Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/b36e69-f81b-400a-aed1-5d3efe2109aa/1/ZPcVr_99m8S8MN4KS8E89rzHdiU.roa
File: ZPcVr_99m8S8MN4KS8E89rzHdiU.roa (raw, json)
Hash identifier: 4ghNNSiKjSYzIHSnF3XQIcioMv7lGSMklZ8MTORFbKI=
Subject key identifier: 64:F7:15:AF:FF:7D:9B:C4:BC:30:DE:0A:4B:C1:3C:F6:BC:C7:76:25
Certificate issuer: /CN=d71f1659eac9a6a3431df609f9e2e2196a045c8d
Certificate serial: 019C9E009FDEECC8ACABFEFE1B0111BA4521
Authority key identifier: D7:1F:16:59:EA:C9:A6:A3:43:1D:F6:09:F9:E2:E2:19:6A:04:5C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1x8WWerJpqNDHfYJ-eLiGWoEXI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/b36e69-f81b-400a-aed1-5d3efe2109aa/1/ZPcVr_99m8S8MN4KS8E89rzHdiU.roa
Signing time: Fri 27 Feb 2026 07:29:26 +0000
ROA not before: Fri 27 Feb 2026 07:29:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197307
IP address blocks: 79.142.144.0/20 maxlen: 20
185.51.28.0/22 maxlen: 24
185.180.0.0/23 maxlen: 24
2a02:24c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/b36e69-f81b-400a-aed1-5d3efe2109aa/1/1x8WWerJpqNDHfYJ-eLiGWoEXI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/b36e69-f81b-400a-aed1-5d3efe2109aa/1/1x8WWerJpqNDHfYJ-eLiGWoEXI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1x8WWerJpqNDHfYJ-eLiGWoEXI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:00:9f:de:ec:c8:ac:ab:fe:fe:1b:01:11:ba:45:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d71f1659eac9a6a3431df609f9e2e2196a045c8d
Validity
Not Before: Feb 27 07:29:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=64f715afff7d9bc4bc30de0a4bc13cf6bcc77625
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:50:e7:d2:a3:89:8a:1d:32:26:19:43:bb:e9:
55:48:9c:49:ad:0b:ee:f6:e9:83:98:5b:c3:98:94:
95:82:ab:5d:62:60:44:eb:99:ca:32:15:f1:1a:c7:
07:b2:45:c2:a8:6b:a5:d2:fd:f5:d5:9e:18:47:67:
51:4e:dc:3a:da:b8:3e:ba:69:eb:90:00:3a:11:6f:
14:a6:59:2d:a5:50:44:c8:e5:c8:1e:33:6c:1a:f5:
f1:bf:0c:6f:85:88:97:a9:37:1e:77:61:36:5d:12:
b8:8e:43:56:c2:0b:5a:e7:f0:6c:fe:be:3d:2c:12:
77:69:7d:b3:37:51:1d:4f:39:bb:91:3f:ab:7e:3b:
b1:17:85:19:af:60:ef:a6:f3:56:a5:3f:19:6e:a1:
f5:4f:5a:16:1f:29:ce:ef:3f:be:87:50:81:c0:fd:
b4:79:b8:45:b7:96:50:4d:b0:c4:a9:c4:82:50:b4:
e0:a3:21:17:6b:2c:a7:14:b5:bf:fd:ca:c0:f5:77:
f8:51:cd:c8:b8:57:25:3c:57:2f:7f:24:a1:c4:5f:
c2:d9:57:41:39:a0:d0:24:de:4a:07:0f:a7:11:86:
0a:6e:73:3f:77:98:a4:1e:1a:51:8f:7c:62:1c:b1:
fa:b1:05:d7:cc:08:ff:79:fd:bf:8e:6a:23:bf:27:
47:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:F7:15:AF:FF:7D:9B:C4:BC:30:DE:0A:4B:C1:3C:F6:BC:C7:76:25
X509v3 Authority Key Identifier:
keyid:D7:1F:16:59:EA:C9:A6:A3:43:1D:F6:09:F9:E2:E2:19:6A:04:5C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1x8WWerJpqNDHfYJ-eLiGWoEXI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/b36e69-f81b-400a-aed1-5d3efe2109aa/1/ZPcVr_99m8S8MN4KS8E89rzHdiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/b36e69-f81b-400a-aed1-5d3efe2109aa/1/1x8WWerJpqNDHfYJ-eLiGWoEXI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.142.144.0/20
185.51.28.0/22
185.180.0.0/23
IPv6:
2a02:24c0::/32
Signature Algorithm: sha256WithRSAEncryption
5f:79:57:54:00:ad:c2:de:03:9f:08:f4:c5:6f:4c:69:af:6e:
3f:05:ce:88:d7:e0:6d:53:9d:43:65:fd:ca:1b:e9:92:72:10:
f7:bb:1b:c4:38:c6:ce:a8:3f:00:9e:0d:09:67:6c:97:df:1f:
c9:65:b7:9e:c3:52:d5:52:40:b6:df:2a:6b:43:41:4b:56:96:
e2:33:5b:2c:d3:51:4c:05:19:d6:a1:c1:25:eb:84:df:04:d1:
c4:e7:c4:59:78:1b:4d:77:e0:a3:08:7a:ba:96:e4:ec:1a:b9:
31:7e:ac:8c:55:da:51:bb:b3:fd:fe:e8:c7:c4:54:34:ac:b2:
48:de:60:58:0d:b9:2f:81:df:30:87:e7:7c:1e:31:44:c3:f2:
af:fd:86:0c:5f:1e:33:8c:e6:a7:68:12:d8:a0:7b:d6:a7:3c:
45:f2:de:11:4e:c7:e2:5e:05:1b:26:20:b3:a3:c5:05:2f:e9:
95:14:0f:c4:c0:af:eb:ae:bb:dc:42:40:6a:5b:f4:3d:9d:00:
b5:e6:9a:03:a9:6c:e6:7e:3e:01:2c:d5:89:09:e7:0e:2d:48:
af:5d:27:ca:8e:90:b0:f3:a1:05:89:2f:c6:e2:fd:11:70:09:
f9:6a:f3:ec:9f:27:13:17:9a:29:4c:1c:f3:e8:d9:33:97:62:
41:ef:5d:6a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZyeAJ/e7Misq/7+GwERukUhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MWYxNjU5ZWFjOWE2YTM0MzFkZjYwOWY5ZTJlMjE5NmEw
NDVjOGQwHhcNMjYwMjI3MDcyOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGY3MTVhZmZmN2Q5YmM0YmMzMGRlMGE0YmMxM2NmNmJjYzc3NjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlDn0qOJih0yJhlDu+lVSJxJrQvu
9umDmFvDmJSVgqtdYmBE65nKMhXxGscHskXCqGul0v311Z4YR2dRTtw62rg+umnr
kAA6EW8UplktpVBEyOXIHjNsGvXxvwxvhYiXqTced2E2XRK4jkNWwgta5/Bs/r49
LBJ3aX2zN1EdTzm7kT+rfjuxF4UZr2DvpvNWpT8ZbqH1T1oWHynO7z++h1CBwP20
ebhFt5ZQTbDEqcSCULTgoyEXayynFLW//crA9Xf4Uc3IuFclPFcvfyShxF/C2VdB
OaDQJN5KBw+nEYYKbnM/d5ikHhpRj3xiHLH6sQXXzAj/ef2/jmojvydHAwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGT3Fa//fZvEvDDeCkvBPPa8x3YlMB8GA1UdIwQY
MBaAFNcfFlnqyaajQx32Cfni4hlqBFyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXg4V1dlckpwcU5ESGZZSi1lTGlHV29FWEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9iMzZlNjktZjgxYi00MDBhLWFlZDEt
NWQzZWZlMjEwOWFhLzEvWlBjVnJfOTltOFM4TU40S1M4RTg5cnpIZGlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9iMzZlNjktZjgxYi00MDBhLWFlZDEtNWQzZWZlMjEwOWFh
LzEvMXg4V1dlckpwcU5ESGZZSi1lTGlHV29FWEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQET46QAwQC
uTMcAwQBubQAMA0EAgACMAcDBQAqAiTAMA0GCSqGSIb3DQEBCwUAA4IBAQBfeVdU
AK3C3gOfCPTFb0xpr24/Bc6I1+BtU51DZf3KG+mSchD3uxvEOMbOqD8Ang0JZ2yX
3x/JZbeew1LVUkC23yprQ0FLVpbiM1ss01FMBRnWocEl64TfBNHE58RZeBtNd+Cj
CHq6luTsGrkxfqyMVdpRu7P9/ujHxFQ0rLJI3mBYDbkvgd8wh+d8HjFEw/Kv/YYM
Xx4zjOanaBLYoHvWpzxF8t4RTsfiXgUbJiCzo8UFL+mVFA/EwK/rrrvcQkBqW/Q9
nQC15poDqWzmfj4BLNWJCecOLUivXSfKjpCw86EFiS/G4v0RcAn5avPsnycTF5op
TBzz6Nkzl2JB711q
-----END CERTIFICATE-----
Generated at Sat Mar 28 15:55:04 2026 by rpki-client