Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/z_JzNYcHuZKEBnnsW78HN35zKL4.roa
File: z_JzNYcHuZKEBnnsW78HN35zKL4.roa (raw, json)
Hash identifier: zrP2YcpO91Mh0JYLDQ/fWUx/GtdT6Fwwl/daxYeE84k=
Subject key identifier: CF:F2:73:35:87:07:B9:92:84:06:79:EC:5B:BF:07:37:7E:73:28:BE
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019D252A401B5157748CEEF0C23A44E4217F
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/z_JzNYcHuZKEBnnsW78HN35zKL4.roa
Signing time: Wed 25 Mar 2026 13:23:39 +0000
ROA not before: Wed 25 Mar 2026 13:23:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213459
IP address blocks: 78.17.0.0/24 maxlen: 24
78.17.1.0/24 maxlen: 24
78.17.3.0/24 maxlen: 24
78.17.4.0/24 maxlen: 24
78.17.5.0/24 maxlen: 24
78.17.11.0/24 maxlen: 24
78.17.12.0/24 maxlen: 24
78.17.17.0/24 maxlen: 24
89.44.76.0/24 maxlen: 24
89.125.39.0/24 maxlen: 24
89.125.52.0/24 maxlen: 24
89.125.57.0/24 maxlen: 24
89.125.59.0/24 maxlen: 24
89.125.72.0/24 maxlen: 24
89.125.74.0/24 maxlen: 24
89.125.75.0/24 maxlen: 24
89.125.81.0/24 maxlen: 24
89.125.86.0/24 maxlen: 24
89.125.87.0/24 maxlen: 24
89.125.118.0/24 maxlen: 24
103.245.229.0/24 maxlen: 24
185.141.217.0/24 maxlen: 24
193.124.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:2a:40:1b:51:57:74:8c:ee:f0:c2:3a:44:e4:21:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 25 13:23:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cff273358707b992840679ec5bbf07377e7328be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:65:47:0d:95:c2:35:a5:d4:5f:d7:04:d9:a9:
e2:ca:21:64:27:80:5b:90:a5:03:bf:fc:77:f2:6b:
6c:ed:09:14:76:87:44:9f:1b:12:a4:7e:5a:7a:6c:
1f:b8:10:74:f7:67:f5:35:cd:18:e5:63:46:8c:a1:
f3:c1:15:72:7a:d3:8b:9e:f3:be:f4:63:88:71:c9:
83:72:9f:1f:6b:3b:2d:a1:f4:db:1b:d9:a0:a5:ba:
17:38:25:81:f5:90:fb:ed:18:ca:65:f3:7a:9f:69:
1c:1c:2e:be:b2:60:26:ed:24:e3:c4:1b:2b:3f:cc:
fc:ec:d4:c3:be:a8:e5:cf:74:f1:0c:41:70:c4:27:
ee:53:1a:63:d2:4c:1a:32:6d:e4:dc:e9:29:17:d7:
cd:2e:fb:a3:ee:04:d2:82:43:37:b7:62:37:2a:b9:
f6:a1:41:c3:5a:1c:18:e4:b8:a8:c1:c8:45:8e:8e:
dd:d9:4a:33:36:db:1a:9b:65:be:6d:4c:b2:6f:98:
70:20:07:5a:65:bb:da:e8:0f:77:8b:ca:a3:c7:be:
aa:d2:3a:20:3d:73:1e:62:41:b4:9b:4a:62:57:65:
4c:f4:37:08:be:3e:0b:fe:da:ad:d0:f4:64:6e:70:
18:a6:da:cd:5d:d0:cd:6a:81:b5:4f:87:49:4c:b6:
43:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:F2:73:35:87:07:B9:92:84:06:79:EC:5B:BF:07:37:7E:73:28:BE
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/z_JzNYcHuZKEBnnsW78HN35zKL4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.17.0.0/23
78.17.3.0-78.17.5.255
78.17.11.0-78.17.12.255
78.17.17.0/24
89.44.76.0/24
89.125.39.0/24
89.125.52.0/24
89.125.57.0/24
89.125.59.0/24
89.125.72.0/24
89.125.74.0/23
89.125.81.0/24
89.125.86.0/23
89.125.118.0/24
103.245.229.0/24
185.141.217.0/24
193.124.224.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:e0:5e:24:ac:e9:ad:38:da:53:c2:20:8b:70:36:72:7d:24:
fe:c7:2b:8e:4f:27:3d:bb:d5:79:83:c4:45:f2:68:e9:dc:cf:
25:b6:10:85:21:0c:01:b4:ca:f0:c9:e9:d5:fa:46:4a:15:0c:
0a:1a:74:18:09:8e:7c:e2:30:4b:ed:73:d2:23:69:f5:58:ee:
0e:5b:3c:46:f9:63:bd:e2:36:d3:da:53:d2:2d:3d:e7:46:cc:
37:44:bd:f0:6c:b0:1e:0d:1d:b6:95:21:ee:72:56:42:fa:61:
c3:9e:1c:91:b9:19:c5:a8:18:52:00:3e:55:49:99:55:94:8b:
d9:06:e7:9c:67:70:96:46:6c:87:62:8a:ad:5c:b8:93:f1:e0:
0b:e6:28:51:30:72:70:91:20:a4:55:61:a2:2d:2e:94:1f:6c:
e0:24:40:19:e6:7d:e4:03:5e:0c:38:a3:a0:2c:18:8e:5a:99:
74:75:bf:05:b2:dc:ea:44:75:7b:9d:74:ad:90:58:6d:94:ba:
d1:8b:96:5a:45:13:12:0e:a9:8d:df:3f:d1:d4:02:9c:81:30:
23:32:1a:74:ba:aa:15:6e:4b:c9:bd:9c:18:7f:a3:2e:1d:49:
05:35:2f:87:96:e9:34:31:a0:e5:12:0d:bc:eb:e2:7e:bc:c7:
38:07:ee:87
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZ0lKkAbUVd0jO7wwjpE5CF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwMzI1MTMyMzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmYyNzMzNTg3MDdiOTkyODQwNjc5ZWM1YmJmMDczNzdlNzMyOGJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5mVHDZXCNaXUX9cE2aniyiFkJ4Bb
kKUDv/x38mts7QkUdodEnxsSpH5aemwfuBB092f1Nc0Y5WNGjKHzwRVyetOLnvO+
9GOIccmDcp8fazstofTbG9mgpboXOCWB9ZD77RjKZfN6n2kcHC6+smAm7STjxBsr
P8z87NTDvqjlz3TxDEFwxCfuUxpj0kwaMm3k3OkpF9fNLvuj7gTSgkM3t2I3Krn2
oUHDWhwY5LiowchFjo7d2UozNtsam2W+bUyyb5hwIAdaZbva6A93i8qjx76q0jog
PXMeYkG0m0piV2VM9DcIvj4L/tqt0PRkbnAYptrNXdDNaoG1T4dJTLZD0QIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFM/yczWHB7mShAZ57Fu/Bzd+cyi+MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvel9Kek5ZY0h1WktFQm5uc1c3OEhOMzV6S0w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAFOEQAw
DAMEAE4RAwMEAU4RBDAMAwQAThELAwQAThEMAwQAThERAwQAWSxMAwQAWX0nAwQA
WX00AwQAWX05AwQAWX07AwQAWX1IAwQBWX1KAwQAWX1RAwQBWX1WAwQAWX12AwQA
Z/XlAwQAuY3ZAwQAwXzgMA0GCSqGSIb3DQEBCwUAA4IBAQB/4F4krOmtONpTwiCL
cDZyfST+xyuOTyc9u9V5g8RF8mjp3M8lthCFIQwBtMrwyenV+kZKFQwKGnQYCY58
4jBL7XPSI2n1WO4OWzxG+WO94jbT2lPSLT3nRsw3RL3wbLAeDR22lSHuclZC+mHD
nhyRuRnFqBhSAD5VSZlVlIvZBuecZ3CWRmyHYoqtXLiT8eAL5ihRMHJwkSCkVWGi
LS6UH2zgJEAZ5n3kA14MOKOgLBiOWpl0db8FstzqRHV7nXStkFhtlLrRi5ZaRRMS
DqmN3z/R1AKcgTAjMhp0uqoVbkvJvZwYf6MuHUkFNS+Hluk0MaDlEg286+J+vMc4
B+6H
-----END CERTIFICATE-----
Generated at Thu Mar 26 08:21:41 2026 by rpki-client