Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/zKolFF7pIfBKSI9rBwFR86YA5mw.roa
File: zKolFF7pIfBKSI9rBwFR86YA5mw.roa (raw, json)
Hash identifier: 9sIEf7Bv75ymBUmnof1E+eC7VGtVpcNCqBx4ZXEdqs4=
Subject key identifier: CC:AA:25:14:5E:E9:21:F0:4A:48:8F:6B:07:01:51:F3:A6:00:E6:6C
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 019E5CC99C4168A6998786AD9D9F7E2C5921
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/zKolFF7pIfBKSI9rBwFR86YA5mw.roa
Signing time: Mon 25 May 2026 01:39:37 +0000
ROA not before: Mon 25 May 2026 01:39:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12380
IP address blocks: 80.248.144.0/20 maxlen: 20
89.20.16.0/20 maxlen: 20
212.58.192.0/19 maxlen: 19
212.58.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 15:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5c:c9:9c:41:68:a6:99:87:86:ad:9d:9f:7e:2c:59:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: May 25 01:39:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ccaa25145ee921f04a488f6b070151f3a600e66c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:72:7b:8c:7f:3b:b5:f2:8c:e0:2d:2d:0c:55:
27:c6:34:d0:71:b8:4d:18:1d:64:bd:10:b3:1d:c0:
13:57:2f:e1:07:9c:4f:1e:4c:5c:e8:d7:12:ea:b9:
ea:b5:f8:1b:ee:04:79:9f:0a:32:64:7d:e7:5d:ed:
1c:13:14:4f:1a:9e:1b:b8:d3:8d:2f:fb:f3:3b:72:
f1:38:e6:9b:29:bd:45:a1:00:9f:bc:c3:2d:c6:6f:
94:d4:5a:d5:b7:6d:19:4a:b1:d1:96:83:93:d3:fc:
e5:00:d6:c2:5f:4b:69:6b:ee:8c:4f:53:9d:93:49:
c3:50:2a:1d:d4:4b:39:0b:6a:68:c1:f2:64:87:aa:
c3:71:1d:56:33:f2:a2:70:6a:16:52:31:c2:78:11:
f9:b2:3b:ed:20:7b:34:8b:ad:06:a7:75:3b:f4:70:
d5:b6:54:13:5d:8a:53:ca:a5:70:7d:1c:06:24:fd:
7f:22:78:e8:a2:17:74:a1:42:c9:bd:2c:81:7a:64:
ef:48:3c:b9:60:01:ce:b2:bc:f0:29:d8:fd:0d:76:
a0:b9:5b:b5:96:23:0c:b3:f5:4d:54:90:a5:7d:d6:
5a:9d:17:ad:9c:8b:e0:65:04:b8:81:4f:0f:b1:0d:
8c:84:33:fa:dd:ef:78:46:e5:b9:2d:1d:d9:e9:6f:
bf:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:AA:25:14:5E:E9:21:F0:4A:48:8F:6B:07:01:51:F3:A6:00:E6:6C
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/zKolFF7pIfBKSI9rBwFR86YA5mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.248.144.0/20
89.20.16.0/20
212.58.192.0/19
Signature Algorithm: sha256WithRSAEncryption
8e:e8:e2:89:3e:5e:f0:3a:f6:69:87:25:32:f8:cd:68:85:98:
18:24:44:2d:67:96:7a:2f:16:c2:d4:9f:47:46:8f:b7:1c:4d:
23:59:72:b6:a5:a7:f1:58:12:48:64:f3:c4:32:e2:e2:57:22:
b7:8a:8d:f0:17:70:cf:12:34:ee:4d:fe:51:92:7e:e6:51:ee:
a4:65:56:6d:30:31:21:67:0d:57:97:87:8f:f0:b8:63:6e:77:
40:50:c4:68:a9:dd:99:50:80:43:d3:1e:07:d4:33:97:0b:26:
a0:42:69:a1:5b:d1:10:9e:38:d9:57:1c:49:22:dd:43:b1:8e:
97:a2:91:74:bd:1b:da:ee:ad:e9:ef:3a:6b:83:85:85:9d:e4:
c5:c8:91:1b:fe:ae:d0:d7:99:26:a3:2e:4a:b1:af:6d:fb:45:
20:ad:98:0b:ef:4e:41:24:00:eb:ea:4b:74:58:61:05:72:50:
2d:03:a3:9e:a1:55:b4:63:a1:50:43:db:d1:a3:6e:14:1b:e3:
d1:32:b6:68:7f:d3:37:2d:fa:d6:d2:f5:e0:62:20:f7:47:57:
5a:18:57:cc:0a:28:13:df:9f:89:b2:b3:cf:84:cb:f6:36:40:
93:03:11:d2:67:6d:53:e3:fd:02:84:36:63:53:b6:05:4c:09:
91:cf:1e:66
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ5cyZxBaKaZh4atnZ9+LFkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjYwNTI1MDEzOTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2FhMjUxNDVlZTkyMWYwNGE0ODhmNmIwNzAxNTFmM2E2MDBlNjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonJ7jH87tfKM4C0tDFUnxjTQcbhN
GB1kvRCzHcATVy/hB5xPHkxc6NcS6rnqtfgb7gR5nwoyZH3nXe0cExRPGp4buNON
L/vzO3LxOOabKb1FoQCfvMMtxm+U1FrVt20ZSrHRloOT0/zlANbCX0tpa+6MT1Od
k0nDUCod1Es5C2powfJkh6rDcR1WM/KicGoWUjHCeBH5sjvtIHs0i60Gp3U79HDV
tlQTXYpTyqVwfRwGJP1/Injoohd0oULJvSyBemTvSDy5YAHOsrzwKdj9DXaguVu1
liMMs/VNVJClfdZanRetnIvgZQS4gU8PsQ2MhDP63e94RuW5LR3Z6W+/NQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMyqJRRe6SHwSkiPawcBUfOmAOZsMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvektvbEZGN3BJZkJLU0k5ckJ3RlI4NllBNW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEUPiQAwQE
WRQQAwQF1DrAMA0GCSqGSIb3DQEBCwUAA4IBAQCO6OKJPl7wOvZphyUy+M1ohZgY
JEQtZ5Z6LxbC1J9HRo+3HE0jWXK2pafxWBJIZPPEMuLiVyK3io3wF3DPEjTuTf5R
kn7mUe6kZVZtMDEhZw1Xl4eP8LhjbndAUMRoqd2ZUIBD0x4H1DOXCyagQmmhW9EQ
njjZVxxJIt1DsY6XopF0vRva7q3p7zprg4WFneTFyJEb/q7Q15kmoy5Ksa9t+0Ug
rZgL705BJADr6kt0WGEFclAtA6OeoVW0Y6FQQ9vRo24UG+PRMrZof9M3LfrW0vXg
YiD3R1daGFfMCigT35+JsrPPhMv2NkCTAxHSZ21T4/0ChDZjU7YFTAmRzx5m
-----END CERTIFICATE-----
Generated at Fri Jun 12 01:01:04 2026 by rpki-client