Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/zZ4Eou0xq0i-0yIc2Obvbahq09Q.roa
File: zZ4Eou0xq0i-0yIc2Obvbahq09Q.roa (raw, json)
Hash identifier: 7q5jU4YPe3o3shgIjWoWVhAOetCw7z+KUF5nT7PAOWw=
Subject key identifier: CD:9E:04:A2:ED:31:AB:48:BE:D3:22:1C:D8:E6:EF:6D:A8:6A:D3:D4
Certificate issuer: /CN=4c3c665e51cc4cb5caf05b8294843e2733a13dee
Certificate serial: 019E4F46BE3A5511384F21F5D9BD81F91971
Authority key identifier: 4C:3C:66:5E:51:CC:4C:B5:CA:F0:5B:82:94:84:3E:27:33:A1:3D:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDxmXlHMTLXK8FuClIQ-JzOhPe4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/zZ4Eou0xq0i-0yIc2Obvbahq09Q.roa
Signing time: Fri 22 May 2026 10:41:36 +0000
ROA not before: Fri 22 May 2026 10:41:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58172
IP address blocks: 45.133.232.0/23 maxlen: 23
45.135.131.0/24 maxlen: 24
80.173.160.0/24 maxlen: 24
80.173.161.0/24 maxlen: 24
80.173.162.0/24 maxlen: 24
80.173.163.0/24 maxlen: 24
80.173.164.0/24 maxlen: 24
80.173.165.0/24 maxlen: 24
80.173.166.0/24 maxlen: 24
80.173.167.0/24 maxlen: 24
80.173.168.0/24 maxlen: 24
80.173.169.0/24 maxlen: 24
80.173.170.0/24 maxlen: 24
80.173.171.0/24 maxlen: 24
91.213.49.0/24 maxlen: 24
94.131.60.0/24 maxlen: 24
94.131.61.0/24 maxlen: 24
94.131.62.0/24 maxlen: 24
94.131.63.0/24 maxlen: 24
94.131.224.0/24 maxlen: 24
94.131.225.0/24 maxlen: 24
94.131.226.0/23 maxlen: 23
94.131.226.0/24 maxlen: 24
94.131.227.0/24 maxlen: 24
94.131.228.0/24 maxlen: 24
94.131.229.0/24 maxlen: 24
94.131.230.0/24 maxlen: 24
94.131.231.0/24 maxlen: 24
94.131.232.0/24 maxlen: 24
94.131.233.0/24 maxlen: 24
94.131.234.0/23 maxlen: 23
94.131.234.0/24 maxlen: 24
94.131.235.0/24 maxlen: 24
94.131.236.0/23 maxlen: 23
94.131.236.0/24 maxlen: 24
94.131.237.0/24 maxlen: 24
94.131.239.0/24 maxlen: 24
153.56.200.0/24 maxlen: 24
153.56.201.0/24 maxlen: 24
153.56.202.0/24 maxlen: 24
153.56.203.0/24 maxlen: 24
153.56.204.0/24 maxlen: 24
153.56.205.0/24 maxlen: 24
157.22.232.0/24 maxlen: 24
157.22.233.0/24 maxlen: 24
157.22.237.0/24 maxlen: 24
157.22.238.0/24 maxlen: 24
157.22.239.0/24 maxlen: 24
185.191.212.0/24 maxlen: 24
185.210.139.0/24 maxlen: 24
193.148.60.0/24 maxlen: 24
194.35.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/TDxmXlHMTLXK8FuClIQ-JzOhPe4.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/TDxmXlHMTLXK8FuClIQ-JzOhPe4.mft
rsync://rpki.ripe.net/repository/DEFAULT/TDxmXlHMTLXK8FuClIQ-JzOhPe4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 04:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4f:46:be:3a:55:11:38:4f:21:f5:d9:bd:81:f9:19:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c3c665e51cc4cb5caf05b8294843e2733a13dee
Validity
Not Before: May 22 10:41:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cd9e04a2ed31ab48bed3221cd8e6ef6da86ad3d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:1b:83:7d:a1:03:5b:46:36:90:4a:14:8b:8a:
85:fc:c3:1d:70:e0:36:78:be:2e:f4:7d:57:27:cc:
f0:38:ff:4a:be:ac:cb:36:69:93:1d:f5:07:b1:13:
07:73:81:5f:b8:0f:c5:cf:4b:15:73:1f:a1:24:e0:
12:f9:90:f8:0e:33:3e:ba:95:26:ff:89:bb:09:0c:
15:4a:72:f9:a1:84:e1:82:eb:c6:55:22:be:59:c0:
18:d4:df:fd:c8:cf:7b:56:8f:70:3e:39:3c:99:06:
a1:a6:f2:fb:be:d0:5d:7f:33:69:1c:0d:9f:c3:3c:
27:67:23:76:77:55:94:ec:2f:47:85:bf:27:47:0c:
53:1c:e3:bd:d8:84:12:c7:f3:b1:aa:09:91:09:36:
83:d2:30:d9:b8:8d:e3:c9:90:7b:db:cd:60:4d:06:
94:6c:0f:84:27:96:42:ac:46:50:35:ff:aa:bd:f1:
7c:ce:c7:d9:70:70:b5:49:03:84:38:b0:16:52:64:
ab:89:69:31:9e:8e:75:bb:80:04:82:87:59:ba:a6:
06:b9:d2:01:80:83:1a:60:b3:50:fa:24:ff:e0:ed:
cd:fd:d7:48:36:de:89:66:bc:76:0d:9d:77:f3:6a:
eb:4c:6a:20:01:91:3a:47:61:a3:55:8b:d6:3e:4b:
51:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:9E:04:A2:ED:31:AB:48:BE:D3:22:1C:D8:E6:EF:6D:A8:6A:D3:D4
X509v3 Authority Key Identifier:
keyid:4C:3C:66:5E:51:CC:4C:B5:CA:F0:5B:82:94:84:3E:27:33:A1:3D:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDxmXlHMTLXK8FuClIQ-JzOhPe4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/zZ4Eou0xq0i-0yIc2Obvbahq09Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/6b66b4-064c-42ee-a5ee-1a65b91bee58/1/TDxmXlHMTLXK8FuClIQ-JzOhPe4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.232.0/23
45.135.131.0/24
80.173.160.0-80.173.171.255
91.213.49.0/24
94.131.60.0/22
94.131.224.0-94.131.237.255
94.131.239.0/24
153.56.200.0-153.56.205.255
157.22.232.0/23
157.22.237.0-157.22.239.255
185.191.212.0/24
185.210.139.0/24
193.148.60.0/24
194.35.124.0/24
Signature Algorithm: sha256WithRSAEncryption
13:2e:3f:c2:39:a9:7b:1d:b4:1a:84:f2:90:66:d5:eb:64:69:
c0:a7:8b:ed:bd:16:c5:32:89:2a:e9:a8:6c:62:df:97:81:7b:
2e:ce:58:97:1c:2d:76:af:0f:93:64:48:ab:2a:05:26:d6:80:
c3:ee:b4:9f:97:68:a9:01:7f:28:f8:ac:ee:f5:03:ad:30:6f:
24:74:33:53:e3:f8:d1:9e:47:f4:05:56:6f:35:2c:47:3d:3e:
9f:28:d2:ea:77:f3:e4:65:f0:f7:ca:c0:80:8e:22:e0:fc:96:
21:d4:c3:7d:30:de:ee:ce:58:23:73:5f:22:13:0a:ee:b3:4f:
45:f0:b4:50:a3:48:1c:a1:fd:b5:7c:1d:99:17:a7:c7:b7:92:
f6:5a:fa:ac:92:77:7c:23:37:cb:6b:62:5b:40:df:03:c9:bc:
41:a7:9e:ae:95:f4:f5:a4:26:d8:71:ce:e4:23:51:eb:f2:8d:
b4:0b:9b:c7:aa:39:3c:07:fc:a2:c5:32:d8:b2:a2:49:65:d6:
e5:2a:ae:78:ac:dc:b3:02:30:d7:a3:dc:9d:dd:39:5e:c4:e4:
9e:28:53:83:94:21:d3:95:f8:52:f8:22:f4:90:76:81:b9:27:
07:7b:d9:23:69:19:1c:cf:58:c2:d6:ee:45:90:32:51:fc:2f:
b0:01:fe:15
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZ5PRr46VRE4TyH12b2B+RlxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjM2M2NjVlNTFjYzRjYjVjYWYwNWI4Mjk0ODQzZTI3MzNh
MTNkZWUwHhcNMjYwNTIyMTA0MTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDllMDRhMmVkMzFhYjQ4YmVkMzIyMWNkOGU2ZWY2ZGE4NmFkM2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5BuDfaEDW0Y2kEoUi4qF/MMdcOA2
eL4u9H1XJ8zwOP9KvqzLNmmTHfUHsRMHc4FfuA/Fz0sVcx+hJOAS+ZD4DjM+upUm
/4m7CQwVSnL5oYThguvGVSK+WcAY1N/9yM97Vo9wPjk8mQahpvL7vtBdfzNpHA2f
wzwnZyN2d1WU7C9Hhb8nRwxTHOO92IQSx/OxqgmRCTaD0jDZuI3jyZB7281gTQaU
bA+EJ5ZCrEZQNf+qvfF8zsfZcHC1SQOEOLAWUmSriWkxno51u4AEgodZuqYGudIB
gIMaYLNQ+iT/4O3N/ddINt6JZrx2DZ1382rrTGogAZE6R2GjVYvWPktR1wIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFM2eBKLtMatIvtMiHNjm722oatPUMB8GA1UdIwQY
MBaAFEw8Zl5RzEy1yvBbgpSEPiczoT3uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVER4bVhsSE1UTFhLOEZ1Q2xJUS1Kek9oUGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS82YjY2YjQtMDY0Yy00MmVlLWE1ZWUt
MWE2NWI5MWJlZTU4LzEvelo0RW91MHhxMGktMHlJYzJPYnZiYWhxMDlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS82YjY2YjQtMDY0Yy00MmVlLWE1ZWUtMWE2NWI5MWJlZTU4
LzEvVER4bVhsSE1UTFhLOEZ1Q2xJUS1Kek9oUGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAS2F6AME
AC2HgzAMAwQFUK2gAwQCUK2oAwQAW9UxAwQCXoM8MAwDBAVeg+ADBAFeg+wDBABe
g+8wDAMEA5k4yAMEAZk4zAMEAZ0W6DAMAwQAnRbtAwQEnRbgAwQAub/UAwQAudKL
AwQAwZQ8AwQAwiN8MA0GCSqGSIb3DQEBCwUAA4IBAQATLj/COal7HbQahPKQZtXr
ZGnAp4vtvRbFMokq6ahsYt+XgXsuzliXHC12rw+TZEirKgUm1oDD7rSfl2ipAX8o
+Kzu9QOtMG8kdDNT4/jRnkf0BVZvNSxHPT6fKNLqd/PkZfD3ysCAjiLg/JYh1MN9
MN7uzlgjc18iEwrus09F8LRQo0gcof21fB2ZF6fHt5L2Wvqsknd8IzfLa2JbQN8D
ybxBp56ulfT1pCbYcc7kI1Hr8o20C5vHqjk8B/yixTLYsqJJZdblKq54rNyzAjDX
o9yd3TlexOSeKFODlCHTlfhS+CL0kHaBuScHe9kjaRkcz1jC1u5FkDJR/C+wAf4V
-----END CERTIFICATE-----
Generated at Thu Jun 4 11:04:22 2026 by rpki-client