Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ZRDJvL39I3Lcak5-WUCxSo5eUmI.roa
File: ZRDJvL39I3Lcak5-WUCxSo5eUmI.roa (raw, json)
Hash identifier: xl25kKqi0v+v18hP//f4cIXXi9W/gmGFDE8lJNch3+I=
Subject key identifier: 65:10:C9:BC:BD:FD:23:72:DC:6A:4E:7E:59:40:B1:4A:8E:5E:52:62
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 019D061F557686743F26BD9D4E5759A8ED16
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ZRDJvL39I3Lcak5-WUCxSo5eUmI.roa
Signing time: Thu 19 Mar 2026 12:43:29 +0000
ROA not before: Thu 19 Mar 2026 12:43:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207223
IP address blocks: 79.132.68.0/24 maxlen: 24
79.132.69.0/24 maxlen: 24
79.132.70.0/24 maxlen: 24
79.132.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:06:1f:55:76:86:74:3f:26:bd:9d:4e:57:59:a8:ed:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 19 12:43:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6510c9bcbdfd2372dc6a4e7e5940b14a8e5e5262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4e:17:ff:ec:59:09:a9:48:25:3b:f5:23:e1:
4b:67:75:b9:9f:e6:e3:c1:72:13:f6:1c:dc:97:61:
85:bf:38:58:da:b1:64:f2:0b:9d:bc:0a:d7:06:57:
31:b3:c8:d5:fb:ba:04:51:56:b2:21:08:1c:10:d8:
d5:44:88:6b:51:54:19:4d:51:68:fd:44:aa:1d:29:
4c:62:0b:7e:c6:86:72:25:a7:84:7d:5d:b8:45:6b:
a7:1f:1d:54:47:22:b1:13:58:7c:f4:a3:bc:52:0c:
6a:be:0c:12:b6:a0:71:c2:67:49:b6:2c:1b:9d:89:
61:23:86:dc:a7:43:c0:43:7e:1b:c5:c4:5c:18:dd:
cf:0a:4e:f1:7f:44:bb:16:73:01:09:76:3b:7b:60:
34:32:c6:4b:6a:46:a8:b3:5d:c0:7b:5d:e1:9f:7f:
0b:48:f1:b8:08:3f:24:fc:00:7a:20:cb:82:8b:ec:
10:98:53:05:66:41:55:fc:c1:a7:a6:45:96:61:44:
09:41:7c:84:df:c8:37:04:a6:30:01:51:ab:18:fa:
03:fd:03:e9:26:40:86:c2:19:b6:59:a2:39:f8:8d:
c1:f0:7a:c8:b9:74:16:a1:9a:61:e8:40:d8:34:ce:
2d:96:e8:18:b7:d6:52:df:f9:30:a3:a3:9e:77:4c:
c1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:10:C9:BC:BD:FD:23:72:DC:6A:4E:7E:59:40:B1:4A:8E:5E:52:62
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ZRDJvL39I3Lcak5-WUCxSo5eUmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.68.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:26:e5:3e:a7:c1:0a:81:9b:b1:80:a1:54:9a:92:f0:99:84:
de:fe:4c:ac:e1:6e:1e:0e:44:1c:b3:b6:88:bb:3b:53:2b:79:
52:a4:19:84:c1:c6:9b:72:f7:d8:aa:cf:8d:6f:3a:7d:2b:f9:
0c:b9:f3:48:0a:ea:0a:b0:e4:58:7e:1c:a9:fa:bb:5f:ae:e1:
ce:d0:f3:55:de:4e:8e:1e:60:70:23:05:19:18:b3:5e:23:1f:
f1:75:fc:60:fa:68:8c:25:ac:d9:2a:4a:37:9d:07:4b:31:fc:
e0:a9:03:75:98:42:63:a7:54:72:e4:50:fa:fe:a1:c0:c4:a7:
73:35:19:bc:42:1b:e9:cc:07:bd:fd:a1:6b:31:52:19:84:30:
72:03:0a:dc:1b:0d:26:9a:ca:d5:5e:d2:d2:cf:7f:ba:cc:7b:
09:19:ae:08:4a:b0:ed:8c:24:3d:1b:31:6f:2e:0b:f8:16:db:
41:c9:b4:59:18:55:95:4d:43:04:cc:a5:52:6d:51:a4:c5:56:
44:7c:57:8e:a8:fd:08:45:d9:0c:e8:f3:cc:c2:d9:0f:b0:db:
52:b3:bc:ef:07:2b:e4:95:f9:d9:d6:b3:cd:30:bd:79:d4:39:
11:aa:00:7c:c3:d1:8e:7e:f6:8d:cc:2e:32:62:f6:5a:97:1a:
77:64:9c:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0GH1V2hnQ/Jr2dTldZqO0WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjYwMzE5MTI0MzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTEwYzliY2JkZmQyMzcyZGM2YTRlN2U1OTQwYjE0YThlNWU1MjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwk4X/+xZCalIJTv1I+FLZ3W5n+bj
wXIT9hzcl2GFvzhY2rFk8gudvArXBlcxs8jV+7oEUVayIQgcENjVRIhrUVQZTVFo
/USqHSlMYgt+xoZyJaeEfV24RWunHx1URyKxE1h89KO8UgxqvgwStqBxwmdJtiwb
nYlhI4bcp0PAQ34bxcRcGN3PCk7xf0S7FnMBCXY7e2A0MsZLakaos13Ae13hn38L
SPG4CD8k/AB6IMuCi+wQmFMFZkFV/MGnpkWWYUQJQXyE38g3BKYwAVGrGPoD/QPp
JkCGwhm2WaI5+I3B8HrIuXQWoZph6EDYNM4tlugYt9ZS3/kwo6Oed0zBPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGUQyby9/SNy3GpOfllAsUqOXlJiMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvWlJESnZMMzlJM0xjYWs1LVdVQ3hTbzVlVW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCT4REMA0G
CSqGSIb3DQEBCwUAA4IBAQCLJuU+p8EKgZuxgKFUmpLwmYTe/kys4W4eDkQcs7aI
uztTK3lSpBmEwcabcvfYqs+Nbzp9K/kMufNICuoKsORYfhyp+rtfruHO0PNV3k6O
HmBwIwUZGLNeIx/xdfxg+miMJazZKko3nQdLMfzgqQN1mEJjp1Ry5FD6/qHAxKdz
NRm8QhvpzAe9/aFrMVIZhDByAwrcGw0mmsrVXtLSz3+6zHsJGa4ISrDtjCQ9GzFv
Lgv4FttBybRZGFWVTUMEzKVSbVGkxVZEfFeOqP0IRdkM6PPMwtkPsNtSs7zvByvk
lfnZ1rPNML151DkRqgB8w9GOfvaNzC4yYvZalxp3ZJzM
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:44:38 2026 by rpki-client