Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZN_lcU0Clrnd79hsvsy7r1p22zQ.roa
File: ZN_lcU0Clrnd79hsvsy7r1p22zQ.roa (raw, json)
Hash identifier: N+S8U7UzkKxgvLkVxnCq92Ai2HL8szJPDTeDCtcuNSw=
Subject key identifier: 64:DF:E5:71:4D:02:96:B9:DD:EF:D8:6C:BE:CC:BB:AF:5A:76:DB:34
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019D0F61A4F04C4048CDFB3C1CDD88B34252
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZN_lcU0Clrnd79hsvsy7r1p22zQ.roa
Signing time: Sat 21 Mar 2026 07:52:30 +0000
ROA not before: Sat 21 Mar 2026 07:52:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
85.217.130.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.60.0/23 maxlen: 23
87.121.165.0/24 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
185.222.160.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 02:18:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0f:61:a4:f0:4c:40:48:cd:fb:3c:1c:dd:88:b3:42:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 21 07:52:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=64dfe5714d0296b9ddefd86cbeccbbaf5a76db34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b1:5b:22:b0:0c:29:8d:d5:3c:0d:ca:76:17:
c0:6b:52:05:8b:a3:b6:60:5a:ba:5b:32:57:e9:b5:
17:a8:a2:c0:c6:4b:4a:a0:a6:9a:03:06:fd:5c:a2:
86:b3:ce:99:ab:f1:23:c0:d0:fa:42:32:92:54:b5:
84:b1:4a:f1:f3:5a:98:16:73:a3:46:89:16:da:68:
42:74:ab:3f:98:7f:83:74:8d:9b:74:02:30:10:0d:
2f:a5:27:ce:b3:48:7d:12:d1:41:e8:bb:b9:f0:01:
e7:c6:3c:50:17:79:63:36:56:e9:e0:32:05:f4:28:
12:c3:29:86:db:68:09:61:ce:78:f8:1b:1d:86:48:
50:f4:e8:8a:24:c0:f7:8d:8f:4f:71:1a:95:70:d4:
e0:dc:1b:18:d7:f6:6b:95:b3:b1:b3:8b:0a:a2:43:
0c:cf:96:91:d1:96:db:3f:76:02:6e:38:65:0b:2a:
23:30:87:d7:39:9d:c9:04:44:a9:d4:8e:bd:cb:5c:
58:f8:93:4e:fb:96:51:be:aa:0e:86:b7:d6:62:89:
4d:4d:94:c0:d4:49:0b:ed:0c:58:c7:66:20:ca:04:
b0:cb:e0:e0:91:5e:1e:15:ed:1c:cc:73:92:17:a8:
2b:35:d2:db:aa:13:b7:bc:cc:0c:26:4f:2b:23:e9:
8d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:DF:E5:71:4D:02:96:B9:DD:EF:D8:6C:BE:CC:BB:AF:5A:76:DB:34
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZN_lcU0Clrnd79hsvsy7r1p22zQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.228.0/24
45.66.231.0/24
45.89.247.0/24
45.141.158.0/24
81.161.238.0/24
85.217.130.0/23
87.120.87.0/24
87.120.126.0/24
87.120.166.0/24
87.121.60.0/23
87.121.165.0/24
92.249.50.0/24
93.123.109.0/24
147.78.101.0/24
185.218.84.0/22
185.222.160.0/24
193.25.216.0/24
193.47.61.0/24
194.55.186.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:23:e1:90:dd:be:c3:8a:0b:e9:5c:c4:f6:a7:40:3b:f4:03:
db:d8:80:e9:38:d9:74:44:d1:6d:47:0c:12:83:44:ed:09:18:
0f:0f:0c:08:f2:35:96:4e:bb:8f:1b:a5:2d:46:86:6b:a2:21:
ec:60:ff:c2:dc:f0:89:8d:e9:31:6c:e0:58:a0:9c:ae:96:10:
0a:4d:0b:8b:fe:50:16:a3:33:50:a2:bd:eb:61:12:43:4a:51:
5e:08:d6:e3:b6:73:3e:59:a2:8e:aa:ed:7a:0b:e5:58:e8:e7:
df:22:92:3d:87:4a:12:70:5d:b8:8c:20:3a:de:85:16:5d:25:
95:4f:2e:cd:83:5d:f0:c6:dd:c3:17:a0:60:a5:47:d2:95:7b:
c0:6f:d5:73:e4:d6:c0:aa:ea:45:b5:6c:57:fe:94:19:e8:f5:
98:3b:9a:65:55:df:15:e7:e9:cc:3b:07:d7:02:9c:4c:f1:a8:
f3:70:6f:70:60:ff:f0:78:df:e5:a0:89:61:e2:ec:69:56:56:
da:ad:a7:d9:a2:14:c1:3a:cd:10:0a:55:e1:ae:28:2f:c7:aa:
e6:18:d6:b5:d4:d5:3d:fb:d6:90:88:12:ed:63:c3:46:fe:e7:
fd:b2:57:8b:4b:07:cc:ee:12:b5:bb:7a:44:9c:25:f6:be:28:
5a:20:91:81
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZ0PYaTwTEBIzfs8HN2Is0JSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwMzIxMDc1MjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGRmZTU3MTRkMDI5NmI5ZGRlZmQ4NmNiZWNjYmJhZjVhNzZkYjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7FbIrAMKY3VPA3KdhfAa1IFi6O2
YFq6WzJX6bUXqKLAxktKoKaaAwb9XKKGs86Zq/EjwND6QjKSVLWEsUrx81qYFnOj
RokW2mhCdKs/mH+DdI2bdAIwEA0vpSfOs0h9EtFB6Lu58AHnxjxQF3ljNlbp4DIF
9CgSwymG22gJYc54+BsdhkhQ9OiKJMD3jY9PcRqVcNTg3BsY1/ZrlbOxs4sKokMM
z5aR0ZbbP3YCbjhlCyojMIfXOZ3JBESp1I69y1xY+JNO+5ZRvqoOhrfWYolNTZTA
1EkL7QxYx2YgygSwy+DgkV4eFe0czHOSF6grNdLbqhO3vMwMJk8rI+mNfQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFGTf5XFNApa53e/YbL7Mu69adts0MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWk5fbGNVMENscm5kNzloc3ZzeTdyMXAyMnpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQALULk
AwQALULnAwQALVn3AwQALY2eAwQAUaHuAwQBVdmCAwQAV3hXAwQAV3h+AwQAV3im
AwQBV3k8AwQAV3mlAwQAXPkyAwQAXXttAwQAk05lAwQCudpUAwQAud6gAwQAwRnY
AwQAwS89AwQAwje6AwQAwqmvMA0GCSqGSIb3DQEBCwUAA4IBAQCyI+GQ3b7Digvp
XMT2p0A79APb2IDpONl0RNFtRwwSg0TtCRgPDwwI8jWWTruPG6UtRoZroiHsYP/C
3PCJjekxbOBYoJyulhAKTQuL/lAWozNQor3rYRJDSlFeCNbjtnM+WaKOqu16C+VY
6OffIpI9h0oScF24jCA63oUWXSWVTy7Ng13wxt3DF6BgpUfSlXvAb9Vz5NbAqupF
tWxX/pQZ6PWYO5plVd8V5+nMOwfXApxM8ajzcG9wYP/weN/loIlh4uxpVlbarafZ
ohTBOs0QClXhrigvx6rmGNa11NU9+9aQiBLtY8NG/uf9sleLSwfM7hK1u3pEnCX2
vihaIJGB
-----END CERTIFICATE-----
Generated at Sat Mar 21 12:22:38 2026 by rpki-client