Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/977ff4-d3da-43f7-a93a-442cc3649bac/1/ZCHxju4N5_hWAUjZ5PsoUevMzO4.roa
File: ZCHxju4N5_hWAUjZ5PsoUevMzO4.roa (raw, json)
Hash identifier: ZuY9l1MEP5ns/5zS4M4Uxiwc0zR/t3Ns6GDag16Mf6M=
Subject key identifier: 64:21:F1:8E:EE:0D:E7:F8:56:01:48:D9:E4:FB:28:51:EB:CC:CC:EE
Certificate issuer: /CN=b8b3d4ace735613ecbc591dffc2985f3417667d3
Certificate serial: 019D0064ECE85FCED8B6F5179E6FD3F9ADB7
Authority key identifier: B8:B3:D4:AC:E7:35:61:3E:CB:C5:91:DF:FC:29:85:F3:41:76:67:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uLPUrOc1YT7LxZHf_CmF80F2Z9M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/977ff4-d3da-43f7-a93a-442cc3649bac/1/ZCHxju4N5_hWAUjZ5PsoUevMzO4.roa
Signing time: Wed 18 Mar 2026 10:01:47 +0000
ROA not before: Wed 18 Mar 2026 10:01:47 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215960
IP address blocks: 185.153.55.0/24 maxlen: 24
195.72.60.0/24 maxlen: 24
195.72.61.0/24 maxlen: 24
195.72.62.0/24 maxlen: 24
2a07:e041::/32 maxlen: 32
2a07:e043::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/977ff4-d3da-43f7-a93a-442cc3649bac/1/uLPUrOc1YT7LxZHf_CmF80F2Z9M.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/977ff4-d3da-43f7-a93a-442cc3649bac/1/uLPUrOc1YT7LxZHf_CmF80F2Z9M.mft
rsync://rpki.ripe.net/repository/DEFAULT/uLPUrOc1YT7LxZHf_CmF80F2Z9M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 13:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:00:64:ec:e8:5f:ce:d8:b6:f5:17:9e:6f:d3:f9:ad:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8b3d4ace735613ecbc591dffc2985f3417667d3
Validity
Not Before: Mar 18 10:01:47 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6421f18eee0de7f8560148d9e4fb2851ebccccee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:61:0f:d6:87:5c:04:d8:80:29:1e:c2:9c:23:
2e:97:4c:16:47:d0:f3:d6:20:bb:50:c0:07:c3:31:
7a:80:dc:e6:56:ba:86:9f:8d:2a:5a:7a:ae:1b:67:
96:1f:95:69:c6:e6:ff:30:1d:96:50:56:e8:fa:af:
4d:3c:3a:ee:17:32:62:1a:45:26:a5:ad:a1:94:12:
15:e7:11:20:c9:4f:27:e7:e3:94:b8:12:cd:8d:85:
08:1d:e5:0c:60:eb:49:64:72:bc:99:e2:6a:99:18:
27:41:59:eb:92:8f:30:39:4d:53:c2:be:3f:db:d1:
30:9f:64:91:15:ed:09:2e:38:72:d7:f3:9d:ff:6d:
80:b3:18:6c:18:a1:1c:5e:30:d5:d4:4d:10:b2:f0:
51:3c:aa:1f:85:d6:d8:c6:53:2d:10:04:f7:c9:14:
30:6c:f6:22:07:64:fb:a3:b1:43:04:81:3f:ce:61:
f3:b1:eb:7e:f7:0e:dc:26:0d:58:09:7c:0d:fb:40:
00:be:1f:20:00:9a:0f:d7:ec:e1:a5:31:1f:2d:a0:
1b:3f:fd:75:79:36:b6:db:0e:2a:38:4d:00:f4:61:
ef:51:60:6d:46:a2:ed:f1:72:df:39:89:fb:68:f1:
c6:db:4b:f4:6b:69:8a:06:06:eb:25:79:02:d2:3f:
94:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:21:F1:8E:EE:0D:E7:F8:56:01:48:D9:E4:FB:28:51:EB:CC:CC:EE
X509v3 Authority Key Identifier:
keyid:B8:B3:D4:AC:E7:35:61:3E:CB:C5:91:DF:FC:29:85:F3:41:76:67:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uLPUrOc1YT7LxZHf_CmF80F2Z9M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/977ff4-d3da-43f7-a93a-442cc3649bac/1/ZCHxju4N5_hWAUjZ5PsoUevMzO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/977ff4-d3da-43f7-a93a-442cc3649bac/1/uLPUrOc1YT7LxZHf_CmF80F2Z9M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.55.0/24
195.72.60.0-195.72.62.255
IPv6:
2a07:e041::/32
2a07:e043::/32
Signature Algorithm: sha256WithRSAEncryption
66:2b:c2:af:54:69:d4:c0:8e:f1:c2:5c:0e:56:ce:25:cc:a8:
8e:3f:d0:d4:fe:78:00:92:da:2d:50:c9:ef:b0:2b:97:64:48:
99:23:48:9d:5d:72:a8:c0:08:a1:ce:9b:9f:cb:0c:e8:81:78:
fe:f8:d6:10:4a:a8:9d:5e:89:6d:5e:b1:1c:a1:df:b6:86:7f:
0a:9b:4c:e5:06:20:83:cc:f6:41:c3:06:a4:ee:a8:1d:57:c4:
11:b7:8c:0b:99:c9:dd:04:e2:07:f8:3a:ab:03:44:f0:80:4a:
7d:25:b2:45:5a:d7:63:c2:57:0e:c9:7d:21:c9:3f:8b:e7:12:
59:8c:59:1a:5c:bb:71:57:0f:90:73:f1:a4:53:da:be:d5:56:
92:56:58:c0:60:68:b0:1b:81:57:c4:96:fc:c9:df:ae:14:24:
54:83:50:a6:27:21:fa:48:5a:13:e5:12:ab:2b:6f:74:51:24:
ee:7f:ba:dc:68:62:24:47:fd:ac:83:67:34:23:1f:6b:6d:33:
7d:d2:ec:03:74:a8:cf:94:f1:b1:c5:6a:30:3f:1c:00:9e:9f:
34:d1:16:1a:d9:01:f8:5b:d0:c5:b4:63:4e:b2:c1:64:e2:a5:
f7:1c:69:13:e3:62:aa:49:17:e8:98:6d:43:1b:6d:6a:5c:bb:
34:60:e6:57
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ0AZOzoX87YtvUXnm/T+a23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4YjNkNGFjZTczNTYxM2VjYmM1OTFkZmZjMjk4NWYzNDE3
NjY3ZDMwHhcNMjYwMzE4MTAwMTQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDIxZjE4ZWVlMGRlN2Y4NTYwMTQ4ZDllNGZiMjg1MWViY2NjY2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02EP1odcBNiAKR7CnCMul0wWR9Dz
1iC7UMAHwzF6gNzmVrqGn40qWnquG2eWH5Vpxub/MB2WUFbo+q9NPDruFzJiGkUm
pa2hlBIV5xEgyU8n5+OUuBLNjYUIHeUMYOtJZHK8meJqmRgnQVnrko8wOU1Twr4/
29Ewn2SRFe0JLjhy1/Od/22AsxhsGKEcXjDV1E0QsvBRPKofhdbYxlMtEAT3yRQw
bPYiB2T7o7FDBIE/zmHzset+9w7cJg1YCXwN+0AAvh8gAJoP1+zhpTEfLaAbP/11
eTa22w4qOE0A9GHvUWBtRqLt8XLfOYn7aPHG20v0a2mKBgbrJXkC0j+UtQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGQh8Y7uDef4VgFI2eT7KFHrzMzuMB8GA1UdIwQY
MBaAFLiz1KznNWE+y8WR3/wphfNBdmfTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUxQVXJPYzFZVDdMeFpIZl9DbUY4MEYyWjlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi85NzdmZjQtZDNkYS00M2Y3LWE5M2Et
NDQyY2MzNjQ5YmFjLzEvWkNIeGp1NE41X2hXQVVqWjVQc29VZXZNek80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi85NzdmZjQtZDNkYS00M2Y3LWE5M2EtNDQyY2MzNjQ5YmFj
LzEvdUxQVXJPYzFZVDdMeFpIZl9DbUY4MEYyWjlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAaBAIAATAUAwQAuZk3MAwD
BALDSDwDBADDSD4wFAQCAAIwDgMFACoH4EEDBQAqB+BDMA0GCSqGSIb3DQEBCwUA
A4IBAQBmK8KvVGnUwI7xwlwOVs4lzKiOP9DU/ngAktotUMnvsCuXZEiZI0idXXKo
wAihzpufywzogXj++NYQSqidXoltXrEcod+2hn8Km0zlBiCDzPZBwwak7qgdV8QR
t4wLmcndBOIH+DqrA0TwgEp9JbJFWtdjwlcOyX0hyT+L5xJZjFkaXLtxVw+Qc/Gk
U9q+1VaSVljAYGiwG4FXxJb8yd+uFCRUg1CmJyH6SFoT5RKrK290USTuf7rcaGIk
R/2sg2c0Ix9rbTN90uwDdKjPlPGxxWowPxwAnp800RYa2QH4W9DFtGNOssFk4qX3
HGkT42KqSRfomG1DG21qXLs0YOZX
-----END CERTIFICATE-----
Generated at Wed Mar 25 21:27:23 2026 by rpki-client