Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/zWme1r8iZW902K8g1T3IwyHu1KQ.roa
File: zWme1r8iZW902K8g1T3IwyHu1KQ.roa (raw, json)
Hash identifier: 10NPHIlk5Vu6onVqpCF50AvdHARCGkg19nRwXyWS890=
Subject key identifier: CD:69:9E:D6:BF:22:65:6F:74:D8:AF:20:D5:3D:C8:C3:21:EE:D4:A4
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019DD9A56B507CB780A53793BA5A6E082388
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/zWme1r8iZW902K8g1T3IwyHu1KQ.roa
Signing time: Wed 29 Apr 2026 14:29:49 +0000
ROA not before: Wed 29 Apr 2026 14:29:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39351
IP address blocks: 193.234.92.0/24 maxlen: 24
2a01:280:330::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d9:a5:6b:50:7c:b7:80:a5:37:93:ba:5a:6e:08:23:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Apr 29 14:29:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cd699ed6bf22656f74d8af20d53dc8c321eed4a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:44:9f:bb:bd:04:9a:b7:88:4b:72:55:a9:c7:
36:ff:b9:75:39:05:86:93:77:07:9d:c3:a8:6d:62:
67:a4:5f:a2:25:ba:82:7d:9b:94:c7:50:25:13:af:
a8:75:29:ef:69:79:88:e9:38:42:94:22:52:1a:3d:
f5:fa:ab:5f:dd:63:83:ec:5b:69:6a:fe:56:e0:8e:
90:a4:23:45:94:21:3a:69:24:c3:f0:48:a2:dd:3d:
30:da:c5:02:51:83:31:22:98:90:f9:90:76:72:69:
e5:8b:e4:78:ed:32:5c:24:8e:17:c1:47:f6:10:10:
52:a2:52:86:b9:93:47:9c:3b:ed:ff:3a:f7:5f:8e:
b0:cc:33:80:d4:5e:c0:bd:a2:c3:3b:b5:19:a4:3f:
a5:57:85:7a:ad:cc:52:76:76:1f:d5:51:6b:d4:40:
ff:71:c1:32:56:67:ae:54:8a:ed:78:de:65:8b:64:
90:39:5f:30:fc:d3:35:2d:f4:ad:af:ac:cf:db:9b:
6d:c5:1f:b9:9d:f8:16:44:36:ef:47:1e:83:04:ad:
05:9c:59:c5:0f:db:0c:26:ce:75:c1:6e:6f:a5:84:
31:ff:14:16:71:0a:aa:b2:39:ab:78:dc:45:bf:c1:
0d:32:b6:b5:e3:89:d2:9d:01:c0:7c:37:4f:94:66:
c3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:69:9E:D6:BF:22:65:6F:74:D8:AF:20:D5:3D:C8:C3:21:EE:D4:A4
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/zWme1r8iZW902K8g1T3IwyHu1KQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.234.92.0/24
IPv6:
2a01:280:330::/48
Signature Algorithm: sha256WithRSAEncryption
39:f8:d3:28:0a:2e:29:4b:d0:e3:5b:6a:9c:ca:f2:68:10:07:
9a:0e:c3:ae:d4:ed:ad:8d:bf:a7:e3:e8:dc:a5:01:5d:69:37:
db:62:ba:3d:5b:dd:e1:49:5f:e0:3f:15:44:5e:d1:13:01:94:
61:aa:ce:12:0a:0b:77:7a:45:49:7a:6d:fa:d9:57:a3:a3:0d:
9a:1e:2b:f9:28:fb:6b:1b:28:cc:65:05:82:40:c5:4d:a8:2a:
1e:58:be:d7:b5:67:11:ce:70:45:37:cb:5c:7b:99:78:ef:4b:
86:96:66:c4:d0:04:a4:49:87:06:c3:6d:cf:75:9f:d5:94:d4:
be:9f:2b:69:dc:4b:af:3f:75:01:33:e0:1f:e6:dc:87:5b:de:
00:b3:6d:b0:58:ee:4a:91:2b:36:0d:52:ad:c9:87:a4:11:89:
a7:98:d5:c9:4d:2f:13:2b:96:98:09:e5:bc:8d:83:54:0b:00:
b8:47:94:a2:44:21:69:c9:1e:33:3f:85:c4:95:ba:b9:b3:c4:
de:91:dd:ed:44:be:94:4c:ad:1d:bb:4f:e3:8f:cc:b8:a8:3c:
42:c5:49:ee:5e:ab:2b:44:00:e4:a2:1c:9b:58:ca:33:d2:9a:
a2:47:15:ec:4a:52:e7:18:f8:40:ba:68:2b:f2:3f:f2:9d:1e:
e7:4f:76:7b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZ3ZpWtQfLeApTeTulpuCCOIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjYwNDI5MTQyOTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDY5OWVkNmJmMjI2NTZmNzRkOGFmMjBkNTNkYzhjMzIxZWVkNGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0Sfu70EmreIS3JVqcc2/7l1OQWG
k3cHncOobWJnpF+iJbqCfZuUx1AlE6+odSnvaXmI6ThClCJSGj31+qtf3WOD7Ftp
av5W4I6QpCNFlCE6aSTD8Eii3T0w2sUCUYMxIpiQ+ZB2cmnli+R47TJcJI4XwUf2
EBBSolKGuZNHnDvt/zr3X46wzDOA1F7AvaLDO7UZpD+lV4V6rcxSdnYf1VFr1ED/
ccEyVmeuVIrteN5li2SQOV8w/NM1LfStr6zP25ttxR+5nfgWRDbvRx6DBK0FnFnF
D9sMJs51wW5vpYQx/xQWcQqqsjmreNxFv8ENMra144nSnQHAfDdPlGbDfwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM1pnta/ImVvdNivINU9yMMh7tSkMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEveldtZTFyOGlaVzkwMks4ZzFUM0l3eUh1MUtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwepcMA8E
AgACMAkDBwAqAQKAAzAwDQYJKoZIhvcNAQELBQADggEBADn40ygKLilL0ONbapzK
8mgQB5oOw67U7a2Nv6fj6NylAV1pN9tiuj1b3eFJX+A/FURe0RMBlGGqzhIKC3d6
RUl6bfrZV6OjDZoeK/ko+2sbKMxlBYJAxU2oKh5Yvte1ZxHOcEU3y1x7mXjvS4aW
ZsTQBKRJhwbDbc91n9WU1L6fK2ncS68/dQEz4B/m3Idb3gCzbbBY7kqRKzYNUq3J
h6QRiaeY1clNLxMrlpgJ5byNg1QLALhHlKJEIWnJHjM/hcSVurmzxN6R3e1EvpRM
rR27T+OPzLioPELFSe5eqytEAOSiHJtYyjPSmqJHFexKUucY+EC6aCvyP/KdHudP
dns=
-----END CERTIFICATE-----
Generated at Wed May 13 15:24:23 2026 by rpki-client