Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/fd73d8-154a-40ce-aebc-e889a6e6beac/1/zcfQNOkF6ccvQT69R3lyZziojFM.roa
File: zcfQNOkF6ccvQT69R3lyZziojFM.roa (raw, json)
Hash identifier: xfasg7J8yeXrcszdQ4g6FVyme7srtyL3Bsu7SmCisSE=
Subject key identifier: CD:C7:D0:34:E9:05:E9:C7:2F:41:3E:BD:47:79:72:67:38:A8:8C:53
Certificate issuer: /CN=f3c8990bd6e9307113e83832c6915fda5cacfc2f
Certificate serial: 019D1A54F8D1F1DB104DE7B874C39EDA66C8
Authority key identifier: F3:C8:99:0B:D6:E9:30:71:13:E8:38:32:C6:91:5F:DA:5C:AC:FC:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/88iZC9bpMHET6DgyxpFf2lys_C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/fd73d8-154a-40ce-aebc-e889a6e6beac/1/zcfQNOkF6ccvQT69R3lyZziojFM.roa
Signing time: Mon 23 Mar 2026 10:54:29 +0000
ROA not before: Mon 23 Mar 2026 10:54:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43012
IP address blocks: 77.91.216.0/21 maxlen: 21
194.59.52.0/22 maxlen: 22
2a02:2538::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/fd73d8-154a-40ce-aebc-e889a6e6beac/1/88iZC9bpMHET6DgyxpFf2lys_C8.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/fd73d8-154a-40ce-aebc-e889a6e6beac/1/88iZC9bpMHET6DgyxpFf2lys_C8.mft
rsync://rpki.ripe.net/repository/DEFAULT/88iZC9bpMHET6DgyxpFf2lys_C8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1a:54:f8:d1:f1:db:10:4d:e7:b8:74:c3:9e:da:66:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3c8990bd6e9307113e83832c6915fda5cacfc2f
Validity
Not Before: Mar 23 10:54:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cdc7d034e905e9c72f413ebd4779726738a88c53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:fc:b3:b7:97:a4:8f:23:d6:13:b7:b2:20:aa:
f2:c0:87:7f:06:1d:63:0b:5b:93:9d:59:17:56:33:
0c:55:62:ee:d1:92:c2:4d:b6:9c:df:02:de:89:f3:
94:86:fa:ba:5b:84:c9:38:e8:1e:0f:5c:63:6b:7b:
16:14:91:d9:a0:c9:a8:d7:6a:ef:ad:58:e9:bd:46:
ba:2d:ec:ae:9b:75:92:c3:43:2e:34:10:92:a4:45:
ce:a3:6a:7b:46:d2:64:a3:37:df:5d:5e:b4:f3:0c:
68:1e:4a:14:7b:26:52:23:6d:58:e8:e4:c6:8f:f7:
b8:e6:8c:6a:a2:1c:e0:fd:09:b9:c6:a0:b8:2e:60:
cb:23:34:32:b4:ff:a0:4f:e6:bd:98:09:14:fc:87:
5e:c9:a5:44:9e:26:8d:fc:2b:a8:db:82:16:8f:00:
c0:0b:19:e0:d5:52:b7:63:29:a0:32:74:d8:28:95:
b3:5e:39:b7:98:16:ca:31:af:72:3f:9b:20:71:80:
f7:6f:b5:e3:ce:08:19:aa:46:0a:59:ac:a6:d3:50:
79:0f:6b:f6:c7:0e:e1:bb:df:43:0c:f0:ba:64:56:
f7:ca:e9:0f:54:50:a6:b4:df:3d:30:3c:7f:b2:bd:
ef:6b:aa:98:89:2e:e3:c1:db:31:f4:c4:83:7b:96:
d9:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:C7:D0:34:E9:05:E9:C7:2F:41:3E:BD:47:79:72:67:38:A8:8C:53
X509v3 Authority Key Identifier:
keyid:F3:C8:99:0B:D6:E9:30:71:13:E8:38:32:C6:91:5F:DA:5C:AC:FC:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/88iZC9bpMHET6DgyxpFf2lys_C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fd73d8-154a-40ce-aebc-e889a6e6beac/1/zcfQNOkF6ccvQT69R3lyZziojFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/fd73d8-154a-40ce-aebc-e889a6e6beac/1/88iZC9bpMHET6DgyxpFf2lys_C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.216.0/21
194.59.52.0/22
IPv6:
2a02:2538::/32
Signature Algorithm: sha256WithRSAEncryption
5e:bb:5d:ce:17:a3:52:95:ef:2e:e5:99:98:f3:d2:22:5c:4e:
24:e0:9d:17:ae:e6:8e:b3:0a:11:16:9a:33:b3:96:67:2a:b2:
f6:e1:9e:c2:89:d5:3f:b2:64:7b:67:aa:5c:6f:6e:39:e7:5e:
ef:ce:6d:09:9d:0f:96:c1:5d:5b:4b:05:84:eb:4e:8e:27:5e:
f5:61:a7:f0:15:57:13:34:59:e3:2f:f6:2c:28:83:47:5e:d0:
da:e9:7b:21:8f:cf:6e:ab:cb:f7:2e:99:85:10:41:19:0d:a8:
75:df:ad:85:94:ba:08:45:47:88:e0:2b:f1:ec:4f:1d:f8:b1:
e6:41:7c:cf:e9:b7:ac:c1:22:43:69:c1:2e:3d:32:fb:f0:a1:
1b:fd:6a:96:c3:bb:5e:c6:3e:24:05:b7:27:7b:ee:3f:41:31:
8a:dd:5d:a0:17:39:7f:4b:bb:0c:83:2c:20:37:4f:97:23:fb:
5a:cc:01:0f:93:a3:07:dd:02:ce:86:86:2c:94:97:5d:83:79:
f8:dd:c9:b2:4c:ef:2c:12:62:58:d8:6d:72:8b:0d:03:6d:16:
70:df:7a:be:f9:87:8b:2d:61:fe:13:d4:1a:44:86:16:80:13:
5b:02:b8:70:04:62:3a:c0:6a:f8:8d:18:f0:8d:45:20:44:4a:
c0:11:eb:84
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ0aVPjR8dsQTee4dMOe2mbIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYzg5OTBiZDZlOTMwNzExM2U4MzgzMmM2OTE1ZmRhNWNh
Y2ZjMmYwHhcNMjYwMzIzMTA1NDI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGM3ZDAzNGU5MDVlOWM3MmY0MTNlYmQ0Nzc5NzI2NzM4YTg4YzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6/yzt5ekjyPWE7eyIKrywId/Bh1j
C1uTnVkXVjMMVWLu0ZLCTbac3wLeifOUhvq6W4TJOOgeD1xja3sWFJHZoMmo12rv
rVjpvUa6Leyum3WSw0MuNBCSpEXOo2p7RtJkozffXV608wxoHkoUeyZSI21Y6OTG
j/e45oxqohzg/Qm5xqC4LmDLIzQytP+gT+a9mAkU/IdeyaVEniaN/Cuo24IWjwDA
Cxng1VK3YymgMnTYKJWzXjm3mBbKMa9yP5sgcYD3b7XjzggZqkYKWaym01B5D2v2
xw7hu99DDPC6ZFb3yukPVFCmtN89MDx/sr3va6qYiS7jwdsx9MSDe5bZGwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM3H0DTpBenHL0E+vUd5cmc4qIxTMB8GA1UdIwQY
MBaAFPPImQvW6TBxE+g4MsaRX9pcrPwvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODhpWkM5YnBNSEVUNkRneXhwRmYybHlzX0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mZDczZDgtMTU0YS00MGNlLWFlYmMt
ZTg4OWE2ZTZiZWFjLzEvemNmUU5Pa0Y2Y2N2UVQ2OVIzbHlaemlvakZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mZDczZDgtMTU0YS00MGNlLWFlYmMtZTg4OWE2ZTZiZWFj
LzEvODhpWkM5YnBNSEVUNkRneXhwRmYybHlzX0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDTVvYAwQC
wjs0MA0EAgACMAcDBQAqAiU4MA0GCSqGSIb3DQEBCwUAA4IBAQBeu13OF6NSle8u
5ZmY89IiXE4k4J0XruaOswoRFpozs5ZnKrL24Z7CidU/smR7Z6pcb245517vzm0J
nQ+WwV1bSwWE606OJ171YafwFVcTNFnjL/YsKINHXtDa6Xshj89uq8v3LpmFEEEZ
Dah1362FlLoIRUeI4Cvx7E8d+LHmQXzP6beswSJDacEuPTL78KEb/WqWw7texj4k
Bbcne+4/QTGK3V2gFzl/S7sMgywgN0+XI/tazAEPk6MH3QLOhoYslJddg3n43cmy
TO8sEmJY2G1yiw0DbRZw33q++YeLLWH+E9QaRIYWgBNbArhwBGI6wGr4jRjwjUUg
RErAEeuE
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:59:15 2026 by rpki-client