Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/RZZbXwpHPue2NW4m459EoqMZKyE.roa
File: RZZbXwpHPue2NW4m459EoqMZKyE.roa (raw, json)
Hash identifier: v17nBO3LbcF/rH9ckA2KnZ23x5seOdWkK+ByqrSeon0=
Subject key identifier: 45:96:5B:5F:0A:47:3E:E7:B6:35:6E:26:E3:9F:44:A2:A3:19:2B:21
Certificate issuer: /CN=a4eb9eb5547c7f5f1aafc0ada140805419618726
Certificate serial: 019D95E5853B00418B1D69CFBA07B0F5C30A
Authority key identifier: A4:EB:9E:B5:54:7C:7F:5F:1A:AF:C0:AD:A1:40:80:54:19:61:87:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pOuetVR8f18ar8CtoUCAVBlhhyY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/RZZbXwpHPue2NW4m459EoqMZKyE.roa
Signing time: Thu 16 Apr 2026 10:45:40 +0000
ROA not before: Thu 16 Apr 2026 10:45:40 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35467
IP address blocks: 31.186.160.0/21 maxlen: 22
37.0.16.0/21 maxlen: 22
81.92.176.0/20 maxlen: 21
83.136.192.0/21 maxlen: 24
91.106.224.0/21 maxlen: 23
93.95.144.0/21 maxlen: 22
145.87.224.0/19 maxlen: 20
147.12.0.0/20 maxlen: 20
185.35.32.0/22 maxlen: 23
185.55.108.0/22 maxlen: 23
185.250.160.0/22 maxlen: 24
212.52.224.0/19 maxlen: 22
217.27.224.0/20 maxlen: 24
217.27.224.0/21 maxlen: 22
217.27.232.0/21 maxlen: 24
2a02:5b0::/32 maxlen: 48
2a02:5b0::/40 maxlen: 40
2a02:5b0:700::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/pOuetVR8f18ar8CtoUCAVBlhhyY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/pOuetVR8f18ar8CtoUCAVBlhhyY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pOuetVR8f18ar8CtoUCAVBlhhyY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 13:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:95:e5:85:3b:00:41:8b:1d:69:cf:ba:07:b0:f5:c3:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4eb9eb5547c7f5f1aafc0ada140805419618726
Validity
Not Before: Apr 16 10:45:40 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=45965b5f0a473ee7b6356e26e39f44a2a3192b21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9a:1f:e1:ef:25:80:dd:0b:ba:46:47:63:21:
70:c1:a6:8a:34:c6:4a:25:01:c9:7f:9b:5f:5d:58:
14:29:5d:da:fe:46:92:d2:92:d1:58:51:45:51:04:
fd:27:ac:44:d1:d0:cf:08:51:c2:f0:dc:f8:b5:e3:
da:05:4a:e4:69:a2:f8:7e:a7:8c:78:1b:8a:b6:7d:
27:86:ab:6b:ba:32:e5:db:35:b0:86:14:14:c4:c1:
aa:bc:92:db:eb:aa:12:1a:69:ca:81:9c:e3:54:08:
5c:3b:ee:80:64:bb:60:b3:b1:12:b8:b7:77:fc:a3:
98:3e:98:27:c2:b8:12:31:3b:a1:ef:7c:c7:48:7e:
f9:e3:87:6c:0c:01:df:d3:09:e0:75:98:1d:e8:dd:
75:4f:8c:02:78:5e:4d:4b:cf:2c:49:a4:39:8c:a7:
ed:19:ee:59:06:92:dc:52:7b:8e:1f:ab:61:57:c3:
f8:99:a8:1a:a5:da:ac:3c:f6:fe:de:91:a2:80:54:
5d:b3:f5:0c:92:97:e2:84:19:42:cd:7c:95:43:06:
cb:c8:d5:13:81:cc:52:cb:86:fc:4d:e6:84:f5:74:
94:70:75:f0:08:a0:78:07:97:5d:96:52:66:20:2d:
45:92:0d:c5:84:df:61:ee:81:f9:a6:49:19:41:05:
0b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:96:5B:5F:0A:47:3E:E7:B6:35:6E:26:E3:9F:44:A2:A3:19:2B:21
X509v3 Authority Key Identifier:
keyid:A4:EB:9E:B5:54:7C:7F:5F:1A:AF:C0:AD:A1:40:80:54:19:61:87:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pOuetVR8f18ar8CtoUCAVBlhhyY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/RZZbXwpHPue2NW4m459EoqMZKyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/4cd72d-d8a5-46ce-8674-0d22232c34a0/1/pOuetVR8f18ar8CtoUCAVBlhhyY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.160.0/21
37.0.16.0/21
81.92.176.0/20
83.136.192.0/21
91.106.224.0/21
93.95.144.0/21
145.87.224.0/19
147.12.0.0/20
185.35.32.0/22
185.55.108.0/22
185.250.160.0/22
212.52.224.0/19
217.27.224.0/20
IPv6:
2a02:5b0::/32
Signature Algorithm: sha256WithRSAEncryption
28:be:45:7e:57:05:6b:96:ea:41:48:48:fe:f7:4a:bf:67:f7:
ac:49:97:2e:22:32:23:6c:8c:4a:fb:0d:0c:06:07:80:29:fa:
61:1c:db:9c:2e:b9:9f:4e:fd:8f:e4:2a:e6:41:85:80:ef:e7:
2d:44:f2:d9:9c:cc:70:ca:36:1e:99:0c:af:25:55:dd:3c:0b:
8d:23:8b:d8:67:73:68:ae:cf:b2:25:0c:f4:0e:4a:11:f1:10:
ff:be:6a:7a:7a:37:ba:46:d4:25:dc:59:8d:4d:f2:e5:b5:81:
4c:ee:f4:46:5b:a9:15:32:29:fa:c6:b9:60:6d:58:04:ae:a5:
8f:59:09:c4:fd:ab:96:72:5c:88:84:4f:8f:56:8a:a9:d2:42:
63:8e:39:48:d5:d6:48:a1:8c:7a:52:10:37:93:5d:e9:92:0b:
d4:3a:0f:42:25:bf:b0:49:01:66:9d:1c:6c:ab:31:48:c0:41:
4f:64:75:8c:6a:9a:6f:cd:67:65:97:03:22:57:3a:2b:fb:54:
d3:1c:12:9c:c3:09:d0:d7:b1:df:27:19:88:b3:eb:c4:51:13:
cc:11:de:34:f4:e0:15:2a:35:8e:54:c1:30:3d:33:c3:8b:89:
da:1d:fb:46:63:20:79:ce:4f:05:73:75:c1:86:ef:fc:81:75:
dc:a5:ef:35
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZ2V5YU7AEGLHWnPugew9cMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZWI5ZWI1NTQ3YzdmNWYxYWFmYzBhZGExNDA4MDU0MTk2
MTg3MjYwHhcNMjYwNDE2MTA0NTQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTk2NWI1ZjBhNDczZWU3YjYzNTZlMjZlMzlmNDRhMmEzMTkyYjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZof4e8lgN0LukZHYyFwwaaKNMZK
JQHJf5tfXVgUKV3a/kaS0pLRWFFFUQT9J6xE0dDPCFHC8Nz4tePaBUrkaaL4fqeM
eBuKtn0nhqtrujLl2zWwhhQUxMGqvJLb66oSGmnKgZzjVAhcO+6AZLtgs7ESuLd3
/KOYPpgnwrgSMTuh73zHSH7544dsDAHf0wngdZgd6N11T4wCeF5NS88sSaQ5jKft
Ge5ZBpLcUnuOH6thV8P4magapdqsPPb+3pGigFRds/UMkpfihBlCzXyVQwbLyNUT
gcxSy4b8TeaE9XSUcHXwCKB4B5ddllJmIC1Fkg3FhN9h7oH5pkkZQQULDwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFEWWW18KRz7ntjVuJuOfRKKjGSshMB8GA1UdIwQY
MBaAFKTrnrVUfH9fGq/AraFAgFQZYYcmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE91ZXRWUjhmMThhcjhDdG9VQ0FWQmxoaHlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi80Y2Q3MmQtZDhhNS00NmNlLTg2NzQt
MGQyMjIzMmMzNGEwLzEvUlpaYlh3cEhQdWUyTlc0bTQ1OUVvcU1aS3lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi80Y2Q3MmQtZDhhNS00NmNlLTg2NzQtMGQyMjIzMmMzNGEw
LzEvcE91ZXRWUjhmMThhcjhDdG9VQ0FWQmxoaHlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQDH7qgAwQD
JQAQAwQEUVywAwQDU4jAAwQDW2rgAwQDXV+QAwQFkVfgAwQEkwwAAwQCuSMgAwQC
uTdsAwQCufqgAwQF1DTgAwQE2RvgMA0EAgACMAcDBQAqAgWwMA0GCSqGSIb3DQEB
CwUAA4IBAQAovkV+VwVrlupBSEj+90q/Z/esSZcuIjIjbIxK+w0MBgeAKfphHNuc
LrmfTv2P5CrmQYWA7+ctRPLZnMxwyjYemQyvJVXdPAuNI4vYZ3Nors+yJQz0DkoR
8RD/vmp6eje6RtQl3FmNTfLltYFM7vRGW6kVMin6xrlgbVgErqWPWQnE/auWclyI
hE+PVoqp0kJjjjlI1dZIoYx6UhA3k13pkgvUOg9CJb+wSQFmnRxsqzFIwEFPZHWM
appvzWdllwMiVzor+1TTHBKcwwnQ17HfJxmIs+vEURPMEd409OAVKjWOVMEwPTPD
i4naHftGYyB5zk8Fc3XBhu/8gXXcpe81
-----END CERTIFICATE-----
Generated at Fri Apr 17 22:11:22 2026 by rpki-client