Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/ZmpWjF_oywCfjUVgFBBlmF4FC4E.roa
File: ZmpWjF_oywCfjUVgFBBlmF4FC4E.roa (raw, json)
Hash identifier: BHsjS63Lyws1JbJI3hhYSNDHDAzf877Qw6ix9rYQhzY=
Subject key identifier: 66:6A:56:8C:5F:E8:CB:00:9F:8D:45:60:14:10:65:98:5E:05:0B:81
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019CE2F85412C6B1D2744EF4B7D6551C95E4
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/ZmpWjF_oywCfjUVgFBBlmF4FC4E.roa
Signing time: Thu 12 Mar 2026 16:54:11 +0000
ROA not before: Thu 12 Mar 2026 16:54:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 2a05:9a40::/29 maxlen: 29
2a0f:9b40::/29 maxlen: 29
2a10:3f80::/29 maxlen: 29
2a13:b9c0::/29 maxlen: 29
2a13:bb40::/29 maxlen: 29
2a13:c240::/29 maxlen: 29
2a13:c340::/29 maxlen: 29
2a14:1100::/32 maxlen: 32
2a14:1101::/32 maxlen: 32
2a14:1102::/32 maxlen: 32
2a14:1103::/32 maxlen: 32
2a14:1104::/32 maxlen: 32
2a14:1105::/32 maxlen: 32
2a14:1106::/32 maxlen: 32
2a14:1107::/32 maxlen: 32
2a14:62c0::/29 maxlen: 29
2a14:6a40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 15:04:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e2:f8:54:12:c6:b1:d2:74:4e:f4:b7:d6:55:1c:95:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Mar 12 16:54:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=666a568c5fe8cb009f8d4560141065985e050b81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:dc:76:db:4c:2a:b6:55:19:61:b4:36:ab:da:
f5:ea:63:75:f7:f5:f5:19:4e:9f:bb:d3:e0:0a:8c:
2c:2c:f2:cc:b8:33:c3:d1:af:a2:0a:ae:48:62:99:
01:f4:6e:06:6d:b1:1c:7c:14:bf:f7:ba:c9:bc:be:
d1:c1:d6:b0:48:dc:c5:ce:2d:69:6a:50:32:da:f3:
57:fd:8d:d1:06:36:67:9a:d8:7d:01:a7:f4:08:8e:
86:c0:e2:04:1b:18:7d:6c:2d:c0:e0:fd:38:8a:56:
1c:cd:3c:c9:ba:40:52:0c:c1:d2:8c:76:f8:9d:a7:
cf:94:a6:12:6e:a9:dd:3f:3f:0f:48:6b:f3:e6:eb:
8a:94:42:8a:97:4f:4a:d7:26:de:d5:7f:14:a0:16:
0f:ca:4d:d3:ea:a6:6e:ad:48:e9:a2:9b:9f:06:3f:
c9:11:13:68:58:91:1f:63:57:24:12:8c:00:26:08:
a9:3b:37:9f:7f:5b:0c:8c:21:9d:a0:c4:48:47:3e:
f8:1a:88:be:bd:58:f0:95:6b:79:84:00:b0:26:51:
c0:0b:6e:12:93:f4:9d:94:4c:d0:a0:f6:aa:0d:9e:
bf:23:0e:b9:77:1c:d0:11:b3:37:83:0f:cf:d6:c9:
8e:bc:30:bf:e5:ef:a6:0f:79:31:a9:21:26:0c:45:
58:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:6A:56:8C:5F:E8:CB:00:9F:8D:45:60:14:10:65:98:5E:05:0B:81
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/ZmpWjF_oywCfjUVgFBBlmF4FC4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:9a40::/29
2a0f:9b40::/29
2a10:3f80::/29
2a13:b9c0::/29
2a13:bb40::/29
2a13:c240::/29
2a13:c340::/29
2a14:1100::/29
2a14:62c0::/29
2a14:6a40::/32
Signature Algorithm: sha256WithRSAEncryption
3a:ec:89:4f:4e:41:a8:3d:46:1a:19:7e:50:ab:1e:e5:a1:a6:
f0:e0:33:dc:0d:01:ec:be:99:62:c8:dd:85:e0:ee:2e:11:69:
d7:cc:a9:3d:bc:72:61:9a:6a:4d:f1:d7:00:21:61:83:86:7d:
61:ac:e1:ce:b8:1d:b7:f8:81:b5:02:06:c6:80:b2:b4:34:9a:
99:0f:c3:09:5e:57:e4:80:fe:fd:85:b4:7b:ba:8f:5e:16:d0:
7c:ae:4a:8a:82:f1:e1:f5:29:a9:b8:4a:a8:4d:f3:2c:1f:6f:
b5:44:4f:04:bd:6e:4b:98:f4:bf:fa:5c:83:df:7a:27:97:4e:
f3:3e:b5:9b:fb:d9:1e:e3:02:42:5c:e6:9f:c5:71:db:ce:52:
73:1e:cf:b4:b9:04:61:54:36:03:7f:7d:f5:0c:40:12:dd:9d:
d0:b8:eb:0d:f0:40:2e:98:63:49:48:c9:49:4e:84:9e:38:ed:
74:63:b0:90:6d:c2:c5:f0:1e:a2:12:33:2e:9b:26:1c:15:0f:
90:cf:fe:7a:a6:1d:25:68:2d:8e:00:11:9f:76:80:1e:69:e5:
2b:4c:42:44:74:7e:06:d9:4a:56:bc:bf:b0:0c:5f:53:04:e0:
25:45:06:d5:e8:a2:29:4b:79:47:b8:4c:b7:f8:1e:48:fd:8e:
46:29:7f:ee
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZzi+FQSxrHSdE70t9ZVHJXkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwMzEyMTY1NDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjZhNTY4YzVmZThjYjAwOWY4ZDQ1NjAxNDEwNjU5ODVlMDUwYjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9x220wqtlUZYbQ2q9r16mN19/X1
GU6fu9PgCowsLPLMuDPD0a+iCq5IYpkB9G4GbbEcfBS/97rJvL7RwdawSNzFzi1p
alAy2vNX/Y3RBjZnmth9Aaf0CI6GwOIEGxh9bC3A4P04ilYczTzJukBSDMHSjHb4
nafPlKYSbqndPz8PSGvz5uuKlEKKl09K1ybe1X8UoBYPyk3T6qZurUjpopufBj/J
ERNoWJEfY1ckEowAJgipOzeff1sMjCGdoMRIRz74Goi+vVjwlWt5hACwJlHAC24S
k/SdlEzQoPaqDZ6/Iw65dxzQEbM3gw/P1smOvDC/5e+mD3kxqSEmDEVYYwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFGZqVoxf6MsAn41FYBQQZZheBQuBMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvWm1wV2pGX295d0NmalVWZ0ZCQmxtRjRGQzRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAAjBGAwUDKgWaQAMF
AyoPm0ADBQMqED+AAwUDKhO5wAMFAyoTu0ADBQMqE8JAAwUDKhPDQAMFAyoUEQAD
BQMqFGLAAwUAKhRqQDANBgkqhkiG9w0BAQsFAAOCAQEAOuyJT05BqD1GGhl+UKse
5aGm8OAz3A0B7L6ZYsjdheDuLhFp18ypPbxyYZpqTfHXACFhg4Z9Yazhzrgdt/iB
tQIGxoCytDSamQ/DCV5X5ID+/YW0e7qPXhbQfK5KioLx4fUpqbhKqE3zLB9vtURP
BL1uS5j0v/pcg996J5dO8z61m/vZHuMCQlzmn8Vx285Scx7PtLkEYVQ2A3999QxA
Et2d0LjrDfBALphjSUjJSU6EnjjtdGOwkG3CxfAeohIzLpsmHBUPkM/+eqYdJWgt
jgARn3aAHmnlK0xCRHR+BtlKVry/sAxfUwTgJUUG1eiiKUt5R7hMt/geSP2ORil/
7g==
-----END CERTIFICATE-----
Generated at Thu Mar 12 22:52:59 2026 by rpki-client