Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ZmbT7ckq9AWU7ftFPSy0_2aVcIQ.roa
File: ZmbT7ckq9AWU7ftFPSy0_2aVcIQ.roa (raw, json)
Hash identifier: z4uFLh99ra2k+PrXJ8wTnzRsRakRgbEYF3GEsOcbjqE=
Subject key identifier: 66:66:D3:ED:C9:2A:F4:05:94:ED:FB:45:3D:2C:B4:FF:66:95:70:84
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 019CADA350802235814F81B4D5C44D9481E2
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ZmbT7ckq9AWU7ftFPSy0_2aVcIQ.roa
Signing time: Mon 02 Mar 2026 08:21:27 +0000
ROA not before: Mon 02 Mar 2026 08:21:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 45.155.253.0/24 maxlen: 24
45.155.254.0/24 maxlen: 24
45.157.209.0/24 maxlen: 24
79.98.245.0/24 maxlen: 24
176.125.250.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
185.199.148.0/23 maxlen: 23
185.199.151.0/24 maxlen: 24
185.199.212.0/23 maxlen: 23
185.199.213.0/24 maxlen: 24
185.199.214.0/23 maxlen: 24
185.221.24.0/24 maxlen: 24
185.221.25.0/24 maxlen: 24
185.221.26.0/24 maxlen: 24
185.221.27.0/24 maxlen: 24
185.225.168.0/23 maxlen: 23
185.225.168.0/24 maxlen: 24
185.225.169.0/24 maxlen: 24
185.225.170.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Mar 2026 19:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:a3:50:80:22:35:81:4f:81:b4:d5:c4:4d:94:81:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Mar 2 08:21:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6666d3edc92af40594edfb453d2cb4ff66957084
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a8:6c:3e:e9:a3:4e:49:3e:36:f4:16:8e:70:
5c:08:63:15:41:81:c5:9f:2d:62:6f:4e:87:6d:9a:
e0:a7:1e:93:69:fd:4c:5b:9f:7f:16:1c:00:7b:19:
c3:14:98:43:a1:47:3f:87:06:2a:b1:82:b6:23:11:
0b:7a:42:e7:10:59:15:3c:41:65:11:7b:5d:c1:e1:
29:41:9b:46:7f:ec:70:62:81:a1:e2:19:65:59:4e:
5d:1c:56:75:c7:37:2e:d7:18:ff:e7:c0:a7:c6:5f:
7a:d4:dc:d9:c7:b2:7a:05:23:79:e7:53:c7:3c:35:
5a:8a:32:f3:66:a8:e2:8e:4a:44:cf:32:fa:8d:0d:
71:de:73:4f:89:d6:07:a1:a2:74:aa:a6:00:0b:ee:
e6:5c:01:e2:ea:d9:3a:65:b7:f9:27:aa:f3:3f:41:
e3:d3:d9:8c:4a:e4:39:70:23:34:23:ab:10:56:00:
02:8e:47:c4:d6:43:00:9e:66:53:d9:0b:29:27:11:
44:79:c4:d3:8f:e9:d1:f4:0b:fa:87:c2:2e:44:88:
ad:4e:f8:5d:ae:e9:c2:93:19:b2:19:30:62:09:89:
b4:5c:11:44:69:83:9d:5f:80:57:64:e8:e4:5e:d3:
3f:ed:c2:4e:cf:a5:5e:37:66:56:ca:f8:46:70:bb:
c4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:66:D3:ED:C9:2A:F4:05:94:ED:FB:45:3D:2C:B4:FF:66:95:70:84
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ZmbT7ckq9AWU7ftFPSy0_2aVcIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.253.0-45.155.254.255
45.157.209.0/24
79.98.245.0/24
176.125.250.0/23
185.199.148.0/23
185.199.151.0/24
185.199.212.0/22
185.221.24.0/22
185.225.168.0-185.225.170.255
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:cd:d3:a4:b0:04:f3:1d:b2:12:9c:a0:c1:53:69:fe:f5:f3:
42:42:61:66:54:81:07:73:09:14:59:8e:de:c2:bc:3e:0d:fc:
61:a8:ce:06:3c:f9:98:0f:d8:b4:bc:2c:a2:09:74:37:bc:39:
9d:ed:ad:2c:e3:63:2f:df:21:f6:ff:2b:8f:a5:fd:b3:51:4d:
00:cc:33:2d:77:bd:f5:d6:28:76:f9:bb:70:6f:13:ab:c2:d9:
21:af:47:93:13:df:5f:5b:a6:72:78:99:63:a9:b9:bc:6e:34:
e0:50:23:49:2e:33:fb:e0:7c:d4:7e:a1:37:7a:ce:43:20:cb:
4c:ab:f6:c3:99:81:7f:7e:4d:6a:37:d1:73:8d:3e:a2:bb:2a:
54:03:db:b5:43:db:0e:59:bc:42:5d:99:1c:5b:05:ff:43:5a:
2b:59:c7:25:8d:20:13:2a:c1:95:88:4b:47:d9:85:63:6f:14:
38:ed:3a:b3:ed:9e:67:e0:d9:0a:bd:bc:a0:06:71:08:16:85:
23:7c:29:96:98:a1:99:47:dc:f4:eb:0e:36:5c:d1:77:54:63:
22:6c:be:40:ed:c9:1f:29:51:c7:f4:04:14:b8:34:b7:92:f7:
33:80:33:ec:40:db:25:a3:a6:6c:ab:2c:76:4d:fa:a4:7f:36:
ed:f2:d9:7e
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZyto1CAIjWBT4G01cRNlIHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjYwMzAyMDgyMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjY2ZDNlZGM5MmFmNDA1OTRlZGZiNDUzZDJjYjRmZjY2OTU3MDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6hsPumjTkk+NvQWjnBcCGMVQYHF
ny1ib06HbZrgpx6Taf1MW59/FhwAexnDFJhDoUc/hwYqsYK2IxELekLnEFkVPEFl
EXtdweEpQZtGf+xwYoGh4hllWU5dHFZ1xzcu1xj/58Cnxl961NzZx7J6BSN551PH
PDVaijLzZqjijkpEzzL6jQ1x3nNPidYHoaJ0qqYAC+7mXAHi6tk6Zbf5J6rzP0Hj
09mMSuQ5cCM0I6sQVgACjkfE1kMAnmZT2QspJxFEecTTj+nR9Av6h8IuRIitTvhd
runCkxmyGTBiCYm0XBFEaYOdX4BXZOjkXtM/7cJOz6VeN2ZWyvhGcLvEPwIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFGZm0+3JKvQFlO37RT0stP9mlXCEMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvWm1iVDdja3E5QVdVN2Z0RlBTeTBfMmFWY0lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMMAwDBAAtm/0D
BAAtm/4DBAAtndEDBABPYvUDBAGwffoDBAG5x5QDBAC5x5cDBAK5x9QDBAK53Rgw
DAMEA7nhqAMEALnhqgMEALn6GjANBgkqhkiG9w0BAQsFAAOCAQEAvM3TpLAE8x2y
EpygwVNp/vXzQkJhZlSBB3MJFFmO3sK8Pg38YajOBjz5mA/YtLwsogl0N7w5ne2t
LONjL98h9v8rj6X9s1FNAMwzLXe99dYodvm7cG8Tq8LZIa9HkxPfX1umcniZY6m5
vG404FAjSS4z++B81H6hN3rOQyDLTKv2w5mBf35NajfRc40+orsqVAPbtUPbDlm8
Ql2ZHFsF/0NaK1nHJY0gEyrBlYhLR9mFY28UOO06s+2eZ+DZCr28oAZxCBaFI3wp
lpihmUfc9OsONlzRd1RjImy+QO3JHylRx/QEFLg0t5L3M4Az7EDbJaOmbKssdk36
pH827fLZfg==
-----END CERTIFICATE-----
Generated at Sat Mar 7 05:33:24 2026 by rpki-client