Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/z1M3gliK9f3OUN5TxnBIb9ShI00.roa
File: z1M3gliK9f3OUN5TxnBIb9ShI00.roa (raw, json)
Hash identifier: OLHWayFioix0DdIwuKrtDgZ3+grxyNoZZwz/2N7GtBI=
Subject key identifier: CF:53:37:82:58:8A:F5:FD:CE:50:DE:53:C6:70:48:6F:D4:A1:23:4D
Certificate issuer: /CN=80ad8c520bb9677461ddc4ec09b76d733b7d8370
Certificate serial: 019DF6F7D15FB06A7C8045C5A6987BE619F2
Authority key identifier: 80:AD:8C:52:0B:B9:67:74:61:DD:C4:EC:09:B7:6D:73:3B:7D:83:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/z1M3gliK9f3OUN5TxnBIb9ShI00.roa
Signing time: Tue 05 May 2026 07:08:49 +0000
ROA not before: Tue 05 May 2026 07:08:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202391
IP address blocks: 45.142.188.0/24 maxlen: 24
45.142.189.0/24 maxlen: 24
45.142.190.0/24 maxlen: 24
45.142.191.0/24 maxlen: 24
185.141.36.0/24 maxlen: 24
185.141.37.0/24 maxlen: 24
185.141.38.0/24 maxlen: 24
185.141.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f6:f7:d1:5f:b0:6a:7c:80:45:c5:a6:98:7b:e6:19:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80ad8c520bb9677461ddc4ec09b76d733b7d8370
Validity
Not Before: May 5 07:08:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cf533782588af5fdce50de53c670486fd4a1234d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:0c:18:37:2d:54:14:27:41:98:ad:74:f6:ab:
f7:c1:0d:b2:f3:09:65:cf:67:b6:f9:5e:3f:25:4f:
b3:5d:8f:9a:02:5e:12:fc:44:cd:ed:4a:f5:5c:0a:
1c:a1:45:7f:77:6c:08:ac:93:73:77:f0:6a:f6:da:
39:b5:9e:77:d1:74:58:98:36:6d:23:a0:cc:2a:d1:
f9:54:b1:55:79:fa:5c:fa:74:fd:ea:e7:49:70:13:
56:04:3b:af:bc:de:31:6e:11:d5:54:77:59:15:4b:
3c:cd:66:3a:5c:e8:72:73:3c:fa:cd:c6:29:68:81:
d1:95:28:56:40:fc:b7:47:c4:e7:90:d2:9f:ca:11:
c1:27:12:9e:9d:1d:f2:08:06:fd:59:44:b4:19:41:
82:87:5d:1b:57:91:24:d1:e8:aa:be:93:87:81:af:
8f:97:a2:df:e2:80:b9:82:d1:c8:a9:6e:16:a6:44:
2b:bb:91:cd:d9:84:68:48:35:48:e4:17:9c:58:02:
24:38:e9:61:ab:8f:fa:1a:5f:44:72:7b:20:06:d4:
10:ae:e2:8b:68:42:eb:2e:44:4f:ef:6e:1c:69:af:
8a:4d:9c:ad:c6:ba:25:f3:f2:bd:91:4c:7f:48:1f:
0b:ff:48:d0:a3:65:87:d4:d9:9b:02:67:af:e2:1a:
a5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:53:37:82:58:8A:F5:FD:CE:50:DE:53:C6:70:48:6F:D4:A1:23:4D
X509v3 Authority Key Identifier:
keyid:80:AD:8C:52:0B:B9:67:74:61:DD:C4:EC:09:B7:6D:73:3B:7D:83:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/z1M3gliK9f3OUN5TxnBIb9ShI00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.188.0/22
185.141.36.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:e8:0b:c9:db:1c:d2:b1:49:b6:63:26:0a:e6:f6:7b:b1:56:
09:17:2d:27:d0:e6:e3:83:6d:74:be:a8:73:ad:33:3b:24:6f:
02:fb:76:b7:fd:0c:10:f5:1d:1d:a5:f8:df:f2:4a:e8:1b:5a:
c1:2a:ba:a0:67:f1:19:86:78:20:52:bd:b1:64:28:74:9b:c5:
d8:b0:90:36:07:68:4f:7c:83:d9:93:e5:d2:21:6a:4b:48:ac:
2a:19:1f:88:2e:92:19:59:db:86:4c:c2:7a:ea:cd:2e:db:a0:
0c:d3:47:97:b9:25:9b:46:ad:79:ad:a9:bb:d2:2c:48:e2:5e:
9e:f9:1e:2f:97:e2:ab:5c:49:f2:6f:01:85:a2:c0:95:57:7b:
d3:14:2f:29:03:69:84:bd:c9:3e:dc:d0:fb:4a:f9:44:1e:4d:
3a:30:a3:26:10:68:0b:ad:2f:2b:d6:ba:c3:c5:67:72:f3:65:
76:a4:61:5f:c4:97:7d:d1:a9:46:38:be:81:d1:1f:77:20:7c:
4b:93:7d:71:39:46:a8:4e:c9:cf:0c:5a:b8:2c:66:0c:4f:7d:
19:4a:6b:c5:e1:88:ed:18:b3:f8:6e:21:4e:d0:64:de:67:53:
12:e9:de:64:c2:e3:12:ab:d3:c1:18:9a:ec:99:57:d0:c9:b8:
ea:5f:5c:14
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ3299FfsGp8gEXFpph75hnyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYWQ4YzUyMGJiOTY3NzQ2MWRkYzRlYzA5Yjc2ZDczM2I3
ZDgzNzAwHhcNMjYwNTA1MDcwODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjUzMzc4MjU4OGFmNWZkY2U1MGRlNTNjNjcwNDg2ZmQ0YTEyMzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwAwYNy1UFCdBmK109qv3wQ2y8wll
z2e2+V4/JU+zXY+aAl4S/ETN7Ur1XAocoUV/d2wIrJNzd/Bq9to5tZ530XRYmDZt
I6DMKtH5VLFVefpc+nT96udJcBNWBDuvvN4xbhHVVHdZFUs8zWY6XOhyczz6zcYp
aIHRlShWQPy3R8TnkNKfyhHBJxKenR3yCAb9WUS0GUGCh10bV5Ek0eiqvpOHga+P
l6Lf4oC5gtHIqW4WpkQru5HN2YRoSDVI5BecWAIkOOlhq4/6Gl9EcnsgBtQQruKL
aELrLkRP724caa+KTZytxrol8/K9kUx/SB8L/0jQo2WH1NmbAmev4hqlCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM9TN4JYivX9zlDeU8ZwSG/UoSNNMB8GA1UdIwQY
MBaAFICtjFILuWd0Yd3E7Am3bXM7fYNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0syTVVndTVaM1JoM2NUc0NiZHRjenQ5ZzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yMjVlYzMtMDM4Ny00YjVkLTg4YzEt
YzYxNzUxYzZiMTk1LzEvejFNM2dsaUs5ZjNPVU41VHhuQkliOVNoSTAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yMjVlYzMtMDM4Ny00YjVkLTg4YzEtYzYxNzUxYzZiMTk1
LzEvZ0syTVVndTVaM1JoM2NUc0NiZHRjenQ5ZzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLY68AwQC
uY0kMA0GCSqGSIb3DQEBCwUAA4IBAQCO6AvJ2xzSsUm2YyYK5vZ7sVYJFy0n0Obj
g210vqhzrTM7JG8C+3a3/QwQ9R0dpfjf8kroG1rBKrqgZ/EZhnggUr2xZCh0m8XY
sJA2B2hPfIPZk+XSIWpLSKwqGR+ILpIZWduGTMJ66s0u26AM00eXuSWbRq15ram7
0ixI4l6e+R4vl+KrXEnybwGFosCVV3vTFC8pA2mEvck+3ND7SvlEHk06MKMmEGgL
rS8r1rrDxWdy82V2pGFfxJd90alGOL6B0R93IHxLk31xOUaoTsnPDFq4LGYMT30Z
SmvF4YjtGLP4biFO0GTeZ1MS6d5kwuMSq9PBGJrsmVfQybjqX1wU
-----END CERTIFICATE-----
Generated at Wed May 13 15:02:51 2026 by rpki-client