Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/rBr9G__yg--ybJi7KjL0Na3qRHA.roa
File: rBr9G__yg--ybJi7KjL0Na3qRHA.roa (raw, json)
Hash identifier: ItHH13EhHo4OE288cMXg6GiOrDY96SUMCagz0YFt5LI=
Subject key identifier: AC:1A:FD:1B:FF:F2:83:EF:B2:6C:98:BB:2A:32:F4:35:AD:EA:44:70
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 019A24FC42670CA4B87996F01CC7BDAFF696
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/rBr9G__yg--ybJi7KjL0Na3qRHA.roa
Signing time: Mon 27 Oct 2025 09:25:03 +0000
ROA not before: Mon 27 Oct 2025 09:25:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206070
IP address blocks: 77.36.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:fc:42:67:0c:a4:b8:79:96:f0:1c:c7:bd:af:f6:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Oct 27 09:25:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac1afd1bfff283efb26c98bb2a32f435adea4470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:2d:0f:20:da:1e:87:b9:a9:dd:22:5d:10:4e:
69:d0:e5:46:0b:f9:52:53:07:9c:c4:ea:6b:b0:4d:
fb:54:00:78:5a:be:01:34:dd:92:05:fb:b8:62:78:
5a:2f:8c:1e:8d:5d:2f:dc:f4:d2:6a:3c:9a:32:c1:
3c:82:01:5e:ca:90:db:e9:60:38:3e:4f:16:52:fe:
0e:9a:db:b2:d4:3a:b2:da:7d:bc:c9:2c:33:dd:7b:
5e:b6:3f:90:23:02:d8:cb:7c:60:3a:f2:86:b4:2f:
aa:fe:f7:fa:27:11:42:9d:c0:c6:f2:0d:e7:0a:6d:
99:a8:1d:1c:39:8b:5c:a6:41:21:bf:e9:cb:94:0a:
f0:d1:22:3b:c7:03:32:3c:99:29:35:be:44:ce:5d:
70:48:87:0b:e8:47:be:a8:68:03:22:87:6c:83:cf:
3f:e3:81:25:4a:bf:1b:36:a3:17:df:8b:4e:5e:3e:
cf:fd:dd:10:4d:85:11:2b:0b:76:5a:c8:3b:1c:6c:
4e:dc:80:6d:6a:b9:7a:c0:56:f1:95:89:93:5e:10:
e3:85:fd:94:82:a9:0e:dc:e5:2a:dc:70:bd:79:b3:
56:27:55:50:b9:d2:9a:9a:73:ac:d3:14:2f:83:6a:
15:5e:16:fc:36:26:96:23:47:0e:5e:8f:99:bd:16:
43:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:1A:FD:1B:FF:F2:83:EF:B2:6C:98:BB:2A:32:F4:35:AD:EA:44:70
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/rBr9G__yg--ybJi7KjL0Na3qRHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.36.63.0/24
Signature Algorithm: sha256WithRSAEncryption
72:8c:d3:3a:93:5b:7c:61:aa:4c:2b:01:56:eb:02:54:2e:91:
a1:fe:7d:f8:66:40:b5:a1:0f:5c:65:cd:29:4d:9a:b6:ef:9f:
12:ab:fe:af:d0:45:0b:7c:73:dd:62:7c:57:ba:35:c8:cc:1a:
85:15:7a:b6:24:45:0d:ad:b8:1a:70:8b:cd:e5:78:35:da:5b:
90:de:50:de:ef:9a:b8:04:43:3b:d0:e0:2d:3c:2e:4e:e4:0b:
15:c3:da:14:74:7b:f3:1b:19:50:63:eb:cd:a6:46:95:fc:05:
a9:0e:0e:6d:7f:1e:8c:30:ee:62:4a:ec:ca:0f:de:8e:e6:d0:
ef:e7:ca:3d:89:8e:b6:69:bc:f3:e2:59:da:5e:b4:29:71:50:
e1:da:1a:0e:0f:a2:59:a4:a8:ab:4c:47:e2:21:59:7e:66:e6:
76:90:47:8c:d5:10:91:a8:ff:9f:b1:f6:82:68:04:a1:2e:fa:
15:76:57:2b:b3:97:2c:ad:ca:7e:d1:19:03:29:aa:73:3c:b5:
12:06:b4:e2:96:97:52:34:ca:d6:99:18:7c:dd:29:af:3e:be:
cf:57:a2:e7:b5:67:8c:84:b2:f1:c0:65:57:03:a2:be:28:93:
13:cd:61:b7:f5:94:9b:84:ca:5e:73:97:6d:3f:e8:bc:34:44:
6c:0c:99:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZok/EJnDKS4eZbwHMe9r/aWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUxMDI3MDkyNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzFhZmQxYmZmZjI4M2VmYjI2Yzk4YmIyYTMyZjQzNWFkZWE0NDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnC0PINoeh7mp3SJdEE5p0OVGC/lS
UwecxOprsE37VAB4Wr4BNN2SBfu4YnhaL4wejV0v3PTSajyaMsE8ggFeypDb6WA4
Pk8WUv4Omtuy1Dqy2n28ySwz3Xtetj+QIwLYy3xgOvKGtC+q/vf6JxFCncDG8g3n
Cm2ZqB0cOYtcpkEhv+nLlArw0SI7xwMyPJkpNb5Ezl1wSIcL6Ee+qGgDIodsg88/
44ElSr8bNqMX34tOXj7P/d0QTYURKwt2Wsg7HGxO3IBtarl6wFbxlYmTXhDjhf2U
gqkO3OUq3HC9ebNWJ1VQudKamnOs0xQvg2oVXhb8NiaWI0cOXo+ZvRZDKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKwa/Rv/8oPvsmyYuyoy9DWt6kRwMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvckJyOUdfX3lnLS15YkppN0tqTDBOYTNxUkhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATSQ/MA0G
CSqGSIb3DQEBCwUAA4IBAQByjNM6k1t8YapMKwFW6wJULpGh/n34ZkC1oQ9cZc0p
TZq2758Sq/6v0EULfHPdYnxXujXIzBqFFXq2JEUNrbgacIvN5Xg12luQ3lDe75q4
BEM70OAtPC5O5AsVw9oUdHvzGxlQY+vNpkaV/AWpDg5tfx6MMO5iSuzKD96O5tDv
58o9iY62abzz4lnaXrQpcVDh2hoOD6JZpKirTEfiIVl+ZuZ2kEeM1RCRqP+fsfaC
aAShLvoVdlcrs5csrcp+0RkDKapzPLUSBrTilpdSNMrWmRh83SmvPr7PV6LntWeM
hLLxwGVXA6K+KJMTzWG39ZSbhMpec5dtP+i8NERsDJnM
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:31:11 2025 by rpki-client