Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ZqsDcRefGIQO0hguH3xgYHKHMVI.roa
File: ZqsDcRefGIQO0hguH3xgYHKHMVI.roa (raw, json)
Hash identifier: FiLUnTLNQNdBQxhzws3UHDJtD6L5hKsUiS0Pvu7vJ60=
Subject key identifier: 66:AB:03:71:17:9F:18:84:0E:D2:18:2E:1F:7C:60:60:72:87:31:52
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 019CF622EF2DB7BAD276600332BAF66BF526
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ZqsDcRefGIQO0hguH3xgYHKHMVI.roa
Signing time: Mon 16 Mar 2026 10:13:30 +0000
ROA not before: Mon 16 Mar 2026 10:13:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2914
IP address blocks: 80.97.54.0/24 maxlen: 24
81.180.37.0/24 maxlen: 24
81.180.173.0/24 maxlen: 24
81.181.172.0/24 maxlen: 24
81.181.175.0/24 maxlen: 24
81.181.236.0/22 maxlen: 22
85.120.128.0/22 maxlen: 22
85.120.132.0/22 maxlen: 22
194.102.122.0/23 maxlen: 23
194.102.217.0/24 maxlen: 24
217.156.29.0/24 maxlen: 24
217.156.57.0/24 maxlen: 24
217.156.112.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f6:22:ef:2d:b7:ba:d2:76:60:03:32:ba:f6:6b:f5:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Mar 16 10:13:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=66ab0371179f18840ed2182e1f7c606072873152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:2d:43:77:f5:61:02:1c:d0:d1:1c:87:7c:63:
8c:9b:df:cb:ee:d8:da:0e:6f:a5:ec:7c:63:36:89:
ab:c2:52:7b:94:f6:f6:d4:8c:a5:d5:22:e3:ac:33:
52:a2:c1:0b:f8:13:6a:9c:96:69:44:fa:f5:a0:59:
ca:6b:6e:b8:b0:85:b3:68:d4:d9:1a:1a:f2:cc:b6:
72:65:c7:95:04:e1:fc:02:c4:fd:3f:9f:03:e1:8f:
28:85:50:49:ca:fb:d4:30:e0:63:92:a9:35:95:94:
1f:bd:44:0d:f0:a4:5c:29:a1:cb:45:94:95:65:cd:
39:0a:87:81:54:c7:04:74:8d:be:5e:57:9b:71:a2:
b5:3a:81:dd:45:1b:fd:1c:59:c1:94:07:1d:7d:6d:
c5:63:03:22:f0:a2:5b:28:1f:e6:c3:0e:40:f9:5e:
10:a8:09:05:02:ef:36:4c:a5:00:3d:5b:33:1a:91:
23:68:30:78:ca:1d:2a:4d:fa:37:35:c7:91:7f:e4:
e3:6b:30:ec:b8:62:53:f0:b3:30:5a:70:c5:3b:3d:
9a:4e:4e:4e:c9:6d:36:82:1c:d7:6b:ba:89:9f:72:
b8:e3:1c:c9:9d:15:6f:68:7d:bb:8f:24:18:07:79:
51:68:b5:fd:3b:35:a8:44:a7:f9:80:fc:7f:f4:ec:
77:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:AB:03:71:17:9F:18:84:0E:D2:18:2E:1F:7C:60:60:72:87:31:52
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/ZqsDcRefGIQO0hguH3xgYHKHMVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.97.54.0/24
81.180.37.0/24
81.180.173.0/24
81.181.172.0/24
81.181.175.0/24
81.181.236.0/22
85.120.128.0/21
194.102.122.0/23
194.102.217.0/24
217.156.29.0/24
217.156.57.0/24
217.156.112.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:42:8a:76:57:bc:a9:22:76:0f:3b:54:c6:ea:95:9a:be:ca:
36:36:37:f5:f7:a2:90:42:80:74:e4:3a:b7:d9:f5:c3:44:47:
d2:5e:62:57:bf:1a:49:da:19:e4:f5:e9:cb:a8:2e:39:b2:53:
f3:63:d1:2f:e8:f8:73:1f:3b:96:dc:0e:b4:8b:de:6d:80:00:
ee:13:1b:dd:09:b1:a0:6f:60:c7:49:a7:07:70:9f:94:aa:b6:
ff:06:fa:d8:14:93:9b:8a:7d:4e:4a:45:90:34:e3:eb:ea:40:
b5:93:fe:c9:36:b7:cf:b5:2d:be:2f:6d:39:f1:31:11:5e:09:
37:39:25:32:66:34:ae:bc:c0:63:38:82:9c:32:db:d1:b4:39:
8d:8d:e4:77:90:29:29:5f:47:58:14:b9:46:70:30:8c:4a:73:
c4:f2:ab:1b:e6:f4:ec:14:fb:70:18:1c:f7:5b:e1:73:7f:27:
ac:12:e6:66:8a:1c:a4:80:fc:98:d3:7c:78:ad:e5:b8:a1:06:
7a:b6:61:4a:77:15:c1:d4:76:d2:31:ae:cf:00:bd:0b:ca:92:
05:7e:8c:0b:a9:8d:ed:e8:84:8e:ce:bc:07:d9:83:2a:59:71:
0b:7d:4e:3c:71:38:c1:9b:75:a8:2d:15:a0:a1:61:64:3b:47:
5d:f9:4b:09
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZz2Iu8tt7rSdmADMrr2a/UmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjYwMzE2MTAxMzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmFiMDM3MTE3OWYxODg0MGVkMjE4MmUxZjdjNjA2MDcyODczMTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxS1Dd/VhAhzQ0RyHfGOMm9/L7tja
Dm+l7HxjNomrwlJ7lPb21Iyl1SLjrDNSosEL+BNqnJZpRPr1oFnKa264sIWzaNTZ
GhryzLZyZceVBOH8AsT9P58D4Y8ohVBJyvvUMOBjkqk1lZQfvUQN8KRcKaHLRZSV
Zc05CoeBVMcEdI2+XlebcaK1OoHdRRv9HFnBlAcdfW3FYwMi8KJbKB/mww5A+V4Q
qAkFAu82TKUAPVszGpEjaDB4yh0qTfo3NceRf+TjazDsuGJT8LMwWnDFOz2aTk5O
yW02ghzXa7qJn3K44xzJnRVvaH27jyQYB3lRaLX9OzWoRKf5gPx/9Ox3AwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGarA3EXnxiEDtIYLh98YGByhzFSMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvWnFzRGNSZWZHSVFPMGhndUgzeGdZSEtITVZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAUGE2AwQA
UbQlAwQAUbStAwQAUbWsAwQAUbWvAwQCUbXsAwQDVXiAAwQBwmZ6AwQAwmbZAwQA
2ZwdAwQA2Zw5AwQC2ZxwMA0GCSqGSIb3DQEBCwUAA4IBAQAuQop2V7ypInYPO1TG
6pWavso2Njf196KQQoB05Dq32fXDREfSXmJXvxpJ2hnk9enLqC45slPzY9Ev6Phz
HzuW3A60i95tgADuExvdCbGgb2DHSacHcJ+Uqrb/BvrYFJObin1OSkWQNOPr6kC1
k/7JNrfPtS2+L2058TERXgk3OSUyZjSuvMBjOIKcMtvRtDmNjeR3kCkpX0dYFLlG
cDCMSnPE8qsb5vTsFPtwGBz3W+FzfyesEuZmihykgPyY03x4reW4oQZ6tmFKdxXB
1HbSMa7PAL0LypIFfowLqY3t6ISOzrwH2YMqWXELfU48cTjBm3WoLRWgoWFkO0dd
+UsJ
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:29:33 2026 by rpki-client