Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/de7655-867f-403e-b75e-13e86113d75d/1/zzfUeVmLO32C_ObHNHjJVH4U69M.roa
File: zzfUeVmLO32C_ObHNHjJVH4U69M.roa (raw, json)
Hash identifier: ZfmRsyH3zUInl36WXMdR2VHEdQrA8f5h8j3VKz/Y+TY=
Subject key identifier: CF:37:D4:79:59:8B:3B:7D:82:FC:E6:C7:34:78:C9:54:7E:14:EB:D3
Certificate issuer: /CN=addd146f6d6ff6740845ebca9cdfe40c7155883d
Certificate serial: 019DCF0A85CBB6F3F4FDF657535FEB91DFC2
Authority key identifier: AD:DD:14:6F:6D:6F:F6:74:08:45:EB:CA:9C:DF:E4:0C:71:55:88:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rd0Ub21v9nQIRevKnN_kDHFViD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/de7655-867f-403e-b75e-13e86113d75d/1/zzfUeVmLO32C_ObHNHjJVH4U69M.roa
Signing time: Mon 27 Apr 2026 13:04:26 +0000
ROA not before: Mon 27 Apr 2026 13:04:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204614
IP address blocks: 185.245.76.0/24 maxlen: 24
185.245.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/de7655-867f-403e-b75e-13e86113d75d/1/rd0Ub21v9nQIRevKnN_kDHFViD0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/de7655-867f-403e-b75e-13e86113d75d/1/rd0Ub21v9nQIRevKnN_kDHFViD0.mft
rsync://rpki.ripe.net/repository/DEFAULT/rd0Ub21v9nQIRevKnN_kDHFViD0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 22:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:0a:85:cb:b6:f3:f4:fd:f6:57:53:5f:eb:91:df:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=addd146f6d6ff6740845ebca9cdfe40c7155883d
Validity
Not Before: Apr 27 13:04:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cf37d479598b3b7d82fce6c73478c9547e14ebd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ef:53:fe:33:bc:94:61:5e:87:ba:88:bb:1a:
25:32:4c:b0:90:f0:29:e6:aa:61:b2:2a:99:58:94:
ff:6e:3f:25:84:96:d6:99:b9:f0:01:44:57:eb:ef:
c5:48:6e:00:0c:b8:53:d2:71:c5:be:94:34:fe:c8:
9f:1c:0b:1a:55:32:ce:f3:41:9f:d1:30:6b:09:f5:
d4:6c:7e:3b:d7:25:05:62:d9:48:cd:e8:69:b2:ea:
f0:4e:89:ef:58:8d:99:aa:90:e2:bc:b5:47:86:ec:
01:07:17:e9:9c:36:93:d4:ea:5c:52:c9:ea:5f:35:
df:af:2e:4c:af:de:4f:2d:5f:c9:32:33:85:c6:c6:
0e:f8:86:a1:ba:32:1a:f7:bb:3e:f9:dc:32:5f:eb:
70:da:ca:94:00:b7:b4:4f:2b:76:9d:5d:e0:1c:00:
b4:67:fb:5d:e2:44:f7:a6:ed:45:8a:95:88:be:6e:
f9:9c:d3:8b:d3:eb:df:32:15:3d:4d:10:be:fd:0d:
72:ec:b8:51:f2:c6:e5:cd:3f:3a:0c:01:f5:d1:6f:
70:50:83:2b:ea:ea:bb:cb:43:34:71:df:aa:68:f7:
f3:12:fa:31:43:80:d9:10:a6:a5:51:62:e3:21:2d:
07:47:a1:e3:94:a7:16:08:96:a7:23:7a:2d:6d:12:
de:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:37:D4:79:59:8B:3B:7D:82:FC:E6:C7:34:78:C9:54:7E:14:EB:D3
X509v3 Authority Key Identifier:
keyid:AD:DD:14:6F:6D:6F:F6:74:08:45:EB:CA:9C:DF:E4:0C:71:55:88:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rd0Ub21v9nQIRevKnN_kDHFViD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/de7655-867f-403e-b75e-13e86113d75d/1/zzfUeVmLO32C_ObHNHjJVH4U69M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/de7655-867f-403e-b75e-13e86113d75d/1/rd0Ub21v9nQIRevKnN_kDHFViD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.76.0/23
Signature Algorithm: sha256WithRSAEncryption
91:1f:4a:a9:14:30:41:3d:04:40:03:ce:c0:cf:8b:75:e6:47:
9e:e4:b9:a0:5b:3d:bd:28:d5:bb:36:b2:98:af:2c:77:8e:00:
25:09:2f:90:b2:40:e0:c7:7f:14:83:f4:a4:34:58:2c:92:7d:
0b:42:db:a6:38:32:1a:d1:90:0e:25:75:a7:6e:90:ce:e9:62:
ff:ab:e8:2c:92:cb:fd:3b:18:04:a5:ea:f7:57:4d:8f:76:cc:
1a:2d:00:26:d4:39:0c:28:68:67:ef:67:b5:24:c9:53:a0:18:
75:78:21:9d:dc:19:23:fb:b4:b8:7d:61:b6:85:2a:e8:78:b4:
7e:a1:b4:63:85:5b:a8:5f:a0:dd:8d:88:cd:2e:b7:40:28:fe:
8b:bd:2f:0b:36:4e:ca:4a:53:a7:43:d8:78:0c:1e:a9:d8:98:
5e:ee:43:db:88:1d:4c:57:67:95:5d:35:a8:65:45:1e:68:17:
2c:3c:82:81:b4:27:d4:e3:71:94:37:49:aa:e2:d0:12:53:4b:
8f:c0:e8:4c:f3:56:24:dc:ae:c4:c9:43:94:61:b2:dd:ab:68:
89:11:02:c8:e5:68:36:fa:8d:0f:84:1a:8e:e0:aa:07:ea:cf:
ca:c6:5b:5a:4d:2b:04:3f:6b:1c:a0:57:71:cf:a0:62:65:88:
d7:f2:9c:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3PCoXLtvP0/fZXU1/rkd/CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZGQxNDZmNmQ2ZmY2NzQwODQ1ZWJjYTljZGZlNDBjNzE1
NTg4M2QwHhcNMjYwNDI3MTMwNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjM3ZDQ3OTU5OGIzYjdkODJmY2U2YzczNDc4Yzk1NDdlMTRlYmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+9T/jO8lGFeh7qIuxolMkywkPAp
5qphsiqZWJT/bj8lhJbWmbnwAURX6+/FSG4ADLhT0nHFvpQ0/sifHAsaVTLO80Gf
0TBrCfXUbH471yUFYtlIzehpsurwTonvWI2ZqpDivLVHhuwBBxfpnDaT1OpcUsnq
XzXfry5Mr95PLV/JMjOFxsYO+IahujIa97s++dwyX+tw2sqUALe0Tyt2nV3gHAC0
Z/td4kT3pu1FipWIvm75nNOL0+vfMhU9TRC+/Q1y7LhR8sblzT86DAH10W9wUIMr
6uq7y0M0cd+qaPfzEvoxQ4DZEKalUWLjIS0HR6HjlKcWCJanI3otbRLeKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM831HlZizt9gvzmxzR4yVR+FOvTMB8GA1UdIwQY
MBaAFK3dFG9tb/Z0CEXrypzf5AxxVYg9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmQwVWIyMXY5blFJUmV2S25OX2tESEZWaUQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kZTc2NTUtODY3Zi00MDNlLWI3NWUt
MTNlODYxMTNkNzVkLzEvenpmVWVWbUxPMzJDX09iSE5IakpWSDRVNjlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kZTc2NTUtODY3Zi00MDNlLWI3NWUtMTNlODYxMTNkNzVk
LzEvcmQwVWIyMXY5blFJUmV2S25OX2tESEZWaUQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufVMMA0G
CSqGSIb3DQEBCwUAA4IBAQCRH0qpFDBBPQRAA87Az4t15kee5LmgWz29KNW7NrKY
ryx3jgAlCS+QskDgx38Ug/SkNFgskn0LQtumODIa0ZAOJXWnbpDO6WL/q+gsksv9
OxgEper3V02PdswaLQAm1DkMKGhn72e1JMlToBh1eCGd3Bkj+7S4fWG2hSroeLR+
obRjhVuoX6DdjYjNLrdAKP6LvS8LNk7KSlOnQ9h4DB6p2Jhe7kPbiB1MV2eVXTWo
ZUUeaBcsPIKBtCfU43GUN0mq4tASU0uPwOhM81Yk3K7EyUOUYbLdq2iJEQLI5Wg2
+o0PhBqO4KoH6s/KxltaTSsEP2scoFdxz6BiZYjX8pwW
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:54:48 2026 by rpki-client