Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/zWGUdoLH4d0z1xtr_fJpq5j0c5k.roa
File: zWGUdoLH4d0z1xtr_fJpq5j0c5k.roa (raw, json)
Hash identifier: 4BZIEhkNts9eE7XAeLk54kXZMQr+V66GJ8gz14Twhr4=
Subject key identifier: CD:61:94:76:82:C7:E1:DD:33:D7:1B:6B:FD:F2:69:AB:98:F4:73:99
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 019D7204A5820F44D281BA2EDCCA372E2F81
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/zWGUdoLH4d0z1xtr_fJpq5j0c5k.roa
Signing time: Thu 09 Apr 2026 11:33:20 +0000
ROA not before: Thu 09 Apr 2026 11:33:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204339
IP address blocks: 45.134.12.0/24 maxlen: 24
45.134.13.0/24 maxlen: 24
95.81.93.0/24 maxlen: 24
95.81.119.0/24 maxlen: 24
95.81.120.0/24 maxlen: 24
103.85.112.0/24 maxlen: 24
103.85.113.0/24 maxlen: 24
104.128.131.0/24 maxlen: 24
104.128.142.0/24 maxlen: 24
104.128.143.0/24 maxlen: 24
132.243.20.0/24 maxlen: 24
132.243.21.0/24 maxlen: 24
132.243.22.0/24 maxlen: 24
132.243.23.0/24 maxlen: 24
135.136.181.0/24 maxlen: 24
135.136.182.0/24 maxlen: 24
135.136.183.0/24 maxlen: 24
135.136.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:72:04:a5:82:0f:44:d2:81:ba:2e:dc:ca:37:2e:2f:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Apr 9 11:33:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cd61947682c7e1dd33d71b6bfdf269ab98f47399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:50:a4:95:84:c5:3e:d1:0e:1c:dc:aa:11:b7:
d7:c3:aa:c0:fb:8f:8c:ce:dc:08:42:db:35:0e:90:
a3:4d:8f:8e:66:0b:60:b0:99:94:a3:c5:5f:94:b8:
14:54:f6:b1:e5:45:18:9b:cd:ad:db:d3:c7:a8:75:
bd:1d:a2:42:77:fc:1c:86:11:95:9b:7e:a5:ee:d0:
52:a8:88:33:36:7b:3c:27:e7:43:df:fa:66:97:e4:
88:66:ad:3a:ec:ac:c4:bd:34:74:cc:b5:4b:b5:10:
ac:c4:0a:ab:58:d6:39:4b:02:b6:29:69:67:49:ac:
e9:30:63:ef:ef:b9:16:a7:13:de:b0:9f:74:c4:95:
bf:41:30:f1:95:f1:19:52:62:bb:07:f0:67:25:39:
bd:98:b6:61:07:a6:54:9b:5c:d9:64:5d:eb:c2:24:
f2:91:0d:76:bb:ad:ba:53:98:03:f2:e3:8e:b1:ee:
01:49:f0:82:dc:1c:2d:8e:ed:bd:0e:0a:1b:79:a7:
7a:d5:6a:8e:d3:6e:73:94:96:21:04:2f:a8:64:3d:
c6:28:c6:54:f8:9f:24:d7:62:72:62:09:0e:c9:8a:
f2:d1:16:62:a5:4b:32:76:3f:d4:12:88:4f:fe:e4:
62:05:6f:8d:7c:f5:ed:0e:5a:5b:a3:29:bb:03:77:
1f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:61:94:76:82:C7:E1:DD:33:D7:1B:6B:FD:F2:69:AB:98:F4:73:99
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/zWGUdoLH4d0z1xtr_fJpq5j0c5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.12.0/23
95.81.93.0/24
95.81.119.0-95.81.120.255
103.85.112.0/23
104.128.131.0/24
104.128.142.0/23
132.243.20.0/22
135.136.181.0-135.136.183.255
135.136.189.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:a6:fd:8b:f2:af:e0:48:a7:eb:1b:85:07:08:c2:e3:45:c8:
e6:ce:7e:e0:0e:14:39:a8:45:0d:e8:d2:4e:01:9c:96:0e:7a:
15:0e:d5:8f:9f:53:7f:07:db:5b:b7:c4:5d:e5:97:9f:b7:47:
14:46:13:52:e0:52:99:52:93:8c:6c:6a:4d:9c:62:b5:01:31:
ff:8c:9c:34:9f:9a:3c:e9:11:b4:42:86:37:a7:47:ff:ee:9c:
44:60:ae:4d:4b:56:9c:8a:fe:c2:f5:0a:9a:f5:96:80:84:3d:
94:53:39:61:37:7f:5e:9d:3d:ca:9b:30:45:52:8e:9f:65:0d:
40:cd:b7:dd:51:9d:07:df:b1:3e:2e:41:84:73:4f:33:05:0d:
5f:68:15:30:67:b6:1f:46:a8:41:85:8d:80:df:7d:92:78:3b:
f5:7b:98:8d:e6:1f:15:e1:eb:4d:31:60:c1:c9:e1:14:13:58:
bc:eb:4b:00:8f:12:11:36:f5:0a:4a:49:64:29:ac:39:f4:4c:
07:ee:50:24:e1:08:86:22:cd:13:0e:bd:5b:56:f6:a9:15:c5:
6e:c0:d8:c4:e8:01:4d:91:3a:3c:16:e1:03:14:1d:25:25:7d:
26:02:7c:de:92:6f:78:2f:1b:91:9f:09:39:fb:95:2a:3e:dc:
c7:f2:03:10
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZ1yBKWCD0TSgbou3Mo3Li+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjYwNDA5MTEzMzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDYxOTQ3NjgyYzdlMWRkMzNkNzFiNmJmZGYyNjlhYjk4ZjQ3Mzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVCklYTFPtEOHNyqEbfXw6rA+4+M
ztwIQts1DpCjTY+OZgtgsJmUo8VflLgUVPax5UUYm82t29PHqHW9HaJCd/wchhGV
m36l7tBSqIgzNns8J+dD3/pml+SIZq067KzEvTR0zLVLtRCsxAqrWNY5SwK2KWln
SazpMGPv77kWpxPesJ90xJW/QTDxlfEZUmK7B/BnJTm9mLZhB6ZUm1zZZF3rwiTy
kQ12u626U5gD8uOOse4BSfCC3Bwtju29Dgobead61WqO025zlJYhBC+oZD3GKMZU
+J8k12JyYgkOyYry0RZipUsydj/UEohP/uRiBW+NfPXtDlpboym7A3cf8wIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFM1hlHaCx+HdM9cba/3yaauY9HOZMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEveldHVWRvTEg0ZDB6MXh0cl9mSnBxNWowYzVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQBLYYMAwQA
X1FdMAwDBABfUXcDBABfUXgDBAFnVXADBABogIMDBAFogI4DBAKE8xQwDAMEAIeI
tQMEA4eIsAMEAIeIvTANBgkqhkiG9w0BAQsFAAOCAQEAGqb9i/Kv4Ein6xuFBwjC
40XI5s5+4A4UOahFDejSTgGclg56FQ7Vj59TfwfbW7fEXeWXn7dHFEYTUuBSmVKT
jGxqTZxitQEx/4ycNJ+aPOkRtEKGN6dH/+6cRGCuTUtWnIr+wvUKmvWWgIQ9lFM5
YTd/Xp09ypswRVKOn2UNQM233VGdB9+xPi5BhHNPMwUNX2gVMGe2H0aoQYWNgN99
kng79XuYjeYfFeHrTTFgwcnhFBNYvOtLAI8SETb1CkpJZCmsOfRMB+5QJOEIhiLN
Ew69W1b2qRXFbsDYxOgBTZE6PBbhAxQdJSV9JgJ83pJveC8bkZ8JOfuVKj7cx/ID
EA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:01:50 2026 by rpki-client