Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/ZaYaSYAEPOdHLIVN14PLlDsKva8.roa
File: ZaYaSYAEPOdHLIVN14PLlDsKva8.roa (raw, json)
Hash identifier: yTcCcaC43XYDPU0nQoRnd/2qEyivXiAz0GtWD56mOHI=
Subject key identifier: 65:A6:1A:49:80:04:3C:E7:47:2C:85:4D:D7:83:CB:94:3B:0A:BD:AF
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019E980E931C1065ECE49B6D7DA0A86FC2B9
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/ZaYaSYAEPOdHLIVN14PLlDsKva8.roa
Signing time: Fri 05 Jun 2026 13:52:32 +0000
ROA not before: Fri 05 Jun 2026 13:52:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 62.192.110.0/24 maxlen: 24
212.189.8.0/24 maxlen: 24
212.189.18.0/24 maxlen: 24
212.189.21.0/24 maxlen: 24
212.189.23.0/24 maxlen: 24
212.189.24.0/24 maxlen: 24
212.189.31.0/24 maxlen: 24
212.189.36.0/24 maxlen: 24
212.189.39.0/24 maxlen: 24
212.189.40.0/24 maxlen: 24
212.189.45.0/24 maxlen: 24
212.189.48.0/24 maxlen: 24
212.189.54.0/24 maxlen: 24
212.189.57.0/24 maxlen: 24
212.189.58.0/24 maxlen: 24
212.189.61.0/24 maxlen: 24
212.189.69.0/24 maxlen: 24
212.189.75.0/24 maxlen: 24
212.189.79.0/24 maxlen: 24
212.189.80.0/24 maxlen: 24
212.189.85.0/24 maxlen: 24
212.189.95.0/24 maxlen: 24
212.189.103.0/24 maxlen: 24
212.189.110.0/24 maxlen: 24
212.189.113.0/24 maxlen: 24
212.189.115.0/24 maxlen: 24
212.189.121.0/24 maxlen: 24
212.189.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:98:0e:93:1c:10:65:ec:e4:9b:6d:7d:a0:a8:6f:c2:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jun 5 13:52:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=65a61a4980043ce7472c854dd783cb943b0abdaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:69:7d:d5:79:78:a7:9b:ac:c5:b1:e1:66:6a:
5b:fe:27:3c:01:ec:4b:55:d0:f7:22:cb:78:52:58:
9c:48:75:ee:65:46:b9:6c:12:96:92:a7:6d:f8:fc:
51:1d:0c:b1:31:38:15:eb:96:d6:c9:f5:4c:41:86:
64:04:b3:78:07:e9:10:11:a4:bc:a3:32:db:ba:b1:
b9:07:4b:d1:2b:60:b5:e7:d1:48:5a:e3:2a:86:33:
7f:a9:48:4b:3a:e2:f3:b5:73:64:d2:39:55:61:4f:
a4:62:00:c2:88:10:ed:fd:7d:1b:05:35:cf:ee:8b:
aa:da:bd:27:df:6b:37:dc:9d:6c:9b:a2:cd:ce:18:
ab:ed:87:42:47:38:49:1c:b2:4e:89:d5:32:36:11:
5b:ba:2a:a9:61:2f:75:74:b2:b3:97:59:4e:0f:13:
74:8e:69:4b:8a:64:54:83:36:8c:3c:66:4c:df:00:
73:c0:26:24:a5:03:76:ca:07:0c:52:36:ae:83:9f:
ce:f0:45:5b:7e:eb:35:90:df:bb:99:9a:49:19:6f:
70:0f:b6:41:cd:7b:68:dc:3b:d3:1b:20:90:d7:36:
32:ea:35:87:44:06:a6:53:c7:1c:a6:70:8b:15:e5:
87:72:e5:8a:e3:54:98:0e:53:e9:95:b8:f0:e4:38:
49:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:A6:1A:49:80:04:3C:E7:47:2C:85:4D:D7:83:CB:94:3B:0A:BD:AF
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/ZaYaSYAEPOdHLIVN14PLlDsKva8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.110.0/24
212.189.8.0/24
212.189.18.0/24
212.189.21.0/24
212.189.23.0-212.189.24.255
212.189.31.0/24
212.189.36.0/24
212.189.39.0-212.189.40.255
212.189.45.0/24
212.189.48.0/24
212.189.54.0/24
212.189.57.0-212.189.58.255
212.189.61.0/24
212.189.69.0/24
212.189.75.0/24
212.189.79.0-212.189.80.255
212.189.85.0/24
212.189.95.0/24
212.189.103.0/24
212.189.110.0/24
212.189.113.0/24
212.189.115.0/24
212.189.121.0/24
212.189.124.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:d5:6e:23:7b:50:2a:e5:00:85:c1:fc:89:ef:06:80:41:a1:
8c:6e:a7:a8:ea:10:94:db:33:01:57:a9:79:1b:ba:1f:18:d6:
3d:a3:41:3d:92:d5:62:84:97:18:36:20:a4:da:10:f0:aa:88:
0a:d3:6d:52:12:3c:7a:63:e4:41:2f:64:d1:26:1d:b3:b2:45:
84:69:67:44:05:5a:c6:f2:70:b4:b4:96:ec:20:50:f2:05:8d:
bb:4c:d0:38:03:06:5f:6d:d3:69:cc:c4:f8:06:71:5b:67:4c:
69:6e:b1:3f:67:2e:84:67:bf:0b:4d:06:88:72:85:6a:35:a4:
b1:dd:f3:34:79:bc:3c:3e:cc:8b:d6:f5:8f:a1:6c:9a:fb:41:
a9:5c:7b:83:ab:c4:2a:da:fd:85:4d:07:09:e4:14:ae:ad:f4:
59:d4:7b:dc:8c:09:92:5b:41:4b:af:8b:2b:0f:e0:7d:71:59:
b1:01:7f:15:ce:fc:23:8d:c6:5c:e0:e9:55:9a:96:42:4f:3c:
4b:df:a0:7a:e7:b0:67:f3:73:70:53:87:d2:5c:12:e6:15:5e:
2e:e5:04:f4:6b:76:bb:fd:4c:99:54:77:85:75:5b:c4:02:6a:
a5:ba:d5:e2:e5:a2:47:2d:41:c6:6c:4f:3f:a5:5c:ab:9a:7e:
41:c2:d8:09
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAZ6YDpMcEGXs5JttfaCob8K5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjYwNjA1MTM1MjMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWE2MWE0OTgwMDQzY2U3NDcyYzg1NGRkNzgzY2I5NDNiMGFiZGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2l91Xl4p5usxbHhZmpb/ic8AexL
VdD3Ist4UlicSHXuZUa5bBKWkqdt+PxRHQyxMTgV65bWyfVMQYZkBLN4B+kQEaS8
ozLburG5B0vRK2C159FIWuMqhjN/qUhLOuLztXNk0jlVYU+kYgDCiBDt/X0bBTXP
7ouq2r0n32s33J1sm6LNzhir7YdCRzhJHLJOidUyNhFbuiqpYS91dLKzl1lODxN0
jmlLimRUgzaMPGZM3wBzwCYkpQN2ygcMUjaug5/O8EVbfus1kN+7mZpJGW9wD7ZB
zXto3DvTGyCQ1zYy6jWHRAamU8ccpnCLFeWHcuWK41SYDlPplbjw5DhJZwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFGWmGkmABDznRyyFTdeDy5Q7Cr2vMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvWmFZYVNZQUVQT2RITElWTjE0UExsRHNLdmE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAA+
wG4DBADUvQgDBADUvRIDBADUvRUwDAMEANS9FwMEANS9GAMEANS9HwMEANS9JDAM
AwQA1L0nAwQA1L0oAwQA1L0tAwQA1L0wAwQA1L02MAwDBADUvTkDBADUvToDBADU
vT0DBADUvUUDBADUvUswDAMEANS9TwMEANS9UAMEANS9VQMEANS9XwMEANS9ZwME
ANS9bgMEANS9cQMEANS9cwMEANS9eQMEANS9fDANBgkqhkiG9w0BAQsFAAOCAQEA
qNVuI3tQKuUAhcH8ie8GgEGhjG6nqOoQlNszAVepeRu6HxjWPaNBPZLVYoSXGDYg
pNoQ8KqICtNtUhI8emPkQS9k0SYds7JFhGlnRAVaxvJwtLSW7CBQ8gWNu0zQOAMG
X23TaczE+AZxW2dMaW6xP2cuhGe/C00GiHKFajWksd3zNHm8PD7Mi9b1j6FsmvtB
qVx7g6vEKtr9hU0HCeQUrq30WdR73IwJkltBS6+LKw/gfXFZsQF/Fc78I43GXODp
VZqWQk88S9+geuewZ/NzcFOH0lwS5hVeLuUE9Gt2u/1MmVR3hXVbxAJqpbrV4uWi
Ry1BxmxPP6Vcq5p+QcLYCQ==
-----END CERTIFICATE-----
Generated at Thu Jun 11 14:34:33 2026 by rpki-client