Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/zLH-7JVcpZrP-0Ozk0-Wb2-CrAM.roa
File: zLH-7JVcpZrP-0Ozk0-Wb2-CrAM.roa (raw, json)
Hash identifier: MrvM1pHmPJgYOkiBF01d0f2uK5Jn6yOgQDd4aCzDwxg=
Subject key identifier: CC:B1:FE:EC:95:5C:A5:9A:CF:FB:43:B3:93:4F:96:6F:6F:82:AC:03
Certificate issuer: /CN=2e252a477242fb45f20bb08020a403a2bb466a9b
Certificate serial: 019CE21C9C92DB5BAEB464F3E8498E1A7041
Authority key identifier: 2E:25:2A:47:72:42:FB:45:F2:0B:B0:80:20:A4:03:A2:BB:46:6A:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/zLH-7JVcpZrP-0Ozk0-Wb2-CrAM.roa
Signing time: Thu 12 Mar 2026 12:54:11 +0000
ROA not before: Thu 12 Mar 2026 12:54:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199987
IP address blocks: 85.132.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.mft
rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 05:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e2:1c:9c:92:db:5b:ae:b4:64:f3:e8:49:8e:1a:70:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e252a477242fb45f20bb08020a403a2bb466a9b
Validity
Not Before: Mar 12 12:54:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ccb1feec955ca59acffb43b3934f966f6f82ac03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:36:26:9b:9b:54:44:c2:f6:e4:1f:dc:f0:01:
97:9b:b1:b2:3d:06:32:b1:6b:b7:87:f9:cf:48:4c:
62:ea:27:4c:53:68:52:87:49:eb:60:0e:21:90:3d:
a0:43:f1:5a:88:dd:f0:64:6a:96:5a:81:e5:c8:d6:
c1:87:1e:53:be:40:1a:99:e5:d5:5a:5a:50:ad:04:
a0:82:87:c5:04:85:64:41:2f:df:59:cd:6e:ed:18:
92:0f:94:cf:2e:b1:77:05:ef:f2:a2:eb:71:eb:c6:
1e:3a:d8:17:28:1a:ab:04:ad:6a:ef:ea:1e:a3:b4:
2a:a6:17:79:60:81:60:ec:c2:5a:b1:09:f6:e3:ea:
58:46:45:d3:97:5c:77:56:6f:81:56:fd:95:92:43:
cf:94:fb:28:4f:76:be:42:ba:1b:b8:80:91:87:57:
c9:8e:3b:77:15:39:a7:2b:11:ae:ec:eb:a5:44:59:
55:d7:a1:01:6a:fb:ac:63:00:79:91:98:cf:6f:2d:
ff:cb:d3:08:14:90:8c:16:53:2b:16:09:1c:cc:c5:
93:61:ca:25:35:12:31:7d:fa:70:23:b2:03:60:d5:
60:51:22:ad:e9:91:ad:76:ff:f6:6f:47:8e:24:50:
91:71:ca:f7:36:29:24:72:cd:a4:78:c7:7c:ff:eb:
ae:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:B1:FE:EC:95:5C:A5:9A:CF:FB:43:B3:93:4F:96:6F:6F:82:AC:03
X509v3 Authority Key Identifier:
keyid:2E:25:2A:47:72:42:FB:45:F2:0B:B0:80:20:A4:03:A2:BB:46:6A:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LiUqR3JC-0XyC7CAIKQDortGaps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/zLH-7JVcpZrP-0Ozk0-Wb2-CrAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/b10562-26a1-4645-8d2b-16f146bef995/1/LiUqR3JC-0XyC7CAIKQDortGaps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.132.87.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:a3:9b:1b:b3:7e:aa:22:69:04:d1:b2:fc:c2:98:22:21:58:
de:45:71:fc:28:63:c8:5b:24:94:97:70:ca:40:2a:c6:7e:68:
33:d0:42:d3:2a:60:cd:4a:7a:60:f1:bc:87:13:dc:10:1e:c3:
3d:1a:38:80:5c:d5:17:a7:f6:9d:5c:8b:f9:31:0d:e5:63:aa:
04:8a:e3:37:8a:f7:a7:d3:f0:dc:e6:2b:3a:94:7e:14:db:9a:
38:68:b8:45:47:c2:da:29:a7:eb:04:c1:af:3e:7a:5d:f3:59:
b7:6d:85:8c:2a:4d:31:8d:40:94:2f:d8:fb:e4:9e:90:ee:f6:
93:f8:9f:32:fe:d2:9e:46:46:f6:1e:0e:2f:f5:55:e9:ab:1c:
b6:00:c1:3c:42:a3:a2:3c:c1:c4:47:63:2c:92:e7:01:06:d7:
2b:1a:95:39:59:c5:d5:e7:6d:65:4a:34:8a:3e:fc:77:91:cd:
af:30:07:c2:7b:52:47:d2:ec:be:68:93:56:c3:97:b3:a9:02:
c6:5a:8e:cf:db:1e:f2:04:7c:a7:96:16:d9:70:e1:ca:a3:03:
95:ae:7c:4a:c7:b2:04:ce:a7:17:70:50:42:30:c8:0b:33:2e:
a1:d3:55:7d:53:a7:ba:8e:fc:17:d4:1b:a3:18:e7:9b:cd:17:
fc:b2:4c:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZziHJyS21uutGTz6EmOGnBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMjUyYTQ3NzI0MmZiNDVmMjBiYjA4MDIwYTQwM2EyYmI0
NjZhOWIwHhcNMjYwMzEyMTI1NDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2IxZmVlYzk1NWNhNTlhY2ZmYjQzYjM5MzRmOTY2ZjZmODJhYzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDYmm5tURML25B/c8AGXm7GyPQYy
sWu3h/nPSExi6idMU2hSh0nrYA4hkD2gQ/FaiN3wZGqWWoHlyNbBhx5TvkAameXV
WlpQrQSggofFBIVkQS/fWc1u7RiSD5TPLrF3Be/youtx68YeOtgXKBqrBK1q7+oe
o7Qqphd5YIFg7MJasQn24+pYRkXTl1x3Vm+BVv2VkkPPlPsoT3a+QrobuICRh1fJ
jjt3FTmnKxGu7OulRFlV16EBavusYwB5kZjPby3/y9MIFJCMFlMrFgkczMWTYcol
NRIxffpwI7IDYNVgUSKt6ZGtdv/2b0eOJFCRccr3Nikkcs2keMd8/+uu5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMyx/uyVXKWaz/tDs5NPlm9vgqwDMB8GA1UdIwQY
MBaAFC4lKkdyQvtF8guwgCCkA6K7RmqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGlVcVIzSkMtMFh5QzdDQUlLUURvcnRHYXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iMTA1NjItMjZhMS00NjQ1LThkMmIt
MTZmMTQ2YmVmOTk1LzEvekxILTdKVmNwWnJQLTBPemswLVdiMi1DckFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iMTA1NjItMjZhMS00NjQ1LThkMmItMTZmMTQ2YmVmOTk1
LzEvTGlVcVIzSkMtMFh5QzdDQUlLUURvcnRHYXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVYRXMA0G
CSqGSIb3DQEBCwUAA4IBAQCao5sbs36qImkE0bL8wpgiIVjeRXH8KGPIWySUl3DK
QCrGfmgz0ELTKmDNSnpg8byHE9wQHsM9GjiAXNUXp/adXIv5MQ3lY6oEiuM3iven
0/Dc5is6lH4U25o4aLhFR8LaKafrBMGvPnpd81m3bYWMKk0xjUCUL9j75J6Q7vaT
+J8y/tKeRkb2Hg4v9VXpqxy2AME8QqOiPMHER2MskucBBtcrGpU5WcXV521lSjSK
Pvx3kc2vMAfCe1JH0uy+aJNWw5ezqQLGWo7P2x7yBHynlhbZcOHKowOVrnxKx7IE
zqcXcFBCMMgLMy6h01V9U6e6jvwX1BujGOebzRf8skyR
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:23:28 2026 by rpki-client