Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/zILOZIvZGfymJOnKWMbUVsntrzI.roa
File: zILOZIvZGfymJOnKWMbUVsntrzI.roa (raw, json)
Hash identifier: yO4K1QFesyFzgscNFpWaH+aTmSdTBYuOLpB3P0VZWrQ=
Subject key identifier: CC:82:CE:64:8B:D9:19:FC:A6:24:E9:CA:58:C6:D4:56:C9:ED:AF:32
Certificate issuer: /CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Certificate serial: 019D264F3B3B64E0C451FBCC88EAC2390417
Authority key identifier: 5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/zILOZIvZGfymJOnKWMbUVsntrzI.roa
Signing time: Wed 25 Mar 2026 18:43:39 +0000
ROA not before: Wed 25 Mar 2026 18:43:39 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39386
IP address blocks: 37.224.192.0/24 maxlen: 24
84.235.0.0/17 maxlen: 17
84.235.0.0/24 maxlen: 24
84.235.14.0/24 maxlen: 24
84.235.56.0/23 maxlen: 23
84.235.95.0/24 maxlen: 24
84.235.108.0/24 maxlen: 24
84.235.109.0/24 maxlen: 24
84.235.110.0/24 maxlen: 24
84.235.111.0/24 maxlen: 24
84.235.120.0/22 maxlen: 22
178.86.50.0/24 maxlen: 24
193.19.244.0/24 maxlen: 24
212.118.154.0/24 maxlen: 24
2001:16a0::/29 maxlen: 29
2001:16a0:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 03:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:26:4f:3b:3b:64:e0:c4:51:fb:cc:88:ea:c2:39:04:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e1bf6a319da2489816aedba1b4fd0cc7ddf3e1e
Validity
Not Before: Mar 25 18:43:39 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cc82ce648bd919fca624e9ca58c6d456c9edaf32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:f8:d4:86:b6:0e:b0:2a:45:e6:01:8d:2c:08:
b6:21:b2:e9:ff:76:28:39:04:34:8c:42:d4:dc:72:
91:bb:47:80:9a:c6:49:07:00:27:4e:d5:c5:79:75:
08:ba:8a:da:5e:1c:6e:bc:c9:49:5b:6a:4a:eb:33:
20:ad:df:cb:a9:b4:0e:6c:b0:fc:ae:28:b4:25:9b:
60:1c:1c:f3:eb:06:d3:f7:05:54:80:0c:4a:ae:82:
a0:3d:e6:44:f7:b2:ba:d6:23:7f:48:6a:9a:c5:95:
1e:33:11:5e:b0:5f:4c:6a:28:0e:a0:b7:24:14:e1:
e0:f4:a5:90:54:31:0e:18:2c:ee:e2:2b:26:2a:55:
17:93:0f:0e:c5:80:89:4a:da:91:f5:5c:a0:40:62:
60:0b:32:bb:08:af:d9:18:04:bc:2e:f6:b6:7c:16:
8d:60:24:6f:5d:78:0e:e3:12:cc:d2:16:02:62:99:
5f:66:3c:a8:15:34:e2:e0:28:12:ce:7a:4a:69:09:
d7:62:33:e3:e4:5e:a4:aa:14:c8:c4:28:11:cf:bb:
7e:4e:23:4f:aa:97:2a:76:6d:6a:22:0a:2e:70:73:
62:4d:f0:ba:0e:11:c6:98:e0:04:3e:cd:1c:46:4d:
2e:89:b4:a9:dc:70:6e:e2:db:ce:88:dd:61:53:70:
33:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:82:CE:64:8B:D9:19:FC:A6:24:E9:CA:58:C6:D4:56:C9:ED:AF:32
X509v3 Authority Key Identifier:
keyid:5E:1B:F6:A3:19:DA:24:89:81:6A:ED:BA:1B:4F:D0:CC:7D:DF:3E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xhv2oxnaJImBau26G0_QzH3fPh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/zILOZIvZGfymJOnKWMbUVsntrzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/88fdd1-8b7b-4101-ac66-b590957d9415/1/Xhv2oxnaJImBau26G0_QzH3fPh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.224.192.0/24
84.235.0.0/17
178.86.50.0/24
193.19.244.0/24
212.118.154.0/24
IPv6:
2001:16a0::/29
Signature Algorithm: sha256WithRSAEncryption
a0:c2:65:88:0c:9d:1d:d2:a2:d4:66:59:b9:38:ae:18:0f:e3:
72:1d:f4:68:ac:37:13:34:31:63:71:4b:cf:5e:d8:3d:dc:11:
90:d5:14:04:ce:08:e6:a6:de:0c:73:67:39:89:a4:f0:07:58:
8d:98:d8:6e:eb:bc:c3:58:17:54:35:16:51:6a:d1:16:0c:8e:
58:6a:93:29:24:6a:4d:b7:7d:1b:1e:15:4e:e2:79:b5:22:ce:
10:30:2f:41:2a:10:62:85:66:d9:5e:f8:e1:d7:80:6c:ed:39:
0c:e7:59:4a:45:dd:00:81:98:15:f4:b2:b4:7d:01:08:3f:26:
77:2d:e9:81:b4:29:29:da:6f:a2:10:13:ae:fe:1f:2f:49:a9:
cc:e4:f3:3c:53:2c:7c:9c:ee:01:1a:17:e3:de:c3:97:2b:3a:
cd:b8:7f:f0:bd:89:cb:3a:f2:3d:2b:1a:98:c3:cb:da:c7:48:
50:2c:19:e9:08:31:41:c2:9a:f5:8d:7f:9d:d0:50:a6:c5:e1:
08:4e:1d:64:91:d8:94:5d:4d:3c:19:6f:22:45:af:17:e4:b9:
55:33:13:84:3b:6f:c0:9b:72:c5:91:5d:6b:f1:b1:e9:3a:5e:
b7:19:1d:9e:51:29:59:27:c5:89:9e:57:6c:44:a2:f7:5a:33:
13:57:52:7c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZ0mTzs7ZODEUfvMiOrCOQQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMWJmNmEzMTlkYTI0ODk4MTZhZWRiYTFiNGZkMGNjN2Rk
ZjNlMWUwHhcNMjYwMzI1MTg0MzM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzgyY2U2NDhiZDkxOWZjYTYyNGU5Y2E1OGM2ZDQ1NmM5ZWRhZjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPjUhrYOsCpF5gGNLAi2IbLp/3Yo
OQQ0jELU3HKRu0eAmsZJBwAnTtXFeXUIuoraXhxuvMlJW2pK6zMgrd/LqbQObLD8
rii0JZtgHBzz6wbT9wVUgAxKroKgPeZE97K61iN/SGqaxZUeMxFesF9MaigOoLck
FOHg9KWQVDEOGCzu4ismKlUXkw8OxYCJStqR9VygQGJgCzK7CK/ZGAS8Lva2fBaN
YCRvXXgO4xLM0hYCYplfZjyoFTTi4CgSznpKaQnXYjPj5F6kqhTIxCgRz7t+TiNP
qpcqdm1qIgoucHNiTfC6DhHGmOAEPs0cRk0uibSp3HBu4tvOiN1hU3AzBQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMyCzmSL2Rn8piTpyljG1FbJ7a8yMB8GA1UdIwQY
MBaAFF4b9qMZ2iSJgWrtuhtP0Mx93z4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYt
YjU5MDk1N2Q5NDE1LzEveklMT1pJdlpHZnltSk9uS1dNYlVWc250cnpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi84OGZkZDEtOGI3Yi00MTAxLWFjNjYtYjU5MDk1N2Q5NDE1
LzEvWGh2Mm94bmFKSW1CYXUyNkcwX1F6SDNmUGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAJeDAAwQH
VOsAAwQAslYyAwQAwRP0AwQA1HaaMA0EAgACMAcDBQMgARagMA0GCSqGSIb3DQEB
CwUAA4IBAQCgwmWIDJ0d0qLUZlm5OK4YD+NyHfRorDcTNDFjcUvPXtg93BGQ1RQE
zgjmpt4Mc2c5iaTwB1iNmNhu67zDWBdUNRZRatEWDI5YapMpJGpNt30bHhVO4nm1
Is4QMC9BKhBihWbZXvjh14Bs7TkM51lKRd0AgZgV9LK0fQEIPyZ3LemBtCkp2m+i
EBOu/h8vSanM5PM8Uyx8nO4BGhfj3sOXKzrNuH/wvYnLOvI9KxqYw8vax0hQLBnp
CDFBwpr1jX+d0FCmxeEITh1kkdiUXU08GW8iRa8X5LlVMxOEO2/Am3LFkV1r8bHp
Ol63GR2eUSlZJ8WJnldsRKL3WjMTV1J8
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:03:18 2026 by rpki-client