Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/VmKAAjA4J61Er2pV6nmm2We8eeg.roa
File: VmKAAjA4J61Er2pV6nmm2We8eeg.roa (raw, json)
Hash identifier: H91QyBvG1I/wj9YFT3ovdtrMrR5xBG3HkuYFKTPkUdk=
Subject key identifier: 56:62:80:02:30:38:27:AD:44:AF:6A:55:EA:79:A6:D9:67:BC:79:E8
Certificate issuer: /CN=896a82a725ed22bb46847ae568912078de25c108
Certificate serial: 019E5EA2EFC5C8D176EE651DDC93F547BB46
Authority key identifier: 89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/VmKAAjA4J61Er2pV6nmm2We8eeg.roa
Signing time: Mon 25 May 2026 10:16:36 +0000
ROA not before: Mon 25 May 2026 10:16:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5377
IP address blocks: 77.70.128.0/17 maxlen: 17
77.70.128.0/19 maxlen: 19
77.70.144.0/20 maxlen: 20
77.70.160.0/20 maxlen: 20
77.70.176.0/22 maxlen: 24
77.70.181.0/24 maxlen: 24
77.70.184.0/21 maxlen: 24
77.70.191.0/24 maxlen: 24
77.70.192.0/19 maxlen: 19
77.70.207.0/24 maxlen: 24
77.70.240.0/20 maxlen: 20
77.70.252.0/23 maxlen: 24
77.70.252.0/24 maxlen: 24
77.70.254.0/23 maxlen: 24
77.70.254.0/24 maxlen: 24
77.70.255.0/24 maxlen: 24
193.219.192.0/18 maxlen: 18
193.219.196.0/24 maxlen: 24
193.220.0.0/16 maxlen: 16
193.220.88.0/21 maxlen: 21
193.220.94.0/24 maxlen: 24
193.220.165.0/24 maxlen: 24
193.220.174.0/23 maxlen: 24
193.220.220.0/22 maxlen: 22
193.220.224.0/20 maxlen: 20
193.220.230.0/24 maxlen: 24
193.220.240.0/20 maxlen: 24
2a02:6600::/29 maxlen: 32
2a02:6600:f000::/48 maxlen: 48
2a02:6600:f001::/48 maxlen: 48
2a02:6601::/32 maxlen: 32
2a02:6601:c000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 10:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5e:a2:ef:c5:c8:d1:76:ee:65:1d:dc:93:f5:47:bb:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896a82a725ed22bb46847ae568912078de25c108
Validity
Not Before: May 25 10:16:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=56628002303827ad44af6a55ea79a6d967bc79e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e2:bf:64:29:cb:b9:a2:40:35:52:af:05:92:
0e:6f:5a:28:00:2e:d8:c2:8c:8d:8d:78:7e:3b:60:
87:02:19:a5:d3:e4:cb:c9:84:e0:b7:33:b7:f2:63:
a7:ed:15:8b:a8:04:ec:82:b1:5f:dc:31:be:a4:c3:
04:31:2c:44:8e:60:37:19:bf:53:e4:0f:31:c7:3f:
c3:bc:47:6b:cd:d4:e1:30:a6:a1:74:47:3a:e6:9a:
e1:92:0e:2d:71:6b:c0:05:d1:2e:74:83:1f:ed:44:
b9:91:94:29:fa:77:df:e8:cd:46:7a:20:11:a8:db:
9f:fe:c1:55:a0:67:de:2b:58:89:ea:21:6c:8b:e3:
61:cf:4b:e7:64:27:bf:ef:6d:ae:fc:b8:21:53:fc:
90:2a:37:cf:f0:31:3a:88:60:fb:5d:40:48:4d:de:
3f:b8:c5:64:d9:2e:cb:cd:94:36:fd:1f:c6:20:14:
7b:b4:d1:10:86:39:df:cd:77:2d:ea:68:95:22:9a:
23:1b:01:90:28:e4:5b:07:0d:e9:3d:07:66:b5:15:
c0:e1:3c:0d:28:29:cc:9d:ce:cd:28:ec:d4:d8:62:
14:6d:b5:95:2e:fd:61:c6:c4:06:11:15:10:84:f4:
48:67:80:1e:cd:e3:ea:17:9b:51:6a:1b:59:f2:fc:
93:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:62:80:02:30:38:27:AD:44:AF:6A:55:EA:79:A6:D9:67:BC:79:E8
X509v3 Authority Key Identifier:
keyid:89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/VmKAAjA4J61Er2pV6nmm2We8eeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.70.128.0/17
193.219.192.0-193.220.255.255
IPv6:
2a02:6600::/29
Signature Algorithm: sha256WithRSAEncryption
13:1e:57:66:d1:06:f4:e7:19:f7:8c:62:42:19:77:6b:f8:7a:
d0:00:dc:6e:49:cb:5c:97:12:7b:41:8b:85:0b:fd:4f:e4:4a:
35:2f:34:1f:66:df:fc:a6:7f:8a:2b:a7:fb:99:33:5c:79:12:
62:d0:0f:64:ee:c9:16:0b:c5:6d:a1:d8:14:e0:6f:78:28:4b:
ed:88:12:a9:41:41:26:6b:ac:a4:bc:5f:d3:da:e8:ed:4b:dd:
34:cc:59:c2:d4:ec:69:90:55:55:13:a4:d4:2f:e2:fa:a6:92:
62:d6:da:7f:b7:4b:4f:c0:fa:3b:78:e4:06:d7:89:8b:d2:d0:
51:99:f2:b0:bf:52:be:ae:4f:82:c5:ca:30:6e:e0:9b:30:55:
f8:6e:1c:8a:2b:bb:ef:08:c4:15:0c:3e:d7:a5:49:51:b4:bc:
47:16:e9:7d:69:ce:87:15:63:51:f9:8f:7f:a0:8c:bf:0d:5b:
84:41:cd:63:b3:e6:b3:d8:25:72:77:8f:e0:be:4c:a7:86:5a:
1d:8b:1a:27:1f:6b:02:68:8c:38:8f:f2:ea:03:16:d7:7f:6f:
36:ff:0b:44:64:87:a8:24:6e:78:58:41:36:96:88:fe:65:43:
70:72:75:ea:e9:14:d6:04:02:4f:b8:9a:d1:d2:e4:34:d5:9f:
04:f8:0b:d9
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ5eou/FyNF27mUd3JP1R7tGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmE4MmE3MjVlZDIyYmI0Njg0N2FlNTY4OTEyMDc4ZGUy
NWMxMDgwHhcNMjYwNTI1MTAxNjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjYyODAwMjMwMzgyN2FkNDRhZjZhNTVlYTc5YTZkOTY3YmM3OWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOK/ZCnLuaJANVKvBZIOb1ooAC7Y
woyNjXh+O2CHAhml0+TLyYTgtzO38mOn7RWLqATsgrFf3DG+pMMEMSxEjmA3Gb9T
5A8xxz/DvEdrzdThMKahdEc65prhkg4tcWvABdEudIMf7US5kZQp+nff6M1GeiAR
qNuf/sFVoGfeK1iJ6iFsi+Nhz0vnZCe/722u/LghU/yQKjfP8DE6iGD7XUBITd4/
uMVk2S7LzZQ2/R/GIBR7tNEQhjnfzXct6miVIpojGwGQKORbBw3pPQdmtRXA4TwN
KCnMnc7NKOzU2GIUbbWVLv1hxsQGERUQhPRIZ4AezePqF5tRahtZ8vyTpwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFZigAIwOCetRK9qVep5ptlnvHnoMB8GA1UdIwQY
MBaAFIlqgqcl7SK7RoR65WiRIHjeJcEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUt
MDQwMTI3MTAyMjA5LzEvVm1LQUFqQTRKNjFFcjJwVjZubW0yV2U4ZWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUtMDQwMTI3MTAyMjA5
LzEvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAZBAIAATATAwQHTUaAMAsD
BAbB28ADAwDB3DANBAIAAjAHAwUDKgJmADANBgkqhkiG9w0BAQsFAAOCAQEAEx5X
ZtEG9OcZ94xiQhl3a/h60ADcbknLXJcSe0GLhQv9T+RKNS80H2bf/KZ/iiun+5kz
XHkSYtAPZO7JFgvFbaHYFOBveChL7YgSqUFBJmuspLxf09ro7UvdNMxZwtTsaZBV
VROk1C/i+qaSYtbaf7dLT8D6O3jkBteJi9LQUZnysL9Svq5PgsXKMG7gmzBV+G4c
iiu77wjEFQw+16VJUbS8RxbpfWnOhxVjUfmPf6CMvw1bhEHNY7Pms9glcneP4L5M
p4ZaHYsaJx9rAmiMOI/y6gMW139vNv8LRGSHqCRueFhBNpaI/mVDcHJ16ukU1gQC
T7ia0dLkNNWfBPgL2Q==
-----END CERTIFICATE-----
Generated at Sat Jun 13 19:54:51 2026 by rpki-client