Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/Z4tsMasr475PZDRWvm4ex7ESXO8.roa
File: Z4tsMasr475PZDRWvm4ex7ESXO8.roa (raw, json)
Hash identifier: x1q/+0sH/c43tTyBJa6b3wh2hl1q14JnzKQuZGqEr1I=
Subject key identifier: 67:8B:6C:31:AB:2B:E3:BE:4F:64:34:56:BE:6E:1E:C7:B1:12:5C:EF
Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a
Certificate serial: 019CAEDB8143E31EFBC336166529A1714BCD
Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/Z4tsMasr475PZDRWvm4ex7ESXO8.roa
Signing time: Mon 02 Mar 2026 14:02:26 +0000
ROA not before: Mon 02 Mar 2026 14:02:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209805
IP address blocks: 185.65.200.0/24 maxlen: 24
185.120.56.0/24 maxlen: 24
212.22.70.0/24 maxlen: 24
212.22.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.mft
rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 10:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:db:81:43:e3:1e:fb:c3:36:16:65:29:a1:71:4b:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a
Validity
Not Before: Mar 2 14:02:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=678b6c31ab2be3be4f643456be6e1ec7b1125cef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0d:bc:45:57:10:7a:d0:28:8e:ff:67:58:ed:
54:43:2d:6d:8d:3f:9e:ae:0e:9a:56:5a:b9:d3:16:
36:b1:1d:8b:58:e2:9c:af:fc:99:8c:bc:a4:04:a9:
0a:0a:7d:0c:9b:2a:2b:ba:4e:de:a3:05:d6:48:69:
0d:fb:1e:be:83:f5:a1:0b:36:1d:a8:48:73:cb:65:
b0:c1:6d:34:b2:ac:83:b3:14:68:11:b4:5c:39:1e:
ba:f0:8f:6d:4f:3b:fb:c1:cf:57:00:e8:17:6e:bf:
39:7b:8c:37:57:27:59:e8:77:32:bc:cb:05:0f:82:
7b:d7:c2:8d:3e:fe:2c:8c:db:e2:e2:6d:79:34:5a:
e1:7a:d4:e7:cc:91:89:c2:0c:f9:50:05:4d:74:d4:
a2:40:3d:29:3b:47:b1:dd:c1:f6:11:2a:e2:36:01:
58:9c:22:89:46:c0:2f:9e:6c:84:2a:98:95:23:5a:
53:1a:85:6d:f1:51:45:31:80:f3:78:16:e9:6f:b9:
6a:8a:86:92:8c:0f:1b:25:56:85:5d:6c:6f:55:e5:
b2:6a:24:1e:1b:79:a5:95:b7:73:65:f7:20:c5:fc:
13:f6:66:c4:68:27:e4:fe:33:a4:9b:5d:59:ce:a8:
8c:5c:ea:ec:b8:2a:5d:1b:bc:3d:c5:8a:c8:93:34:
de:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:8B:6C:31:AB:2B:E3:BE:4F:64:34:56:BE:6E:1E:C7:B1:12:5C:EF
X509v3 Authority Key Identifier:
keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/Z4tsMasr475PZDRWvm4ex7ESXO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.200.0/24
185.120.56.0/24
212.22.70.0/24
212.22.94.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:4e:c3:1f:5b:8f:93:86:40:d0:48:da:ed:10:ce:fe:e1:5e:
41:52:55:b3:ac:43:65:bf:fa:55:17:15:72:86:50:85:0a:14:
c0:c8:cd:97:95:11:b7:e4:02:b8:8d:80:63:4f:82:70:94:3a:
bc:94:a7:b6:d6:e2:03:57:86:80:3e:0d:b6:32:ae:6e:57:60:
7c:8f:47:c2:63:ce:fe:d7:9f:f9:16:25:b9:00:1c:fd:93:ba:
42:04:91:5e:0e:01:ba:eb:b7:ac:e3:7c:48:5b:35:6f:be:38:
42:da:f7:5a:de:d5:49:cc:c5:97:84:f9:ea:fa:9e:c3:42:3e:
e7:fe:c8:80:ea:3a:9c:24:00:96:29:97:98:6e:f0:d0:a9:26:
67:c8:38:2f:d0:7e:26:0f:cd:87:d8:93:99:3b:ca:9c:e3:40:
9b:b3:10:4c:46:da:db:6d:0c:2f:0b:fd:e8:b1:5e:6c:b3:ed:
84:4b:3c:8f:b2:c4:ff:19:0b:45:10:12:f1:f5:14:fa:59:2d:
51:23:b8:c4:a6:41:c8:1e:84:21:a7:16:33:10:c4:d1:a7:1c:
fa:f5:5e:62:0a:8d:3f:80:a7:cc:50:dd:a4:e0:27:d9:76:34:
a8:08:94:d6:f6:e4:e3:d3:4a:53:5d:dc:d7:f0:36:5d:22:c5:
66:7c:6b:3b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZyu24FD4x77wzYWZSmhcUvNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm
YmViOWEwHhcNMjYwMzAyMTQwMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzhiNmMzMWFiMmJlM2JlNGY2NDM0NTZiZTZlMWVjN2IxMTI1Y2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwA28RVcQetAojv9nWO1UQy1tjT+e
rg6aVlq50xY2sR2LWOKcr/yZjLykBKkKCn0Mmyoruk7eowXWSGkN+x6+g/WhCzYd
qEhzy2WwwW00sqyDsxRoEbRcOR668I9tTzv7wc9XAOgXbr85e4w3VydZ6HcyvMsF
D4J718KNPv4sjNvi4m15NFrhetTnzJGJwgz5UAVNdNSiQD0pO0ex3cH2ESriNgFY
nCKJRsAvnmyEKpiVI1pTGoVt8VFFMYDzeBbpb7lqioaSjA8bJVaFXWxvVeWyaiQe
G3mllbdzZfcgxfwT9mbEaCfk/jOkm11ZzqiMXOrsuCpdG7w9xYrIkzTebQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGeLbDGrK+O+T2Q0Vr5uHsexElzvMB8GA1UdIwQY
MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt
NmE0ZWNhZjhiM2IxLzEvWjR0c01hc3I0NzVQWkRSV3ZtNGV4N0VTWE84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix
LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuUHIAwQA
uXg4AwQA1BZGAwQA1BZeMA0GCSqGSIb3DQEBCwUAA4IBAQA7TsMfW4+ThkDQSNrt
EM7+4V5BUlWzrENlv/pVFxVyhlCFChTAyM2XlRG35AK4jYBjT4JwlDq8lKe21uID
V4aAPg22Mq5uV2B8j0fCY87+15/5FiW5ABz9k7pCBJFeDgG667es43xIWzVvvjhC
2vda3tVJzMWXhPnq+p7DQj7n/siA6jqcJACWKZeYbvDQqSZnyDgv0H4mD82H2JOZ
O8qc40CbsxBMRtrbbQwvC/3osV5ss+2ESzyPssT/GQtFEBLx9RT6WS1RI7jEpkHI
HoQhpxYzEMTRpxz69V5iCo0/gKfMUN2k4CfZdjSoCJTW9uTj00pTXdzX8DZdIsVm
fGs7
-----END CERTIFICATE-----
Generated at Sat Mar 21 20:06:15 2026 by rpki-client