Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/ZFpTnZfg1VcwUTP9HWCiG6HOHs8.roa
File: ZFpTnZfg1VcwUTP9HWCiG6HOHs8.roa (raw, json)
Hash identifier: sav7z4b1fupNeQeExRjGCZpFR5edQ060uaxBRYBAJos=
Subject key identifier: 64:5A:53:9D:97:E0:D5:57:30:51:33:FD:1D:60:A2:1B:A1:CE:1E:CF
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019DD411308C85EEDA13611B2D1ACC9BA27C
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/ZFpTnZfg1VcwUTP9HWCiG6HOHs8.roa
Signing time: Tue 28 Apr 2026 12:29:49 +0000
ROA not before: Tue 28 Apr 2026 12:29:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214238
IP address blocks: 186.243.129.0/24 maxlen: 24
186.243.130.0/24 maxlen: 24
186.243.131.0/24 maxlen: 24
186.243.132.0/24 maxlen: 24
186.243.133.0/24 maxlen: 24
186.243.143.0/24 maxlen: 24
186.243.170.0/24 maxlen: 24
186.243.175.0/24 maxlen: 24
186.243.176.0/24 maxlen: 24
186.243.177.0/24 maxlen: 24
186.243.178.0/24 maxlen: 24
186.243.179.0/24 maxlen: 24
186.243.180.0/24 maxlen: 24
186.243.181.0/24 maxlen: 24
186.243.182.0/24 maxlen: 24
186.243.201.0/24 maxlen: 24
186.243.202.0/24 maxlen: 24
186.243.203.0/24 maxlen: 24
186.243.204.0/24 maxlen: 24
186.243.205.0/24 maxlen: 24
186.243.206.0/24 maxlen: 24
186.243.207.0/24 maxlen: 24
186.243.208.0/24 maxlen: 24
186.243.209.0/24 maxlen: 24
186.243.214.0/24 maxlen: 24
186.243.241.0/24 maxlen: 24
186.243.249.0/24 maxlen: 24
186.243.250.0/24 maxlen: 24
186.243.251.0/24 maxlen: 24
186.243.252.0/24 maxlen: 24
186.243.253.0/24 maxlen: 24
186.246.58.0/24 maxlen: 24
186.246.72.0/24 maxlen: 24
186.246.74.0/24 maxlen: 24
186.246.75.0/24 maxlen: 24
186.246.76.0/24 maxlen: 24
186.246.77.0/24 maxlen: 24
186.246.107.0/24 maxlen: 24
186.246.108.0/24 maxlen: 24
186.246.109.0/24 maxlen: 24
186.246.110.0/24 maxlen: 24
186.246.111.0/24 maxlen: 24
186.246.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d4:11:30:8c:85:ee:da:13:61:1b:2d:1a:cc:9b:a2:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 28 12:29:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=645a539d97e0d557305133fd1d60a21ba1ce1ecf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6a:ea:7a:95:db:19:dc:d8:94:57:bc:c8:53:
f9:16:22:71:52:bd:00:be:09:80:c9:75:05:7a:fe:
46:1b:90:72:16:99:ec:c0:22:14:5a:d6:34:89:4f:
8b:05:6f:77:f8:d6:39:73:c0:22:5c:b2:8c:9c:ac:
be:af:cd:61:b1:7a:d4:18:12:79:46:67:60:8d:ad:
3f:2f:66:95:76:9d:e5:57:5b:ec:f2:d9:04:3c:b3:
28:04:a8:42:ff:41:00:ed:bd:f5:a8:f5:4d:57:15:
61:a0:1a:95:3a:b4:7e:79:fa:b2:1a:72:9e:61:a4:
c8:fa:01:04:2e:e6:e4:f7:ef:b4:64:8f:2f:22:c4:
cf:3d:e0:20:c4:4e:b9:90:e8:62:98:a5:78:85:4e:
a2:6c:1a:1f:d0:bc:b5:19:b3:27:8e:7c:f0:6e:ab:
f2:b6:e9:3d:eb:ba:9a:92:ff:7d:38:18:16:c7:50:
9d:f5:e8:18:8d:88:7f:d2:ea:b3:ca:43:72:51:8a:
54:55:d1:db:7b:8b:3e:a5:0f:9f:61:5f:ed:eb:36:
06:fc:95:a2:24:b2:90:c4:e7:d7:4f:42:72:a9:86:
d1:5c:ad:55:df:1f:f6:f9:54:23:6f:10:26:7e:f1:
c2:c8:5d:04:20:61:d7:56:78:8d:4a:04:7d:74:bb:
62:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:5A:53:9D:97:E0:D5:57:30:51:33:FD:1D:60:A2:1B:A1:CE:1E:CF
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/ZFpTnZfg1VcwUTP9HWCiG6HOHs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
186.243.129.0-186.243.133.255
186.243.143.0/24
186.243.170.0/24
186.243.175.0-186.243.182.255
186.243.201.0-186.243.209.255
186.243.214.0/24
186.243.241.0/24
186.243.249.0-186.243.253.255
186.246.58.0/24
186.246.72.0/24
186.246.74.0-186.246.77.255
186.246.107.0-186.246.111.255
186.246.126.0/24
Signature Algorithm: sha256WithRSAEncryption
96:ca:b9:3b:c0:85:c3:7a:07:59:9b:6d:68:9a:54:46:f1:a6:
f8:16:67:cb:d6:21:24:72:6f:ff:ff:a6:4e:ba:fb:4c:52:5e:
db:4e:d3:c0:96:03:41:9a:a1:3e:94:d5:09:05:52:83:74:1e:
14:03:c0:5b:7c:73:2d:11:23:08:a0:7b:dc:6d:49:2b:4b:f6:
85:8f:4a:b6:a2:46:69:f6:c8:06:61:41:7f:ce:7f:d3:3c:d4:
a2:8d:16:2b:7d:2e:4a:77:51:7e:b7:ee:32:6c:84:95:1c:97:
0d:82:6c:bb:7d:57:d1:71:8f:8e:cf:41:17:ac:c2:46:09:7f:
6f:6c:58:d4:2f:7d:f1:ee:12:e8:0f:05:1c:ef:d2:b9:09:62:
da:31:07:90:02:ee:ea:eb:e1:1e:d3:01:cf:77:cf:9b:e1:54:
69:3b:1d:24:72:5e:9d:aa:13:fd:49:f6:31:ab:1f:e3:c0:6f:
6e:ad:20:f4:b8:88:20:f7:4b:63:2c:2d:ef:ec:fc:9a:41:d4:
98:71:e2:a2:4a:3b:4b:9b:75:4f:38:cd:24:81:fc:47:c8:4c:
97:e2:e8:f5:72:01:b3:4a:ce:99:a3:65:30:44:a2:86:97:da:
e1:2f:28:2a:27:fa:b8:e4:83:8b:b1:e2:62:ed:33:7e:32:c5:
a6:0b:df:9d
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZ3UETCMhe7aE2EbLRrMm6J8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNDI4MTIyOTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDVhNTM5ZDk3ZTBkNTU3MzA1MTMzZmQxZDYwYTIxYmExY2UxZWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWrqepXbGdzYlFe8yFP5FiJxUr0A
vgmAyXUFev5GG5ByFpnswCIUWtY0iU+LBW93+NY5c8AiXLKMnKy+r81hsXrUGBJ5
Rmdgja0/L2aVdp3lV1vs8tkEPLMoBKhC/0EA7b31qPVNVxVhoBqVOrR+efqyGnKe
YaTI+gEELubk9++0ZI8vIsTPPeAgxE65kOhimKV4hU6ibBof0Ly1GbMnjnzwbqvy
tuk967qakv99OBgWx1Cd9egYjYh/0uqzykNyUYpUVdHbe4s+pQ+fYV/t6zYG/JWi
JLKQxOfXT0JyqYbRXK1V3x/2+VQjbxAmfvHCyF0EIGHXVniNSgR9dLtiQQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFGRaU52X4NVXMFEz/R1gohuhzh7PMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvWkZwVG5aZmcxVmN3VVRQOUhXQ2lHNkhPSHM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfjAMAwQA
uvOBAwQBuvOEAwQAuvOPAwQAuvOqMAwDBAC6868DBAC687YwDAMEALrzyQMEAbrz
0AMEALrz1gMEALrz8TAMAwQAuvP5AwQBuvP8AwQAuvY6AwQAuvZIMAwDBAG69koD
BAG69kwwDAMEALr2awMEBLr2YAMEALr2fjANBgkqhkiG9w0BAQsFAAOCAQEAlsq5
O8CFw3oHWZttaJpURvGm+BZny9YhJHJv//+mTrr7TFJe207TwJYDQZqhPpTVCQVS
g3QeFAPAW3xzLREjCKB73G1JK0v2hY9KtqJGafbIBmFBf85/0zzUoo0WK30uSndR
frfuMmyElRyXDYJsu31X0XGPjs9BF6zCRgl/b2xY1C998e4S6A8FHO/SuQli2jEH
kALu6uvhHtMBz3fPm+FUaTsdJHJenaoT/Un2Masf48Bvbq0g9LiIIPdLYywt7+z8
mkHUmHHioko7S5t1TzjNJIH8R8hMl+Lo9XIBs0rOmaNlMESihpfa4S8oKif6uOSD
i7HiYu0zfjLFpgvfnQ==
-----END CERTIFICATE-----
Generated at Tue May 12 22:16:27 2026 by rpki-client