Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ZEMgUF84WPC4sDP5Bs48mGFeXPk.roa
File: ZEMgUF84WPC4sDP5Bs48mGFeXPk.roa (raw, json)
Hash identifier: qzply5ACd0MpzdaoDn/5+WinvpeQ7iOWSLZCDXeJG8I=
Subject key identifier: 64:43:20:50:5F:38:58:F0:B8:B0:33:F9:06:CE:3C:98:61:5E:5C:F9
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019E780B6A0C71DC9B4D1778DAE643FEEC4B
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ZEMgUF84WPC4sDP5Bs48mGFeXPk.roa
Signing time: Sat 30 May 2026 08:41:14 +0000
ROA not before: Sat 30 May 2026 08:41:14 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 77.242.146.0/23 maxlen: 24
88.151.56.0/23 maxlen: 24
88.209.201.0/24 maxlen: 24
88.209.226.0/24 maxlen: 24
88.209.232.0/22 maxlen: 24
88.209.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 05:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:78:0b:6a:0c:71:dc:9b:4d:17:78:da:e6:43:fe:ec:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 30 08:41:14 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=644320505f3858f0b8b033f906ce3c98615e5cf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:61:19:24:07:c7:78:8e:ea:b6:71:bc:0a:51:
c4:72:10:27:7e:b9:9b:4c:88:8d:f1:ed:1e:e2:a8:
28:f7:d8:a7:03:0c:f7:11:3c:6d:cf:72:8c:23:34:
33:e4:2a:47:52:36:fe:f0:56:6b:5f:d3:04:74:ea:
cb:06:e3:07:dd:f3:64:a5:40:b1:12:2c:e3:43:88:
3f:28:48:8b:be:a2:cb:04:75:10:57:97:fb:26:d7:
a9:f7:d4:ea:3e:08:4a:5b:4a:6e:39:f4:34:0e:56:
66:df:a3:5b:95:7c:67:21:29:74:85:2e:18:4e:be:
85:e5:83:2b:83:0d:5a:44:52:b8:90:d8:68:07:69:
30:0f:36:d0:fb:f6:cc:e1:52:f7:47:70:60:92:cb:
ca:e3:dc:e7:f2:13:13:ff:2f:01:99:61:22:5d:4a:
80:2d:b5:2d:f5:38:27:32:93:0f:20:8e:b7:f5:21:
18:47:34:88:a5:27:5e:47:b2:bb:75:00:15:5f:90:
63:77:39:ae:f1:3b:af:2f:3f:ec:8d:ad:9c:7e:e9:
31:ee:ed:37:06:c5:cf:75:1d:72:79:88:e9:08:d3:
a4:98:39:01:be:e9:39:ce:73:3e:8a:bf:c2:1b:ab:
76:61:17:8d:f7:25:40:0c:e0:23:d3:85:cf:96:bb:
2a:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:43:20:50:5F:38:58:F0:B8:B0:33:F9:06:CE:3C:98:61:5E:5C:F9
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ZEMgUF84WPC4sDP5Bs48mGFeXPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.146.0/23
88.151.56.0/23
88.209.201.0/24
88.209.226.0/24
88.209.232.0/22
88.209.254.0/24
Signature Algorithm: sha256WithRSAEncryption
63:bb:ab:8f:75:77:44:a9:8b:c7:1a:e8:2d:b9:b8:fd:fb:e0:
8f:42:52:e1:fe:ee:79:87:17:8f:38:23:2e:3b:37:fb:73:72:
5e:f8:6f:d9:f5:45:da:44:e4:c3:2e:8f:b6:59:23:c7:f6:15:
ea:74:21:04:6f:37:4a:45:43:09:f2:13:7c:3a:a5:8c:6d:68:
28:ea:a4:2d:b1:27:fd:a5:ed:01:6c:64:d3:0d:3e:f1:a1:67:
10:f9:48:4b:a9:9d:ea:1e:1e:81:85:1a:7a:0b:1b:0a:ab:8b:
08:33:48:5d:11:43:6a:10:d4:87:db:7d:af:84:6f:e5:8b:30:
65:3f:21:3c:56:2f:a3:9c:37:ff:4c:d0:99:7d:03:35:32:06:
d4:a7:e4:c3:6b:ea:0f:86:6b:e8:82:37:39:54:6a:8d:e9:c6:
e0:c1:6c:78:02:0f:1a:7b:a5:01:6b:5f:5f:f8:0a:ea:3e:0f:
d7:bb:fe:00:d3:df:31:37:4c:af:49:1b:88:06:0e:5e:63:39:
bb:e0:76:0b:fa:85:df:46:17:98:88:b1:c6:1e:d1:34:a2:5a:
b7:ff:cb:39:10:09:e4:da:a9:e7:42:99:31:ba:47:3c:b9:41:
0d:a6:38:64:ad:ad:55:30:f8:6a:dd:88:42:78:9d:fe:0c:81:
8d:35:b6:6f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ54C2oMcdybTRd42uZD/uxLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjYwNTMwMDg0MTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDQzMjA1MDVmMzg1OGYwYjhiMDMzZjkwNmNlM2M5ODYxNWU1Y2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWEZJAfHeI7qtnG8ClHEchAnfrmb
TIiN8e0e4qgo99inAwz3ETxtz3KMIzQz5CpHUjb+8FZrX9MEdOrLBuMH3fNkpUCx
EizjQ4g/KEiLvqLLBHUQV5f7Jtep99TqPghKW0puOfQ0DlZm36NblXxnISl0hS4Y
Tr6F5YMrgw1aRFK4kNhoB2kwDzbQ+/bM4VL3R3BgksvK49zn8hMT/y8BmWEiXUqA
LbUt9TgnMpMPII639SEYRzSIpSdeR7K7dQAVX5Bjdzmu8TuvLz/sja2cfukx7u03
BsXPdR1yeYjpCNOkmDkBvuk5znM+ir/CG6t2YReN9yVADOAj04XPlrsqXQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGRDIFBfOFjwuLAz+QbOPJhhXlz5MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvWkVNZ1VGODRXUEM0c0RQNUJzNDhtR0ZlWFBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBTfKSAwQB
WJc4AwQAWNHJAwQAWNHiAwQCWNHoAwQAWNH+MA0GCSqGSIb3DQEBCwUAA4IBAQBj
u6uPdXdEqYvHGugtubj9++CPQlLh/u55hxePOCMuOzf7c3Je+G/Z9UXaROTDLo+2
WSPH9hXqdCEEbzdKRUMJ8hN8OqWMbWgo6qQtsSf9pe0BbGTTDT7xoWcQ+UhLqZ3q
Hh6BhRp6CxsKq4sIM0hdEUNqENSH232vhG/lizBlPyE8Vi+jnDf/TNCZfQM1MgbU
p+TDa+oPhmvogjc5VGqN6cbgwWx4Ag8ae6UBa19f+ArqPg/Xu/4A098xN0yvSRuI
Bg5eYzm74HYL+oXfRheYiLHGHtE0olq3/8s5EAnk2qnnQpkxukc8uUENpjhkra1V
MPhq3YhCeJ3+DIGNNbZv
-----END CERTIFICATE-----
Generated at Thu Jun 4 10:00:11 2026 by rpki-client