Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/z0HWzHbUtL6Ixt6bP9XLDqmrSWs.roa
File: z0HWzHbUtL6Ixt6bP9XLDqmrSWs.roa (raw, json)
Hash identifier: Uo8TyooEcoWORHt1PlDbRhL+kZYnJOCYKdY5vbi6RGc=
Subject key identifier: CF:41:D6:CC:76:D4:B4:BE:88:C6:DE:9B:3F:D5:CB:0E:A9:AB:49:6B
Certificate issuer: /CN=c2eafaa30b340ecf810a4cb9af3b51c702566598
Certificate serial: 019DDE9B6AA0F2BF659D8BC8782F11B12D8A
Authority key identifier: C2:EA:FA:A3:0B:34:0E:CF:81:0A:4C:B9:AF:3B:51:C7:02:56:65:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/z0HWzHbUtL6Ixt6bP9XLDqmrSWs.roa
Signing time: Thu 30 Apr 2026 13:37:00 +0000
ROA not before: Thu 30 Apr 2026 13:37:00 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 8410
IP address blocks: 194.0.120.0/24 maxlen: 24
194.0.122.0/24 maxlen: 24
194.0.123.0/24 maxlen: 24
194.55.161.0/24 maxlen: 24
194.55.163.0/24 maxlen: 24
194.55.168.0/24 maxlen: 24
194.55.171.0/24 maxlen: 24
195.140.180.0/22 maxlen: 22
195.140.180.0/24 maxlen: 24
195.140.181.0/24 maxlen: 24
195.140.182.0/24 maxlen: 24
195.140.183.0/24 maxlen: 24
212.15.32.0/21 maxlen: 21
212.15.32.0/24 maxlen: 24
212.15.33.0/24 maxlen: 24
212.15.34.0/24 maxlen: 24
212.15.35.0/24 maxlen: 24
212.15.36.0/24 maxlen: 24
212.15.37.0/24 maxlen: 24
212.15.38.0/24 maxlen: 24
212.15.39.0/24 maxlen: 24
212.15.40.0/24 maxlen: 24
212.15.41.0/24 maxlen: 24
212.15.44.0/24 maxlen: 24
212.15.45.0/24 maxlen: 24
212.15.46.0/24 maxlen: 24
212.15.48.0/24 maxlen: 24
212.15.52.0/24 maxlen: 24
212.15.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.mft
rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 14:48:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:de:9b:6a:a0:f2:bf:65:9d:8b:c8:78:2f:11:b1:2d:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2eafaa30b340ecf810a4cb9af3b51c702566598
Validity
Not Before: Apr 30 13:37:00 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cf41d6cc76d4b4be88c6de9b3fd5cb0ea9ab496b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:3f:54:22:32:c0:3a:c6:61:9f:32:90:6a:ee:
55:72:76:4c:a8:25:e8:5b:03:9b:f5:57:5e:ae:6c:
be:49:88:0e:29:fa:25:2d:0c:62:4e:c7:a0:95:25:
e3:28:d3:46:20:77:bf:98:ac:7b:3c:b2:7e:b3:90:
22:e4:83:63:a2:dd:c3:88:43:0c:48:db:16:96:c5:
52:f2:f3:fc:15:fd:14:5f:a6:2a:68:6d:12:2c:20:
8b:0f:b3:32:87:b1:a9:c9:e5:86:c9:b1:ae:c0:b9:
a4:92:b4:3a:fd:f3:52:e0:fa:ab:65:0e:c1:50:6d:
22:62:2f:22:5c:87:33:a7:83:b9:1a:5d:05:2a:f6:
c0:f8:ec:b4:be:ff:a2:e2:a8:b2:16:0b:e3:71:b9:
f3:88:7a:69:c1:8d:d9:73:fe:e7:b7:8d:85:d1:ae:
94:d4:0c:5b:24:15:f1:16:0b:4e:1a:c0:8c:f4:88:
87:bf:e5:c4:2b:f2:71:32:ce:14:68:79:36:13:5a:
2b:fc:02:0a:db:dd:c0:0f:36:82:9f:e2:18:e4:e5:
82:16:ef:9b:bc:c6:32:b7:e6:c8:6c:db:cc:ce:99:
b1:82:ba:5b:91:e5:6b:46:24:f9:c1:27:22:3f:b9:
85:70:1b:c7:be:ee:7d:0f:a0:79:4d:df:60:e5:0b:
71:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:41:D6:CC:76:D4:B4:BE:88:C6:DE:9B:3F:D5:CB:0E:A9:AB:49:6B
X509v3 Authority Key Identifier:
keyid:C2:EA:FA:A3:0B:34:0E:CF:81:0A:4C:B9:AF:3B:51:C7:02:56:65:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wur6ows0Ds-BCky5rztRxwJWZZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/z0HWzHbUtL6Ixt6bP9XLDqmrSWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a34a16-f880-4873-868b-5ecafda471f7/1/wur6ows0Ds-BCky5rztRxwJWZZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.120.0/24
194.0.122.0/23
194.55.161.0/24
194.55.163.0/24
194.55.168.0/24
194.55.171.0/24
195.140.180.0/22
212.15.32.0-212.15.41.255
212.15.44.0-212.15.46.255
212.15.48.0/24
212.15.52.0/23
Signature Algorithm: sha256WithRSAEncryption
09:97:49:8a:e7:dd:94:69:0d:da:c0:d8:04:c5:ce:9c:e7:4b:
63:5b:df:a1:4a:90:28:2d:d3:be:8d:08:d7:91:b2:36:44:d8:
a4:c9:b6:b0:0b:6e:e2:21:48:f9:7e:e6:8b:09:d8:42:dc:7e:
d9:c6:e5:df:34:82:14:3f:1f:e9:a4:d2:a2:87:09:67:16:7a:
92:ed:7c:cc:69:6a:7e:70:6a:85:40:4e:88:47:d4:53:88:20:
19:cb:8c:0b:8f:70:23:85:47:86:18:70:f3:f0:01:db:be:99:
ea:18:ee:f8:4f:84:50:da:e5:76:89:09:38:52:02:09:04:14:
5f:29:ad:be:04:0f:9b:f3:3c:2f:65:48:6b:fc:ce:c8:92:47:
74:57:7b:74:bf:10:c2:66:a9:f5:4c:98:0e:c8:31:1b:95:b6:
c1:7a:e4:e5:e5:b1:e9:ad:fd:dc:4b:2c:da:26:45:e6:bd:e7:
15:29:e0:e6:3f:ff:92:8e:28:5f:ad:c2:e1:a4:9e:84:52:5a:
4e:14:a6:76:95:3d:ff:42:53:4b:89:67:2f:c6:74:75:30:56:
c7:72:3f:ad:bb:5c:fc:f5:8f:6e:cf:82:57:80:39:0d:17:9d:
f5:a0:8e:d2:b9:a8:05:90:b7:b4:7d:1b:46:e7:fd:59:b2:c7:
df:f3:eb:65
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZ3em2qg8r9lnYvIeC8RsS2KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWFmYWEzMGIzNDBlY2Y4MTBhNGNiOWFmM2I1MWM3MDI1
NjY1OTgwHhcNMjYwNDMwMTMzNzAwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjQxZDZjYzc2ZDRiNGJlODhjNmRlOWIzZmQ1Y2IwZWE5YWI0OTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4D9UIjLAOsZhnzKQau5VcnZMqCXo
WwOb9Vdermy+SYgOKfolLQxiTseglSXjKNNGIHe/mKx7PLJ+s5Ai5INjot3DiEMM
SNsWlsVS8vP8Ff0UX6YqaG0SLCCLD7Myh7GpyeWGybGuwLmkkrQ6/fNS4PqrZQ7B
UG0iYi8iXIczp4O5Gl0FKvbA+Oy0vv+i4qiyFgvjcbnziHppwY3Zc/7nt42F0a6U
1AxbJBXxFgtOGsCM9IiHv+XEK/JxMs4UaHk2E1or/AIK293ADzaCn+IY5OWCFu+b
vMYyt+bIbNvMzpmxgrpbkeVrRiT5wSciP7mFcBvHvu59D6B5Td9g5Qtx8QIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFM9B1sx21LS+iMbemz/Vyw6pq0lrMB8GA1UdIwQY
MBaAFMLq+qMLNA7PgQpMua87UccCVmWYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3VyNm93czBEcy1CQ2t5NXJ6dFJ4d0pXWlpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hMzRhMTYtZjg4MC00ODczLTg2OGIt
NWVjYWZkYTQ3MWY3LzEvejBIV3pIYlV0TDZJeHQ2YlA5WExEcW1yU1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9hMzRhMTYtZjg4MC00ODczLTg2OGItNWVjYWZkYTQ3MWY3
LzEvd3VyNm93czBEcy1CQ2t5NXJ6dFJ4d0pXWlpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAwgB4AwQB
wgB6AwQAwjehAwQAwjejAwQAwjeoAwQAwjerAwQCw4y0MAwDBAXUDyADBAHUDygw
DAMEAtQPLAMEANQPLgMEANQPMAMEAdQPNDANBgkqhkiG9w0BAQsFAAOCAQEACZdJ
iufdlGkN2sDYBMXOnOdLY1vfoUqQKC3Tvo0I15GyNkTYpMm2sAtu4iFI+X7miwnY
Qtx+2cbl3zSCFD8f6aTSoocJZxZ6ku18zGlqfnBqhUBOiEfUU4ggGcuMC49wI4VH
hhhw8/AB276Z6hju+E+EUNrldokJOFICCQQUXymtvgQPm/M8L2VIa/zOyJJHdFd7
dL8Qwmap9UyYDsgxG5W2wXrk5eWx6a393Ess2iZF5r3nFSng5j//ko4oX63C4aSe
hFJaThSmdpU9/0JTS4lnL8Z0dTBWx3I/rbtc/PWPbs+CV4A5DRed9aCO0rmoBZC3
tH0bRuf9WbLH3/PrZQ==
-----END CERTIFICATE-----
Generated at Wed May 13 20:17:19 2026 by rpki-client