4a:a1:f9:b0:4e:13:95:82:95:7c:aa:b0:d3:98:
67:24:17:71:34:08:0b:d6:e4:cc:21:69:fa:2f:e0:88:e8:37:
ac:ce:a9:67:b4:a3:e5:fe:5e:69:5d:4c:cd:e7:cc:cb:2a:e4:
de:78:7d:5c:a4:61:2d:2d:da:0e:80:48:88:e9:29:0b:8c:48:
8c:bc:99:89:ab:56:31:c7:f5:10:c4:4e:6b:ab:0c:fc:31:fd:
f0:74:ef:ae:16:2a:d3:3c:30:58:7d:3a:20:af:63:62:40:ef:
e0:29:39:35:d0:d5:cc:b7:97:d1:67:b8:a5:3a:22:28:df:9f:
06:e5:b0:92:7d:80:59:9c:72:2f:5a:8a:b1:9c:e3:db:97:f7:
a1:9d:cf:01:15:42:7f:e5:42:2f:37:57:48:03:86:37:47:65:
3f:f1:b2:75:38:04:f5:0f:cd:43:42:45:4f:c4:9d:98:99:47:
bb:c4:34:ae:48:5d:d5:f5:83:7b:38:91:7f:d8:75:b2:de:82:
f6:be:5a:fc:f9:11:9d:3c:26:b8:0f:be:ce:af:aa:fd:c6:b4:
07:48:c9:8e:10:cc:e4:c8:34:f1:32:dc:df:e2:86:fb:af:30:
ca:3e:b6:48:4c:94:a5:b0:4d:42:14:1a:68:91:ea:a7:3a:1d:
07:ef:ec:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZv0YnDhFAnaScsWGEZU8hHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNDJjMmI3NGQ3NTc1YTIyOGE3ZTY0ZjA0MDZmM2EzOTdj
N2FlNTYwHhcNMjYwMTI1MDkwMDUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWZiZmZlNWMwMWFkZWI4YjQwMzFlNjlkYWYzNDRkZmFhYzdhNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuI+2C8SFY7Vk4Wm88WrJeXVl6Om
cKPPmCwLXtiyL3JZLBHkyIt4N+4yhZ0r8rn1qsTv6w8UKmJ6AJ/+a6CXek0g+eDP
uWy537xsG8CQ/nAoZBzInaHoolXNZndWXtX6FQAT9GUAcZsQQk1mn08KWpF7jBzD
VvGWPTMWn1djMgr1ku8+ddtPmuBwerRb2TJeDBmCgqMd3QdwnvD27n0xaFNEb4WM
RG9Wfp4KTNRbJ9gCFAMAlzUx6U/MOGn+B/jpJjiKQ2r12qfj7yBeII16TiFaYOiI
co6ZtF45V2Tni92kAswiQ71Mlyvf2MD/ZnqyiB+dPl3TpBJRhU9M7nsUewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGX7/+XAGt64tAMeadrzRN+qx6ZxMB8GA1UdIwQY
MBaAFOJCwrdNdXWiKKfmTwQG86OXx65WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGtMQ3QwMTFkYUlvcC1aUEJBYnpvNWZIcmxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83ZTMwMjUtOGNhZi00MDJjLWI1NGYt
Y2JiOGNmZWU2ZTNjLzEvWmZ2XzVjQWEzcmkwQXg1cDJ2TkUzNnJIcG5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83ZTMwMjUtOGNhZi00MDJjLWI1NGYtY2JiOGNmZWU2ZTNj
LzEvNGtMQ3QwMTFkYUlvcC1aUEJBYnpvNWZIcmxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEsG6AMA0G
CSqGSIb3DQEBCwUAA4IBAQDfoBCySqH5sE4TlYKVfKqw05hnJBdxNAgL1uTMIWn6
L+CI6DeszqlntKPl/l5pXUzN58zLKuTeeH1cpGEtLdoOgEiI6SkLjEiMvJmJq1Yx
x/UQxE5rqwz8Mf3wdO+uFirTPDBYfTogr2NiQO/gKTk10NXMt5fRZ7ilOiIo358G
5bCSfYBZnHIvWoqxnOPbl/ehnc8BFUJ/5UIvN1dIA4Y3R2U/8bJ1OAT1D81DQkVP
xJ2YmUe7xDSuSF3V9YN7OJF/2HWy3oL2vlr8+RGdPCa4D77Or6r9xrQHSMmOEMzk
yDTxMtzf4ob7rzDKPrZITJSlsE1CFBpokeqnOh0H7+zg
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:12:37 2026 by rpki-client