Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/zgJ_G-9np5VpQcmCxgQMVjklSkQ.roa
File: zgJ_G-9np5VpQcmCxgQMVjklSkQ.roa (raw, json)
Hash identifier: 5Tc0Gy3iK8Ur64lX58sfY70FGviygZFZEFyBRuvFACw=
Subject key identifier: CE:02:7F:1B:EF:67:A7:95:69:41:C9:82:C6:04:0C:56:39:25:4A:44
Certificate issuer: /CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Certificate serial: 019DB5194A23E63BCC76B1CD79EA3E7E1340
Authority key identifier: D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/zgJ_G-9np5VpQcmCxgQMVjklSkQ.roa
Signing time: Wed 22 Apr 2026 12:10:26 +0000
ROA not before: Wed 22 Apr 2026 12:10:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48152
IP address blocks: 31.177.56.0/21 maxlen: 24
86.106.173.0/24 maxlen: 24
185.4.236.0/24 maxlen: 24
185.36.232.0/22 maxlen: 24
185.109.16.0/22 maxlen: 24
188.214.127.0/24 maxlen: 24
2a04:3e00::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Apr 2026 20:22:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b5:19:4a:23:e6:3b:cc:76:b1:cd:79:ea:3e:7e:13:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Validity
Not Before: Apr 22 12:10:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ce027f1bef67a7956941c982c6040c5639254a44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:18:65:94:7e:20:d8:c7:9f:d0:e8:92:c0:2f:
fa:ca:73:fc:66:4f:ba:6e:62:db:e2:ec:1e:e8:c5:
cb:cd:26:44:52:d0:24:4d:4e:a9:85:a5:db:87:e1:
dd:0b:ff:fa:ea:35:29:d7:84:ce:37:85:e4:ea:2d:
5c:33:f5:de:65:6b:e7:24:8a:e2:3b:4f:39:99:36:
c8:e0:78:01:f2:3b:07:b5:a3:9c:fa:84:93:ad:b5:
2f:37:5c:89:08:d0:19:b6:b7:15:f0:78:a6:fc:53:
1d:23:1b:42:d2:63:83:34:bc:74:5e:54:96:5f:24:
7e:6a:ef:d1:49:52:64:86:27:9b:04:11:08:78:e1:
45:4b:0f:f2:0e:58:f8:40:db:55:4f:80:1c:4d:f5:
28:37:89:71:b8:3f:80:c3:e0:60:86:e6:67:e1:93:
f2:39:a8:1a:53:be:15:2e:fb:74:09:21:65:6d:a9:
6a:a7:c3:a8:96:1d:69:8f:8e:7c:32:2c:a6:b9:80:
07:cf:cd:22:d8:a6:c2:de:2d:3a:23:ac:b7:63:53:
e8:03:fa:fb:0d:29:f2:5a:ae:76:e2:d0:b7:5a:87:
52:30:b9:0b:e9:44:56:10:e8:35:2d:f9:14:c5:90:
c0:0d:6d:ae:cc:e7:67:d3:9d:84:30:58:c6:ec:19:
5e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:02:7F:1B:EF:67:A7:95:69:41:C9:82:C6:04:0C:56:39:25:4A:44
X509v3 Authority Key Identifier:
keyid:D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/zgJ_G-9np5VpQcmCxgQMVjklSkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.56.0/21
86.106.173.0/24
185.4.236.0/24
185.36.232.0/22
185.109.16.0/22
188.214.127.0/24
IPv6:
2a04:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
42:6b:73:65:19:3d:b2:1b:f7:98:a4:0c:56:ad:78:f8:b5:66:
b3:71:76:3f:75:67:da:ce:cb:51:d3:f7:d8:47:6e:f8:2c:12:
57:62:24:e3:69:1d:c7:6f:80:da:04:ad:4d:ae:1b:d2:84:8a:
2a:3b:43:07:82:28:00:55:67:3d:45:3e:ce:3f:be:9f:c1:3c:
ef:12:7d:39:62:b8:71:2a:45:dc:f4:e7:3d:a7:0d:05:84:6a:
bb:86:37:9c:49:10:48:1e:4e:4a:f7:f8:12:9b:fb:f1:ec:f3:
5e:9e:47:3b:e7:a9:69:f7:20:d4:39:8b:eb:dc:78:cb:ea:2a:
c1:12:9b:5f:ee:c9:a0:60:be:59:dd:f3:4b:ea:40:e8:2b:a4:
03:7b:ae:ff:8a:9a:2e:f4:8e:eb:5f:78:18:04:2c:80:1b:c1:
20:04:d6:89:ef:ff:16:5c:5c:b7:5c:d2:c6:37:d5:cf:f9:38:
4c:a8:a6:4c:03:6a:39:30:bc:67:3d:2f:aa:a0:d1:fe:1c:e6:
30:78:4f:41:3a:72:12:c6:b6:43:bc:12:18:02:50:4a:5d:77:
1c:49:61:6b:d7:f6:fa:3f:a7:1d:a5:99:1e:37:87:2f:d0:75:
a8:6f:77:b4:d9:40:ff:23:d3:51:70:14:62:4a:99:c3:a2:d2:
af:b2:5a:88
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZ21GUoj5jvMdrHNeeo+fhNAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjAwY2JhZmQyNmZlZTUwNjRmYzg5ZjMwMWRmYzhlM2Mx
ZDNjYTUwHhcNMjYwNDIyMTIxMDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTAyN2YxYmVmNjdhNzk1Njk0MWM5ODJjNjA0MGM1NjM5MjU0YTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxhllH4g2Mef0OiSwC/6ynP8Zk+6
bmLb4uwe6MXLzSZEUtAkTU6phaXbh+HdC//66jUp14TON4Xk6i1cM/XeZWvnJIri
O085mTbI4HgB8jsHtaOc+oSTrbUvN1yJCNAZtrcV8Him/FMdIxtC0mODNLx0XlSW
XyR+au/RSVJkhiebBBEIeOFFSw/yDlj4QNtVT4AcTfUoN4lxuD+Aw+BghuZn4ZPy
OagaU74VLvt0CSFlbalqp8Oolh1pj458MiymuYAHz80i2KbC3i06I6y3Y1PoA/r7
DSnyWq524tC3WodSMLkL6URWEOg1LfkUxZDADW2uzOdn052EMFjG7BleZwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFM4CfxvvZ6eVaUHJgsYEDFY5JUpEMB8GA1UdIwQY
MBaAFNNgDLr9Jv7lBk/InzAd/I48HTylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmIt
MWM2ODBhZGY3YTI2LzEvemdKX0ctOW5wNVZwUWNtQ3hnUU1WamtsU2tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmItMWM2ODBhZGY3YTI2
LzEvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDH7E4AwQA
VmqtAwQAuQTsAwQCuSToAwQCuW0QAwQAvNZ/MA0EAgACMAcDBQMqBD4AMA0GCSqG
SIb3DQEBCwUAA4IBAQBCa3NlGT2yG/eYpAxWrXj4tWazcXY/dWfazstR0/fYR274
LBJXYiTjaR3Hb4DaBK1NrhvShIoqO0MHgigAVWc9RT7OP76fwTzvEn05YrhxKkXc
9Oc9pw0FhGq7hjecSRBIHk5K9/gSm/vx7PNenkc756lp9yDUOYvr3HjL6irBEptf
7smgYL5Z3fNL6kDoK6QDe67/ipou9I7rX3gYBCyAG8EgBNaJ7/8WXFy3XNLGN9XP
+ThMqKZMA2o5MLxnPS+qoNH+HOYweE9BOnISxrZDvBIYAlBKXXccSWFr1/b6P6cd
pZkeN4cv0HWob3e02UD/I9NRcBRiSpnDotKvslqI
-----END CERTIFICATE-----
Generated at Wed Apr 29 00:41:40 2026 by rpki-client