Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/zraNw8LeAWlnY3DPt_ChcLdFWU4.roa
File: zraNw8LeAWlnY3DPt_ChcLdFWU4.roa (raw, json)
Hash identifier: GAhTC1QluGdOik4s8WqaXoSj07QRcnsMlml1l1SiPo4=
Subject key identifier: CE:B6:8D:C3:C2:DE:01:69:67:63:70:CF:B7:F0:A1:70:B7:45:59:4E
Certificate issuer: /CN=505127723ea0cfd0724713b291734caa353e20ea
Certificate serial: 019DF506B085ECFAED31DD7D65D88BCCAF2B
Authority key identifier: 50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/zraNw8LeAWlnY3DPt_ChcLdFWU4.roa
Signing time: Mon 04 May 2026 22:05:49 +0000
ROA not before: Mon 04 May 2026 22:05:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212477
IP address blocks: 185.190.56.0/23 maxlen: 24
185.206.22.0/23 maxlen: 24
185.213.18.0/23 maxlen: 24
185.227.252.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f5:06:b0:85:ec:fa:ed:31:dd:7d:65:d8:8b:cc:af:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505127723ea0cfd0724713b291734caa353e20ea
Validity
Not Before: May 4 22:05:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ceb68dc3c2de0169676370cfb7f0a170b745594e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6f:e1:1b:69:46:01:01:2a:3d:11:55:1a:ef:
ff:c3:98:08:1f:bc:6b:92:9c:d1:c2:60:e6:76:ec:
f7:4a:bf:4a:c9:54:9a:a7:82:f6:b3:49:b6:d3:15:
29:e4:20:f5:07:12:3e:6e:d1:af:c6:3a:ac:e4:2b:
e0:d4:e2:ae:30:5a:2d:14:71:6b:16:e5:84:8e:a3:
15:d4:b8:98:79:19:6e:ab:08:fa:02:a2:fd:fe:05:
fe:c6:c5:8b:ae:72:b5:34:ae:d0:26:b9:11:0a:23:
d0:c7:9c:35:e1:62:05:ca:05:80:22:be:4b:f5:94:
f6:95:ad:1d:b4:2e:d6:e8:8b:20:cf:74:69:09:33:
1c:90:05:8c:d0:39:28:45:6d:41:23:de:47:f7:6b:
65:97:75:68:50:01:34:c4:99:ff:9f:52:d4:73:43:
6a:b3:44:78:7b:37:f8:8b:a5:f2:80:96:01:67:27:
d4:8f:41:5c:10:90:2d:2e:ab:35:66:df:95:92:10:
57:83:e2:b8:9d:65:7b:71:83:ad:6b:83:09:4f:71:
30:b6:54:7c:b1:e2:d0:2c:a5:62:02:16:9b:39:8d:
88:47:85:d9:3f:af:31:8d:ae:ef:14:5b:80:4f:17:
67:da:62:04:21:4e:2f:5a:2f:ef:2d:63:e6:7d:7c:
b6:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B6:8D:C3:C2:DE:01:69:67:63:70:CF:B7:F0:A1:70:B7:45:59:4E
X509v3 Authority Key Identifier:
keyid:50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/zraNw8LeAWlnY3DPt_ChcLdFWU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.56.0/23
185.206.22.0/23
185.213.18.0/23
185.227.252.0/23
Signature Algorithm: sha256WithRSAEncryption
76:5c:26:50:28:3f:73:5c:9f:28:f7:01:bb:0e:51:b5:35:2b:
dd:17:34:ce:73:cf:99:0b:89:c6:c6:a8:1e:70:dc:8d:5d:4c:
20:14:08:11:3a:17:1b:15:20:d5:48:ed:05:f8:08:b7:09:8a:
9e:80:b5:63:d9:26:1a:e3:06:3a:d3:40:4f:8e:5e:a1:f7:cc:
0d:07:c6:02:83:97:05:f9:81:68:7c:b6:ae:38:8a:a0:77:bb:
f7:92:56:79:3b:01:a9:57:42:65:88:af:e8:f7:fa:ec:f7:27:
9a:95:7d:31:86:77:f1:14:54:9e:7a:ea:aa:f2:8b:a1:4c:2a:
b9:78:0c:86:d4:ce:02:df:6b:be:0c:22:0a:38:79:9d:12:87:
74:0a:c6:4b:a9:9d:40:6c:5d:72:b6:d8:e9:a4:ab:0a:5f:0a:
75:12:7b:38:75:7f:e0:f4:14:7f:9a:91:db:0c:fd:7a:9e:ea:
fd:c7:76:c0:57:34:a8:99:19:d2:35:06:98:94:1d:c8:75:bb:
53:09:11:44:8b:e0:e8:55:ef:07:92:05:d2:4e:ad:86:fd:6a:
c5:14:78:6e:45:87:03:d0:72:06:96:b0:69:6c:92:e5:8f:f9:
9b:18:62:5e:e6:b3:92:03:4d:a7:f6:82:83:8c:88:61:fc:9e:
f2:d2:60:cf
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ31BrCF7PrtMd19ZdiLzK8rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTEyNzcyM2VhMGNmZDA3MjQ3MTNiMjkxNzM0Y2FhMzUz
ZTIwZWEwHhcNMjYwNTA0MjIwNTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWI2OGRjM2MyZGUwMTY5Njc2MzcwY2ZiN2YwYTE3MGI3NDU1OTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAum/hG2lGAQEqPRFVGu//w5gIH7xr
kpzRwmDmduz3Sr9KyVSap4L2s0m20xUp5CD1BxI+btGvxjqs5Cvg1OKuMFotFHFr
FuWEjqMV1LiYeRluqwj6AqL9/gX+xsWLrnK1NK7QJrkRCiPQx5w14WIFygWAIr5L
9ZT2la0dtC7W6Isgz3RpCTMckAWM0DkoRW1BI95H92tll3VoUAE0xJn/n1LUc0Nq
s0R4ezf4i6XygJYBZyfUj0FcEJAtLqs1Zt+VkhBXg+K4nWV7cYOta4MJT3EwtlR8
seLQLKViAhabOY2IR4XZP68xja7vFFuATxdn2mIEIU4vWi/vLWPmfXy2pQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM62jcPC3gFpZ2Nwz7fwoXC3RVlOMB8GA1UdIwQY
MBaAFFBRJ3I+oM/QckcTspFzTKo1PiDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYt
NTU2MDhiNjk0NDU2LzEvenJhTnc4TGVBV2xuWTNEUHRfQ2hjTGRGV1U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYtNTU2MDhiNjk0NDU2
LzEvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBub44AwQB
uc4WAwQBudUSAwQBueP8MA0GCSqGSIb3DQEBCwUAA4IBAQB2XCZQKD9zXJ8o9wG7
DlG1NSvdFzTOc8+ZC4nGxqgecNyNXUwgFAgROhcbFSDVSO0F+Ai3CYqegLVj2SYa
4wY600BPjl6h98wNB8YCg5cF+YFofLauOIqgd7v3klZ5OwGpV0JliK/o9/rs9yea
lX0xhnfxFFSeeuqq8ouhTCq5eAyG1M4C32u+DCIKOHmdEod0CsZLqZ1AbF1yttjp
pKsKXwp1Ens4dX/g9BR/mpHbDP16nur9x3bAVzSomRnSNQaYlB3IdbtTCRFEi+Do
Ve8HkgXSTq2G/WrFFHhuRYcD0HIGlrBpbJLlj/mbGGJe5rOSA02n9oKDjIhh/J7y
0mDP
-----END CERTIFICATE-----
Generated at Tue May 12 22:17:03 2026 by rpki-client