Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/07dd58-2d2e-426e-9e1a-5454e5a16f42/1/ZLc3hqqFoBFC9frMdPPPbRsPPRU.roa
File: ZLc3hqqFoBFC9frMdPPPbRsPPRU.roa (raw, json)
Hash identifier: pd4K3nJ6Nw5wAHsdgLg8h3X1zrFnNuvfNOPXjKOzRnk=
Subject key identifier: 64:B7:37:86:AA:85:A0:11:42:F5:FA:CC:74:F3:CF:6D:1B:0F:3D:15
Certificate issuer: /CN=573cec9063a88741841908b0c5297fcdbb439530
Certificate serial: 019CB41D540CD8A78CB8934FC92BA0E1D86C
Authority key identifier: 57:3C:EC:90:63:A8:87:41:84:19:08:B0:C5:29:7F:CD:BB:43:95:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VzzskGOoh0GEGQiwxSl_zbtDlTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/07dd58-2d2e-426e-9e1a-5454e5a16f42/1/ZLc3hqqFoBFC9frMdPPPbRsPPRU.roa
Signing time: Tue 03 Mar 2026 14:32:26 +0000
ROA not before: Tue 03 Mar 2026 14:32:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 194.117.64.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/07dd58-2d2e-426e-9e1a-5454e5a16f42/1/VzzskGOoh0GEGQiwxSl_zbtDlTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/07dd58-2d2e-426e-9e1a-5454e5a16f42/1/VzzskGOoh0GEGQiwxSl_zbtDlTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/VzzskGOoh0GEGQiwxSl_zbtDlTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 17:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b4:1d:54:0c:d8:a7:8c:b8:93:4f:c9:2b:a0:e1:d8:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=573cec9063a88741841908b0c5297fcdbb439530
Validity
Not Before: Mar 3 14:32:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=64b73786aa85a01142f5facc74f3cf6d1b0f3d15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:03:2b:59:e2:eb:31:80:5a:86:ad:47:71:79:
86:be:7f:d4:5b:00:07:a7:9c:9e:85:2c:22:c8:21:
64:c1:15:c0:a6:3f:6b:f9:37:15:69:6e:80:cd:d6:
a0:1b:ad:8f:eb:5e:31:5b:75:01:9a:9c:9b:0a:66:
c0:65:f4:ac:c6:d2:77:4b:cf:28:e9:56:47:67:1f:
e7:f9:f9:27:23:f5:a0:2f:06:a2:83:f9:8f:d3:78:
c9:44:e9:05:1c:5f:8f:07:3c:97:e5:f8:8e:b5:7c:
54:b1:bb:7d:63:9d:ce:07:08:a8:4f:10:5c:bd:cc:
e0:a5:ef:4a:cf:4b:f3:d0:ba:65:07:7c:06:eb:1a:
e3:d4:a8:43:50:36:a3:6c:3d:07:11:09:e4:0d:38:
d9:65:28:ba:3b:46:94:72:33:d6:4a:64:7f:d4:d8:
5c:5f:c8:ca:45:5a:c3:24:13:45:d2:e6:3c:a2:69:
76:6b:d8:21:ad:14:7b:a8:78:4b:f6:43:0c:e3:90:
dd:63:88:22:61:a2:d1:5e:c0:c7:79:0a:3b:7d:31:
ac:44:33:51:bc:d1:7d:e6:f0:33:c8:af:97:d3:be:
6c:e8:c9:ae:29:64:85:13:20:a9:a2:4f:06:58:89:
9b:e0:a9:6f:20:2e:a6:a9:25:5b:51:1f:4e:60:bb:
7f:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:B7:37:86:AA:85:A0:11:42:F5:FA:CC:74:F3:CF:6D:1B:0F:3D:15
X509v3 Authority Key Identifier:
keyid:57:3C:EC:90:63:A8:87:41:84:19:08:B0:C5:29:7F:CD:BB:43:95:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VzzskGOoh0GEGQiwxSl_zbtDlTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/07dd58-2d2e-426e-9e1a-5454e5a16f42/1/ZLc3hqqFoBFC9frMdPPPbRsPPRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/07dd58-2d2e-426e-9e1a-5454e5a16f42/1/VzzskGOoh0GEGQiwxSl_zbtDlTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.117.64.0/24
Signature Algorithm: sha256WithRSAEncryption
12:3d:7d:d0:7b:4a:6e:2e:2e:c9:96:e5:81:44:b4:e7:c1:01:
e5:ec:3f:9a:5b:b0:b5:1a:f5:68:27:44:2e:ce:4a:14:82:6c:
7e:f2:fc:d4:e1:65:ea:1a:41:b6:23:fe:f6:33:cb:10:38:00:
ce:71:6c:4c:03:66:bf:05:16:d3:b6:c8:1c:80:1e:86:31:00:
63:4b:10:42:6b:bd:a1:12:0f:d4:32:d5:c2:ac:40:b3:3e:0d:
07:80:da:3c:df:b8:d3:eb:5b:0c:4c:07:1d:9e:d9:8c:c9:d2:
87:1c:bf:38:db:38:fa:98:89:b3:bb:f8:80:b6:60:90:e2:42:
ac:17:c5:f4:13:c2:58:bd:37:39:65:2e:ae:98:f1:6c:65:36:
f1:63:d7:df:fb:78:4a:30:4c:70:0a:c0:e8:9a:5f:a8:e4:85:
e7:66:60:24:9b:aa:78:38:62:67:b6:e2:85:4b:0a:52:ba:cf:
34:16:de:eb:35:e4:0a:9e:0d:a3:64:7f:e0:4e:35:3b:ec:17:
19:ca:74:4e:b1:50:44:1c:ed:ec:7b:b5:ac:c0:e7:1a:97:eb:
b6:19:26:0d:38:a9:a1:58:49:45:5f:78:88:81:f3:67:66:63:
a3:8e:e5:a9:cd:e9:4d:4c:b8:48:2b:a4:b7:91:cd:44:38:8f:
74:b1:4b:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZy0HVQM2KeMuJNPySug4dhsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3M2NlYzkwNjNhODg3NDE4NDE5MDhiMGM1Mjk3ZmNkYmI0
Mzk1MzAwHhcNMjYwMzAzMTQzMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGI3Mzc4NmFhODVhMDExNDJmNWZhY2M3NGYzY2Y2ZDFiMGYzZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAMrWeLrMYBahq1HcXmGvn/UWwAH
p5yehSwiyCFkwRXApj9r+TcVaW6AzdagG62P614xW3UBmpybCmbAZfSsxtJ3S88o
6VZHZx/n+fknI/WgLwaig/mP03jJROkFHF+PBzyX5fiOtXxUsbt9Y53OBwioTxBc
vczgpe9Kz0vz0LplB3wG6xrj1KhDUDajbD0HEQnkDTjZZSi6O0aUcjPWSmR/1Nhc
X8jKRVrDJBNF0uY8oml2a9ghrRR7qHhL9kMM45DdY4giYaLRXsDHeQo7fTGsRDNR
vNF95vAzyK+X075s6MmuKWSFEyCpok8GWImb4KlvIC6mqSVbUR9OYLt/+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGS3N4aqhaARQvX6zHTzz20bDz0VMB8GA1UdIwQY
MBaAFFc87JBjqIdBhBkIsMUpf827Q5UwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnp6c2tHT29oMEdFR1Fpd3hTbF96YnREbFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wN2RkNTgtMmQyZS00MjZlLTllMWEt
NTQ1NGU1YTE2ZjQyLzEvWkxjM2hxcUZvQkZDOWZyTWRQUFBiUnNQUFJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wN2RkNTgtMmQyZS00MjZlLTllMWEtNTQ1NGU1YTE2ZjQy
LzEvVnp6c2tHT29oMEdFR1Fpd3hTbF96YnREbFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwnVAMA0G
CSqGSIb3DQEBCwUAA4IBAQASPX3Qe0puLi7JluWBRLTnwQHl7D+aW7C1GvVoJ0Qu
zkoUgmx+8vzU4WXqGkG2I/72M8sQOADOcWxMA2a/BRbTtsgcgB6GMQBjSxBCa72h
Eg/UMtXCrECzPg0HgNo837jT61sMTAcdntmMydKHHL842zj6mImzu/iAtmCQ4kKs
F8X0E8JYvTc5ZS6umPFsZTbxY9ff+3hKMExwCsDoml+o5IXnZmAkm6p4OGJntuKF
SwpSus80Ft7rNeQKng2jZH/gTjU77BcZynROsVBEHO3se7WswOcal+u2GSYNOKmh
WElFX3iIgfNnZmOjjuWpzelNTLhIK6S3kc1EOI90sUsU
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:29:08 2026 by rpki-client