Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zSgxA_gdqOsQUe2P8I53kbwMysI.roa
File: zSgxA_gdqOsQUe2P8I53kbwMysI.roa (raw, json)
Hash identifier: zyDJZj7LCBgj9gUJF0wQLkW1q9o9GOUQFdRTK93uGqg=
Subject key identifier: CD:28:31:03:F8:1D:A8:EB:10:51:ED:8F:F0:8E:77:91:BC:0C:CA:C2
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019E362AD8E22610E76E20DAFE70B0938433
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zSgxA_gdqOsQUe2P8I53kbwMysI.roa
Signing time: Sun 17 May 2026 13:40:38 +0000
ROA not before: Sun 17 May 2026 13:40:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214431
IP address blocks: 94.183.156.0/24 maxlen: 24
94.183.157.0/24 maxlen: 24
94.183.160.0/24 maxlen: 24
94.183.176.0/24 maxlen: 24
94.183.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 May 2026 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:36:2a:d8:e2:26:10:e7:6e:20:da:fe:70:b0:93:84:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: May 17 13:40:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cd283103f81da8eb1051ed8ff08e7791bc0ccac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3c:47:97:cb:60:21:9c:35:06:c1:20:75:21:
eb:a8:57:e1:e5:1f:e4:51:09:46:8a:18:42:36:a9:
35:54:c3:93:0b:a6:26:6b:20:60:26:8e:96:75:94:
c1:f2:c5:a3:2d:10:e8:53:1d:a3:18:0a:b0:92:2b:
ae:32:3c:a9:52:e2:29:3b:c4:61:74:bc:e7:bb:8d:
80:50:e5:c0:5b:d6:04:7b:87:5c:c4:ea:d9:96:7b:
eb:0a:8b:85:cb:df:7e:3a:5b:ab:25:7c:d8:0b:0b:
ab:67:ad:60:c9:25:21:46:f7:00:7e:2e:28:b1:e3:
97:e1:f4:dc:07:5f:82:d0:0d:32:2c:7f:22:7b:fa:
21:f6:4c:85:84:e6:1a:9e:9d:4f:1a:21:ad:2e:43:
e0:f5:e1:e3:39:38:4c:a1:d6:5b:12:89:9e:4c:ba:
14:fd:27:40:4c:52:31:17:ce:fa:3c:d2:dd:a4:9c:
36:c9:af:50:0f:95:03:5a:e6:5c:1d:d5:2d:c3:84:
41:6e:f8:2f:9b:e6:fb:67:fc:e3:06:b2:e5:c4:05:
d8:5e:5c:1e:f7:e5:cf:71:bc:56:b3:d8:5a:82:dd:
df:ab:8c:ac:a0:8d:f8:94:66:31:d7:48:69:52:8c:
8a:b5:a5:90:ee:ad:ab:6c:73:0c:f4:b2:c5:c8:cf:
86:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:28:31:03:F8:1D:A8:EB:10:51:ED:8F:F0:8E:77:91:BC:0C:CA:C2
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/zSgxA_gdqOsQUe2P8I53kbwMysI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.183.156.0/23
94.183.160.0/24
94.183.176.0/24
94.183.225.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:17:03:77:63:1f:23:2b:48:9e:71:a1:e4:f0:b9:f0:ec:ac:
f5:cc:43:68:a1:99:0d:3d:96:9c:9f:78:ba:77:cb:6f:7e:50:
42:d8:db:a7:09:dc:55:71:de:ac:7b:ab:e2:40:06:bf:3c:da:
34:74:5c:df:08:6c:32:9f:97:bc:4a:20:9d:38:c7:e5:4f:71:
77:4f:06:16:94:19:0c:3a:2f:c8:66:cc:e0:40:6e:22:c4:c3:
1d:7f:7a:8f:2c:d0:8f:86:ab:df:75:da:fb:29:ff:32:51:b1:
50:5b:93:91:c6:4c:97:43:01:26:af:e8:04:dd:30:34:a9:0b:
27:09:1b:1e:43:3a:ce:f9:f3:b0:16:10:94:62:5b:40:d7:50:
e6:60:97:8c:79:75:d4:23:b3:5b:5c:81:55:8a:2e:c2:1a:c6:
55:7e:13:99:eb:15:2b:d8:2b:0c:28:3e:12:28:85:f1:b4:ef:
9e:ae:f3:03:8d:43:c3:20:b7:5f:6a:be:f7:87:56:e2:7a:2a:
8f:5a:c2:3d:c2:9f:c9:de:c4:e0:48:3d:0b:c8:3a:93:5d:3c:
41:42:68:41:76:cb:7f:2c:f6:02:ef:c2:31:98:3e:df:8b:e5:
15:34:91:49:2c:a7:f4:8e:70:4a:48:4b:ea:63:a4:d0:a5:e5:
f0:5e:d6:06
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ42KtjiJhDnbiDa/nCwk4QzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjYwNTE3MTM0MDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDI4MzEwM2Y4MWRhOGViMTA1MWVkOGZmMDhlNzc5MWJjMGNjYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzxHl8tgIZw1BsEgdSHrqFfh5R/k
UQlGihhCNqk1VMOTC6YmayBgJo6WdZTB8sWjLRDoUx2jGAqwkiuuMjypUuIpO8Rh
dLznu42AUOXAW9YEe4dcxOrZlnvrCouFy99+OlurJXzYCwurZ61gySUhRvcAfi4o
seOX4fTcB1+C0A0yLH8ie/oh9kyFhOYanp1PGiGtLkPg9eHjOThModZbEomeTLoU
/SdATFIxF876PNLdpJw2ya9QD5UDWuZcHdUtw4RBbvgvm+b7Z/zjBrLlxAXYXlwe
9+XPcbxWs9hagt3fq4ysoI34lGYx10hpUoyKtaWQ7q2rbHMM9LLFyM+GpQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM0oMQP4HajrEFHtj/COd5G8DMrCMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvelNneEFfZ2RxT3NRVWUyUDhJNTNrYndNeXNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBXrecAwQA
XregAwQAXrewAwQAXrfhMA0GCSqGSIb3DQEBCwUAA4IBAQBNFwN3Yx8jK0iecaHk
8Lnw7Kz1zENooZkNPZacn3i6d8tvflBC2NunCdxVcd6se6viQAa/PNo0dFzfCGwy
n5e8SiCdOMflT3F3TwYWlBkMOi/IZszgQG4ixMMdf3qPLNCPhqvfddr7Kf8yUbFQ
W5ORxkyXQwEmr+gE3TA0qQsnCRseQzrO+fOwFhCUYltA11DmYJeMeXXUI7NbXIFV
ii7CGsZVfhOZ6xUr2CsMKD4SKIXxtO+ervMDjUPDILdfar73h1bieiqPWsI9wp/J
3sTgSD0LyDqTXTxBQmhBdst/LPYC78IxmD7fi+UVNJFJLKf0jnBKSEvqY6TQpeXw
XtYG
-----END CERTIFICATE-----
Generated at Wed May 27 15:59:25 2026 by rpki-client