Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZIjVYOfnM2Grrn1e6C1etg2ZRHM.roa
File: ZIjVYOfnM2Grrn1e6C1etg2ZRHM.roa (raw, json)
Hash identifier: MkTnLnlnHjke/LyixsPoRD403AW+dfwkFrkkV9ouFok=
Subject key identifier: 64:88:D5:60:E7:E7:33:61:AB:AE:7D:5E:E8:2D:5E:B6:0D:99:44:73
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019F181399F1E0557BCA92BCBBB3E1894053
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZIjVYOfnM2Grrn1e6C1etg2ZRHM.roa
Signing time: Tue 30 Jun 2026 10:29:25 +0000
ROA not before: Tue 30 Jun 2026 10:29:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 37.139.128.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.91.194.0/24 maxlen: 24
45.129.85.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.192.0/23 maxlen: 24
87.121.62.0/24 maxlen: 24
87.121.63.0/24 maxlen: 24
87.121.114.0/23 maxlen: 24
87.121.114.0/24 maxlen: 24
87.121.115.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.24.0/24 maxlen: 24
93.123.100.0/23 maxlen: 24
93.123.109.0/24 maxlen: 24
94.156.188.0/24 maxlen: 32
147.78.101.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 10:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:18:13:99:f1:e0:55:7b:ca:92:bc:bb:b3:e1:89:40:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 30 10:29:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6488d560e7e73361abae7d5ee82d5eb60d994473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b9:52:6c:a5:c5:e5:e5:7f:b6:00:c4:1d:b2:
93:8d:97:b3:e1:de:9c:dd:fe:6b:1d:d7:13:62:36:
85:72:10:53:2e:99:b9:f9:59:16:73:61:fe:4f:a8:
2a:63:f2:5d:73:1b:fc:55:3c:e6:62:89:25:61:cc:
89:8c:01:87:b7:db:9c:e8:e1:dc:cf:80:a1:44:54:
3a:01:99:dc:41:08:f1:65:1e:ff:25:14:50:50:63:
4b:17:af:30:86:54:d1:04:67:9a:c3:b4:06:a7:a4:
e5:7a:7d:5a:02:54:20:f2:8c:cc:54:83:da:bf:ba:
b9:81:f2:b3:5e:2d:35:ab:c3:cf:f3:2c:57:d6:49:
a8:4b:85:c3:bb:c3:89:c8:32:1c:45:d8:a8:f2:3f:
c5:7d:4f:a3:49:7a:b4:8d:be:51:29:70:27:b9:d6:
aa:d4:96:66:54:bf:04:d7:63:15:58:e8:9b:2b:3e:
4f:e3:5e:9a:81:97:53:ee:6a:fd:71:a6:4a:78:20:
1b:1d:06:5b:0b:42:4e:59:0b:5c:c0:e9:7c:52:8d:
bc:4c:40:88:52:07:b6:60:99:e8:dd:ae:3d:59:d8:
a5:4a:fe:ed:67:a4:6a:e0:65:74:a5:0a:54:14:18:
35:21:f0:f6:8c:6a:1f:1e:16:dd:9b:58:73:f1:5b:
f5:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:88:D5:60:E7:E7:33:61:AB:AE:7D:5E:E8:2D:5E:B6:0D:99:44:73
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZIjVYOfnM2Grrn1e6C1etg2ZRHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.128.0/24
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.91.194.0/24
45.129.85.0/24
45.141.158.0/24
81.161.238.0/24
83.143.113.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.120.192.0/23
87.121.62.0/23
87.121.114.0/23
87.121.221.0/24
92.249.50.0/24
93.123.24.0/24
93.123.100.0/23
93.123.109.0/24
94.156.188.0/24
147.78.101.0/24
185.218.84.0/22
185.222.160.0/24
185.246.221.0/24
185.252.177.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
41:26:d5:ea:f6:5c:e5:c4:c1:b8:13:fc:c7:8e:01:36:72:ad:
db:e9:92:43:d2:55:92:30:4f:d8:a4:cf:ad:1a:a8:6b:80:3d:
8e:fe:c3:6d:8b:0e:1f:d6:5b:0f:9f:ec:c5:68:b2:7c:73:9c:
a3:6b:8a:d5:cd:9e:eb:a7:5a:f1:7f:55:17:78:2f:e5:98:ee:
04:e7:24:7c:ad:da:29:87:cb:24:c3:02:d8:2a:5b:96:f6:aa:
40:bd:c1:23:57:e7:55:9c:20:66:91:2e:bf:9d:e9:66:5f:3d:
cc:5b:d6:bb:cb:3f:f7:1b:aa:d2:2c:64:31:e9:e6:2c:cc:47:
24:98:4c:e3:0e:22:d0:e3:84:52:44:16:47:9f:31:3d:e6:3f:
a5:e8:a1:ec:91:87:8c:37:ec:d6:d4:47:b6:f8:f5:74:bd:59:
b6:03:59:ab:25:5f:8e:e4:e2:e0:41:5f:0e:71:69:29:90:1e:
a9:9e:d5:58:b1:76:e7:88:87:3a:8b:5f:fe:98:88:d4:67:2d:
bb:b5:e2:7b:f4:d3:b1:2b:04:60:c5:43:df:bb:2f:1e:28:58:
6d:8d:0a:62:0b:b9:b1:7e:07:91:50:6f:7f:16:0b:03:09:c5:
5e:41:1b:e3:fb:cd:a3:a7:28:53:12:cc:e6:7b:2b:f1:68:33:
5d:3a:57:6a
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZ8YE5nx4FV7ypK8u7PhiUBTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNjMwMTAyOTI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDg4ZDU2MGU3ZTczMzYxYWJhZTdkNWVlODJkNWViNjBkOTk0NDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7lSbKXF5eV/tgDEHbKTjZez4d6c
3f5rHdcTYjaFchBTLpm5+VkWc2H+T6gqY/Jdcxv8VTzmYoklYcyJjAGHt9uc6OHc
z4ChRFQ6AZncQQjxZR7/JRRQUGNLF68whlTRBGeaw7QGp6Tlen1aAlQg8ozMVIPa
v7q5gfKzXi01q8PP8yxX1kmoS4XDu8OJyDIcRdio8j/FfU+jSXq0jb5RKXAnudaq
1JZmVL8E12MVWOibKz5P416agZdT7mr9caZKeCAbHQZbC0JOWQtcwOl8Uo28TECI
Uge2YJno3a49WdilSv7tZ6Rq4GV0pQpUFBg1IfD2jGofHhbdm1hz8Vv1YQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFGSI1WDn5zNhq659XugtXrYNmURzMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWklqVllPZm5NMkdycm4xZTZDMWV0ZzJaUkhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBAAl
i4ADBAAtQuQDBAAtQucDBAAtWfcDBAAtW8IDBAAtgVUDBAAtjZ4DBABRoe4DBABT
j3EDBAFV2YIDBABXeFcDBABXeH4DBABXeKYDBAFXeMADBAFXeT4DBAFXeXIDBABX
ed0DBABc+TIDBABdexgDBAFde2QDBABde20DBABenLwDBACTTmUDBAK52lQDBAC5
3qADBAC59t0DBAC5/LEDBADCN7oDBADCqa8wDQYJKoZIhvcNAQELBQADggEBAEEm
1er2XOXEwbgT/MeOATZyrdvpkkPSVZIwT9ikz60aqGuAPY7+w22LDh/WWw+f7MVo
snxznKNritXNnuunWvF/VRd4L+WY7gTnJHyt2imHyyTDAtgqW5b2qkC9wSNX51Wc
IGaRLr+d6WZfPcxb1rvLP/cbqtIsZDHp5izMRySYTOMOItDjhFJEFkefMT3mP6Xo
oeyRh4w37NbUR7b49XS9WbYDWaslX47k4uBBXw5xaSmQHqme1VixdueIhzqLX/6Y
iNRnLbu14nv007ErBGDFQ9+7Lx4oWG2NCmILubF+B5FQb38WCwMJxV5BG+P7zaOn
KFMSzOZ7K/FoM106V2o=
-----END CERTIFICATE-----
Generated at Tue Jun 30 16:49:16 2026 by rpki-client