Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ZinK9JeObQeYGH9xlvA_PzMSs7g.roa
File: ZinK9JeObQeYGH9xlvA_PzMSs7g.roa (raw, json)
Hash identifier: NyMY4ehr5mm8PJXyob3rwtKoDsTqRlwFpVOOTrVJD0I=
Subject key identifier: 66:29:CA:F4:97:8E:6D:07:98:18:7F:71:96:F0:3F:3F:33:12:B3:B8
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019DB0848632099C5F6F45A8726FCBF9B1A6
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ZinK9JeObQeYGH9xlvA_PzMSs7g.roa
Signing time: Tue 21 Apr 2026 14:49:28 +0000
ROA not before: Tue 21 Apr 2026 14:49:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 137517
IP address blocks: 151.240.120.0/24 maxlen: 24
151.241.20.0/24 maxlen: 24
151.245.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 17:04:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b0:84:86:32:09:9c:5f:6f:45:a8:72:6f:cb:f9:b1:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 21 14:49:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6629caf4978e6d0798187f7196f03f3f3312b3b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:cc:9f:27:f9:6e:d1:0f:fd:c8:9b:5b:99:3d:
7c:a1:7a:37:ba:3f:0c:0c:fe:32:ae:8d:8f:76:5c:
e3:cf:1c:d4:f9:47:db:cb:e3:a5:e9:68:87:12:a8:
a1:2d:f4:20:a8:95:52:98:d0:0e:e9:b2:3a:b8:da:
5a:e0:3b:55:82:24:a8:96:af:14:8e:af:63:20:2d:
4b:35:3c:e4:cb:c7:a7:3c:32:9f:4e:62:7b:9d:7c:
ad:f0:16:13:69:89:62:45:2d:b8:5a:8e:41:20:cc:
e6:76:07:78:d2:c9:e8:23:8c:ae:28:84:83:cc:7c:
c2:25:37:03:9b:38:7a:9a:7c:e4:13:c1:27:f8:8b:
41:84:95:9b:ea:f1:94:2e:c9:fe:70:db:33:71:5f:
86:e7:b6:22:e3:da:36:83:61:85:c5:18:8a:35:0c:
83:ad:b8:9e:05:46:22:98:88:1e:f1:73:c0:5e:2a:
15:fb:77:3a:6f:5a:29:99:24:71:14:bd:07:e6:d6:
fb:ef:68:7d:67:d6:dc:ac:bb:66:0f:99:86:21:66:
52:fb:8a:c8:d7:c0:76:57:c1:a7:e4:d1:70:31:b7:
73:53:e0:19:d3:0f:c8:3f:f8:cb:1c:b3:92:5b:dd:
63:a2:6c:cb:8a:4c:30:33:3f:dc:57:77:0b:b2:fa:
03:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:29:CA:F4:97:8E:6D:07:98:18:7F:71:96:F0:3F:3F:33:12:B3:B8
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ZinK9JeObQeYGH9xlvA_PzMSs7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.120.0/24
151.241.20.0/24
151.245.255.0/24
Signature Algorithm: sha256WithRSAEncryption
00:c4:91:46:ea:cf:d7:c6:1d:86:02:de:8a:f2:9e:e5:12:03:
21:86:2c:16:9c:f7:67:81:d3:e1:f1:f6:d5:8d:e1:d7:7d:24:
c5:7c:12:bd:24:c0:6f:d2:dc:79:01:a2:f3:75:39:54:a3:07:
11:55:3e:aa:b7:60:9a:40:76:17:09:19:50:48:14:59:cb:2d:
3a:c8:b3:e7:0b:06:93:2d:e4:95:b1:70:1d:ef:f1:59:45:74:
ad:07:e4:a4:ca:4d:42:a7:7e:fa:d6:9f:76:f6:eb:b1:77:ea:
ec:5f:7d:41:21:fb:e5:f2:4b:60:63:4c:72:dc:cc:32:89:3e:
08:0c:6a:c9:77:f7:0c:c2:bf:1c:ff:8f:b6:88:83:de:c4:a1:
8c:55:01:b5:31:61:79:ab:35:34:5f:6f:72:ad:cf:91:15:70:
85:a2:5c:2c:89:a7:68:c3:61:fb:58:3b:a0:4d:9c:3f:90:28:
75:52:51:9d:91:54:71:c3:79:f8:de:b5:ad:c0:02:5f:69:db:
08:bb:4f:99:90:e4:92:1e:00:25:a4:f3:5d:cb:7e:79:0e:cd:
dc:c9:b8:1f:e1:77:33:54:a0:a8:31:d2:d4:5b:1e:cc:5c:0e:
5a:5a:f8:ae:77:0a:e5:7e:80:ca:b9:ca:cf:7b:bc:31:50:33:
95:b6:c5:45
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ2whIYyCZxfb0Wocm/L+bGmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDIxMTQ0OTI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjI5Y2FmNDk3OGU2ZDA3OTgxODdmNzE5NmYwM2YzZjMzMTJiM2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8yfJ/lu0Q/9yJtbmT18oXo3uj8M
DP4yro2PdlzjzxzU+Ufby+Ol6WiHEqihLfQgqJVSmNAO6bI6uNpa4DtVgiSolq8U
jq9jIC1LNTzky8enPDKfTmJ7nXyt8BYTaYliRS24Wo5BIMzmdgd40snoI4yuKISD
zHzCJTcDmzh6mnzkE8En+ItBhJWb6vGULsn+cNszcV+G57Yi49o2g2GFxRiKNQyD
rbieBUYimIge8XPAXioV+3c6b1opmSRxFL0H5tb772h9Z9bcrLtmD5mGIWZS+4rI
18B2V8Gn5NFwMbdzU+AZ0w/IP/jLHLOSW91jomzLikwwMz/cV3cLsvoDdwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGYpyvSXjm0HmBh/cZbwPz8zErO4MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWmluSzlKZU9iUWVZR0g5eGx2QV9Qek1TczdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/B4AwQA
l/EUAwQAl/X/MA0GCSqGSIb3DQEBCwUAA4IBAQAAxJFG6s/Xxh2GAt6K8p7lEgMh
hiwWnPdngdPh8fbVjeHXfSTFfBK9JMBv0tx5AaLzdTlUowcRVT6qt2CaQHYXCRlQ
SBRZyy06yLPnCwaTLeSVsXAd7/FZRXStB+Skyk1Cp3761p929uuxd+rsX31BIfvl
8ktgY0xy3MwyiT4IDGrJd/cMwr8c/4+2iIPexKGMVQG1MWF5qzU0X29yrc+RFXCF
olwsiadow2H7WDugTZw/kCh1UlGdkVRxw3n43rWtwAJfadsIu0+ZkOSSHgAlpPNd
y355Ds3cybgf4XczVKCoMdLUWx7MXA5aWviudwrlfoDKucrPe7wxUDOVtsVF
-----END CERTIFICATE-----
Generated at Wed May 13 02:40:32 2026 by rpki-client