Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1ZhH_HQgoDkM0SuIIFpMqMe8FXY.roa
File: 1ZhH_HQgoDkM0SuIIFpMqMe8FXY.roa (raw, json)
Hash identifier: KxxTrtXRCrXgD2Sa9zz3Z4XJ2MncEZGndu00ulJeCBs=
Subject key identifier: D5:98:47:FC:74:20:A0:39:0C:D1:2B:88:20:5A:4C:A8:C7:BC:15:76
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019DA2FDE5F9FFE700286E322C686847B8EF
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1ZhH_HQgoDkM0SuIIFpMqMe8FXY.roa
Signing time: Sat 18 Apr 2026 23:47:21 +0000
ROA not before: Sat 18 Apr 2026 23:47:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216416
IP address blocks: 5.83.151.0/24 maxlen: 24
5.175.216.0/24 maxlen: 24
5.230.184.0/24 maxlen: 24
5.231.117.0/24 maxlen: 24
85.93.21.0/24 maxlen: 24
89.106.81.0/24 maxlen: 24
89.106.91.0/24 maxlen: 24
89.144.17.0/24 maxlen: 24
89.144.50.0/24 maxlen: 24
94.249.174.0/24 maxlen: 24
94.249.178.0/24 maxlen: 24
94.249.185.0/24 maxlen: 24
94.249.201.0/24 maxlen: 24
94.249.206.0/24 maxlen: 24
95.215.34.0/24 maxlen: 24
185.13.159.0/24 maxlen: 24
185.119.18.0/24 maxlen: 24
185.129.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 21:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:a2:fd:e5:f9:ff:e7:00:28:6e:32:2c:68:68:47:b8:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 18 23:47:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d59847fc7420a0390cd12b88205a4ca8c7bc1576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:72:6b:6a:88:49:48:32:54:ee:f3:24:72:97:
e0:f0:af:54:d7:9e:c2:b4:70:3b:9f:24:17:f0:55:
ae:65:8d:4c:c5:d7:79:7e:c9:ba:69:75:05:92:56:
f4:e2:89:cc:65:af:30:78:72:72:a9:f5:7b:7c:16:
b7:ff:d1:a0:06:27:85:97:46:81:d7:ba:ea:30:df:
3f:fa:22:58:63:de:63:03:4b:ab:25:a5:eb:e7:69:
27:d3:c2:d9:51:c9:50:83:d5:eb:4d:55:9f:d4:bc:
b0:74:37:99:ce:67:54:a4:48:41:60:24:0b:52:9f:
cf:50:9f:27:dc:74:00:76:24:aa:82:bc:49:e9:bf:
76:88:2f:11:4d:31:f1:cf:3e:8d:be:f5:c6:aa:a8:
a2:7a:21:6f:5c:90:e9:6e:8a:40:e9:30:79:37:9b:
3c:24:4f:a4:91:47:c4:88:1e:89:64:d6:90:51:eb:
7b:7d:bc:9d:bd:54:38:23:1c:56:af:09:12:46:d5:
99:fc:34:50:6f:ea:04:65:24:1f:d3:46:a3:5d:9f:
0b:56:00:17:77:c8:b2:88:a3:93:7a:eb:43:8e:bf:
1b:c0:13:93:64:81:3e:c2:e4:75:06:6f:8f:06:25:
3d:98:3c:8a:12:f6:fb:8a:83:3f:ac:11:15:8f:b4:
43:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:98:47:FC:74:20:A0:39:0C:D1:2B:88:20:5A:4C:A8:C7:BC:15:76
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1ZhH_HQgoDkM0SuIIFpMqMe8FXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.151.0/24
5.175.216.0/24
5.230.184.0/24
5.231.117.0/24
85.93.21.0/24
89.106.81.0/24
89.106.91.0/24
89.144.17.0/24
89.144.50.0/24
94.249.174.0/24
94.249.178.0/24
94.249.185.0/24
94.249.201.0/24
94.249.206.0/24
95.215.34.0/24
185.13.159.0/24
185.119.18.0/24
185.129.84.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:16:10:04:f8:96:84:c2:35:80:78:70:78:54:e3:30:f0:20:
1d:b6:3b:1f:42:84:11:b9:b2:fb:73:37:c1:50:fa:10:c5:6c:
cd:59:71:0a:81:8c:2a:26:bc:a5:ab:32:43:a4:fc:b8:c5:1f:
59:e8:f1:9a:7a:1d:43:91:46:7a:6d:f6:ab:01:23:1d:5c:fc:
c0:91:77:71:e8:a5:ea:9c:68:fc:06:be:c8:57:dd:59:bc:93:
1d:84:ab:03:8a:64:de:18:34:d7:42:98:f0:c4:d7:6c:dd:44:
b9:ad:22:96:3b:96:47:09:a5:6f:6d:4b:8e:ae:52:1d:14:0c:
1d:26:9e:98:84:f1:22:bd:e0:f3:cf:a5:3f:0b:06:7c:3d:52:
87:4b:37:3b:ff:0d:07:a2:85:92:19:36:95:3e:b6:23:b2:a2:
d1:3c:da:b4:05:f0:8d:e9:33:05:e4:74:72:69:33:03:f8:a8:
f8:6f:61:90:03:13:c8:8b:55:71:6b:f1:8b:46:8b:85:88:eb:
2b:24:01:3c:6d:40:7c:14:b2:f4:50:94:cb:6d:52:a7:8b:bd:
1b:99:53:18:b2:8a:4d:14:de:9c:e4:23:12:f3:a1:1b:7e:ab:
6c:f1:db:87:e6:3e:73:b6:14:fb:19:62:60:00:ec:54:79:dc:
d1:6d:1d:02
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZ2i/eX5/+cAKG4yLGhoR7jvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwNDE4MjM0NzIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTk4NDdmYzc0MjBhMDM5MGNkMTJiODgyMDVhNGNhOGM3YmMxNTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknJraohJSDJU7vMkcpfg8K9U157C
tHA7nyQX8FWuZY1Mxdd5fsm6aXUFklb04onMZa8weHJyqfV7fBa3/9GgBieFl0aB
17rqMN8/+iJYY95jA0urJaXr52kn08LZUclQg9XrTVWf1LywdDeZzmdUpEhBYCQL
Up/PUJ8n3HQAdiSqgrxJ6b92iC8RTTHxzz6NvvXGqqiieiFvXJDpbopA6TB5N5s8
JE+kkUfEiB6JZNaQUet7fbydvVQ4IxxWrwkSRtWZ/DRQb+oEZSQf00ajXZ8LVgAX
d8iyiKOTeutDjr8bwBOTZIE+wuR1Bm+PBiU9mDyKEvb7ioM/rBEVj7RDXwIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFNWYR/x0IKA5DNEriCBaTKjHvBV2MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMVpoSF9IUWdvRGtNMFN1SUlGcE1xTWU4RlhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAAVTlwME
AAWv2AMEAAXmuAMEAAXndQMEAFVdFQMEAFlqUQMEAFlqWwMEAFmQEQMEAFmQMgME
AF75rgMEAF75sgMEAF75uQMEAF75yQMEAF75zgMEAF/XIgMEALkNnwMEALl3EgME
ALmBVDANBgkqhkiG9w0BAQsFAAOCAQEApBYQBPiWhMI1gHhweFTjMPAgHbY7H0KE
Ebmy+3M3wVD6EMVszVlxCoGMKia8pasyQ6T8uMUfWejxmnodQ5FGem32qwEjHVz8
wJF3ceil6pxo/Aa+yFfdWbyTHYSrA4pk3hg010KY8MTXbN1Eua0iljuWRwmlb21L
jq5SHRQMHSaemITxIr3g88+lPwsGfD1Sh0s3O/8NB6KFkhk2lT62I7Ki0TzatAXw
jekzBeR0cmkzA/io+G9hkAMTyItVcWvxi0aLhYjrKyQBPG1AfBSy9FCUy21Sp4u9
G5lTGLKKTRTenOQjEvOhG36rbPHbh+Y+c7YU+xliYADsVHnc0W0dAg==
-----END CERTIFICATE-----
Generated at Mon Apr 20 04:46:50 2026 by rpki-client