Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/b081e3-8096-4318-beda-825526d607c7/1/rZt-gRYB_VT6dIk9StzZ2Gm63t0.roa
File: rZt-gRYB_VT6dIk9StzZ2Gm63t0.roa (raw, json)
Hash identifier: Calm3AK+uP+/fxUV++NGXZPUSUIj2wsCu9YGBXIQfNk=
Subject key identifier: AD:9B:7E:81:16:01:FD:54:FA:74:89:3D:4A:DC:D9:D8:69:BA:DE:DD
Certificate issuer: /CN=e857fab761632db3be781a5b9b48557089efd950
Certificate serial: 019B7F156DD15375319120EDCDA388158294
Authority key identifier: E8:57:FA:B7:61:63:2D:B3:BE:78:1A:5B:9B:48:55:70:89:EF:D9:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Ff6t2FjLbO-eBpbm0hVcInv2VA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/b081e3-8096-4318-beda-825526d607c7/1/rZt-gRYB_VT6dIk9StzZ2Gm63t0.roa
Signing time: Fri 02 Jan 2026 14:21:09 +0000
ROA not before: Fri 02 Jan 2026 14:21:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35629
IP address blocks: 185.133.228.0/24 maxlen: 24
185.133.229.0/24 maxlen: 24
185.133.230.0/24 maxlen: 24
185.133.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/b081e3-8096-4318-beda-825526d607c7/1/6Ff6t2FjLbO-eBpbm0hVcInv2VA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/b081e3-8096-4318-beda-825526d607c7/1/6Ff6t2FjLbO-eBpbm0hVcInv2VA.mft
rsync://rpki.ripe.net/repository/DEFAULT/6Ff6t2FjLbO-eBpbm0hVcInv2VA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 17:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:15:6d:d1:53:75:31:91:20:ed:cd:a3:88:15:82:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e857fab761632db3be781a5b9b48557089efd950
Validity
Not Before: Jan 2 14:21:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ad9b7e811601fd54fa74893d4adcd9d869badedd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:11:b6:d3:14:e8:91:1d:5e:5b:50:d0:75:2d:
a0:cf:f0:23:ef:c0:f9:48:41:5f:86:9d:dd:a1:50:
b8:aa:07:6a:06:e8:1b:b1:a4:12:ac:62:cf:58:fd:
e0:86:6e:34:13:ab:04:a0:1c:84:b9:2c:91:04:30:
73:8b:6d:14:2f:f3:5a:b9:00:de:47:76:7f:7d:23:
d2:c0:e6:8e:5b:b9:83:66:ef:1e:f2:47:e6:56:a7:
1d:3b:dc:3a:f3:6c:2d:12:29:15:58:74:14:36:dc:
49:24:38:c4:dd:8e:56:48:2b:bc:9d:a3:89:92:9c:
a9:0a:5e:24:5b:e9:2a:54:00:91:63:aa:2c:a6:b8:
1d:a2:91:f0:e3:e4:52:2f:3d:09:e1:1d:57:e8:9d:
0a:b8:3d:e3:41:9e:00:29:7d:5a:2c:3e:36:2d:83:
02:c3:a8:ea:3e:7d:ac:7f:3d:55:c9:50:d8:94:16:
c0:89:73:25:5b:63:2b:5f:b3:d1:5c:5c:0d:4a:ce:
c7:05:f6:d4:b4:64:34:12:17:24:d6:1b:13:f6:0d:
ba:81:f3:fb:9c:92:24:88:24:2a:12:de:d6:71:b6:
4d:5e:32:92:48:79:bc:47:aa:61:d7:59:75:7b:28:
6e:a6:37:54:d3:31:58:9b:2b:6a:9f:ee:0d:94:ea:
bb:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:9B:7E:81:16:01:FD:54:FA:74:89:3D:4A:DC:D9:D8:69:BA:DE:DD
X509v3 Authority Key Identifier:
keyid:E8:57:FA:B7:61:63:2D:B3:BE:78:1A:5B:9B:48:55:70:89:EF:D9:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Ff6t2FjLbO-eBpbm0hVcInv2VA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b081e3-8096-4318-beda-825526d607c7/1/rZt-gRYB_VT6dIk9StzZ2Gm63t0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/b081e3-8096-4318-beda-825526d607c7/1/6Ff6t2FjLbO-eBpbm0hVcInv2VA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.228.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:da:61:81:30:2b:33:14:57:bc:e6:a5:8c:9a:70:9e:09:2d:
26:da:af:6d:7f:0b:22:71:b0:51:9f:fe:2a:f4:43:66:2e:25:
ef:18:f7:55:33:9a:4b:a7:d7:60:b4:3c:dc:9f:23:5b:ba:1a:
5e:df:97:b9:7d:bd:fb:9c:10:be:28:3f:a2:39:bb:3b:5f:dd:
50:1b:73:bb:82:cc:40:36:98:73:8d:5f:56:ee:8b:9d:f7:6f:
96:e5:99:db:69:65:8b:fe:6b:ae:de:2c:1d:1b:67:7b:c7:79:
c0:86:55:ae:d7:ae:0e:06:29:ca:cf:16:b3:81:cc:7d:05:81:
e1:3a:12:14:63:b8:b5:16:af:65:a9:38:7d:81:b8:b0:25:8b:
46:57:0e:fc:c6:0a:93:ec:f2:fb:c2:f4:37:82:95:d0:15:b5:
fd:df:07:a7:3e:36:5b:78:b2:71:88:e0:0f:54:93:71:75:3b:
0c:9d:85:00:2e:84:40:d5:13:d8:6f:90:22:e2:09:ee:3a:10:
6b:9b:99:79:13:63:0b:66:70:50:5d:d0:af:1b:ab:9a:14:1b:
6f:e0:a3:38:1a:da:c4:8d:cd:2f:31:8a:1a:bb:2b:8c:42:7d:
66:4d:62:5f:0a:a4:ca:8e:f3:60:ec:f5:41:44:70:f3:94:ca:
d5:c8:ca:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/FW3RU3UxkSDtzaOIFYKUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NTdmYWI3NjE2MzJkYjNiZTc4MWE1YjliNDg1NTcwODll
ZmQ5NTAwHhcNMjYwMTAyMTQyMTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDliN2U4MTE2MDFmZDU0ZmE3NDg5M2Q0YWRjZDlkODY5YmFkZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4xG20xTokR1eW1DQdS2gz/Aj78D5
SEFfhp3doVC4qgdqBugbsaQSrGLPWP3ghm40E6sEoByEuSyRBDBzi20UL/NauQDe
R3Z/fSPSwOaOW7mDZu8e8kfmVqcdO9w682wtEikVWHQUNtxJJDjE3Y5WSCu8naOJ
kpypCl4kW+kqVACRY6osprgdopHw4+RSLz0J4R1X6J0KuD3jQZ4AKX1aLD42LYMC
w6jqPn2sfz1VyVDYlBbAiXMlW2MrX7PRXFwNSs7HBfbUtGQ0Ehck1hsT9g26gfP7
nJIkiCQqEt7WcbZNXjKSSHm8R6ph11l1eyhupjdU0zFYmytqn+4NlOq7aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK2bfoEWAf1U+nSJPUrc2dhput7dMB8GA1UdIwQY
MBaAFOhX+rdhYy2zvngaW5tIVXCJ79lQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkZmNnQyRmpMYk8tZUJwYm0waFZjSW52MlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9iMDgxZTMtODA5Ni00MzE4LWJlZGEt
ODI1NTI2ZDYwN2M3LzEvclp0LWdSWUJfVlQ2ZElrOVN0eloyR202M3QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9iMDgxZTMtODA5Ni00MzE4LWJlZGEtODI1NTI2ZDYwN2M3
LzEvNkZmNnQyRmpMYk8tZUJwYm0waFZjSW52MlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYXkMA0G
CSqGSIb3DQEBCwUAA4IBAQB92mGBMCszFFe85qWMmnCeCS0m2q9tfwsicbBRn/4q
9ENmLiXvGPdVM5pLp9dgtDzcnyNbuhpe35e5fb37nBC+KD+iObs7X91QG3O7gsxA
NphzjV9W7oud92+W5ZnbaWWL/muu3iwdG2d7x3nAhlWu164OBinKzxazgcx9BYHh
OhIUY7i1Fq9lqTh9gbiwJYtGVw78xgqT7PL7wvQ3gpXQFbX93wenPjZbeLJxiOAP
VJNxdTsMnYUALoRA1RPYb5Ai4gnuOhBrm5l5E2MLZnBQXdCvG6uaFBtv4KM4GtrE
jc0vMYoauyuMQn1mTWJfCqTKjvNg7PVBRHDzlMrVyMr3
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:38:43 2026 by rpki-client