Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ZcPWymvSpcRPki-VWYFWbn_jsL8.roa
File: ZcPWymvSpcRPki-VWYFWbn_jsL8.roa (raw, json)
Hash identifier: l3OfH33KyrJp2O0Nab3b8TDasU8MQQeiXTHRuKXs0WY=
Subject key identifier: 65:C3:D6:CA:6B:D2:A5:C4:4F:92:2F:95:59:81:56:6E:7F:E3:B0:BF
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019D058D3F0431531A2FF2C934D51BFB3674
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ZcPWymvSpcRPki-VWYFWbn_jsL8.roa
Signing time: Thu 19 Mar 2026 10:03:55 +0000
ROA not before: Thu 19 Mar 2026 10:03:55 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 45.8.23.0/24 maxlen: 24
45.90.17.0/24 maxlen: 24
45.131.134.0/24 maxlen: 24
45.131.135.0/24 maxlen: 24
185.108.204.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.199.158.0/24 maxlen: 24
185.199.159.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.221.20.0/24 maxlen: 24
185.222.28.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.1.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.225.3.0/24 maxlen: 24
185.226.104.0/24 maxlen: 24
185.226.105.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.72.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.230.53.0/24 maxlen: 24
185.230.67.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
185.234.22.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.146.0/24 maxlen: 24
194.5.65.0/24 maxlen: 24
194.5.67.0/24 maxlen: 24
194.76.169.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Mar 2026 16:33:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:05:8d:3f:04:31:53:1a:2f:f2:c9:34:d5:1b:fb:36:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Mar 19 10:03:55 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=65c3d6ca6bd2a5c44f922f955981566e7fe3b0bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:98:2d:ee:cc:f1:4c:f7:f9:67:fe:4e:39:90:
8f:de:e1:e5:7f:16:77:ec:17:21:15:ab:45:f8:be:
71:d1:a0:72:77:60:30:03:2c:43:ca:0b:46:7c:8e:
d3:ba:13:ba:76:51:a1:65:f8:ce:b8:fd:67:f5:a9:
45:92:04:86:9b:a3:31:5e:39:41:8d:07:8e:01:27:
ea:2c:f3:bd:b4:79:f7:d3:d1:a8:15:7a:31:4c:c1:
f8:77:48:b2:32:e5:41:26:45:38:59:6d:44:1d:a4:
e0:f0:5b:23:52:7b:8a:3e:db:43:d4:68:da:2d:91:
0f:03:bb:b8:58:36:4a:11:bb:22:a0:2d:e4:be:b0:
9d:af:96:f2:18:9b:32:43:e0:9f:69:2a:d7:ce:1c:
b5:28:8a:25:d1:43:8a:20:7c:f0:07:07:13:fa:05:
3f:ab:27:ae:6e:7c:dd:32:6d:51:e7:03:f4:1c:e8:
0c:4d:f3:19:f3:75:d4:db:7c:08:af:47:6e:9a:f8:
1c:eb:1a:1a:cd:7d:c4:d5:d6:21:fb:45:c2:b4:4b:
3f:aa:9b:5e:0c:4e:a9:bf:9e:8a:f2:ab:80:92:1b:
82:52:fd:09:39:82:d1:0a:fb:e7:e1:6f:43:b5:dd:
74:95:fb:b9:36:ce:04:61:f1:1e:4d:49:a9:a9:12:
41:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C3:D6:CA:6B:D2:A5:C4:4F:92:2F:95:59:81:56:6E:7F:E3:B0:BF
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ZcPWymvSpcRPki-VWYFWbn_jsL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.23.0/24
45.90.17.0/24
45.131.134.0/23
185.108.204.0/24
185.126.82.0/24
185.199.54.0/24
185.199.158.0/23
185.206.251.0/24
185.209.38.0/24
185.209.73.0-185.209.75.255
185.210.233.0/24
185.210.235.0/24
185.214.108.0/24
185.218.20.0/24
185.218.101.0/24
185.220.248.0/22
185.221.20.0/24
185.222.28.0/23
185.223.80.0/24
185.223.155.0/24
185.225.0.0/22
185.226.104.0/23
185.226.107.0/24
185.227.144.0/24
185.227.146.0/23
185.228.72.0/24
185.228.75.0/24
185.230.53.0/24
185.230.67.0/24
185.232.206.0/24
185.234.22.0/24
185.246.112.0/24
193.8.112.0-193.8.114.255
193.58.144.0/24
193.58.146.0/23
194.5.65.0/24
194.5.67.0/24
194.76.169.0/24
194.76.172.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:68:ae:d8:ea:d5:67:a7:68:e8:a4:ed:0e:38:be:2a:cd:15:
a5:73:2a:f4:26:8f:8e:c2:c7:d9:5c:d3:8b:43:37:d5:24:29:
d8:1f:25:4e:df:f5:fa:3c:6c:c8:8b:c5:b9:82:2e:09:95:2e:
ea:50:12:ea:fa:08:04:91:f1:d4:63:9f:10:75:3d:2d:ea:4c:
7d:2a:f4:87:e7:97:d7:2d:d8:8b:ce:69:39:0b:f9:66:cb:8d:
e4:e2:e2:82:11:71:64:43:78:6b:88:39:7f:41:88:58:b6:9d:
6a:b5:bb:77:be:be:83:59:c0:2d:a3:fe:bb:81:8c:0b:85:a3:
37:f5:86:4d:73:9c:07:c9:0d:b9:f1:9e:e8:00:ed:e5:8d:65:
66:cc:7e:c2:dc:16:4e:ed:e8:07:5f:41:29:85:69:fa:21:b1:
ee:5f:94:6b:3d:21:f4:a4:ea:9c:27:6a:43:94:72:81:3a:0e:
5a:d6:d3:93:8f:3c:78:9f:26:ee:be:51:5c:91:51:59:65:20:
8e:88:28:90:d5:8e:53:19:59:86:5e:c1:13:ee:d9:7d:4f:46:
77:59:52:dd:68:d4:1b:55:43:1b:8a:13:7c:1b:ff:ac:6b:ef:
24:94:f2:3b:f2:76:69:a3:50:03:91:82:b4:03:7d:00:fb:f8:
57:41:5f:47
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgISAZ0FjT8EMVMaL/LJNNUb+zZ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwMzE5MTAwMzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWMzZDZjYTZiZDJhNWM0NGY5MjJmOTU1OTgxNTY2ZTdmZTNiMGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZgt7szxTPf5Z/5OOZCP3uHlfxZ3
7BchFatF+L5x0aByd2AwAyxDygtGfI7TuhO6dlGhZfjOuP1n9alFkgSGm6MxXjlB
jQeOASfqLPO9tHn309GoFXoxTMH4d0iyMuVBJkU4WW1EHaTg8FsjUnuKPttD1Gja
LZEPA7u4WDZKEbsioC3kvrCdr5byGJsyQ+CfaSrXzhy1KIol0UOKIHzwBwcT+gU/
qyeubnzdMm1R5wP0HOgMTfMZ83XU23wIr0dumvgc6xoazX3E1dYh+0XCtEs/qpte
DE6pv56K8quAkhuCUv0JOYLRCvvn4W9Dtd10lfu5Ns4EYfEeTUmpqRJBiwIDAQAB
o4IDDTCCAwkwHQYDVR0OBBYEFGXD1spr0qXET5IvlVmBVm5/47C/MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWmNQV3ltdlNwY1JQa2ktVldZRldibl9qc0w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIQYIKwYBBQUHAQcBAf8EggEQMIIBDDCCAQgEAgABMIIB
AAMEAC0IFwMEAC1aEQMEAS2DhgMEALlszAMEALl+UgMEALnHNgMEAbnHngMEALnO
+wMEALnRJjAMAwQAudFJAwQCudFIAwQAudLpAwQAudLrAwQAudZsAwQAudoUAwQA
udplAwQCudz4AwQAud0UAwQBud4cAwQAud9QAwQAud+bAwQCueEAAwQBueJoAwQA
ueJrAwQAueOQAwQBueOSAwQAueRIAwQAueRLAwQAueY1AwQAueZDAwQAuejOAwQA
ueoWAwQAufZwMAwDBATBCHADBADBCHIDBADBOpADBAHBOpIDBADCBUEDBADCBUMD
BADCTKkDBADCTKwDBADCfEUwDQYJKoZIhvcNAQELBQADggEBAKZortjq1WenaOik
7Q44virNFaVzKvQmj47Cx9lc04tDN9UkKdgfJU7f9fo8bMiLxbmCLgmVLupQEur6
CASR8dRjnxB1PS3qTH0q9Ifnl9ct2IvOaTkL+WbLjeTi4oIRcWRDeGuIOX9BiFi2
nWq1u3e+voNZwC2j/ruBjAuFozf1hk1znAfJDbnxnugA7eWNZWbMfsLcFk7t6Adf
QSmFafohse5flGs9IfSk6pwnakOUcoE6DlrW05OPPHifJu6+UVyRUVllII6IKJDV
jlMZWYZewRPu2X1PRndZUt1o1BtVQxuKE3wb/6xr7ySU8jvydmmjUAORgrQDfQD7
+FdBX0c=
-----END CERTIFICATE-----
Generated at Thu Mar 19 22:34:28 2026 by rpki-client