Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/gEqYhjJrIJDEQXv52j_YwdeH2IU.roa
File: gEqYhjJrIJDEQXv52j_YwdeH2IU.roa (raw, json)
Hash identifier: /OgECqIoehhH22b7Fv3Zk/vSY5BPiiGICCDv4L+0W8w=
Subject key identifier: 80:4A:98:86:32:6B:20:90:C4:41:7B:F9:DA:3F:D8:C1:D7:87:D8:85
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019D70BBFA06C0475C2A7BF43450026478C2
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/gEqYhjJrIJDEQXv52j_YwdeH2IU.roa
Signing time: Thu 09 Apr 2026 05:34:20 +0000
ROA not before: Thu 09 Apr 2026 05:34:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 7029
IP address blocks: 77.105.22.0/24 maxlen: 24
109.121.0.0/19 maxlen: 24
109.121.40.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
178.219.14.0/24 maxlen: 24
178.253.237.0/24 maxlen: 24
212.69.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 14:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:70:bb:fa:06:c0:47:5c:2a:7b:f4:34:50:02:64:78:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Apr 9 05:34:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=804a9886326b2090c4417bf9da3fd8c1d787d885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:dd:89:8a:72:de:c6:7b:b1:a7:0b:17:d5:03:
10:ee:90:c1:61:8f:7e:b6:ec:9b:05:67:70:79:a2:
1c:06:5c:cd:8d:05:72:6f:3a:55:c4:f8:0c:b8:d8:
cc:f0:5c:cf:32:d3:c4:13:47:96:82:08:59:9a:2a:
89:02:32:a9:e0:11:1f:6e:ca:32:d3:53:b6:c4:93:
3c:44:68:cd:51:a6:77:5d:0c:ce:9e:65:62:9a:5f:
ec:fc:ff:f8:53:a5:da:cf:42:d8:23:4f:ef:a4:14:
53:d7:ea:a7:1f:0e:6e:35:2d:08:bb:07:06:9d:b4:
97:ff:92:a2:58:f7:1c:20:53:27:70:1a:4b:c1:8e:
93:09:0b:01:04:f5:c3:92:49:c3:af:c3:3c:ab:5d:
bd:6c:81:e6:2d:ab:08:bb:a7:03:43:82:4b:c9:de:
2a:d4:7e:d8:10:13:e8:6c:69:c2:b7:0c:6d:e3:fd:
0f:19:9f:e0:7d:3e:43:69:7e:88:a7:3d:d8:14:89:
3c:44:3d:f9:b3:e9:31:d1:a1:b4:ce:32:20:82:c9:
32:25:58:14:9d:e2:d6:64:e1:0c:67:79:16:66:5e:
76:9a:bc:c9:0f:33:18:e1:7e:0e:34:56:5b:bd:71:
5c:52:17:8d:3d:74:f3:f0:67:7b:16:4c:6d:b3:56:
bd:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:4A:98:86:32:6B:20:90:C4:41:7B:F9:DA:3F:D8:C1:D7:87:D8:85
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/gEqYhjJrIJDEQXv52j_YwdeH2IU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.22.0/24
109.121.0.0/19
109.121.40.0/24
109.121.43.0/24
109.233.184.0/23
178.219.14.0/24
178.253.237.0/24
212.69.0.0/24
Signature Algorithm: sha256WithRSAEncryption
19:ce:5d:bc:0a:1e:9f:a6:7b:9b:51:05:cd:73:a4:68:8f:41:
c8:97:b1:48:3f:ad:a2:9d:dc:4e:d6:e7:65:2a:1e:6f:1a:cc:
4d:19:45:ec:e8:db:39:c5:2e:0d:32:e1:d3:f4:bd:6a:1e:37:
b1:54:e5:d8:c6:47:13:68:6e:db:ab:f0:90:d5:42:1d:13:c6:
19:6a:7b:92:d4:fc:06:71:94:9a:a0:16:bb:e5:dc:e4:fc:56:
ad:4c:e3:b0:be:c6:6d:af:80:bd:5a:f5:5a:63:b1:94:36:7f:
a9:0f:32:27:66:1b:c1:ff:4e:d6:01:c1:e4:84:07:82:98:7a:
b3:97:70:e3:95:22:45:db:1d:4d:70:e8:01:77:c3:c7:4d:91:
d3:dd:0b:8b:55:13:58:2e:77:a6:89:a5:c5:01:52:15:1d:e9:
97:3f:f6:2e:c6:c2:b0:6b:8f:36:c0:0e:a4:96:e7:58:39:1c:
8e:8a:3a:65:bb:8c:f1:3f:dc:a2:e3:41:f6:f3:a0:1a:81:9e:
a0:a4:5f:1b:81:53:1e:23:91:1c:d6:bf:fd:3e:8f:59:44:31:
0a:1c:c8:77:9f:12:8d:46:d5:98:6a:68:f7:33:25:32:91:6d:
d0:0d:d6:56:32:36:45:10:6b:be:8e:63:39:af:48:a3:d4:d1:
b4:79:74:46
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ1wu/oGwEdcKnv0NFACZHjCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjYwNDA5MDUzNDIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDRhOTg4NjMyNmIyMDkwYzQ0MTdiZjlkYTNmZDhjMWQ3ODdkODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAst2JinLexnuxpwsX1QMQ7pDBYY9+
tuybBWdweaIcBlzNjQVybzpVxPgMuNjM8FzPMtPEE0eWgghZmiqJAjKp4BEfbsoy
01O2xJM8RGjNUaZ3XQzOnmViml/s/P/4U6Xaz0LYI0/vpBRT1+qnHw5uNS0IuwcG
nbSX/5KiWPccIFMncBpLwY6TCQsBBPXDkknDr8M8q129bIHmLasIu6cDQ4JLyd4q
1H7YEBPobGnCtwxt4/0PGZ/gfT5DaX6Ipz3YFIk8RD35s+kx0aG0zjIggskyJVgU
neLWZOEMZ3kWZl52mrzJDzMY4X4ONFZbvXFcUheNPXTz8Gd7Fkxts1a9gQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFIBKmIYyayCQxEF7+do/2MHXh9iFMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvZ0VxWWhqSnJJSkRFUVh2NTJqX1l3ZGVIMklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQATWkWAwQF
bXkAAwQAbXkoAwQAbXkrAwQBbem4AwQAstsOAwQAsv3tAwQA1EUAMA0GCSqGSIb3
DQEBCwUAA4IBAQAZzl28Ch6fpnubUQXNc6Roj0HIl7FIP62indxO1udlKh5vGsxN
GUXs6Ns5xS4NMuHT9L1qHjexVOXYxkcTaG7bq/CQ1UIdE8YZanuS1PwGcZSaoBa7
5dzk/FatTOOwvsZtr4C9WvVaY7GUNn+pDzInZhvB/07WAcHkhAeCmHqzl3DjlSJF
2x1NcOgBd8PHTZHT3QuLVRNYLnemiaXFAVIVHemXP/YuxsKwa482wA6kludYORyO
ijplu4zxP9yi40H286AagZ6gpF8bgVMeI5Ec1r/9Po9ZRDEKHMh3nxKNRtWYamj3
MyUykW3QDdZWMjZFEGu+jmM5r0ij1NG0eXRG
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:55:31 2026 by rpki-client