Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/z_lG1xcrhTymJ3aoEk62mhnFMFA.roa
File: z_lG1xcrhTymJ3aoEk62mhnFMFA.roa (raw, json)
Hash identifier: DmXw5Okdiht0aYgqb+ibwP1Y4YFtWCLHV51zatKzsTI=
Subject key identifier: CF:F9:46:D7:17:2B:85:3C:A6:27:76:A8:12:4E:B6:9A:19:C5:30:50
Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e
Certificate serial: 019D94AD0735280BE7A8F6FB4667B8C154A7
Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/z_lG1xcrhTymJ3aoEk62mhnFMFA.roa
Signing time: Thu 16 Apr 2026 05:04:20 +0000
ROA not before: Thu 16 Apr 2026 05:04:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48040
IP address blocks: 31.172.65.0/24 maxlen: 24
81.85.79.0/24 maxlen: 24
89.127.193.0/24 maxlen: 24
89.127.201.0/24 maxlen: 24
162.248.163.0/24 maxlen: 24
185.21.11.0/24 maxlen: 24
194.154.25.0/24 maxlen: 24
194.154.31.0/24 maxlen: 24
199.68.198.0/24 maxlen: 24
199.68.199.0/24 maxlen: 24
213.239.158.0/24 maxlen: 24
2a02:6b40:800e::/48 maxlen: 48
2a02:6b40:800f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 10:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:94:ad:07:35:28:0b:e7:a8:f6:fb:46:67:b8:c1:54:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e
Validity
Not Before: Apr 16 05:04:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cff946d7172b853ca62776a8124eb69a19c53050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:10:7f:4d:db:6e:0d:d5:0d:39:6d:97:19:de:
30:af:71:74:e8:99:6a:10:e0:f4:76:f2:7a:10:0d:
b6:ff:03:32:95:50:5d:a4:e8:52:89:33:14:e2:c4:
b4:9c:3a:cf:d8:5a:4d:f5:ab:92:91:1b:28:8d:7d:
2c:83:4e:a3:37:9d:f4:a1:b6:7e:d6:b4:45:4f:34:
d0:94:9c:9d:90:0d:32:a2:f8:62:30:b7:22:54:45:
34:75:12:05:15:2c:29:6a:4f:22:4d:16:3c:ca:d7:
b9:e7:3e:06:89:60:98:42:dc:8a:99:62:cd:91:97:
66:10:46:cb:80:0f:1c:d6:79:7c:d0:df:90:3c:51:
88:cd:d2:4d:e7:6e:db:1a:42:23:f1:c9:c9:04:2a:
6a:9e:00:a6:61:0a:6c:f8:38:f3:13:55:ea:dd:68:
65:13:8f:85:d3:45:4c:f8:0c:28:04:f7:4e:35:2f:
d8:d8:a4:1c:6f:46:15:9f:61:c5:1f:b7:d2:46:a8:
d7:b9:aa:d3:20:35:2b:35:e1:ef:bc:c5:2b:cc:b7:
71:b1:47:c7:68:13:17:f5:48:d1:35:54:97:b1:c9:
6d:5e:cc:0a:99:c7:f3:b6:0f:c4:ae:41:38:a3:ed:
ce:b9:e4:18:12:c0:fc:66:0a:05:cb:4f:34:6d:76:
8c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:F9:46:D7:17:2B:85:3C:A6:27:76:A8:12:4E:B6:9A:19:C5:30:50
X509v3 Authority Key Identifier:
keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/z_lG1xcrhTymJ3aoEk62mhnFMFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.65.0/24
81.85.79.0/24
89.127.193.0/24
89.127.201.0/24
162.248.163.0/24
185.21.11.0/24
194.154.25.0/24
194.154.31.0/24
199.68.198.0/23
213.239.158.0/24
IPv6:
2a02:6b40:800e::/47
Signature Algorithm: sha256WithRSAEncryption
7a:4b:43:f9:88:75:4b:12:70:1c:99:1f:93:4d:15:1c:e7:06:
66:de:4c:a4:c6:cd:1f:81:25:ad:b7:e4:76:80:4e:d6:0b:c0:
4e:39:83:ae:06:40:21:0f:e0:fe:ee:39:2c:4e:9f:6c:21:40:
ea:34:43:70:8c:6c:6c:4e:f3:0e:e5:a2:ea:2e:f1:c9:8d:88:
9f:f4:6e:bd:72:96:ec:f6:ec:da:c2:95:f3:fc:36:87:f6:a5:
15:45:10:16:38:dc:69:32:10:69:f3:67:a6:7a:18:e4:17:46:
74:c0:7a:1a:62:ef:07:de:0a:2c:64:fa:b2:b2:af:35:fe:8e:
96:a5:3f:d8:d7:c2:27:3f:36:fb:64:98:14:11:df:a6:e3:a7:
0a:44:f9:15:7b:8d:29:73:ea:67:f7:68:59:0a:73:41:90:46:
89:ab:e8:f7:41:09:d7:8b:ef:f8:af:32:5e:e5:23:63:3c:b3:
97:9b:e3:57:46:9b:0c:3e:7a:1e:4d:bd:e0:01:b1:71:6e:1d:
f6:f7:82:a8:4a:3f:e0:fb:5f:8b:49:67:86:52:1e:42:68:f0:
cd:5a:ec:7c:be:8d:48:aa:11:7a:ec:23:ac:a0:60:86:dc:31:
ff:e0:43:54:d5:85:5a:40:ec:47:2a:4d:89:a4:52:85:e2:be:
de:a8:3c:9a
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZ2UrQc1KAvnqPb7Rme4wVSnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1
ZDAwN2UwHhcNMjYwNDE2MDUwNDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmY5NDZkNzE3MmI4NTNjYTYyNzc2YTgxMjRlYjY5YTE5YzUzMDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBB/TdtuDdUNOW2XGd4wr3F06Jlq
EOD0dvJ6EA22/wMylVBdpOhSiTMU4sS0nDrP2FpN9auSkRsojX0sg06jN530obZ+
1rRFTzTQlJydkA0yovhiMLciVEU0dRIFFSwpak8iTRY8yte55z4GiWCYQtyKmWLN
kZdmEEbLgA8c1nl80N+QPFGIzdJN527bGkIj8cnJBCpqngCmYQps+DjzE1Xq3Whl
E4+F00VM+AwoBPdONS/Y2KQcb0YVn2HFH7fSRqjXuarTIDUrNeHvvMUrzLdxsUfH
aBMX9UjRNVSXscltXswKmcfztg/ErkE4o+3OueQYEsD8ZgoFy080bXaMLQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFM/5RtcXK4U8pid2qBJOtpoZxTBQMB8GA1UdIwQY
MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt
MWZiYzY0MWI1MGIxLzEvel9sRzF4Y3JoVHltSjNhb0VrNjJtaG5GTUZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx
LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBCBAIAATA8AwQAH6xBAwQA
UVVPAwQAWX/BAwQAWX/JAwQAovijAwQAuRULAwQAwpoZAwQAwpofAwQBx0TGAwQA
1e+eMA8EAgACMAkDBwEqAmtAgA4wDQYJKoZIhvcNAQELBQADggEBAHpLQ/mIdUsS
cByZH5NNFRznBmbeTKTGzR+BJa235HaATtYLwE45g64GQCEP4P7uOSxOn2whQOo0
Q3CMbGxO8w7louou8cmNiJ/0br1yluz27NrClfP8Nof2pRVFEBY43GkyEGnzZ6Z6
GOQXRnTAehpi7wfeCixk+rKyrzX+jpalP9jXwic/NvtkmBQR36bjpwpE+RV7jSlz
6mf3aFkKc0GQRomr6PdBCdeL7/ivMl7lI2M8s5eb41dGmww+eh5NveABsXFuHfb3
gqhKP+D7X4tJZ4ZSHkJo8M1a7Hy+jUiqEXrsI6ygYIbcMf/gQ1TVhVpA7EcqTYmk
UoXivt6oPJo=
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:37:55 2026 by rpki-client