Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/AXoZHUW26vXOR2LyRAx6VrTRH_I.roa
File: AXoZHUW26vXOR2LyRAx6VrTRH_I.roa (raw, json)
Hash identifier: Ue79szgYBfSFiFIo+WhzLR9zMH7i+v0YgKPyWDmKeVQ=
Subject key identifier: 01:7A:19:1D:45:B6:EA:F5:CE:47:62:F2:44:0C:7A:56:B4:D1:1F:F2
Certificate issuer: /CN=df895a3ee2211b6ee2df7202f09a426680d66269
Certificate serial: 019C9E29D255621A551C1CECE12CE1729EFC
Authority key identifier: DF:89:5A:3E:E2:21:1B:6E:E2:DF:72:02:F0:9A:42:66:80:D6:62:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34laPuIhG27i33IC8JpCZoDWYmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/AXoZHUW26vXOR2LyRAx6VrTRH_I.roa
Signing time: Fri 27 Feb 2026 08:14:26 +0000
ROA not before: Fri 27 Feb 2026 08:14:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216300
IP address blocks: 77.105.128.0/24 maxlen: 24
77.105.129.0/24 maxlen: 24
77.105.130.0/24 maxlen: 24
77.105.132.0/24 maxlen: 24
77.105.134.0/24 maxlen: 24
77.105.135.0/24 maxlen: 24
77.105.160.0/24 maxlen: 24
77.105.164.0/24 maxlen: 24
185.225.202.0/24 maxlen: 24
185.225.203.0/24 maxlen: 24
194.50.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/34laPuIhG27i33IC8JpCZoDWYmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/34laPuIhG27i33IC8JpCZoDWYmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/34laPuIhG27i33IC8JpCZoDWYmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9e:29:d2:55:62:1a:55:1c:1c:ec:e1:2c:e1:72:9e:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df895a3ee2211b6ee2df7202f09a426680d66269
Validity
Not Before: Feb 27 08:14:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=017a191d45b6eaf5ce4762f2440c7a56b4d11ff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b2:01:14:d2:10:5d:8e:1f:68:ab:65:be:b0:
8f:ad:10:14:1b:ee:a4:fd:74:31:81:df:0d:3c:92:
22:2c:6a:88:9a:b9:27:5f:4d:81:0e:b8:0d:7d:d5:
6b:05:f0:7e:26:bf:65:b0:19:d7:30:c6:d1:b5:93:
c4:46:b9:97:0d:5d:20:73:d8:ca:6c:56:5c:d7:bc:
38:ab:e2:c0:39:ee:91:ca:b4:dc:3e:3c:5f:cd:80:
c9:c2:96:27:a3:b1:13:66:b6:3c:b2:e4:4d:bf:56:
59:db:87:1a:cc:89:c5:5d:9c:80:d5:2c:f7:41:26:
18:a1:f8:af:c6:d0:40:c8:c3:8f:cd:4d:ce:b1:31:
73:a5:c8:81:1d:9c:b1:1f:25:80:9f:05:45:b9:a1:
5e:0b:ef:a6:ee:3c:67:ff:77:fe:f2:28:bd:5a:9b:
b9:ac:93:2e:9e:01:58:08:d2:89:fb:db:58:7f:a1:
7b:12:2c:77:4b:5d:9e:62:c0:a2:bf:90:b6:81:aa:
b8:07:b2:00:7d:ff:bc:4a:22:02:83:1d:ec:80:cf:
37:02:1c:ba:dd:47:c3:27:6b:9f:c4:d6:34:63:1b:
14:d1:91:1d:30:b1:2c:aa:42:a2:27:af:7e:12:9f:
44:d7:f9:b2:06:f4:f3:da:b9:3c:6a:0b:88:35:c1:
1d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:7A:19:1D:45:B6:EA:F5:CE:47:62:F2:44:0C:7A:56:B4:D1:1F:F2
X509v3 Authority Key Identifier:
keyid:DF:89:5A:3E:E2:21:1B:6E:E2:DF:72:02:F0:9A:42:66:80:D6:62:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34laPuIhG27i33IC8JpCZoDWYmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/AXoZHUW26vXOR2LyRAx6VrTRH_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/34laPuIhG27i33IC8JpCZoDWYmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.128.0-77.105.130.255
77.105.132.0/24
77.105.134.0/23
77.105.160.0/24
77.105.164.0/24
185.225.202.0/23
194.50.153.0/24
Signature Algorithm: sha256WithRSAEncryption
10:9b:ff:85:73:41:08:f6:7c:69:da:26:47:22:a6:b8:6a:a4:
f8:78:13:d1:41:58:9d:c9:df:b9:e6:0f:af:bc:c8:24:91:4d:
eb:3b:db:f8:4c:23:0e:ad:f8:8a:c2:d8:b4:c7:01:76:e1:ae:
fb:9b:61:fe:f6:47:72:ee:0f:6b:5f:eb:97:8b:26:ed:03:43:
03:a5:c5:ac:c7:eb:ce:2f:45:43:01:2b:2b:4c:e7:cb:67:cb:
94:42:5a:72:97:27:54:22:9c:36:5b:e0:1b:db:1c:a7:bb:56:
12:a5:b5:13:9e:dc:5e:32:5a:6c:2b:8d:63:bd:cd:6b:61:9a:
f4:ba:d9:a7:c0:73:5f:98:66:4e:50:bf:9a:24:97:63:f9:f7:
fa:4c:e6:ed:54:54:4c:a9:6f:c2:c0:87:b1:d2:63:ee:63:d8:
1b:e4:e1:1a:e8:b6:7a:3d:a5:05:65:39:11:32:b7:60:67:a2:
ce:0e:df:41:db:b9:1c:20:24:df:dd:63:de:e3:22:ab:1d:19:
90:57:7a:69:b4:60:a3:df:41:7d:98:cf:46:c9:d9:41:15:48:
92:fe:ec:0a:9d:80:d6:34:c6:3c:23:1c:41:26:23:2f:de:e7:
c8:bb:f6:0a:04:cf:a3:59:32:1c:4a:75:84:d1:1b:b9:8a:44:
eb:01:8f:8f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZyeKdJVYhpVHBzs4Szhcp78MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmODk1YTNlZTIyMTFiNmVlMmRmNzIwMmYwOWE0MjY2ODBk
NjYyNjkwHhcNMjYwMjI3MDgxNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTdhMTkxZDQ1YjZlYWY1Y2U0NzYyZjI0NDBjN2E1NmI0ZDExZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrIBFNIQXY4faKtlvrCPrRAUG+6k
/XQxgd8NPJIiLGqImrknX02BDrgNfdVrBfB+Jr9lsBnXMMbRtZPERrmXDV0gc9jK
bFZc17w4q+LAOe6RyrTcPjxfzYDJwpYno7ETZrY8suRNv1ZZ24cazInFXZyA1Sz3
QSYYofivxtBAyMOPzU3OsTFzpciBHZyxHyWAnwVFuaFeC++m7jxn/3f+8ii9Wpu5
rJMungFYCNKJ+9tYf6F7Eix3S12eYsCiv5C2gaq4B7IAff+8SiICgx3sgM83Ahy6
3UfDJ2ufxNY0YxsU0ZEdMLEsqkKiJ69+Ep9E1/myBvTz2rk8aguINcEdtQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAF6GR1Ftur1zkdi8kQMela00R/yMB8GA1UdIwQY
MBaAFN+JWj7iIRtu4t9yAvCaQmaA1mJpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzRsYVB1SWhHMjdpMzNJQzhKcENab0RXWW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8xYTcyYTctMjc3ZC00NGY1LTg3ZGUt
NzBiMmViZDUxNDM4LzEvQVhvWkhVVzI2dlhPUjJMeVJBeDZWclRSSF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8xYTcyYTctMjc3ZC00NGY1LTg3ZGUtNzBiMmViZDUxNDM4
LzEvMzRsYVB1SWhHMjdpMzNJQzhKcENab0RXWW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAdNaYAD
BABNaYIDBABNaYQDBAFNaYYDBABNaaADBABNaaQDBAG54coDBADCMpkwDQYJKoZI
hvcNAQELBQADggEBABCb/4VzQQj2fGnaJkciprhqpPh4E9FBWJ3J37nmD6+8yCSR
Tes72/hMIw6t+IrC2LTHAXbhrvubYf72R3LuD2tf65eLJu0DQwOlxazH684vRUMB
KytM58tny5RCWnKXJ1QinDZb4BvbHKe7VhKltROe3F4yWmwrjWO9zWthmvS62afA
c1+YZk5Qv5okl2P59/pM5u1UVEypb8LAh7HSY+5j2Bvk4Rrotno9pQVlOREyt2Bn
os4O30HbuRwgJN/dY97jIqsdGZBXemm0YKPfQX2Yz0bJ2UEVSJL+7AqdgNY0xjwj
HEEmIy/e58i79goEz6NZMhxKdYTRG7mKROsBj48=
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:09:55 2026 by rpki-client