Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/zJpyyxzxDhN7qqdh0Mt-W4R9xhQ.roa
File: zJpyyxzxDhN7qqdh0Mt-W4R9xhQ.roa (raw, json)
Hash identifier: 3iXjS3NRkOtuiwihRC5inSlg4bzXZF2ihzUz1KnKcP8=
Subject key identifier: CC:9A:72:CB:1C:F1:0E:13:7B:AA:A7:61:D0:CB:7E:5B:84:7D:C6:14
Certificate issuer: /CN=da0589dce63981870a1850906c8c2d1d96740096
Certificate serial: 019E91B52BACDD8C3C30329B00BE6DC28C93
Authority key identifier: DA:05:89:DC:E6:39:81:87:0A:18:50:90:6C:8C:2D:1D:96:74:00:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/zJpyyxzxDhN7qqdh0Mt-W4R9xhQ.roa
Signing time: Thu 04 Jun 2026 08:17:09 +0000
ROA not before: Thu 04 Jun 2026 08:17:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202045
IP address blocks: 31.177.0.0/22 maxlen: 22
31.177.0.0/23 maxlen: 23
31.177.2.0/23 maxlen: 23
31.177.4.0/24 maxlen: 24
31.177.5.0/24 maxlen: 24
31.177.6.0/23 maxlen: 23
45.145.122.0/23 maxlen: 23
94.199.5.0/24 maxlen: 24
95.111.132.0/24 maxlen: 24
95.111.139.0/24 maxlen: 24
171.22.144.0/24 maxlen: 24
185.180.152.0/22 maxlen: 22
193.138.240.0/24 maxlen: 24
193.138.241.0/24 maxlen: 24
2a13:7500:1000::/36 maxlen: 36
2a13:7500:1000::/48 maxlen: 48
2a13:7500:1200::/44 maxlen: 44
2a13:7500:1241::/48 maxlen: 48
2a13:7500:1242::/48 maxlen: 48
2a13:7500:1248::/48 maxlen: 48
2a13:7500:1320::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 04:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:91:b5:2b:ac:dd:8c:3c:30:32:9b:00:be:6d:c2:8c:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0589dce63981870a1850906c8c2d1d96740096
Validity
Not Before: Jun 4 08:17:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cc9a72cb1cf10e137baaa761d0cb7e5b847dc614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e3:80:1d:27:cb:5b:55:c3:48:85:5c:ab:11:
a0:59:3f:11:5a:d9:f4:87:48:3f:30:91:49:09:c6:
be:be:db:f0:3a:fe:42:6c:ed:8d:c7:12:c3:31:1b:
38:31:84:dc:0a:3c:49:c2:b9:dd:94:ce:95:4d:fc:
e0:2a:86:fd:dd:46:f9:5f:ff:2f:54:1f:5e:a7:32:
dd:13:f8:82:df:55:e3:0b:df:16:66:0c:3e:45:a7:
28:91:5f:77:f3:37:17:a5:d9:82:74:d8:64:75:29:
ed:84:69:29:43:9f:4c:41:30:41:64:be:b7:7f:45:
eb:e9:01:3c:68:a5:93:d1:66:bc:66:c3:a4:71:b6:
ed:7e:0f:e8:cb:ff:3c:f9:4a:da:87:46:0c:5b:66:
14:26:5a:54:ed:59:5c:e9:a6:ff:9b:24:d5:b7:a6:
fe:ac:77:04:1d:a0:1f:25:af:81:00:72:76:b2:9a:
1e:77:9b:79:1d:e2:a8:57:9d:e4:ec:63:e7:8d:b3:
e3:e4:33:f4:24:ab:2e:2f:95:ad:88:38:c4:d1:78:
71:92:79:b2:55:d1:8c:af:42:a4:0f:99:29:05:1b:
9a:90:b0:e4:79:1a:9a:79:fd:54:1f:66:09:17:dd:
47:28:8c:45:30:9b:5f:34:db:6c:86:5b:d2:2d:9b:
0d:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:9A:72:CB:1C:F1:0E:13:7B:AA:A7:61:D0:CB:7E:5B:84:7D:C6:14
X509v3 Authority Key Identifier:
keyid:DA:05:89:DC:E6:39:81:87:0A:18:50:90:6C:8C:2D:1D:96:74:00:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/zJpyyxzxDhN7qqdh0Mt-W4R9xhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/6326bb-ba33-4339-b8c6-14e3c2017969/1/2gWJ3OY5gYcKGFCQbIwtHZZ0AJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.0.0/21
45.145.122.0/23
94.199.5.0/24
95.111.132.0/24
95.111.139.0/24
171.22.144.0/24
185.180.152.0/22
193.138.240.0/23
IPv6:
2a13:7500:1000::/36
Signature Algorithm: sha256WithRSAEncryption
1a:7d:af:e4:97:77:33:13:16:1b:83:b6:e3:6e:db:a1:a9:3d:
87:5a:57:4f:7a:63:e7:27:e1:36:c5:c8:38:28:2f:9c:91:9a:
e3:76:f7:20:40:36:59:60:f0:5e:c6:9f:f3:fc:0a:1d:8f:4c:
c3:c3:3d:f3:2a:a2:a6:92:7f:bd:51:9b:89:44:f5:24:4c:b1:
8c:1e:b7:db:f0:a5:9a:89:53:af:04:c2:3b:3a:ec:80:3e:34:
c2:23:bb:bb:76:e5:f6:89:88:88:0d:56:76:bf:18:e8:c1:32:
34:a8:79:56:d1:05:4e:f5:87:9a:93:5d:f2:fa:18:b1:eb:4c:
3b:e9:7f:12:00:a0:16:71:8b:63:ec:c5:91:c4:69:4d:93:65:
c2:a6:dd:e5:35:a6:fd:91:10:d0:62:73:37:b7:06:34:f8:74:
e2:04:ab:55:3a:23:40:8a:18:b1:34:06:95:d0:a7:b4:f8:2c:
ee:af:d7:38:95:d5:f5:21:82:a9:0e:61:a9:65:79:b7:72:92:
a4:bc:32:96:96:c8:9c:6f:9c:3e:76:6a:ee:36:45:f9:fc:24:
69:d7:7a:ee:ca:40:7c:e5:1f:93:57:ed:61:24:ef:02:fb:aa:
fb:98:92:6f:7f:32:2e:c8:0d:e1:99:78:14:de:45:f1:5c:be:
2f:90:3a:62
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZ6RtSus3Yw8MDKbAL5twoyTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDU4OWRjZTYzOTgxODcwYTE4NTA5MDZjOGMyZDFkOTY3
NDAwOTYwHhcNMjYwNjA0MDgxNzA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzlhNzJjYjFjZjEwZTEzN2JhYWE3NjFkMGNiN2U1Yjg0N2RjNjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOOAHSfLW1XDSIVcqxGgWT8RWtn0
h0g/MJFJCca+vtvwOv5CbO2NxxLDMRs4MYTcCjxJwrndlM6VTfzgKob93Ub5X/8v
VB9epzLdE/iC31XjC98WZgw+RacokV938zcXpdmCdNhkdSnthGkpQ59MQTBBZL63
f0Xr6QE8aKWT0Wa8ZsOkcbbtfg/oy/88+Urah0YMW2YUJlpU7Vlc6ab/myTVt6b+
rHcEHaAfJa+BAHJ2spoed5t5HeKoV53k7GPnjbPj5DP0JKsuL5WtiDjE0Xhxknmy
VdGMr0KkD5kpBRuakLDkeRqaef1UH2YJF91HKIxFMJtfNNtshlvSLZsNVQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFMyacssc8Q4Te6qnYdDLfluEfcYUMB8GA1UdIwQY
MBaAFNoFidzmOYGHChhQkGyMLR2WdACWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdXSjNPWTVnWWNLR0ZDUWJJd3RIWlowQUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC82MzI2YmItYmEzMy00MzM5LWI4YzYt
MTRlM2MyMDE3OTY5LzEvekpweXl4enhEaE43cXFkaDBNdC1XNFI5eGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC82MzI2YmItYmEzMy00MzM5LWI4YzYtMTRlM2MyMDE3OTY5
LzEvMmdXSjNPWTVnWWNLR0ZDUWJJd3RIWlowQUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDA2BAIAATAwAwQDH7EAAwQB
LZF6AwQAXscFAwQAX2+EAwQAX2+LAwQAqxaQAwQCubSYAwQBwYrwMA4EAgACMAgD
BgQqE3UAEDANBgkqhkiG9w0BAQsFAAOCAQEAGn2v5Jd3MxMWG4O2427boak9h1pX
T3pj5yfhNsXIOCgvnJGa43b3IEA2WWDwXsaf8/wKHY9Mw8M98yqippJ/vVGbiUT1
JEyxjB632/ClmolTrwTCOzrsgD40wiO7u3bl9omIiA1Wdr8Y6MEyNKh5VtEFTvWH
mpNd8voYsetMO+l/EgCgFnGLY+zFkcRpTZNlwqbd5TWm/ZEQ0GJzN7cGNPh04gSr
VTojQIoYsTQGldCntPgs7q/XOJXV9SGCqQ5hqWV5t3KSpLwylpbInG+cPnZq7jZF
+fwkadd67spAfOUfk1ftYSTvAvuq+5iSb38yLsgN4Zl4FN5F8Vy+L5A6Yg==
-----END CERTIFICATE-----
Generated at Sat Jun 6 14:40:05 2026 by rpki-client