Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/5iygaSWZF0yjUJ8jGYfCtVGM300.roa
File: 5iygaSWZF0yjUJ8jGYfCtVGM300.roa (raw, json)
Hash identifier: ET/P3Mdg0xkHqABx2gsgHyGvGIp2jJSSoXAlISRhnZ4=
Subject key identifier: E6:2C:A0:69:25:99:17:4C:A3:50:9F:23:19:87:C2:B5:51:8C:DF:4D
Certificate issuer: /CN=896a82a725ed22bb46847ae568912078de25c108
Certificate serial: 019D4461D9AA5035892BBD5CBDA9DD6B9023
Authority key identifier: 89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/5iygaSWZF0yjUJ8jGYfCtVGM300.roa
Signing time: Tue 31 Mar 2026 14:52:36 +0000
ROA not before: Tue 31 Mar 2026 14:52:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5377
IP address blocks: 77.70.128.0/17 maxlen: 17
77.70.128.0/19 maxlen: 19
77.70.144.0/20 maxlen: 20
77.70.160.0/20 maxlen: 20
77.70.176.0/22 maxlen: 24
77.70.181.0/24 maxlen: 24
77.70.184.0/21 maxlen: 24
77.70.191.0/24 maxlen: 24
77.70.192.0/19 maxlen: 19
77.70.207.0/24 maxlen: 24
77.70.240.0/20 maxlen: 20
77.70.252.0/23 maxlen: 24
77.70.254.0/23 maxlen: 24
77.70.254.0/24 maxlen: 24
77.70.255.0/24 maxlen: 24
193.219.192.0/18 maxlen: 18
193.219.196.0/24 maxlen: 24
193.220.0.0/16 maxlen: 16
193.220.88.0/21 maxlen: 21
193.220.94.0/24 maxlen: 24
193.220.165.0/24 maxlen: 24
193.220.174.0/23 maxlen: 24
193.220.220.0/22 maxlen: 22
193.220.224.0/20 maxlen: 20
193.220.230.0/24 maxlen: 24
193.220.240.0/20 maxlen: 24
2a02:6600::/29 maxlen: 32
2a02:6600:f000::/48 maxlen: 48
2a02:6600:f001::/48 maxlen: 48
2a02:6601::/32 maxlen: 32
2a02:6601:c000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 11:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:44:61:d9:aa:50:35:89:2b:bd:5c:bd:a9:dd:6b:90:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896a82a725ed22bb46847ae568912078de25c108
Validity
Not Before: Mar 31 14:52:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e62ca0692599174ca3509f231987c2b5518cdf4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:bf:d3:e4:e6:35:ab:25:cf:a6:ef:e6:11:63:
25:6b:9e:d8:6f:0f:29:3f:e0:46:36:e4:db:e9:81:
5c:6e:d5:2c:f1:3b:30:21:2b:5e:c7:63:9f:6b:b4:
e7:5e:50:8f:bf:eb:7a:63:f0:92:4d:0f:d2:f6:f2:
df:50:df:2a:23:dd:1e:71:c4:19:45:b8:39:6c:dd:
3a:d6:d5:8c:70:5c:d9:2d:b9:5c:75:61:c8:0a:eb:
ed:b8:84:e1:da:30:b6:22:fa:46:4a:99:ea:8f:0b:
75:fb:90:81:d9:a8:5e:6e:f5:c7:17:0c:2a:49:9a:
1c:83:4f:d0:72:57:e8:0f:db:b5:dd:99:59:8a:ff:
c4:4e:1b:35:71:0f:98:2d:e2:c1:9c:ee:24:a1:cc:
f6:3f:27:7c:ab:e5:77:d6:96:72:8d:57:34:da:20:
9f:dd:34:0e:45:ee:e9:ae:3b:ab:fd:17:70:02:01:
3a:10:53:8a:77:38:ff:98:2d:ce:68:8c:ac:e0:c7:
86:0c:b8:2a:b9:26:95:3f:ab:f4:f0:38:b7:15:bb:
5e:d8:86:a3:f2:2b:c6:6f:a2:84:ee:08:15:51:97:
64:49:3a:7d:4e:43:d8:56:72:a8:71:5a:50:99:39:
d1:11:70:32:62:db:17:65:38:ad:ca:b6:db:e6:fa:
16:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:2C:A0:69:25:99:17:4C:A3:50:9F:23:19:87:C2:B5:51:8C:DF:4D
X509v3 Authority Key Identifier:
keyid:89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/5iygaSWZF0yjUJ8jGYfCtVGM300.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.70.128.0/17
193.219.192.0-193.220.255.255
IPv6:
2a02:6600::/29
Signature Algorithm: sha256WithRSAEncryption
07:c8:b9:5e:de:e0:d6:a4:10:d0:db:94:80:51:92:22:89:82:
d9:53:8d:a2:ce:84:5b:d2:a4:0c:48:15:96:a9:18:e2:d4:78:
e7:82:e7:df:6d:23:16:95:c4:32:89:6f:29:95:24:19:74:df:
d8:a1:01:ef:07:25:32:3f:52:1f:99:a6:a5:7e:2c:33:00:81:
88:37:3a:f3:c2:1c:f0:77:39:fe:22:66:a1:5a:db:f9:83:ba:
b0:62:de:e9:51:fe:8e:5d:8c:34:fd:70:90:13:75:90:61:72:
ea:ca:ce:b2:30:9f:19:fa:70:a3:88:92:77:9e:da:6e:80:39:
a5:99:3c:56:d4:81:00:14:ea:0c:d3:af:84:c8:8f:5c:63:91:
1e:05:f4:18:d6:84:ce:4d:4c:44:4d:ce:ea:5e:a3:b5:b3:bb:
70:56:87:a1:e2:8e:79:e7:eb:f6:a9:a9:1f:ab:b5:51:30:25:
d9:a1:35:26:6a:12:3b:3e:83:b8:37:0a:9d:20:c3:ad:e9:f8:
9d:e2:d3:57:8e:89:7d:27:b8:d4:2f:b3:36:87:78:bb:34:18:
d2:83:74:e3:21:9b:05:32:14:45:92:8a:30:da:9f:71:26:0e:
a1:55:cb:9f:f1:ad:67:df:d5:75:9a:ef:db:b0:64:69:ef:f5:
c6:5e:8c:80
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ1EYdmqUDWJK71cvanda5AjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmE4MmE3MjVlZDIyYmI0Njg0N2FlNTY4OTEyMDc4ZGUy
NWMxMDgwHhcNMjYwMzMxMTQ1MjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjJjYTA2OTI1OTkxNzRjYTM1MDlmMjMxOTg3YzJiNTUxOGNkZjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAor/T5OY1qyXPpu/mEWMla57Ybw8p
P+BGNuTb6YFcbtUs8TswIStex2Ofa7TnXlCPv+t6Y/CSTQ/S9vLfUN8qI90eccQZ
Rbg5bN061tWMcFzZLblcdWHICuvtuITh2jC2IvpGSpnqjwt1+5CB2ahebvXHFwwq
SZocg0/QclfoD9u13ZlZiv/EThs1cQ+YLeLBnO4kocz2Pyd8q+V31pZyjVc02iCf
3TQORe7prjur/RdwAgE6EFOKdzj/mC3OaIys4MeGDLgquSaVP6v08Di3Fbte2Iaj
8ivGb6KE7ggVUZdkSTp9TkPYVnKocVpQmTnREXAyYtsXZTityrbb5voWBwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFOYsoGklmRdMo1CfIxmHwrVRjN9NMB8GA1UdIwQY
MBaAFIlqgqcl7SK7RoR65WiRIHjeJcEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUt
MDQwMTI3MTAyMjA5LzEvNWl5Z2FTV1pGMHlqVUo4akdZZkN0VkdNMzAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUtMDQwMTI3MTAyMjA5
LzEvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAZBAIAATATAwQHTUaAMAsD
BAbB28ADAwDB3DANBAIAAjAHAwUDKgJmADANBgkqhkiG9w0BAQsFAAOCAQEAB8i5
Xt7g1qQQ0NuUgFGSIomC2VONos6EW9KkDEgVlqkY4tR454Ln320jFpXEMolvKZUk
GXTf2KEB7wclMj9SH5mmpX4sMwCBiDc688Ic8Hc5/iJmoVrb+YO6sGLe6VH+jl2M
NP1wkBN1kGFy6srOsjCfGfpwo4iSd57aboA5pZk8VtSBABTqDNOvhMiPXGORHgX0
GNaEzk1MRE3O6l6jtbO7cFaHoeKOeefr9qmpH6u1UTAl2aE1JmoSOz6DuDcKnSDD
ren4neLTV46JfSe41C+zNod4uzQY0oN04yGbBTIURZKKMNqfcSYOoVXLn/GtZ9/V
dZrv27Bkae/1xl6MgA==
-----END CERTIFICATE-----
Generated at Fri Apr 17 21:20:17 2026 by rpki-client