Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/zqFJzqQhbsCKgM02Bkb2tNnrNM0.roa
File: zqFJzqQhbsCKgM02Bkb2tNnrNM0.roa (raw, json)
Hash identifier: XMp5SjVpjY/msyHSH88BllRZDyTq06yzgyFKTDbnap4=
Subject key identifier: CE:A1:49:CE:A4:21:6E:C0:8A:80:CD:36:06:46:F6:B4:D9:EB:34:CD
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 019CAD19113C013E0B00D2275653FC73E936
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/zqFJzqQhbsCKgM02Bkb2tNnrNM0.roa
Signing time: Mon 02 Mar 2026 05:50:27 +0000
ROA not before: Mon 02 Mar 2026 05:50:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41745
IP address blocks: 45.10.164.0/24 maxlen: 24
45.10.165.0/24 maxlen: 24
45.132.185.0/24 maxlen: 24
45.138.101.0/24 maxlen: 24
45.138.102.0/24 maxlen: 24
45.138.103.0/24 maxlen: 24
45.148.125.0/24 maxlen: 24
45.148.127.0/24 maxlen: 24
45.151.233.0/24 maxlen: 24
46.21.80.0/24 maxlen: 24
46.21.81.0/24 maxlen: 24
46.21.82.0/24 maxlen: 24
46.21.83.0/24 maxlen: 24
92.118.169.0/24 maxlen: 24
92.118.170.0/24 maxlen: 24
93.177.116.0/24 maxlen: 24
93.177.117.0/24 maxlen: 24
185.58.115.0/24 maxlen: 24
185.68.184.0/24 maxlen: 24
185.68.246.0/24 maxlen: 24
185.68.247.0/24 maxlen: 24
185.79.138.0/24 maxlen: 24
185.88.36.0/24 maxlen: 24
185.88.37.0/24 maxlen: 24
185.88.101.0/24 maxlen: 24
185.113.139.0/24 maxlen: 24
193.221.203.0/24 maxlen: 24
194.104.9.0/24 maxlen: 24
194.104.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Mar 2026 17:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ad:19:11:3c:01:3e:0b:00:d2:27:56:53:fc:73:e9:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Mar 2 05:50:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cea149cea4216ec08a80cd360646f6b4d9eb34cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:94:b2:81:cc:12:e9:17:cb:c1:c3:02:d5:e2:
f7:88:b3:4e:73:98:7e:d1:3a:ba:97:cf:08:c8:68:
ac:07:b8:85:84:f5:06:99:10:74:d7:91:7a:c2:d1:
db:ad:31:df:11:8b:20:2d:8d:e2:07:50:e6:04:62:
d6:8d:c7:d5:9b:01:b1:54:14:96:af:ad:fb:22:1c:
31:eb:54:1a:91:17:f5:01:88:17:40:71:b2:48:e3:
5a:57:a7:13:0c:e3:cf:5a:5c:8f:28:5d:e3:4b:39:
8e:18:71:ff:df:26:2e:4f:fe:17:17:52:69:6a:e6:
a2:4f:3e:7b:0c:62:71:7a:23:2d:93:e3:9a:43:a7:
35:8b:cb:cf:c7:b1:25:fb:08:41:05:66:9f:ad:10:
9f:e8:5c:ca:01:3a:ff:15:89:0c:4e:17:69:8f:64:
a7:89:1c:e8:56:bf:9e:20:bb:71:15:e8:a2:95:28:
db:55:49:a8:ac:64:99:f7:7b:fc:18:f9:db:1e:28:
31:8b:51:a0:de:cd:80:f8:05:22:93:e0:7c:5e:01:
f4:ec:ef:a8:bc:25:b5:d0:d1:0c:3a:0d:26:6c:42:
04:39:35:c6:bb:7e:ef:d3:e0:fb:37:dc:8e:88:47:
ea:03:22:ed:94:1b:3e:0c:64:23:38:32:7b:12:5e:
84:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:A1:49:CE:A4:21:6E:C0:8A:80:CD:36:06:46:F6:B4:D9:EB:34:CD
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/zqFJzqQhbsCKgM02Bkb2tNnrNM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.164.0/23
45.132.185.0/24
45.138.101.0-45.138.103.255
45.148.125.0/24
45.148.127.0/24
45.151.233.0/24
46.21.80.0/22
92.118.169.0-92.118.170.255
93.177.116.0/23
185.58.115.0/24
185.68.184.0/24
185.68.246.0/23
185.79.138.0/24
185.88.36.0/23
185.88.101.0/24
185.113.139.0/24
193.221.203.0/24
194.104.9.0-194.104.10.255
Signature Algorithm: sha256WithRSAEncryption
a7:33:66:10:55:bb:76:d7:77:b5:af:a2:3e:8d:9a:75:cc:d6:
d0:5e:2a:48:18:98:25:f6:3a:7f:9f:3d:44:6f:b3:67:a9:d4:
12:14:52:1a:92:8c:37:30:0b:21:be:b3:96:dd:05:fa:25:3e:
a8:fe:b7:54:2c:eb:a7:fc:24:78:30:ed:1b:34:4c:a1:80:0c:
a8:3c:bb:77:5e:d3:eb:5b:c0:1f:cc:a9:4d:f7:0f:8a:ed:b8:
a5:50:c9:f8:60:a4:4a:bb:59:db:0f:ef:fa:e4:83:74:06:44:
5b:0f:7a:d9:77:48:f2:ae:df:97:81:f2:8a:2b:f6:cd:ba:7e:
b4:05:7f:a2:cf:47:b0:7d:21:9c:f5:b9:42:a5:6d:47:68:3a:
3b:23:66:1c:90:8a:f1:38:0d:6a:7c:35:93:6a:04:6d:4e:75:
50:bd:a5:6c:fe:3e:a6:91:94:23:47:6b:a6:87:5a:9e:72:58:
70:ad:9a:83:8e:5c:fd:7e:df:00:90:68:f8:28:e2:5b:cf:ac:
c8:c6:f1:a6:9a:54:c2:c9:32:4d:c1:cd:a5:13:38:dc:f5:e4:
c9:5e:60:4b:13:9e:44:bb:03:e4:88:ec:6f:8c:48:ee:ef:68:
98:2d:e1:6d:79:1e:7e:ff:9b:26:15:fd:83:86:08:0d:d3:e8:
61:e8:62:2b
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZytGRE8AT4LANInVlP8c+k2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjYwMzAyMDU1MDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWExNDljZWE0MjE2ZWMwOGE4MGNkMzYwNjQ2ZjZiNGQ5ZWIzNGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JSygcwS6RfLwcMC1eL3iLNOc5h+
0Tq6l88IyGisB7iFhPUGmRB015F6wtHbrTHfEYsgLY3iB1DmBGLWjcfVmwGxVBSW
r637Ihwx61QakRf1AYgXQHGySONaV6cTDOPPWlyPKF3jSzmOGHH/3yYuT/4XF1Jp
auaiTz57DGJxeiMtk+OaQ6c1i8vPx7El+whBBWafrRCf6FzKATr/FYkMThdpj2Sn
iRzoVr+eILtxFeiilSjbVUmorGSZ93v8GPnbHigxi1Gg3s2A+AUik+B8XgH07O+o
vCW10NEMOg0mbEIEOTXGu37v0+D7N9yOiEfqAyLtlBs+DGQjODJ7El6EiQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFM6hSc6kIW7AioDNNgZG9rTZ6zTNMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvenFGSnpxUWhic0NLZ00wMkJrYjJ0Tm5yTk0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAEt
CqQDBAAthLkwDAMEAC2KZQMEAy2KYAMEAC2UfQMEAC2UfwMEAC2X6QMEAi4VUDAM
AwQAXHapAwQAXHaqAwQBXbF0AwQAuTpzAwQAuUS4AwQBuUT2AwQAuU+KAwQBuVgk
AwQAuVhlAwQAuXGLAwQAwd3LMAwDBADCaAkDBADCaAowDQYJKoZIhvcNAQELBQAD
ggEBAKczZhBVu3bXd7Wvoj6NmnXM1tBeKkgYmCX2On+fPURvs2ep1BIUUhqSjDcw
CyG+s5bdBfolPqj+t1Qs66f8JHgw7Rs0TKGADKg8u3de0+tbwB/MqU33D4rtuKVQ
yfhgpEq7WdsP7/rkg3QGRFsPetl3SPKu35eB8oor9s26frQFf6LPR7B9IZz1uUKl
bUdoOjsjZhyQivE4DWp8NZNqBG1OdVC9pWz+PqaRlCNHa6aHWp5yWHCtmoOOXP1+
3wCQaPgo4lvPrMjG8aaaVMLJMk3BzaUTONz15MleYEsTnkS7A+SI7G+MSO7vaJgt
4W15Hn7/myYV/YOGCA3T6GHoYis=
-----END CERTIFICATE-----
Generated at Sat Mar 7 00:52:34 2026 by rpki-client