Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zXKh6sgXynkWrIPqikAjPH8AQZc.roa
File: zXKh6sgXynkWrIPqikAjPH8AQZc.roa (raw, json)
Hash identifier: bHVVK13SVLaeEgeOpR9K+3Ooipz0zc1j1w81tw1WzCM=
Subject key identifier: CD:72:A1:EA:C8:17:CA:79:16:AC:83:EA:8A:40:23:3C:7F:00:41:97
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019DB879909B89627626CB33CA3910C5214C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zXKh6sgXynkWrIPqikAjPH8AQZc.roa
Signing time: Thu 23 Apr 2026 03:54:27 +0000
ROA not before: Thu 23 Apr 2026 03:54:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198550
IP address blocks: 45.128.235.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Apr 2026 22:11:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b8:79:90:9b:89:62:76:26:cb:33:ca:39:10:c5:21:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 23 03:54:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cd72a1eac817ca7916ac83ea8a40233c7f004197
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:52:45:7f:02:92:61:10:45:1e:dc:96:2e:2c:
64:c5:74:4c:4a:3b:11:04:5e:eb:eb:fc:6d:3c:17:
c3:6c:5b:39:e0:7f:b7:94:4e:6a:ce:a6:69:e5:11:
1d:b9:09:c9:c0:ac:da:f3:ab:be:b6:f1:2a:d3:03:
c7:7d:33:1c:31:07:c9:5a:64:e3:56:26:3e:34:7e:
b8:bc:b4:50:ce:3e:56:94:ed:8b:59:45:14:56:ce:
fa:b5:33:43:6d:09:a0:39:24:41:de:81:99:56:e4:
df:4b:f3:7b:f8:32:a2:18:9d:0d:10:6b:f5:ec:b3:
3e:7b:0f:86:fb:65:e6:42:14:1d:99:b3:78:7d:36:
2b:12:30:2c:7d:9a:7c:2c:87:6f:fc:86:bd:fe:6e:
6f:1e:8e:eb:d4:bf:e4:57:bc:42:40:05:35:e3:d7:
27:95:8f:e5:ea:c4:98:5c:32:a2:cd:b6:3a:f9:34:
de:7d:17:7e:a0:04:dc:06:e1:d3:51:eb:7c:95:fd:
63:b0:c5:4f:72:bc:7d:2e:ed:66:42:cb:30:e5:4e:
67:b9:13:77:35:e4:9f:5f:f5:27:b0:33:96:1c:49:
a0:9e:57:ec:08:ae:d5:38:0f:96:f8:e4:a0:9e:d1:
c7:2d:b5:c6:54:af:09:d9:f6:b4:e4:1a:65:b0:09:
6e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:72:A1:EA:C8:17:CA:79:16:AC:83:EA:8A:40:23:3C:7F:00:41:97
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zXKh6sgXynkWrIPqikAjPH8AQZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.235.0/24
178.215.239.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:56:43:4a:e7:d2:8f:43:0a:51:5f:fb:53:d8:1f:d2:fa:6a:
8c:36:cc:0e:fa:2b:a7:6a:a6:0f:11:2f:0c:ab:f2:51:ee:7c:
87:32:45:a9:b0:ee:5d:d7:26:29:f8:81:82:06:d1:1b:97:06:
05:57:10:03:42:1a:0f:4f:6b:4b:1b:24:c1:b8:58:93:a9:87:
e5:80:2b:f2:92:5d:c7:2b:02:c6:f2:11:49:0e:73:cc:c8:ce:
96:25:67:eb:99:34:01:ac:93:7c:08:02:95:ee:3c:ef:b7:49:
9b:96:e0:40:ce:3b:66:13:ea:db:7a:0e:da:e0:34:76:68:53:
0e:66:f0:cc:6a:c0:4f:ed:ae:2f:95:3a:63:c8:30:ae:82:ea:
e9:bf:c8:43:3d:d2:95:e3:98:22:0c:e9:9f:6d:80:82:69:cc:
fc:06:a6:f8:6c:ff:7a:ee:70:11:68:29:f8:ca:ae:7f:c9:d6:
b3:4f:6a:b8:b2:98:7c:b6:e8:a0:9d:23:7b:d4:3e:f9:6e:28:
84:8c:2c:e6:0e:77:d8:0c:19:95:f6:82:99:f3:fe:eb:3a:1a:
1f:7e:cc:d7:11:d0:f8:31:cb:5f:0c:9a:a7:b6:39:78:56:b0:
c2:56:7e:a1:a3:2e:c1:d4:c1:af:f5:37:35:52:66:ef:3e:81:
15:e9:fa:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ24eZCbiWJ2JsszyjkQxSFMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNDIzMDM1NDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDcyYTFlYWM4MTdjYTc5MTZhYzgzZWE4YTQwMjMzYzdmMDA0MTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVJFfwKSYRBFHtyWLixkxXRMSjsR
BF7r6/xtPBfDbFs54H+3lE5qzqZp5REduQnJwKza86u+tvEq0wPHfTMcMQfJWmTj
ViY+NH64vLRQzj5WlO2LWUUUVs76tTNDbQmgOSRB3oGZVuTfS/N7+DKiGJ0NEGv1
7LM+ew+G+2XmQhQdmbN4fTYrEjAsfZp8LIdv/Ia9/m5vHo7r1L/kV7xCQAU149cn
lY/l6sSYXDKizbY6+TTefRd+oATcBuHTUet8lf1jsMVPcrx9Lu1mQssw5U5nuRN3
NeSfX/UnsDOWHEmgnlfsCK7VOA+W+OSgntHHLbXGVK8J2fa05BplsAluxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM1yoerIF8p5FqyD6opAIzx/AEGXMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvelhLaDZzZ1h5bmtXcklQcWlrQWpQSDhBUVpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYDrAwQA
stfvMA0GCSqGSIb3DQEBCwUAA4IBAQC2VkNK59KPQwpRX/tT2B/S+mqMNswO+iun
aqYPES8Mq/JR7nyHMkWpsO5d1yYp+IGCBtEblwYFVxADQhoPT2tLGyTBuFiTqYfl
gCvykl3HKwLG8hFJDnPMyM6WJWfrmTQBrJN8CAKV7jzvt0mbluBAzjtmE+rbeg7a
4DR2aFMOZvDMasBP7a4vlTpjyDCugurpv8hDPdKV45giDOmfbYCCacz8Bqb4bP96
7nARaCn4yq5/ydazT2q4sph8tuignSN71D75biiEjCzmDnfYDBmV9oKZ8/7rOhof
fszXEdD4MctfDJqntjl4VrDCVn6hoy7B1MGv9Tc1UmbvPoEV6foy
-----END CERTIFICATE-----
Generated at Thu Apr 23 07:39:25 2026 by rpki-client