Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/90a34c-db2f-4096-8b36-e9b1ccf317bb/1/zbcDrEFB5wBi_ddz2KxQe0VMusU.roa
File: zbcDrEFB5wBi_ddz2KxQe0VMusU.roa (raw, json)
Hash identifier: /++Th/g/81+d4+jJNs1r5coQiatlN8LfLSJyk0Z2+kQ=
Subject key identifier: CD:B7:03:AC:41:41:E7:00:62:FD:D7:73:D8:AC:50:7B:45:4C:BA:C5
Certificate issuer: /CN=bd0413c6e4482527651431211138838e133854de
Certificate serial: 019D3406DA5F7BFF7C093855538587356408
Authority key identifier: BD:04:13:C6:E4:48:25:27:65:14:31:21:11:38:83:8E:13:38:54:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vQQTxuRIJSdlFDEhETiDjhM4VN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/90a34c-db2f-4096-8b36-e9b1ccf317bb/1/zbcDrEFB5wBi_ddz2KxQe0VMusU.roa
Signing time: Sat 28 Mar 2026 10:39:17 +0000
ROA not before: Sat 28 Mar 2026 10:39:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200841
IP address blocks: 2a13:7cc0::/40 maxlen: 40
2a13:7cc0:300::/40 maxlen: 40
2a13:7cc0:1000::/40 maxlen: 40
2a13:7cc0:1300::/40 maxlen: 40
2a13:7cc0:1400::/40 maxlen: 40
2a13:7cc0:2000::/40 maxlen: 40
2a13:7cc2::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/90a34c-db2f-4096-8b36-e9b1ccf317bb/1/vQQTxuRIJSdlFDEhETiDjhM4VN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/90a34c-db2f-4096-8b36-e9b1ccf317bb/1/vQQTxuRIJSdlFDEhETiDjhM4VN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/vQQTxuRIJSdlFDEhETiDjhM4VN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 10:39:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:34:06:da:5f:7b:ff:7c:09:38:55:53:85:87:35:64:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd0413c6e4482527651431211138838e133854de
Validity
Not Before: Mar 28 10:39:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cdb703ac4141e70062fdd773d8ac507b454cbac5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:94:f5:66:96:50:d5:db:8d:80:f9:bf:5b:22:
8b:d5:d0:5b:36:ad:41:2c:05:a6:94:03:e8:68:1d:
9e:10:1a:ce:74:cb:2a:bf:b7:94:ec:ae:5f:2d:a4:
46:bd:e1:60:0e:94:e2:9f:0e:f9:db:f0:3d:07:09:
76:20:88:7e:e8:c6:8c:46:d7:9c:4f:c7:e3:0b:77:
30:23:65:17:6f:d2:08:ca:25:1f:8c:27:bd:d4:92:
43:b1:ae:c6:e0:2e:a2:fe:ea:72:48:86:cb:12:35:
56:83:19:44:8f:8f:36:f5:b6:f1:73:43:25:bb:1e:
5b:a0:7d:e8:1b:eb:03:e1:04:51:b4:db:63:a6:dd:
fe:ed:21:aa:bc:e7:6d:52:f2:32:89:23:99:98:03:
1c:bf:f6:c5:b2:88:21:ab:d6:1b:31:af:e0:96:4a:
d3:81:ea:c2:52:ef:04:26:0f:0b:eb:c5:e5:02:71:
03:6a:f7:72:7d:f5:ee:7a:e5:f5:06:1f:08:74:2d:
83:54:f3:fe:be:32:e7:b8:d0:4f:27:e0:d6:32:32:
ed:9f:4c:88:54:cb:70:a0:3a:c7:47:ab:57:66:d3:
de:1d:a1:b0:f7:81:03:a4:f6:b6:5e:df:11:28:f7:
a3:9d:82:fa:bf:59:26:f3:84:03:51:e3:38:23:03:
04:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:B7:03:AC:41:41:E7:00:62:FD:D7:73:D8:AC:50:7B:45:4C:BA:C5
X509v3 Authority Key Identifier:
keyid:BD:04:13:C6:E4:48:25:27:65:14:31:21:11:38:83:8E:13:38:54:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vQQTxuRIJSdlFDEhETiDjhM4VN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/90a34c-db2f-4096-8b36-e9b1ccf317bb/1/zbcDrEFB5wBi_ddz2KxQe0VMusU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/90a34c-db2f-4096-8b36-e9b1ccf317bb/1/vQQTxuRIJSdlFDEhETiDjhM4VN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:7cc0::/40
2a13:7cc0:300::/40
2a13:7cc0:1000::/40
2a13:7cc0:1300::-2a13:7cc0:14ff:ffff:ffff:ffff:ffff:ffff
2a13:7cc0:2000::/40
2a13:7cc2::/40
Signature Algorithm: sha256WithRSAEncryption
2e:cc:81:e4:ac:d9:d7:00:94:6d:ab:bb:11:39:fa:9a:93:a6:
38:15:99:c3:6f:da:83:b2:c8:f7:70:a6:ba:3a:30:55:ee:47:
5a:3f:ca:a5:c5:6a:62:51:5a:02:3d:83:7e:e3:d4:d9:99:26:
ac:80:c2:a7:12:ed:5b:73:55:17:1b:ea:2d:46:86:b9:74:a6:
9d:fd:43:51:64:f0:35:2f:f5:4b:58:4b:dc:7e:ac:9b:04:b1:
e1:83:43:66:7b:fa:f2:3c:92:71:01:a1:4f:8b:f0:ed:f8:b1:
ab:ab:44:37:07:83:67:08:f1:3c:10:77:78:02:62:86:7f:86:
cc:04:af:1a:f3:09:b1:dd:e7:35:72:7d:a6:7d:14:e2:52:c3:
5e:60:7a:56:6a:ac:7c:ae:0c:33:cc:c9:83:50:69:fd:69:38:
fb:c8:09:b0:37:a5:06:56:1c:00:f3:e8:95:d3:9a:85:3c:66:
bd:19:43:aa:2e:5b:ef:68:29:a9:0d:8a:81:77:65:56:74:e2:
45:ce:b5:db:de:37:9b:a9:ee:a7:c4:95:87:4a:d0:99:42:bb:
fe:99:c3:49:8b:99:44:76:97:af:4b:75:05:d3:bf:73:e2:a5:
ea:c9:c4:e5:1a:ef:56:3b:4a:c6:c5:6b:73:c6:c8:8a:36:b0:
e2:a4:3b:15
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZ00Btpfe/98CThVU4WHNWQIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMDQxM2M2ZTQ0ODI1Mjc2NTE0MzEyMTExMzg4MzhlMTMz
ODU0ZGUwHhcNMjYwMzI4MTAzOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGI3MDNhYzQxNDFlNzAwNjJmZGQ3NzNkOGFjNTA3YjQ1NGNiYWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5T1ZpZQ1duNgPm/WyKL1dBbNq1B
LAWmlAPoaB2eEBrOdMsqv7eU7K5fLaRGveFgDpTinw752/A9Bwl2IIh+6MaMRtec
T8fjC3cwI2UXb9IIyiUfjCe91JJDsa7G4C6i/upySIbLEjVWgxlEj4829bbxc0Ml
ux5boH3oG+sD4QRRtNtjpt3+7SGqvOdtUvIyiSOZmAMcv/bFsoghq9YbMa/glkrT
gerCUu8EJg8L68XlAnEDavdyffXueuX1Bh8IdC2DVPP+vjLnuNBPJ+DWMjLtn0yI
VMtwoDrHR6tXZtPeHaGw94EDpPa2Xt8RKPejnYL6v1km84QDUeM4IwMEkwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFM23A6xBQecAYv3Xc9isUHtFTLrFMB8GA1UdIwQY
MBaAFL0EE8bkSCUnZRQxIRE4g44TOFTeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlFRVHh1UklKU2RsRkRFaEVUaURqaE00Vk40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85MGEzNGMtZGIyZi00MDk2LThiMzYt
ZTliMWNjZjMxN2JiLzEvemJjRHJFRkI1d0JpX2RkejJLeFFlMFZNdXNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85MGEzNGMtZGIyZi00MDk2LThiMzYtZTliMWNjZjMxN2Ji
LzEvdlFRVHh1UklKU2RsRkRFaEVUaURqaE00Vk40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAAjA6AwYAKhN8wAAD
BgAqE3zAAwMGACoTfMAQMBADBgAqE3zAEwMGACoTfMAUAwYAKhN8wCADBgAqE3zC
ADANBgkqhkiG9w0BAQsFAAOCAQEALsyB5KzZ1wCUbau7ETn6mpOmOBWZw2/ag7LI
93CmujowVe5HWj/KpcVqYlFaAj2DfuPU2ZkmrIDCpxLtW3NVFxvqLUaGuXSmnf1D
UWTwNS/1S1hL3H6smwSx4YNDZnv68jyScQGhT4vw7fixq6tENweDZwjxPBB3eAJi
hn+GzASvGvMJsd3nNXJ9pn0U4lLDXmB6VmqsfK4MM8zJg1Bp/Wk4+8gJsDelBlYc
APPoldOahTxmvRlDqi5b72gpqQ2KgXdlVnTiRc612943m6nup8SVh0rQmUK7/pnD
SYuZRHaXr0t1BdO/c+Kl6snE5RrvVjtKxsVrc8bIijaw4qQ7FQ==
-----END CERTIFICATE-----
Generated at Sat Mar 28 17:33:26 2026 by rpki-client