Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/zG23siPxwccz9AWJE2u__LckVWI.roa
File: zG23siPxwccz9AWJE2u__LckVWI.roa (raw, json)
Hash identifier: 1ysfWd+KX/B4oSm7PZzff5dqWDcJuakt5XzDu78maXw=
Subject key identifier: CC:6D:B7:B2:23:F1:C1:C7:33:F4:05:89:13:6B:BF:FC:B7:24:55:62
Certificate issuer: /CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
Certificate serial: 019CD8593591CB08E9D5329F6CF5A4D4408E
Authority key identifier: 12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/zG23siPxwccz9AWJE2u__LckVWI.roa
Signing time: Tue 10 Mar 2026 15:24:10 +0000
ROA not before: Tue 10 Mar 2026 15:24:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 176.116.6.0/24 maxlen: 24
2a0f:1080::/32 maxlen: 32
2a0f:1081::/32 maxlen: 32
2a0f:1082::/32 maxlen: 32
2a0f:1083::/32 maxlen: 32
2a0f:1084::/32 maxlen: 32
2a0f:1085::/32 maxlen: 32
2a0f:1086::/32 maxlen: 32
2a0f:1087::/32 maxlen: 32
2a0f:9cc0::/32 maxlen: 32
2a0f:9cc1::/32 maxlen: 32
2a0f:9cc2::/32 maxlen: 32
2a0f:9cc3::/32 maxlen: 32
2a0f:9cc4::/32 maxlen: 32
2a0f:9cc5::/32 maxlen: 32
2a0f:9cc6::/32 maxlen: 32
2a0f:9cc7::/32 maxlen: 32
2a0f:a780::/32 maxlen: 32
2a0f:a781::/32 maxlen: 32
2a0f:a782::/32 maxlen: 32
2a0f:a783::/32 maxlen: 32
2a0f:a784::/32 maxlen: 32
2a0f:a785::/32 maxlen: 32
2a0f:a786::/32 maxlen: 32
2a0f:a787::/32 maxlen: 32
2a14:6a00::/32 maxlen: 32
2a14:6a01::/32 maxlen: 32
2a14:6a02::/32 maxlen: 32
2a14:6a03::/32 maxlen: 32
2a14:6a04::/32 maxlen: 32
2a14:6a05::/32 maxlen: 32
2a14:6a06::/32 maxlen: 32
2a14:6a07::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Ev1VimTpdYakPcfuUKjWspI2W2A.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Ev1VimTpdYakPcfuUKjWspI2W2A.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Mar 2026 15:04:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d8:59:35:91:cb:08:e9:d5:32:9f:6c:f5:a4:d4:40:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12fd558a64e97586a43dc7ee50a8d6b292365b60
Validity
Not Before: Mar 10 15:24:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cc6db7b223f1c1c733f40589136bbffcb7245562
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b8:68:6d:0d:ea:a1:54:31:a7:69:54:90:37:
22:82:6f:a1:50:c5:04:7b:44:91:b1:bc:29:94:aa:
0f:90:33:1e:46:0c:48:c9:76:e0:0a:7c:57:2a:b9:
b4:71:c5:a8:11:56:61:51:ff:cb:d2:de:77:78:84:
3c:70:25:0b:af:b5:cb:99:21:1f:ca:1b:bf:0d:4d:
6c:72:77:26:97:49:19:0e:97:b7:4f:c7:5b:17:07:
41:07:e6:02:6d:c8:53:22:e0:c8:00:64:cc:42:5d:
c0:14:49:b1:80:ca:1e:80:b0:b3:59:67:ab:17:b0:
fa:53:52:d6:1a:00:35:98:15:42:3a:d3:80:54:f8:
3e:dd:7d:5b:f4:c6:15:ad:49:98:01:5c:e8:14:7c:
b5:7f:76:12:7e:66:7c:1a:1a:b7:af:99:f8:58:46:
57:71:d6:9c:f8:16:5c:35:35:6b:58:4c:6c:ac:06:
ac:89:ac:ca:d9:c0:13:35:9d:be:eb:e0:06:0d:69:
e4:d3:b3:e0:96:5c:6d:8a:bd:21:1a:46:44:bd:bc:
5c:2a:c6:64:65:2f:78:fb:74:3c:1b:79:2e:4f:0c:
db:ef:ef:eb:7e:94:b3:cb:92:59:09:b6:9b:71:cd:
45:5e:a9:e3:31:83:05:2b:d2:30:ef:92:8c:7e:26:
ef:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:6D:B7:B2:23:F1:C1:C7:33:F4:05:89:13:6B:BF:FC:B7:24:55:62
X509v3 Authority Key Identifier:
keyid:12:FD:55:8A:64:E9:75:86:A4:3D:C7:EE:50:A8:D6:B2:92:36:5B:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ev1VimTpdYakPcfuUKjWspI2W2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/zG23siPxwccz9AWJE2u__LckVWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/af96df-a4d5-48f9-ac0c-24d8e747c38f/1/Ev1VimTpdYakPcfuUKjWspI2W2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.6.0/24
IPv6:
2a0f:1080::/29
2a0f:9cc0::/29
2a0f:a780::/29
2a14:6a00::/29
Signature Algorithm: sha256WithRSAEncryption
87:95:20:b7:ce:5c:47:d9:ed:13:83:a5:3c:95:2d:e8:6b:da:
b8:1e:ef:39:24:96:c5:06:f5:4f:d2:86:66:22:15:38:2c:2d:
89:53:8a:d9:4a:2b:bd:73:12:e6:95:f3:a6:5e:be:d6:96:0c:
08:1a:8a:30:cc:9b:f5:8c:a3:33:3d:e0:06:c8:88:30:e7:09:
33:da:d6:19:ee:09:eb:e6:63:c7:83:e7:41:1e:36:aa:ae:3a:
a0:2e:26:d9:c7:30:68:e6:aa:d3:b4:98:38:05:ae:f2:4d:d4:
36:96:d2:e5:58:dd:6c:7d:89:33:f0:6e:db:aa:9a:26:53:15:
75:29:1d:71:75:a9:d3:c0:46:2b:a9:63:0d:46:ae:75:23:fa:
e7:2c:43:bb:56:c8:69:f3:73:ac:c4:e3:ed:93:31:7f:bd:c1:
e2:66:c2:e5:ae:7d:c4:75:27:1e:a2:de:86:d4:2e:f5:ce:ef:
ac:1e:01:93:47:c2:bc:a1:05:72:2c:70:72:5a:20:69:1d:53:
1f:cc:54:ea:ed:fb:73:27:96:9a:4b:7d:7f:bb:af:77:2a:5a:
f0:20:87:f7:b7:0f:28:87:e2:eb:96:fc:7f:ab:8a:92:31:97:
ec:7a:6d:d2:a3:75:6b:16:5c:bb:c8:d1:b7:fa:32:25:83:35:
da:8c:a6:82
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZzYWTWRywjp1TKfbPWk1ECOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyZmQ1NThhNjRlOTc1ODZhNDNkYzdlZTUwYThkNmIyOTIz
NjViNjAwHhcNMjYwMzEwMTUyNDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzZkYjdiMjIzZjFjMWM3MzNmNDA1ODkxMzZiYmZmY2I3MjQ1NTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbhobQ3qoVQxp2lUkDcigm+hUMUE
e0SRsbwplKoPkDMeRgxIyXbgCnxXKrm0ccWoEVZhUf/L0t53eIQ8cCULr7XLmSEf
yhu/DU1scncml0kZDpe3T8dbFwdBB+YCbchTIuDIAGTMQl3AFEmxgMoegLCzWWer
F7D6U1LWGgA1mBVCOtOAVPg+3X1b9MYVrUmYAVzoFHy1f3YSfmZ8Ghq3r5n4WEZX
cdac+BZcNTVrWExsrAasiazK2cATNZ2+6+AGDWnk07Pgllxtir0hGkZEvbxcKsZk
ZS94+3Q8G3kuTwzb7+/rfpSzy5JZCbabcc1FXqnjMYMFK9Iw75KMfibvaQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMxtt7Ij8cHHM/QFiRNrv/y3JFViMB8GA1UdIwQY
MBaAFBL9VYpk6XWGpD3H7lCo1rKSNltgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMt
MjRkOGU3NDdjMzhmLzEvekcyM3NpUHh3Y2N6OUFXSkUydV9fTGNrVldJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9hZjk2ZGYtYTRkNS00OGY5LWFjMGMtMjRkOGU3NDdjMzhm
LzEvRXYxVmltVHBkWWFrUGNmdVVLaldzcEkyVzJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAMBAIAATAGAwQAsHQGMCIE
AgACMBwDBQMqDxCAAwUDKg+cwAMFAyoPp4ADBQMqFGoAMA0GCSqGSIb3DQEBCwUA
A4IBAQCHlSC3zlxH2e0Tg6U8lS3oa9q4Hu85JJbFBvVP0oZmIhU4LC2JU4rZSiu9
cxLmlfOmXr7WlgwIGoowzJv1jKMzPeAGyIgw5wkz2tYZ7gnr5mPHg+dBHjaqrjqg
LibZxzBo5qrTtJg4Ba7yTdQ2ltLlWN1sfYkz8G7bqpomUxV1KR1xdanTwEYrqWMN
Rq51I/rnLEO7Vshp83OsxOPtkzF/vcHiZsLlrn3EdSceot6G1C71zu+sHgGTR8K8
oQVyLHByWiBpHVMfzFTq7ftzJ5aaS31/u693KlrwIIf3tw8oh+Lrlvx/q4qSMZfs
em3So3VrFly7yNG3+jIlgzXajKaC
-----END CERTIFICATE-----
Generated at Tue Mar 10 20:30:08 2026 by rpki-client