Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zd4N25l-6tAmj3Qm75N5PUZC-2I.roa
File: zd4N25l-6tAmj3Qm75N5PUZC-2I.roa (raw, json)
Hash identifier: 30G5aZ38jthmfvxeRXZ8PVALjI1L7GYsQtEgYRxnoQs=
Subject key identifier: CD:DE:0D:DB:99:7E:EA:D0:26:8F:74:26:EF:93:79:3D:46:42:FB:62
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019EE25AE7FE0A9836CFF1E17BDC8499659D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zd4N25l-6tAmj3Qm75N5PUZC-2I.roa
Signing time: Sat 20 Jun 2026 00:07:48 +0000
ROA not before: Sat 20 Jun 2026 00:07:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/24 maxlen: 24
87.121.62.0/23 maxlen: 23
87.121.147.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 23:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:e2:5a:e7:fe:0a:98:36:cf:f1:e1:7b:dc:84:99:65:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 20 00:07:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cdde0ddb997eead0268f7426ef93793d4642fb62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:94:b3:6b:49:42:81:56:34:87:d7:4f:b5:4f:
ed:17:7f:eb:60:fe:ce:98:0e:1f:ec:51:e4:08:f9:
0f:e8:92:80:38:21:b0:b7:7a:b7:4d:d7:cb:6e:57:
f0:4d:78:d9:1e:5e:13:68:11:7b:c1:20:a4:24:8a:
a7:62:38:69:e0:50:54:ae:28:0f:c0:e2:d1:0c:ed:
85:37:15:27:1f:86:1b:f8:56:34:88:21:36:42:ae:
78:af:ee:98:30:59:1b:72:af:56:0a:98:6e:4f:5c:
fa:ec:a3:d9:01:19:7a:03:c0:64:c1:65:0c:81:0e:
e8:35:be:e4:f0:9a:5c:64:bb:a5:0b:af:3a:53:98:
60:fc:b7:a9:e5:44:9f:ce:61:09:e9:ee:ae:0d:e0:
6b:67:30:2f:90:f6:79:d7:7a:49:57:bb:b8:01:c3:
ca:ed:01:f6:08:d0:eb:9e:46:23:cb:6c:1b:3c:33:
73:ba:12:2c:11:5b:79:48:1f:78:7c:a9:85:e3:61:
69:3f:1d:36:e7:d6:66:d8:67:d7:18:7e:02:95:66:
52:5c:cf:f9:d8:a3:03:6e:d6:e8:fc:a3:33:01:d4:
be:6f:aa:65:87:8b:44:da:62:bb:85:7c:71:0c:39:
0e:9e:9a:65:a6:ca:6b:6b:e3:f2:95:dd:0f:51:bb:
a9:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:DE:0D:DB:99:7E:EA:D0:26:8F:74:26:EF:93:79:3D:46:42:FB:62
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zd4N25l-6tAmj3Qm75N5PUZC-2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/24
87.121.62.0/23
87.121.147.0/24
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
55:19:7e:90:70:c0:ea:82:dd:86:13:99:5e:33:94:76:96:cc:
cb:45:28:be:a5:48:92:b3:0b:11:81:3e:34:d9:90:07:71:b5:
95:14:7e:4a:a9:26:3b:08:ae:fd:a2:f8:70:ed:f2:ff:61:47:
f7:40:58:67:e8:2b:a5:37:f4:de:b1:d6:8a:93:06:d7:c8:e7:
eb:33:1c:bc:95:03:fa:07:fa:de:c4:61:7b:65:c4:a0:f4:2a:
96:b4:67:8b:69:23:f0:5f:f9:ee:04:f6:dd:28:a1:f4:9b:ba:
94:5f:37:27:9c:d2:c2:a0:e8:ce:2d:4c:8e:67:e0:f8:b4:44:
c0:ed:60:bf:5e:93:82:60:c2:36:c8:63:22:ea:ab:43:d7:8c:
c2:18:b9:c4:e4:13:e8:b2:3a:76:9b:25:68:4a:32:ea:65:2b:
1d:05:c0:9a:a0:b9:53:bc:24:1d:4b:03:4c:48:b8:8f:4a:df:
73:39:03:09:b2:55:69:cb:9e:6e:c8:62:3a:23:02:45:5f:a8:
af:79:77:c6:7f:31:4f:9c:ed:b9:32:f8:ef:36:7c:af:69:3b:
92:bc:3c:2b:c3:22:a1:85:ca:9c:ef:33:2e:b0:62:33:2a:74:
33:e1:47:f5:62:46:72:8c:e5:1c:04:d2:d4:e6:38:2f:10:8a:
3d:b0:ef:5d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ7iWuf+Cpg2z/Hhe9yEmWWdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNjIwMDAwNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGRlMGRkYjk5N2VlYWQwMjY4Zjc0MjZlZjkzNzkzZDQ2NDJmYjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpSza0lCgVY0h9dPtU/tF3/rYP7O
mA4f7FHkCPkP6JKAOCGwt3q3TdfLblfwTXjZHl4TaBF7wSCkJIqnYjhp4FBUrigP
wOLRDO2FNxUnH4Yb+FY0iCE2Qq54r+6YMFkbcq9WCphuT1z67KPZARl6A8BkwWUM
gQ7oNb7k8JpcZLulC686U5hg/Lep5USfzmEJ6e6uDeBrZzAvkPZ513pJV7u4AcPK
7QH2CNDrnkYjy2wbPDNzuhIsEVt5SB94fKmF42FpPx0259Zm2GfXGH4ClWZSXM/5
2KMDbtbo/KMzAdS+b6plh4tE2mK7hXxxDDkOnpplpspra+Pyld0PUbupDwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM3eDduZfurQJo90Ju+TeT1GQvtiMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvemQ0TjI1bC02dEFtajNRbTc1TjVQVVpDLTJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAV3hEAwQB
V3k+AwQAV3mTAwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQBVGX6QcMDqgt2GE5le
M5R2lszLRSi+pUiSswsRgT402ZAHcbWVFH5KqSY7CK79ovhw7fL/YUf3QFhn6Cul
N/TesdaKkwbXyOfrMxy8lQP6B/rexGF7ZcSg9CqWtGeLaSPwX/nuBPbdKKH0m7qU
XzcnnNLCoOjOLUyOZ+D4tETA7WC/XpOCYMI2yGMi6qtD14zCGLnE5BPosjp2myVo
SjLqZSsdBcCaoLlTvCQdSwNMSLiPSt9zOQMJslVpy55uyGI6IwJFX6iveXfGfzFP
nO25MvjvNnyvaTuSvDwrwyKhhcqc7zMusGIzKnQz4Uf1YkZyjOUcBNLU5jgvEIo9
sO9d
-----END CERTIFICATE-----
Generated at Sat Jun 20 06:31:07 2026 by rpki-client