Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/ZT6FomeiG8V5UVVq_9nhQvhkJ7E.roa
File: ZT6FomeiG8V5UVVq_9nhQvhkJ7E.roa (raw, json)
Hash identifier: VNWPoTgK+6WszCC/cUNxFvYDKEgpXvtoe5rvFlIxorQ=
Subject key identifier: 65:3E:85:A2:67:A2:1B:C5:79:51:55:6A:FF:D9:E1:42:F8:64:27:B1
Certificate issuer: /CN=53bbbbaa3ee24c7ad9b2c60432e14eda3849b5e2
Certificate serial: 019CBD87EA042806D75904A1FF9E70A9C78F
Authority key identifier: 53:BB:BB:AA:3E:E2:4C:7A:D9:B2:C6:04:32:E1:4E:DA:38:49:B5:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7u7qj7iTHrZssYEMuFO2jhJteI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/ZT6FomeiG8V5UVVq_9nhQvhkJ7E.roa
Signing time: Thu 05 Mar 2026 10:25:26 +0000
ROA not before: Thu 05 Mar 2026 10:25:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44066
IP address blocks: 185.92.160.0/22 maxlen: 22
212.79.212.0/22 maxlen: 22
212.79.216.0/22 maxlen: 22
212.79.220.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/U7u7qj7iTHrZssYEMuFO2jhJteI.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/U7u7qj7iTHrZssYEMuFO2jhJteI.mft
rsync://rpki.ripe.net/repository/DEFAULT/U7u7qj7iTHrZssYEMuFO2jhJteI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:bd:87:ea:04:28:06:d7:59:04:a1:ff:9e:70:a9:c7:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53bbbbaa3ee24c7ad9b2c60432e14eda3849b5e2
Validity
Not Before: Mar 5 10:25:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=653e85a267a21bc57951556affd9e142f86427b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:81:78:0b:c2:d3:56:a8:bf:40:59:57:5c:04:
44:99:9e:b2:93:0d:df:84:29:5a:d4:ed:e8:3c:3f:
b9:19:52:79:5f:bf:1d:6d:e9:6b:81:43:23:37:28:
36:ed:9c:50:bf:49:d8:d9:b9:04:4e:b1:08:6e:42:
82:d3:98:4a:a8:78:8f:1f:09:18:ad:33:75:d8:2b:
f7:23:ba:a1:36:a6:b1:9a:69:93:59:ba:b6:84:5d:
00:93:e3:76:d1:b3:29:e2:ae:f5:ab:f9:2f:4e:01:
f1:b5:b0:bd:5e:b2:79:93:2a:ca:81:b6:30:8c:43:
5a:4c:79:76:5c:be:2d:4b:2f:a6:8d:1d:fc:31:18:
8f:9f:72:86:60:5e:5b:dd:23:65:6a:ed:3a:e6:b9:
9c:8a:7c:65:c2:6f:bb:af:39:72:12:ad:a3:b4:af:
5a:12:b7:66:3a:e9:b9:5e:9a:7f:11:cf:b7:71:a2:
45:12:12:e0:9a:90:2f:de:27:94:86:0f:f1:a5:87:
39:e4:0b:95:83:a0:1c:ba:4f:87:3f:a9:89:2c:8e:
4e:39:0a:d9:ca:ca:40:79:ff:3a:75:c8:8f:14:35:
82:8c:4a:2d:5b:67:78:4a:82:6e:11:5f:7e:95:27:
f1:ac:bb:37:6a:ee:02:ed:cc:a0:6f:42:56:68:e2:
00:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:3E:85:A2:67:A2:1B:C5:79:51:55:6A:FF:D9:E1:42:F8:64:27:B1
X509v3 Authority Key Identifier:
keyid:53:BB:BB:AA:3E:E2:4C:7A:D9:B2:C6:04:32:E1:4E:DA:38:49:B5:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7u7qj7iTHrZssYEMuFO2jhJteI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/ZT6FomeiG8V5UVVq_9nhQvhkJ7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/U7u7qj7iTHrZssYEMuFO2jhJteI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.92.160.0/22
212.79.212.0-212.79.223.255
Signature Algorithm: sha256WithRSAEncryption
17:52:9a:9e:00:06:17:45:69:6d:cf:44:c0:e8:ae:54:c6:c3:
e7:74:2e:b1:e5:58:e6:6d:a0:a0:68:c9:50:d1:75:15:9c:ad:
73:b7:54:60:da:33:b5:92:2e:a0:7e:1a:7e:65:26:97:12:a9:
a7:0b:94:e7:3e:5c:47:7f:ae:36:2c:c7:59:52:02:fb:71:70:
e4:44:1f:5f:2d:e2:8f:86:fb:3d:97:1f:3e:74:5b:7f:3b:e5:
60:9a:28:a2:63:e5:d6:11:9d:eb:16:45:8e:1e:70:f2:8f:a7:
b4:dc:25:b6:41:63:23:e9:eb:b3:d7:0a:47:70:b4:64:7e:b1:
01:9e:8c:2b:6c:c2:c8:00:23:40:02:37:41:80:2d:dc:f3:d0:
a4:4e:e3:49:78:f1:c0:46:6c:b8:00:88:8c:2d:b8:02:d4:74:
ff:f1:0d:85:9d:9f:e8:42:e3:56:60:d6:2e:18:3b:05:2c:7c:
86:1f:73:40:e9:71:14:6d:30:b8:57:c7:3f:7e:a5:d2:02:49:
68:96:cb:80:d4:58:a1:50:ec:44:c0:e7:6d:15:04:9a:15:b5:
fe:7e:5d:bb:2e:3f:75:aa:a5:9b:ce:1b:a7:2d:79:19:00:af:
30:fe:f1:3e:13:d1:dd:6d:a3:60:0e:a4:29:8c:ea:6b:10:86:
39:d9:8d:30
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZy9h+oEKAbXWQSh/55wqcePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYmJiYmFhM2VlMjRjN2FkOWIyYzYwNDMyZTE0ZWRhMzg0
OWI1ZTIwHhcNMjYwMzA1MTAyNTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTNlODVhMjY3YTIxYmM1Nzk1MTU1NmFmZmQ5ZTE0MmY4NjQyN2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4F4C8LTVqi/QFlXXAREmZ6ykw3f
hCla1O3oPD+5GVJ5X78dbelrgUMjNyg27ZxQv0nY2bkETrEIbkKC05hKqHiPHwkY
rTN12Cv3I7qhNqaxmmmTWbq2hF0Ak+N20bMp4q71q/kvTgHxtbC9XrJ5kyrKgbYw
jENaTHl2XL4tSy+mjR38MRiPn3KGYF5b3SNlau065rmcinxlwm+7rzlyEq2jtK9a
ErdmOum5Xpp/Ec+3caJFEhLgmpAv3ieUhg/xpYc55AuVg6Acuk+HP6mJLI5OOQrZ
yspAef86dciPFDWCjEotW2d4SoJuEV9+lSfxrLs3au4C7cygb0JWaOIA/QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGU+haJnohvFeVFVav/Z4UL4ZCexMB8GA1UdIwQY
MBaAFFO7u6o+4kx62bLGBDLhTto4SbXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTd1N3FqN2lUSHJac3NZRU11Rk8yamhKdGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8zMzk0YzAtNDU4Ny00NDRlLTlhMjUt
MDBlY2YwYzRkMGVmLzEvWlQ2Rm9tZWlHOFY1VVZWcV85bmhRdmhrSjdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8zMzk0YzAtNDU4Ny00NDRlLTlhMjUtMDBlY2YwYzRkMGVm
LzEvVTd1N3FqN2lUSHJac3NZRU11Rk8yamhKdGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCuVygMAwD
BALUT9QDBAXUT8AwDQYJKoZIhvcNAQELBQADggEBABdSmp4ABhdFaW3PRMDorlTG
w+d0LrHlWOZtoKBoyVDRdRWcrXO3VGDaM7WSLqB+Gn5lJpcSqacLlOc+XEd/rjYs
x1lSAvtxcOREH18t4o+G+z2XHz50W3875WCaKKJj5dYRnesWRY4ecPKPp7TcJbZB
YyPp67PXCkdwtGR+sQGejCtswsgAI0ACN0GALdzz0KRO40l48cBGbLgAiIwtuALU
dP/xDYWdn+hC41Zg1i4YOwUsfIYfc0DpcRRtMLhXxz9+pdICSWiWy4DUWKFQ7ETA
520VBJoVtf5+XbsuP3WqpZvOG6cteRkArzD+8T4T0d1to2AOpCmM6msQhjnZjTA=
-----END CERTIFICATE-----
Generated at Wed Mar 11 09:46:16 2026 by rpki-client