Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fcfd8c-8871-4d6a-b4a5-d65b654c99c5/1/1-ZahvYxgAa5M_mDA6_2eC-rBenI.roa
File: 1-ZahvYxgAa5M_mDA6_2eC-rBenI.roa (raw, json)
Hash identifier: 978w808DkY3VDvL0hj5f3PlMqWZxHQFkwmbW19+/jR8=
Subject key identifier: F9:96:A1:BD:8C:60:01:AE:4C:FE:60:C0:EB:FD:9E:0B:EA:C1:7A:72
Certificate issuer: /CN=2e7d6f55a13b001e7401f40eaaaeb82f67bd422e
Certificate serial: 019B7834D12546A39EE5E01FD97B00241816
Authority key identifier: 2E:7D:6F:55:A1:3B:00:1E:74:01:F4:0E:AA:AE:B8:2F:67:BD:42:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ln1vVaE7AB50AfQOqq64L2e9Qi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/fcfd8c-8871-4d6a-b4a5-d65b654c99c5/1/1-ZahvYxgAa5M_mDA6_2eC-rBenI.roa
Signing time: Thu 01 Jan 2026 06:18:05 +0000
ROA not before: Thu 01 Jan 2026 06:18:05 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 28824
IP address blocks: 46.250.192.0/19 maxlen: 24
185.115.244.0/22 maxlen: 24
213.162.224.0/19 maxlen: 24
2001:4da8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/fcfd8c-8871-4d6a-b4a5-d65b654c99c5/1/Ln1vVaE7AB50AfQOqq64L2e9Qi4.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/fcfd8c-8871-4d6a-b4a5-d65b654c99c5/1/Ln1vVaE7AB50AfQOqq64L2e9Qi4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ln1vVaE7AB50AfQOqq64L2e9Qi4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Feb 2026 03:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:34:d1:25:46:a3:9e:e5:e0:1f:d9:7b:00:24:18:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e7d6f55a13b001e7401f40eaaaeb82f67bd422e
Validity
Not Before: Jan 1 06:18:05 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f996a1bd8c6001ae4cfe60c0ebfd9e0beac17a72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:f4:fe:3d:a5:14:6c:d8:8a:37:f2:29:98:6d:
19:66:c4:b9:98:90:3a:f4:43:be:c0:28:48:59:44:
e7:f0:f5:36:a7:94:bc:14:70:60:4a:a3:75:59:d6:
b8:bf:b6:68:c5:93:1f:a9:27:5c:e7:2f:88:da:d7:
98:dc:9e:4e:74:d7:e3:c5:ff:5f:02:ca:a8:b1:d6:
74:c2:c2:86:77:d3:11:1e:aa:63:1d:1d:da:8f:b9:
92:ca:8f:12:7a:82:e8:2a:38:3d:39:6a:55:f9:89:
9a:56:fd:ee:d9:aa:07:21:15:40:06:ec:d2:cb:50:
85:01:88:bd:e6:e2:17:11:df:8d:f4:22:dd:8b:80:
32:02:79:28:9c:b8:7a:52:4c:7a:6d:ba:f6:27:38:
6b:30:cf:bc:8f:20:b9:8d:53:97:ec:d4:04:f4:6b:
2e:c8:5e:38:74:42:43:8b:26:f2:e0:8e:72:39:04:
b9:e8:9b:54:91:91:8b:9d:ef:06:05:4c:04:13:13:
54:69:58:bd:45:41:b9:89:21:2b:37:ca:a0:4a:c8:
57:30:90:a9:19:b7:6d:d8:2b:37:0d:6d:10:75:77:
eb:56:90:4f:ae:99:83:a9:0f:60:89:52:ec:1f:48:
60:f7:08:b2:dc:c4:01:a0:eb:2f:47:fb:9e:a4:a5:
d4:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:96:A1:BD:8C:60:01:AE:4C:FE:60:C0:EB:FD:9E:0B:EA:C1:7A:72
X509v3 Authority Key Identifier:
keyid:2E:7D:6F:55:A1:3B:00:1E:74:01:F4:0E:AA:AE:B8:2F:67:BD:42:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ln1vVaE7AB50AfQOqq64L2e9Qi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fcfd8c-8871-4d6a-b4a5-d65b654c99c5/1/1-ZahvYxgAa5M_mDA6_2eC-rBenI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fcfd8c-8871-4d6a-b4a5-d65b654c99c5/1/Ln1vVaE7AB50AfQOqq64L2e9Qi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.250.192.0/19
185.115.244.0/22
213.162.224.0/19
IPv6:
2001:4da8::/32
Signature Algorithm: sha256WithRSAEncryption
6e:2f:ef:87:1b:fb:67:17:46:dc:1e:a6:99:45:f2:9a:9d:72:
c2:ad:88:43:72:27:bb:36:0d:f0:98:67:d9:5b:44:d3:6c:9f:
78:06:36:fd:89:70:32:0b:37:4a:90:b2:82:3f:bf:28:0c:8c:
c1:bc:89:2b:98:da:47:b9:3a:c5:e1:8c:52:dc:52:b8:12:bc:
ee:33:c3:23:00:5d:a5:60:12:b2:57:6c:2a:e0:88:5f:cd:01:
f5:31:e9:af:84:d5:d3:c1:77:d4:17:93:f5:69:cc:b2:87:66:
e8:f4:95:ff:73:15:b0:7e:3e:38:23:0c:3f:da:3c:50:6a:e1:
40:3e:22:27:f9:a9:bd:05:a3:97:46:07:ae:ed:af:57:4c:1b:
1f:79:14:cf:87:ba:fd:80:70:e0:8b:84:4e:47:1d:0b:ab:05:
0d:64:ca:7d:69:70:b8:fa:1c:0f:2d:fc:3f:11:27:93:98:df:
8e:b6:0c:ac:3f:85:26:9c:4f:f8:e4:cb:21:99:0f:95:e2:e1:
7f:17:d6:12:58:17:0e:d7:ab:7f:80:b4:e6:d4:34:b4:89:29:
95:58:be:dd:4f:78:1c:58:30:06:6a:ba:a2:7d:fd:0d:b1:6a:
c3:a0:4a:d2:8e:6e:9d:16:46:a4:8a:ba:4d:01:3a:08:a1:ca:
a9:83:9e:74
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZt4NNElRqOe5eAf2XsAJBgWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlN2Q2ZjU1YTEzYjAwMWU3NDAxZjQwZWFhYWViODJmNjdi
ZDQyMmUwHhcNMjYwMTAxMDYxODA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTk2YTFiZDhjNjAwMWFlNGNmZTYwYzBlYmZkOWUwYmVhYzE3YTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivT+PaUUbNiKN/IpmG0ZZsS5mJA6
9EO+wChIWUTn8PU2p5S8FHBgSqN1Wda4v7ZoxZMfqSdc5y+I2teY3J5OdNfjxf9f
AsqosdZ0wsKGd9MRHqpjHR3aj7mSyo8SeoLoKjg9OWpV+YmaVv3u2aoHIRVABuzS
y1CFAYi95uIXEd+N9CLdi4AyAnkonLh6Ukx6bbr2JzhrMM+8jyC5jVOX7NQE9Gsu
yF44dEJDiyby4I5yOQS56JtUkZGLne8GBUwEExNUaVi9RUG5iSErN8qgSshXMJCp
Gbdt2Cs3DW0QdXfrVpBPrpmDqQ9giVLsH0hg9wiy3MQBoOsvR/uepKXUXQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPmWob2MYAGuTP5gwOv9ngvqwXpyMB8GA1UdIwQY
MBaAFC59b1WhOwAedAH0DqquuC9nvUIuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG4xdlZhRTdBQjUwQWZRT3FxNjRMMmU5UWk0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mY2ZkOGMtODg3MS00ZDZhLWI0YTUt
ZDY1YjY1NGM5OWM1LzEvMS1aYWh2WXhnQWE1TV9tREE2XzJlQy1yQmVuSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDEvZmNmZDhjLTg4NzEtNGQ2YS1iNGE1LWQ2NWI2NTRjOTlj
NS8xL0xuMXZWYUU3QUI1MEFmUU9xcTY0TDJlOVFpNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBS76wAME
Arlz9AMEBdWi4DANBAIAAjAHAwUAIAFNqDANBgkqhkiG9w0BAQsFAAOCAQEAbi/v
hxv7ZxdG3B6mmUXymp1ywq2IQ3InuzYN8Jhn2VtE02yfeAY2/YlwMgs3SpCygj+/
KAyMwbyJK5jaR7k6xeGMUtxSuBK87jPDIwBdpWASsldsKuCIX80B9THpr4TV08F3
1BeT9WnMsodm6PSV/3MVsH4+OCMMP9o8UGrhQD4iJ/mpvQWjl0YHru2vV0wbH3kU
z4e6/YBw4IuETkcdC6sFDWTKfWlwuPocDy38PxEnk5jfjrYMrD+FJpxP+OTLIZkP
leLhfxfWElgXDterf4C05tQ0tIkplVi+3U94HFgwBmq6on39DbFqw6BK0o5unRZG
pIq6TQE6CKHKqYOedA==
-----END CERTIFICATE-----
Generated at Thu Feb 26 13:25:26 2026 by rpki-client