Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/ZvjICbgY5uzy4lM-8BzRrQ50iq0.roa
File: ZvjICbgY5uzy4lM-8BzRrQ50iq0.roa (raw, json)
Hash identifier: Mczo0R8qXmsaTjs79OPPMvnbrbwivQ8mckMyGorwlIk=
Subject key identifier: 66:F8:C8:09:B8:18:E6:EC:F2:E2:53:3E:F0:1C:D1:AD:0E:74:8A:AD
Certificate issuer: /CN=923a2b3dd7667275f09886df7da079f755ceed59
Certificate serial: 019EB75AF47DF2C69FC0192C9CA0CE3FF768
Authority key identifier: 92:3A:2B:3D:D7:66:72:75:F0:98:86:DF:7D:A0:79:F7:55:CE:ED:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kjorPddmcnXwmIbffaB591XO7Vk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/ZvjICbgY5uzy4lM-8BzRrQ50iq0.roa
Signing time: Thu 11 Jun 2026 15:44:11 +0000
ROA not before: Thu 11 Jun 2026 15:44:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207143
IP address blocks: 185.77.0.0/24 maxlen: 24
185.101.156.0/22 maxlen: 22
185.101.156.0/24 maxlen: 24
185.101.157.0/24 maxlen: 24
185.101.158.0/24 maxlen: 24
185.101.159.0/24 maxlen: 24
185.229.88.0/24 maxlen: 24
185.229.89.0/24 maxlen: 24
185.229.90.0/24 maxlen: 24
185.229.91.0/24 maxlen: 24
193.203.253.0/24 maxlen: 24
204.174.100.0/24 maxlen: 24
213.254.165.0/24 maxlen: 24
2a11:8b81::/32 maxlen: 32
2a11:8b82::/32 maxlen: 32
2a11:8b83:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/kjorPddmcnXwmIbffaB591XO7Vk.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/kjorPddmcnXwmIbffaB591XO7Vk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kjorPddmcnXwmIbffaB591XO7Vk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b7:5a:f4:7d:f2:c6:9f:c0:19:2c:9c:a0:ce:3f:f7:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=923a2b3dd7667275f09886df7da079f755ceed59
Validity
Not Before: Jun 11 15:44:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=66f8c809b818e6ecf2e2533ef01cd1ad0e748aad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3e:d3:2e:85:cd:a7:79:75:63:b4:70:f2:1f:
d2:4d:fa:ba:82:32:f9:4d:e9:f5:24:ca:a7:a3:ef:
ad:64:7a:c5:7e:ce:22:22:65:a9:e6:cb:94:c8:4a:
28:40:25:d4:ed:0e:b5:c8:5b:a4:cd:88:dc:7b:be:
db:67:c1:02:1b:3d:63:6b:ed:34:bd:fa:1c:7b:48:
0a:4d:59:4a:dc:43:4c:96:e5:6b:9d:ab:fe:76:95:
be:e8:43:5c:b4:f3:2b:4b:3f:1f:c3:99:2b:7e:ef:
76:a3:73:aa:a6:89:3d:a2:45:14:be:ac:5b:92:1c:
ea:9d:51:a2:ae:d4:59:e9:78:47:75:6d:75:6c:b5:
e2:ff:5d:c2:f2:05:e9:53:7f:33:93:02:5c:02:51:
5b:ac:36:d8:70:72:9a:5d:81:cf:f5:f5:32:a2:11:
75:e7:d4:39:d9:dc:69:a2:8d:85:6c:16:87:2c:9a:
81:20:99:35:e9:d5:61:7a:71:c6:fe:b4:28:58:88:
bc:96:45:2e:ae:35:20:ef:f4:08:d7:35:55:7a:f8:
da:5f:55:62:e9:0e:c2:bc:d9:1b:37:05:1a:08:05:
de:f6:5c:b8:b2:e0:e5:55:dc:e8:d7:d6:38:b8:36:
95:d0:ce:0e:f2:90:38:6d:e3:a1:9c:ca:fc:14:4a:
20:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:F8:C8:09:B8:18:E6:EC:F2:E2:53:3E:F0:1C:D1:AD:0E:74:8A:AD
X509v3 Authority Key Identifier:
keyid:92:3A:2B:3D:D7:66:72:75:F0:98:86:DF:7D:A0:79:F7:55:CE:ED:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjorPddmcnXwmIbffaB591XO7Vk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/ZvjICbgY5uzy4lM-8BzRrQ50iq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/kjorPddmcnXwmIbffaB591XO7Vk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.0.0/24
185.101.156.0/22
185.229.88.0/22
193.203.253.0/24
204.174.100.0/24
213.254.165.0/24
IPv6:
2a11:8b81::-2a11:8b82:ffff:ffff:ffff:ffff:ffff:ffff
2a11:8b83:1::/48
Signature Algorithm: sha256WithRSAEncryption
10:22:0b:54:a5:5d:dc:a9:8a:97:99:42:30:f8:49:29:72:77:
c8:1a:85:b5:61:1f:13:cf:3d:0f:55:50:77:d7:b4:94:8b:fd:
6e:18:5a:33:46:af:4d:da:25:de:e1:48:e4:27:10:80:0f:34:
3b:34:03:d2:75:23:58:f4:a3:ed:59:18:78:3e:b5:0d:c0:2c:
b2:44:fa:a2:81:61:68:1e:10:d8:95:75:2a:fe:05:e9:8a:f9:
ca:92:06:ce:83:48:15:1b:3b:1b:c0:96:9b:41:e3:e8:06:6a:
8b:87:82:dc:87:ad:56:cc:0f:67:30:79:93:a7:70:1a:b7:af:
88:f8:81:d9:ef:23:f4:be:7b:11:fe:ac:00:c6:40:a7:d2:6e:
78:bf:28:1d:e9:41:ef:55:d9:d1:1f:ca:ca:2d:b3:09:e4:cb:
75:db:1e:23:65:7d:72:cd:a9:95:b7:9f:af:30:4f:3f:c2:ee:
99:0d:b5:fc:db:fe:0e:f2:f1:75:1b:07:1d:d2:f7:87:66:f7:
15:f1:f1:31:38:59:71:0a:5a:aa:8d:a3:c8:b6:9b:dc:91:b5:
4c:1a:8c:93:74:b5:4d:7b:9c:d5:78:fe:9d:ef:1f:85:7a:0b:
55:66:b7:f1:66:1b:ba:f0:b9:26:57:d1:d7:3d:5a:94:38:80:
78:d0:b8:2c
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZ63WvR98safwBksnKDOP/doMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyM2EyYjNkZDc2NjcyNzVmMDk4ODZkZjdkYTA3OWY3NTVj
ZWVkNTkwHhcNMjYwNjExMTU0NDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmY4YzgwOWI4MThlNmVjZjJlMjUzM2VmMDFjZDFhZDBlNzQ4YWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiz7TLoXNp3l1Y7Rw8h/STfq6gjL5
Ten1JMqno++tZHrFfs4iImWp5suUyEooQCXU7Q61yFukzYjce77bZ8ECGz1ja+00
vfoce0gKTVlK3ENMluVrnav+dpW+6ENctPMrSz8fw5krfu92o3Oqpok9okUUvqxb
khzqnVGirtRZ6XhHdW11bLXi/13C8gXpU38zkwJcAlFbrDbYcHKaXYHP9fUyohF1
59Q52dxpoo2FbBaHLJqBIJk16dVhenHG/rQoWIi8lkUurjUg7/QI1zVVevjaX1Vi
6Q7CvNkbNwUaCAXe9ly4suDlVdzo19Y4uDaV0M4O8pA4beOhnMr8FEog7wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFGb4yAm4GObs8uJTPvAc0a0OdIqtMB8GA1UdIwQY
MBaAFJI6Kz3XZnJ18JiG332gefdVzu1ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2pvclBkZG1jblh3bUliZmZhQjU5MVhPN1ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iNzk2ZjQtMmU4OC00ZWFhLWEyNjkt
MjczOGJjYjQzZDZkLzEvWnZqSUNiZ1k1dXp5NGxNLThCelJyUTUwaXEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iNzk2ZjQtMmU4OC00ZWFhLWEyNjktMjczOGJjYjQzZDZk
LzEva2pvclBkZG1jblh3bUliZmZhQjU5MVhPN1ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTAqBAIAATAkAwQAuU0AAwQC
uWWcAwQCueVYAwQAwcv9AwQAzK5kAwQA1f6lMB8EAgACMBkwDgMFACoRi4EDBQAq
EYuCAwcAKhGLgwABMA0GCSqGSIb3DQEBCwUAA4IBAQAQIgtUpV3cqYqXmUIw+Ekp
cnfIGoW1YR8Tzz0PVVB317SUi/1uGFozRq9N2iXe4UjkJxCADzQ7NAPSdSNY9KPt
WRh4PrUNwCyyRPqigWFoHhDYlXUq/gXpivnKkgbOg0gVGzsbwJabQePoBmqLh4Lc
h61WzA9nMHmTp3Aat6+I+IHZ7yP0vnsR/qwAxkCn0m54vygd6UHvVdnRH8rKLbMJ
5Mt12x4jZX1yzamVt5+vME8/wu6ZDbX82/4O8vF1Gwcd0veHZvcV8fExOFlxClqq
jaPItpvckbVMGoyTdLVNe5zVeP6d7x+FegtVZrfxZhu68LkmV9HXPVqUOIB40Lgs
-----END CERTIFICATE-----
Generated at Fri Jun 12 05:23:18 2026 by rpki-client