Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/ZFHasLMo2yZuNZv3bx8YmbH1q2A.roa
File: ZFHasLMo2yZuNZv3bx8YmbH1q2A.roa (raw, json)
Hash identifier: sWicYYVAcdSqy26KLVnsW4b6f1UWWbA8ACtiPg4GDDg=
Subject key identifier: 64:51:DA:B0:B3:28:DB:26:6E:35:9B:F7:6F:1F:18:99:B1:F5:AB:60
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019D2023EFA564BA77AB39ACEE1F34C1487D
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/ZFHasLMo2yZuNZv3bx8YmbH1q2A.roa
Signing time: Tue 24 Mar 2026 13:58:39 +0000
ROA not before: Tue 24 Mar 2026 13:58:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58061
IP address blocks: 2.56.112.0/24 maxlen: 24
2.56.113.0/24 maxlen: 24
5.183.128.0/24 maxlen: 24
45.132.48.0/24 maxlen: 24
45.157.136.0/24 maxlen: 24
62.68.83.0/24 maxlen: 24
62.68.86.0/24 maxlen: 24
62.68.87.0/24 maxlen: 24
62.204.36.0/24 maxlen: 24
62.204.57.0/24 maxlen: 24
62.233.35.0/24 maxlen: 24
62.233.45.0/24 maxlen: 24
62.233.49.0/24 maxlen: 24
62.233.56.0/24 maxlen: 24
62.233.60.0/24 maxlen: 24
80.68.145.0/24 maxlen: 24
80.68.158.0/24 maxlen: 24
80.91.209.0/24 maxlen: 24
80.91.210.0/24 maxlen: 24
91.213.117.0/24 maxlen: 24
91.226.247.0/24 maxlen: 24
91.242.236.0/24 maxlen: 24
93.177.104.0/24 maxlen: 24
93.177.107.0/24 maxlen: 24
94.143.226.0/24 maxlen: 24
94.158.191.0/24 maxlen: 24
130.193.79.0/24 maxlen: 24
130.255.169.0/24 maxlen: 24
146.19.137.0/24 maxlen: 24
146.19.148.0/24 maxlen: 24
146.19.150.0/24 maxlen: 24
146.19.152.0/24 maxlen: 24
146.19.187.0/24 maxlen: 24
146.19.190.0/24 maxlen: 24
176.56.38.0/24 maxlen: 24
185.122.206.0/24 maxlen: 24
185.155.101.0/24 maxlen: 24
185.218.1.0/24 maxlen: 24
185.232.47.0/24 maxlen: 24
193.3.22.0/24 maxlen: 24
193.141.53.0/24 maxlen: 24
193.239.209.0/24 maxlen: 24
194.26.221.0/24 maxlen: 24
195.64.112.0/24 maxlen: 24
195.64.114.0/24 maxlen: 24
195.93.249.0/24 maxlen: 24
195.96.136.0/24 maxlen: 24
195.96.148.0/24 maxlen: 24
195.96.157.0/24 maxlen: 24
212.18.96.0/24 maxlen: 24
212.52.5.0/24 maxlen: 24
217.114.32.0/24 maxlen: 24
217.119.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 05:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:20:23:ef:a5:64:ba:77:ab:39:ac:ee:1f:34:c1:48:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 24 13:58:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6451dab0b328db266e359bf76f1f1899b1f5ab60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c9:21:e9:b2:e0:73:6e:77:d7:41:28:3f:0c:
ff:f6:4a:96:a1:bc:d1:62:2d:20:24:a5:9c:93:18:
ef:32:ae:79:17:9a:7c:13:e9:d3:75:fd:2a:dc:93:
29:a3:e5:90:53:93:c9:21:bb:3e:5e:51:b0:5d:3a:
2a:a7:93:a6:b6:19:6d:6b:49:15:dd:69:ef:9c:b6:
e7:6c:05:6b:e4:c6:d6:32:de:14:8e:6b:56:e5:11:
97:98:93:e7:44:f5:f0:0d:2b:a3:7b:dc:fd:fa:be:
c8:db:f5:a7:f3:5c:f1:2c:9d:ba:d4:bf:b4:84:98:
9e:34:72:e0:0a:25:54:60:f3:a3:60:4c:32:a1:da:
99:a6:11:a6:a9:1a:9a:a4:c6:2b:81:d6:72:3c:51:
60:15:dd:8c:fd:84:57:80:d6:66:85:c6:6e:79:99:
51:01:44:3d:fc:1c:61:db:d9:00:e3:b9:25:48:0b:
66:95:9c:db:40:27:30:34:45:bd:9b:2d:24:76:63:
fa:ff:7b:47:71:c3:ed:96:c2:e8:2f:e8:69:c2:90:
ad:0e:91:75:a4:7b:e1:59:b4:1f:ce:e5:80:19:dd:
d2:84:cf:55:a4:3a:c2:75:a3:a4:52:5c:67:25:5d:
9c:8c:6b:62:c3:83:c3:65:43:f7:6c:40:f0:51:0c:
ab:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:51:DA:B0:B3:28:DB:26:6E:35:9B:F7:6F:1F:18:99:B1:F5:AB:60
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/ZFHasLMo2yZuNZv3bx8YmbH1q2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.112.0/23
5.183.128.0/24
45.132.48.0/24
45.157.136.0/24
62.68.83.0/24
62.68.86.0/23
62.204.36.0/24
62.204.57.0/24
62.233.35.0/24
62.233.45.0/24
62.233.49.0/24
62.233.56.0/24
62.233.60.0/24
80.68.145.0/24
80.68.158.0/24
80.91.209.0-80.91.210.255
91.213.117.0/24
91.226.247.0/24
91.242.236.0/24
93.177.104.0/24
93.177.107.0/24
94.143.226.0/24
94.158.191.0/24
130.193.79.0/24
130.255.169.0/24
146.19.137.0/24
146.19.148.0/24
146.19.150.0/24
146.19.152.0/24
146.19.187.0/24
146.19.190.0/24
176.56.38.0/24
185.122.206.0/24
185.155.101.0/24
185.218.1.0/24
185.232.47.0/24
193.3.22.0/24
193.141.53.0/24
193.239.209.0/24
194.26.221.0/24
195.64.112.0/24
195.64.114.0/24
195.93.249.0/24
195.96.136.0/24
195.96.148.0/24
195.96.157.0/24
212.18.96.0/24
212.52.5.0/24
217.114.32.0/24
217.119.130.0/24
Signature Algorithm: sha256WithRSAEncryption
78:97:b3:f6:f2:ff:0a:8f:c2:bf:6e:c8:6a:8b:08:70:ac:15:
eb:e1:f5:61:ee:23:62:c6:6f:c4:0d:76:0f:7d:c2:21:fd:a5:
1d:00:54:76:02:85:c2:4c:f0:38:47:7c:0b:2b:3e:a2:95:e3:
11:c5:c3:69:40:36:82:eb:5d:a6:81:27:56:75:e1:72:85:f4:
25:dd:cf:0d:d6:3f:67:87:2e:6f:3f:1b:27:b9:9d:ec:83:82:
34:3c:3a:ae:fc:b6:31:1d:ed:9e:a8:cd:04:4e:fb:c7:8c:40:
58:02:d4:cf:14:3c:8c:8e:5f:b5:d4:ea:5a:64:f1:39:b5:15:
64:4b:81:5e:cb:0b:ce:a8:37:92:40:10:e0:14:98:72:8e:06:
7b:29:05:ef:97:98:04:4f:3a:a1:c8:33:54:25:23:f5:f5:ea:
3f:b7:10:7f:70:bd:9e:6b:1a:a8:22:1e:7a:8f:58:41:43:55:
b8:67:3f:41:b6:8f:04:6f:d5:69:26:f0:68:d5:ea:fa:b4:3f:
f0:35:f6:33:38:12:1d:c0:0a:52:64:af:06:01:74:d6:7e:f8:
48:2a:2c:41:7f:ec:0d:05:1e:3b:aa:b0:6a:28:01:ae:85:f2:
85:c7:2c:4e:7d:4a:fc:a8:a5:00:71:57:5a:cc:83:47:5c:98:
9f:92:dd:49
-----BEGIN CERTIFICATE-----
MIIGNTCCBR2gAwIBAgISAZ0gI++lZLp3qzms7h80wUh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjYwMzI0MTM1ODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDUxZGFiMGIzMjhkYjI2NmUzNTliZjc2ZjFmMTg5OWIxZjVhYjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Mkh6bLgc25310EoPwz/9kqWobzR
Yi0gJKWckxjvMq55F5p8E+nTdf0q3JMpo+WQU5PJIbs+XlGwXToqp5Omthlta0kV
3WnvnLbnbAVr5MbWMt4UjmtW5RGXmJPnRPXwDSuje9z9+r7I2/Wn81zxLJ261L+0
hJieNHLgCiVUYPOjYEwyodqZphGmqRqapMYrgdZyPFFgFd2M/YRXgNZmhcZueZlR
AUQ9/Bxh29kA47klSAtmlZzbQCcwNEW9my0kdmP6/3tHccPtlsLoL+hpwpCtDpF1
pHvhWbQfzuWAGd3ShM9VpDrCdaOkUlxnJV2cjGtiw4PDZUP3bEDwUQyrewIDAQAB
o4IDQTCCAz0wHQYDVR0OBBYEFGRR2rCzKNsmbjWb928fGJmx9atgMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvWkZIYXNMTW8yeVp1Tlp2M2J4OFltYkgxcTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVQYIKwYBBQUHAQcBAf8EggFEMIIBQDCCATwEAgABMIIB
NAMEAQI4cAMEAAW3gAMEAC2EMAMEAC2diAMEAD5EUwMEAT5EVgMEAD7MJAMEAD7M
OQMEAD7pIwMEAD7pLQMEAD7pMQMEAD7pOAMEAD7pPAMEAFBEkQMEAFBEnjAMAwQA
UFvRAwQAUFvSAwQAW9V1AwQAW+L3AwQAW/LsAwQAXbFoAwQAXbFrAwQAXo/iAwQA
Xp6/AwQAgsFPAwQAgv+pAwQAkhOJAwQAkhOUAwQAkhOWAwQAkhOYAwQAkhO7AwQA
khO+AwQAsDgmAwQAuXrOAwQAuZtlAwQAudoBAwQAuegvAwQAwQMWAwQAwY01AwQA
we/RAwQAwhrdAwQAw0BwAwQAw0ByAwQAw135AwQAw2CIAwQAw2CUAwQAw2CdAwQA
1BJgAwQA1DQFAwQA2XIgAwQA2XeCMA0GCSqGSIb3DQEBCwUAA4IBAQB4l7P28v8K
j8K/bshqiwhwrBXr4fVh7iNixm/EDXYPfcIh/aUdAFR2AoXCTPA4R3wLKz6ileMR
xcNpQDaC612mgSdWdeFyhfQl3c8N1j9nhy5vPxsnuZ3sg4I0PDqu/LYxHe2eqM0E
TvvHjEBYAtTPFDyMjl+11OpaZPE5tRVkS4FeywvOqDeSQBDgFJhyjgZ7KQXvl5gE
TzqhyDNUJSP19eo/txB/cL2eaxqoIh56j1hBQ1W4Zz9Bto8Eb9VpJvBo1er6tD/w
NfYzOBIdwApSZK8GAXTWfvhIKixBf+wNBR47qrBqKAGuhfKFxyxOfUr8qKUAcVda
zINHXJifkt1J
-----END CERTIFICATE-----
Generated at Wed Mar 25 12:12:28 2026 by rpki-client