Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/z0oaUfPMt3Z_xl8gY8NTLVtXaGM.roa
File: z0oaUfPMt3Z_xl8gY8NTLVtXaGM.roa (raw, json)
Hash identifier: q9SpH5VN4ogoXvDgwfQyWPD2v94u40id/9IL4OGY508=
Subject key identifier: CF:4A:1A:51:F3:CC:B7:76:7F:C6:5F:20:63:C3:53:2D:5B:57:68:63
Certificate issuer: /CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Certificate serial: 019EF55F79819D7AE194A07EFEBA843C2638
Authority key identifier: 99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/z0oaUfPMt3Z_xl8gY8NTLVtXaGM.roa
Signing time: Tue 23 Jun 2026 16:45:35 +0000
ROA not before: Tue 23 Jun 2026 16:45:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202623
IP address blocks: 141.101.64.0/24 maxlen: 24
141.101.91.0/24 maxlen: 24
2a06:98c0:1400::/48 maxlen: 48
2a06:98c0:1401::/48 maxlen: 48
2a06:98c0:3602::/48 maxlen: 48
2a06:98c0:3603::/48 maxlen: 48
2a06:98c0:3604::/48 maxlen: 48
2a06:98c0:3605::/48 maxlen: 48
2a06:98c0:3606::/48 maxlen: 48
2a06:98c0:3607::/48 maxlen: 48
2a06:98c0:360e::/48 maxlen: 48
2a06:98c0:3612::/48 maxlen: 48
2a06:98c0:3616::/48 maxlen: 48
2a06:98c0:3622::/48 maxlen: 48
2a06:98c0:3626::/48 maxlen: 48
2a06:98c0:3627::/48 maxlen: 48
2a06:98c0:362b::/48 maxlen: 48
2a06:98c0:362c::/48 maxlen: 48
2a06:98c0:362d::/48 maxlen: 48
2a06:98c0:362f::/48 maxlen: 48
2a06:98c0:3630::/48 maxlen: 48
2a06:98c0:3631::/48 maxlen: 48
2a06:98c0:3632::/48 maxlen: 48
2a06:98c0:3634::/48 maxlen: 48
2a06:98c0:3635::/48 maxlen: 48
2a06:98c0:3636::/48 maxlen: 48
2a06:98c0:3637::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 24 Jun 2026 13:08:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:f5:5f:79:81:9d:7a:e1:94:a0:7e:fe:ba:84:3c:26:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d5bfad45d7c65a6e343028509fd1892e97b9d0
Validity
Not Before: Jun 23 16:45:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cf4a1a51f3ccb7767fc65f2063c3532d5b576863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:46:03:b5:0e:4e:4b:ab:b5:9c:55:92:f3:3b:
c7:c8:b2:24:45:9a:ee:43:86:bb:55:2b:2e:dc:5a:
62:95:0d:00:3a:c5:6e:75:36:50:1d:75:4d:f4:d2:
e2:e7:48:36:2e:a0:5b:ed:52:be:06:5d:f6:49:6f:
9c:65:cf:9d:7b:78:e0:4a:13:41:80:b6:60:9c:f6:
c0:cb:24:f7:a6:cb:31:b6:30:b6:b5:0b:ed:0e:63:
b2:98:95:e5:0f:94:21:f5:d9:73:3c:87:25:7f:6a:
ec:82:e6:cf:86:95:1c:77:05:a5:5e:97:b6:6d:02:
8b:08:23:d7:ab:c3:9b:16:13:90:33:35:e1:40:2a:
f4:f1:b7:38:97:cf:2c:2e:7b:ed:c6:75:b5:77:3c:
0e:80:39:0a:a7:41:59:ff:6f:55:40:51:ce:9d:a0:
de:73:18:67:cf:42:2c:07:db:02:1d:91:4d:ae:f0:
94:79:b5:f8:9f:9f:38:9f:f9:6c:f5:5d:18:6a:ee:
a6:76:69:63:d4:ac:5c:39:a7:ad:13:48:91:a6:b1:
49:96:22:ff:87:27:63:0f:83:8d:b6:ba:34:64:db:
af:04:50:c7:2a:79:f8:25:23:01:ef:ce:44:6b:df:
4e:65:79:53:e1:52:d9:4a:33:89:f0:01:a2:de:86:
2f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:4A:1A:51:F3:CC:B7:76:7F:C6:5F:20:63:C3:53:2D:5B:57:68:63
X509v3 Authority Key Identifier:
keyid:99:D5:BF:AD:45:D7:C6:5A:6E:34:30:28:50:9F:D1:89:2E:97:B9:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdW_rUXXxlpuNDAoUJ_RiS6XudA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/z0oaUfPMt3Z_xl8gY8NTLVtXaGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/8171e3-2d29-4cb6-8a94-7551809cb731/1/mdW_rUXXxlpuNDAoUJ_RiS6XudA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.101.64.0/24
141.101.91.0/24
IPv6:
2a06:98c0:1400::/47
2a06:98c0:3602::-2a06:98c0:3607:ffff:ffff:ffff:ffff:ffff
2a06:98c0:360e::/48
2a06:98c0:3612::/48
2a06:98c0:3616::/48
2a06:98c0:3622::/48
2a06:98c0:3626::/47
2a06:98c0:362b::-2a06:98c0:362d:ffff:ffff:ffff:ffff:ffff
2a06:98c0:362f::-2a06:98c0:3632:ffff:ffff:ffff:ffff:ffff
2a06:98c0:3634::/46
Signature Algorithm: sha256WithRSAEncryption
4f:5c:eb:5d:8d:ff:a3:fd:3f:60:d5:a2:17:4e:eb:d8:30:5f:
64:37:29:dd:8b:2e:8e:ad:ed:83:43:86:e8:e2:46:c1:90:46:
53:6c:12:57:8c:46:58:74:ac:df:4c:11:50:ba:bc:c5:20:4c:
54:0b:f7:08:86:ec:0e:60:f3:61:a1:ae:be:e0:ae:fe:1a:16:
97:75:d4:64:00:1e:ac:65:45:cb:c3:4f:23:fe:95:b7:6b:43:
b0:4f:b1:ad:0a:77:93:98:bf:12:c0:14:a7:e0:00:68:9a:84:
61:9b:f5:af:36:4d:5b:b2:1f:6b:50:3f:d2:f2:47:dd:35:80:
e9:66:9f:94:50:7f:48:2f:22:91:6c:2b:e2:56:e5:50:8f:71:
f4:8e:17:e1:99:6e:df:ee:64:78:c2:39:2b:dc:a5:88:b0:ff:
a7:f7:0c:ab:b0:b7:a5:74:90:af:72:b9:9a:93:54:d6:50:0e:
dc:b4:53:99:2c:34:33:a4:d0:20:ce:15:51:9d:57:c9:1f:d3:
a9:9a:6a:dc:2c:a7:99:11:5e:97:24:0e:29:f1:39:6a:b5:e6:
b2:27:aa:2e:4d:e2:94:2c:b1:b3:a3:78:42:bb:d1:7b:74:2b:
03:92:5e:9e:7b:5a:fe:5e:aa:d7:46:46:b5:48:17:64:57:93:
4b:da:a1:a1
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZ71X3mBnXrhlKB+/rqEPCY4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDViZmFkNDVkN2M2NWE2ZTM0MzAyODUwOWZkMTg5MmU5
N2I5ZDAwHhcNMjYwNjIzMTY0NTM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjRhMWE1MWYzY2NiNzc2N2ZjNjVmMjA2M2MzNTMyZDViNTc2ODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw0YDtQ5OS6u1nFWS8zvHyLIkRZru
Q4a7VSsu3FpilQ0AOsVudTZQHXVN9NLi50g2LqBb7VK+Bl32SW+cZc+de3jgShNB
gLZgnPbAyyT3pssxtjC2tQvtDmOymJXlD5Qh9dlzPIclf2rsgubPhpUcdwWlXpe2
bQKLCCPXq8ObFhOQMzXhQCr08bc4l88sLnvtxnW1dzwOgDkKp0FZ/29VQFHOnaDe
cxhnz0IsB9sCHZFNrvCUebX4n584n/ls9V0Yau6mdmlj1KxcOaetE0iRprFJliL/
hydjD4ONtro0ZNuvBFDHKnn4JSMB785Ea99OZXlT4VLZSjOJ8AGi3oYvWQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFM9KGlHzzLd2f8ZfIGPDUy1bV2hjMB8GA1UdIwQY
MBaAFJnVv61F18ZabjQwKFCf0Ykul7nQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQt
NzU1MTgwOWNiNzMxLzEvejBvYVVmUE10M1pfeGw4Z1k4TlRMVnRYYUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84MTcxZTMtMmQyOS00Y2I2LThhOTQtNzU1MTgwOWNiNzMx
LzEvbWRXX3JVWFh4bHB1TkRBb1VKX1JpUzZYdWRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDASBAIAATAMAwQAjWVA
AwQAjWVbMIGBBAIAAjB7AwcBKgaYwBQAMBIDBwEqBpjANgIDBwMqBpjANgADBwAq
BpjANg4DBwAqBpjANhIDBwAqBpjANhYDBwAqBpjANiIDBwEqBpjANiYwEgMHACoG
mMA2KwMHASoGmMA2LDASAwcAKgaYwDYvAwcAKgaYwDYyAwcCKgaYwDY0MA0GCSqG
SIb3DQEBCwUAA4IBAQBPXOtdjf+j/T9g1aIXTuvYMF9kNyndiy6Ore2DQ4bo4kbB
kEZTbBJXjEZYdKzfTBFQurzFIExUC/cIhuwOYPNhoa6+4K7+GhaXddRkAB6sZUXL
w08j/pW3a0OwT7GtCneTmL8SwBSn4ABomoRhm/WvNk1bsh9rUD/S8kfdNYDpZp+U
UH9ILyKRbCviVuVQj3H0jhfhmW7f7mR4wjkr3KWIsP+n9wyrsLeldJCvcrmak1TW
UA7ctFOZLDQzpNAgzhVRnVfJH9OpmmrcLKeZEV6XJA4p8TlqteayJ6ouTeKULLGz
o3hCu9F7dCsDkl6ee1r+XqrXRka1SBdkV5NL2qGh
-----END CERTIFICATE-----
Generated at Tue Jun 23 23:15:58 2026 by rpki-client