Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/ZaqtMpuV1OTHrfw5vTo173r3btw.roa
File: ZaqtMpuV1OTHrfw5vTo173r3btw.roa (raw, json)
Hash identifier: 4AT/2CMIDCNnv/+NVAlofDA6B2gmgAWxYpfIG2EVarI=
Subject key identifier: 65:AA:AD:32:9B:95:D4:E4:C7:AD:FC:39:BD:3A:35:EF:7A:F7:6E:DC
Certificate issuer: /CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Certificate serial: 019DB4C5FA46D159C7F3DF7F42CCE0D1377C
Authority key identifier: A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/ZaqtMpuV1OTHrfw5vTo173r3btw.roa
Signing time: Wed 22 Apr 2026 10:39:26 +0000
ROA not before: Wed 22 Apr 2026 10:39:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 47474
IP address blocks: 81.178.128.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.mft
rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b4:c5:fa:46:d1:59:c7:f3:df:7f:42:cc:e0:d1:37:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9807f6d50d97d971dcf2e2e5064e9b907adb3ec
Validity
Not Before: Apr 22 10:39:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=65aaad329b95d4e4c7adfc39bd3a35ef7af76edc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:89:15:fd:24:69:81:4e:81:1e:cb:25:0a:f6:
77:fd:20:14:d5:0e:31:96:bd:10:0a:62:2a:dc:9a:
d8:da:72:d8:65:40:5c:1d:1f:15:14:30:4e:6e:0b:
c7:47:9b:5b:98:9f:49:9c:c1:08:62:34:f7:a9:ad:
49:8b:72:b3:95:bb:39:fd:51:69:4c:37:b6:b2:f6:
5e:22:8e:b2:f8:ac:d9:36:22:5e:e9:5a:6f:d9:0a:
9f:c6:55:c9:37:4c:22:96:1c:7e:21:f8:d5:bf:ad:
d2:2a:e1:c1:16:a9:f8:7d:b6:b3:cf:e5:da:30:1d:
4d:5f:22:db:d5:17:d7:0c:8a:67:0a:83:06:ad:f7:
31:5b:8e:87:aa:bc:9d:03:44:f2:15:b0:3f:10:24:
96:ec:6a:02:5c:44:0d:4a:c8:6c:0f:07:cf:2f:0a:
cc:ab:dd:9a:ad:5c:a9:91:d0:43:19:51:27:43:da:
62:81:6d:bc:fb:01:a9:f1:90:af:96:c5:32:2b:71:
f4:29:08:24:5c:21:88:fb:5d:b7:4e:95:25:90:b2:
89:d9:91:ac:39:2d:31:f4:1d:40:c8:6a:1a:13:54:
75:81:74:5c:a8:39:28:a3:b6:c3:4a:dd:c1:79:31:
24:e5:5e:39:ba:7b:81:94:f6:9d:25:c9:8e:c2:9c:
72:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:AA:AD:32:9B:95:D4:E4:C7:AD:FC:39:BD:3A:35:EF:7A:F7:6E:DC
X509v3 Authority Key Identifier:
keyid:A9:80:7F:6D:50:D9:7D:97:1D:CF:2E:2E:50:64:E9:B9:07:AD:B3:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qYB_bVDZfZcdzy4uUGTpuQets-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/ZaqtMpuV1OTHrfw5vTo173r3btw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/ca9dbe-0095-40f3-b932-0d8f7dd8cce6/1/qYB_bVDZfZcdzy4uUGTpuQets-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.178.128.0/17
Signature Algorithm: sha256WithRSAEncryption
52:e8:81:0c:95:7c:64:e1:62:3e:cf:41:fe:28:00:02:cd:16:
1a:96:02:0b:cc:8d:fd:9d:d1:80:83:95:4e:80:2f:5b:5b:b4:
a3:41:3c:f8:04:64:d5:be:9f:59:02:15:90:a1:e2:2d:a3:b4:
93:4b:64:cf:0f:c0:c1:36:82:46:95:96:1b:80:97:9b:19:eb:
8c:6b:7d:6a:90:0c:fc:00:f4:d3:50:99:b0:a4:fa:74:19:67:
76:7e:2f:f1:49:20:8b:6b:23:62:2b:24:7b:97:3f:2e:b1:06:
c2:21:b5:5f:e0:7e:95:9c:bc:00:fb:bc:d0:b2:ab:ae:69:05:
e0:b6:16:26:e3:56:44:3a:06:22:06:2c:0b:d7:1d:29:2e:4c:
6f:b7:46:b3:81:ec:81:82:9a:2d:b7:6d:ff:29:be:e1:8d:db:
1a:45:cc:76:03:37:83:91:ac:cd:8c:76:1b:7c:5d:a7:7d:c8:
48:75:b2:30:e4:23:3a:9c:5f:71:8f:1c:3f:10:7d:16:80:32:
5e:89:01:01:9e:cc:34:9b:de:89:53:a0:ef:9b:ad:81:62:e6:
3f:c7:95:16:b0:ba:bc:c0:9c:c0:74:9a:ab:c4:ee:79:2b:7d:
d0:de:d4:81:0b:80:40:fa:cb:26:45:03:ca:ed:e1:e5:c0:a9:
c6:14:ee:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ20xfpG0VnH899/Qszg0Td8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5ODA3ZjZkNTBkOTdkOTcxZGNmMmUyZTUwNjRlOWI5MDdh
ZGIzZWMwHhcNMjYwNDIyMTAzOTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWFhYWQzMjliOTVkNGU0YzdhZGZjMzliZDNhMzVlZjdhZjc2ZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA14kV/SRpgU6BHsslCvZ3/SAU1Q4x
lr0QCmIq3JrY2nLYZUBcHR8VFDBObgvHR5tbmJ9JnMEIYjT3qa1Ji3Kzlbs5/VFp
TDe2svZeIo6y+KzZNiJe6Vpv2QqfxlXJN0wilhx+IfjVv63SKuHBFqn4fbazz+Xa
MB1NXyLb1RfXDIpnCoMGrfcxW46HqrydA0TyFbA/ECSW7GoCXEQNSshsDwfPLwrM
q92arVypkdBDGVEnQ9pigW28+wGp8ZCvlsUyK3H0KQgkXCGI+123TpUlkLKJ2ZGs
OS0x9B1AyGoaE1R1gXRcqDkoo7bDSt3BeTEk5V45unuBlPadJcmOwpxyuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGWqrTKbldTkx638Ob06Ne96927cMB8GA1UdIwQY
MBaAFKmAf21Q2X2XHc8uLlBk6bkHrbPsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzIt
MGQ4ZjdkZDhjY2U2LzEvWmFxdE1wdVYxT1RIcmZ3NXZUbzE3M3IzYnR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9jYTlkYmUtMDA5NS00MGYzLWI5MzItMGQ4ZjdkZDhjY2U2
LzEvcVlCX2JWRFpmWmNkenk0dVVHVHB1UWV0cy13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQHUbKAMA0G
CSqGSIb3DQEBCwUAA4IBAQBS6IEMlXxk4WI+z0H+KAACzRYalgILzI39ndGAg5VO
gC9bW7SjQTz4BGTVvp9ZAhWQoeIto7STS2TPD8DBNoJGlZYbgJebGeuMa31qkAz8
APTTUJmwpPp0GWd2fi/xSSCLayNiKyR7lz8usQbCIbVf4H6VnLwA+7zQsquuaQXg
thYm41ZEOgYiBiwL1x0pLkxvt0azgeyBgpott23/Kb7hjdsaRcx2AzeDkazNjHYb
fF2nfchIdbIw5CM6nF9xjxw/EH0WgDJeiQEBnsw0m96JU6Dvm62BYuY/x5UWsLq8
wJzAdJqrxO55K33Q3tSBC4BA+ssmRQPK7eHlwKnGFO5g
-----END CERTIFICATE-----
Generated at Wed May 13 04:55:05 2026 by rpki-client