Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/M0-zibw8figUEualVbAK_qKKn7I.roa
File: M0-zibw8figUEualVbAK_qKKn7I.roa (raw, json)
Hash identifier: Z5xGisw/jnK6aZVp7vDDb87cHHqmNXG4qfj0M/Do+gA=
Subject key identifier: 33:4F:B3:89:BC:3C:7E:28:14:12:E6:A5:55:B0:0A:FE:A2:8A:9F:B2
Certificate issuer: /CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Certificate serial: 019D11005E089C1171AD1B0D137FCB236EDC
Authority key identifier: E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/M0-zibw8figUEualVbAK_qKKn7I.roa
Signing time: Sat 21 Mar 2026 15:25:29 +0000
ROA not before: Sat 21 Mar 2026 15:25:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 200902
IP address blocks: 195.58.152.0/24 maxlen: 24
2a13:d201:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:11:00:5e:08:9c:11:71:ad:1b:0d:13:7f:cb:23:6e:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Validity
Not Before: Mar 21 15:25:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=334fb389bc3c7e281412e6a555b00afea28a9fb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d1:16:1e:55:dc:08:8d:32:18:1d:ba:82:29:
bd:3b:8b:95:d9:70:10:89:df:2f:24:98:f6:af:16:
36:b4:33:ae:1b:58:a1:54:f5:5c:93:16:cb:94:37:
bd:c7:86:49:d8:5a:b5:a4:1a:6d:0d:13:ab:62:60:
86:79:8a:78:f5:fd:d1:b2:a8:73:56:d3:60:5d:71:
a4:0a:67:48:1c:94:9c:e5:8f:8f:91:cd:05:82:d8:
3a:89:48:57:ce:ba:91:4c:b0:82:7b:5e:ec:f1:8f:
e0:e5:33:ee:35:54:bc:6a:15:47:6f:f1:46:8b:4b:
25:b4:7d:aa:eb:57:93:53:b1:a0:ce:ed:ad:37:e9:
87:7d:9a:7a:a2:11:5b:28:06:9d:3b:f9:a1:36:8b:
f7:f7:9c:06:ce:69:a6:56:f4:3c:bf:87:ba:f4:3f:
8c:7f:fa:54:2e:f8:09:9e:09:9f:c3:d5:3d:3a:de:
e8:8c:c1:d0:7c:c7:34:59:97:93:ce:08:81:c7:dd:
f6:e5:b9:42:4e:8b:f8:4f:85:ce:a4:83:54:ae:a8:
b6:dc:4d:d3:e6:72:4f:da:46:6c:05:c2:48:34:bb:
cc:e0:be:c2:3d:1a:8c:43:d8:cf:38:ba:d0:8e:61:
7f:6e:b8:7c:0c:93:cb:20:7c:72:5a:d8:d7:23:66:
40:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:4F:B3:89:BC:3C:7E:28:14:12:E6:A5:55:B0:0A:FE:A2:8A:9F:B2
X509v3 Authority Key Identifier:
keyid:E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/M0-zibw8figUEualVbAK_qKKn7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.152.0/24
IPv6:
2a13:d201:4::/48
Signature Algorithm: sha256WithRSAEncryption
91:a4:30:06:9a:0a:60:e3:c7:20:96:41:04:66:c2:27:d8:5e:
57:d4:54:8b:02:93:87:d0:20:f6:f3:7d:85:ef:de:8a:86:4a:
5d:d8:09:5d:3f:cd:38:64:61:aa:39:a2:22:e2:aa:a2:29:ac:
5a:14:5f:bd:5b:35:33:40:ff:5b:8e:7e:ff:a2:bc:94:20:72:
9e:11:d4:88:36:a0:6a:7c:f1:c7:35:f8:14:a2:d2:78:75:f5:
a6:47:14:df:c3:29:82:e9:2e:71:66:32:22:83:72:e6:09:1a:
97:8e:6c:1b:ac:23:bf:c7:0c:7a:a7:76:f3:ff:4d:76:77:aa:
c1:b8:c4:04:4f:54:40:06:8f:84:f9:9b:bd:02:d6:c7:00:d3:
dc:96:1b:ac:63:0d:76:e3:28:e6:b6:b9:5c:1a:df:ea:c4:91:
b7:e7:97:ce:e2:54:0d:f1:5f:f8:1c:1f:35:bd:c0:f7:65:cf:
72:4f:e6:0e:b6:f9:27:e5:e3:33:f0:96:9c:e7:0e:92:a4:b2:
46:e6:a0:ab:ce:46:ef:d5:0f:52:b0:d3:11:e1:f3:3e:f4:bf:
10:eb:33:af:4a:d6:61:83:d0:64:6b:fe:62:98:cb:7d:f1:2d:
84:ff:c2:68:aa:62:ac:d4:aa:54:44:a7:2b:bd:ed:27:de:6f:
62:b6:28:3b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZ0RAF4InBFxrRsNE3/LI27cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MTZkYzlkYjRlNDlkZTcxYjJmZDA4MTlkYWU4NTNhZWIw
NTNiMDYwHhcNMjYwMzIxMTUyNTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzRmYjM4OWJjM2M3ZTI4MTQxMmU2YTU1NWIwMGFmZWEyOGE5ZmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNEWHlXcCI0yGB26gim9O4uV2XAQ
id8vJJj2rxY2tDOuG1ihVPVckxbLlDe9x4ZJ2Fq1pBptDROrYmCGeYp49f3Rsqhz
VtNgXXGkCmdIHJSc5Y+Pkc0Fgtg6iUhXzrqRTLCCe17s8Y/g5TPuNVS8ahVHb/FG
i0sltH2q61eTU7Ggzu2tN+mHfZp6ohFbKAadO/mhNov395wGzmmmVvQ8v4e69D+M
f/pULvgJngmfw9U9Ot7ojMHQfMc0WZeTzgiBx9325blCTov4T4XOpINUrqi23E3T
5nJP2kZsBcJINLvM4L7CPRqMQ9jPOLrQjmF/brh8DJPLIHxyWtjXI2ZArQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDNPs4m8PH4oFBLmpVWwCv6iip+yMB8GA1UdIwQY
MBaAFOkW3J205J3nGy/QgZ2uhTrrBTsGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMt
YmU4NTJmNjQ0MjAxLzEvTTAtemlidzhmaWdVRXVhbFZiQUtfcUtLbjdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMtYmU4NTJmNjQ0MjAx
LzEvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwzqYMA8E
AgACMAkDBwAqE9IBAAQwDQYJKoZIhvcNAQELBQADggEBAJGkMAaaCmDjxyCWQQRm
wifYXlfUVIsCk4fQIPbzfYXv3oqGSl3YCV0/zThkYao5oiLiqqIprFoUX71bNTNA
/1uOfv+ivJQgcp4R1Ig2oGp88cc1+BSi0nh19aZHFN/DKYLpLnFmMiKDcuYJGpeO
bBusI7/HDHqndvP/TXZ3qsG4xARPVEAGj4T5m70C1scA09yWG6xjDXbjKOa2uVwa
3+rEkbfnl87iVA3xX/gcHzW9wPdlz3JP5g62+Sfl4zPwlpznDpKkskbmoKvORu/V
D1Kw0xHh8z70vxDrM69K1mGD0GRr/mKYy33xLYT/wmiqYqzUqlREpyu97Sfeb2K2
KDs=
-----END CERTIFICATE-----
Generated at Thu Mar 26 19:00:59 2026 by rpki-client