Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/aVkTnnbGIe4fDpGVb6wjTSR-yLQ.roa
File: aVkTnnbGIe4fDpGVb6wjTSR-yLQ.roa (raw, json)
Hash identifier: mPn9lf0kaEtQghK8NnucRSJ4lyasaPeghHp1g2R6ywY=
Subject key identifier: 69:59:13:9E:76:C6:21:EE:1F:0E:91:95:6F:AC:23:4D:24:7E:C8:B4
Certificate issuer: /CN=896a82a725ed22bb46847ae568912078de25c108
Certificate serial: 019C90D4BD14A1B335611998F523833F5D9B
Authority key identifier: 89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/aVkTnnbGIe4fDpGVb6wjTSR-yLQ.roa
Signing time: Tue 24 Feb 2026 18:06:26 +0000
ROA not before: Tue 24 Feb 2026 18:06:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 5377
IP address blocks: 77.70.128.0/17 maxlen: 17
77.70.128.0/19 maxlen: 19
77.70.144.0/20 maxlen: 20
77.70.160.0/20 maxlen: 20
77.70.176.0/22 maxlen: 24
77.70.181.0/24 maxlen: 24
77.70.184.0/21 maxlen: 24
77.70.191.0/24 maxlen: 24
77.70.192.0/19 maxlen: 19
77.70.207.0/24 maxlen: 24
77.70.240.0/20 maxlen: 20
77.70.254.0/23 maxlen: 24
77.70.254.0/24 maxlen: 24
77.70.255.0/24 maxlen: 24
193.219.192.0/18 maxlen: 18
193.219.196.0/24 maxlen: 24
193.220.0.0/16 maxlen: 16
193.220.88.0/21 maxlen: 21
193.220.94.0/24 maxlen: 24
193.220.165.0/24 maxlen: 24
193.220.174.0/23 maxlen: 24
193.220.220.0/22 maxlen: 22
193.220.224.0/20 maxlen: 20
193.220.230.0/24 maxlen: 24
193.220.240.0/20 maxlen: 24
2a02:6600::/29 maxlen: 32
2a02:6600:f000::/48 maxlen: 48
2a02:6600:f001::/48 maxlen: 48
2a02:6601::/32 maxlen: 32
2a02:6601:c000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:90:d4:bd:14:a1:b3:35:61:19:98:f5:23:83:3f:5d:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896a82a725ed22bb46847ae568912078de25c108
Validity
Not Before: Feb 24 18:06:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6959139e76c621ee1f0e91956fac234d247ec8b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:67:ae:dc:3e:8b:51:05:67:b2:c9:c6:43:7d:
d4:48:ce:65:26:0a:29:66:4b:5c:3a:6f:b2:f1:ce:
f2:f2:cb:d0:f2:91:c6:6b:23:e6:00:fe:34:52:19:
c3:00:89:49:c0:3d:bf:cd:5c:d9:cc:69:18:b8:c1:
3b:a2:83:70:7b:d6:be:61:95:bb:3b:80:d3:d1:60:
0e:41:65:a8:b7:39:44:96:7d:1a:ff:f4:d5:93:4c:
dc:0a:de:6c:52:6e:0e:89:c7:52:0c:d7:a2:de:39:
d8:5d:d8:4b:dc:6c:a2:8d:2d:92:03:ce:e9:70:72:
49:5c:db:1a:bb:4f:4f:ec:42:64:56:9b:16:58:68:
a7:c9:dc:f8:9a:f6:50:b6:4a:e5:bf:2b:b2:6e:ee:
6c:f4:6f:da:2e:bd:f4:1f:64:b9:6a:ce:b9:99:a7:
d5:4a:e2:6e:1d:4a:88:08:ec:13:93:de:8c:2d:44:
a3:15:85:22:99:c5:22:6d:a4:5c:98:7e:84:76:60:
ff:29:1f:77:b4:23:41:66:fb:d1:7a:4f:21:ab:77:
cd:83:71:f4:26:06:cf:a6:a0:95:cc:67:7e:ec:60:
aa:4d:97:c0:4d:1a:fb:6e:c4:53:08:2b:9c:44:87:
a6:48:d8:20:39:e9:d1:31:da:70:7a:24:6b:5c:8f:
50:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:59:13:9E:76:C6:21:EE:1F:0E:91:95:6F:AC:23:4D:24:7E:C8:B4
X509v3 Authority Key Identifier:
keyid:89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/aVkTnnbGIe4fDpGVb6wjTSR-yLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.70.128.0/17
193.219.192.0-193.220.255.255
IPv6:
2a02:6600::/29
Signature Algorithm: sha256WithRSAEncryption
d4:90:42:26:a4:4e:fb:7c:29:2d:6f:d0:5d:36:ee:5b:3e:9c:
63:28:1f:7e:b8:dc:2d:6f:e8:f6:c3:3f:a3:dd:f0:fc:c6:46:
2c:9b:d6:97:8b:1c:f2:77:c6:c5:56:a7:45:b6:58:ba:c5:61:
62:bb:42:7d:cd:e0:c1:0d:90:97:c9:3f:8b:28:ed:ba:14:56:
98:4f:2d:5e:4b:73:8d:52:f1:d5:bf:93:63:d5:ee:8d:54:f1:
55:de:1b:6b:c3:85:4a:8c:2e:af:49:ab:04:52:97:1e:39:78:
37:b7:eb:c6:63:4c:8c:51:d4:62:82:0c:59:06:3a:68:eb:13:
a1:54:3d:70:28:c3:6c:d5:86:77:a7:9b:e4:20:d4:2e:14:a5:
ed:aa:f2:bc:0e:08:e5:2a:e7:ae:4f:61:02:cf:3e:ce:24:9a:
b9:ce:c8:df:9d:5f:0d:b8:e6:05:b6:f8:fa:0b:03:a1:fa:98:
43:8f:15:1e:fb:2f:31:e8:d9:59:68:1b:57:d0:3d:70:01:00:
7b:63:44:f1:99:ef:61:13:7a:0f:a6:3d:0f:8c:30:68:2a:23:
92:77:29:9f:f4:b2:a6:16:05:e3:d7:7b:20:ca:71:0f:a0:7b:
8c:24:ec:d2:be:f6:15:da:96:74:57:12:39:8d:b5:11:bc:2b:
b9:de:61:f4
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZyQ1L0UobM1YRmY9SODP12bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmE4MmE3MjVlZDIyYmI0Njg0N2FlNTY4OTEyMDc4ZGUy
NWMxMDgwHhcNMjYwMjI0MTgwNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTU5MTM5ZTc2YzYyMWVlMWYwZTkxOTU2ZmFjMjM0ZDI0N2VjOGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWeu3D6LUQVnssnGQ33USM5lJgop
ZktcOm+y8c7y8svQ8pHGayPmAP40UhnDAIlJwD2/zVzZzGkYuME7ooNwe9a+YZW7
O4DT0WAOQWWotzlEln0a//TVk0zcCt5sUm4OicdSDNei3jnYXdhL3GyijS2SA87p
cHJJXNsau09P7EJkVpsWWGinydz4mvZQtkrlvyuybu5s9G/aLr30H2S5as65mafV
SuJuHUqICOwTk96MLUSjFYUimcUibaRcmH6EdmD/KR93tCNBZvvRek8hq3fNg3H0
JgbPpqCVzGd+7GCqTZfATRr7bsRTCCucRIemSNggOenRMdpweiRrXI9QOwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGlZE552xiHuHw6RlW+sI00kfsi0MB8GA1UdIwQY
MBaAFIlqgqcl7SK7RoR65WiRIHjeJcEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUt
MDQwMTI3MTAyMjA5LzEvYVZrVG5uYkdJZTRmRHBHVmI2d2pUU1IteUxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUtMDQwMTI3MTAyMjA5
LzEvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAZBAIAATATAwQHTUaAMAsD
BAbB28ADAwDB3DANBAIAAjAHAwUDKgJmADANBgkqhkiG9w0BAQsFAAOCAQEA1JBC
JqRO+3wpLW/QXTbuWz6cYygffrjcLW/o9sM/o93w/MZGLJvWl4sc8nfGxVanRbZY
usVhYrtCfc3gwQ2Ql8k/iyjtuhRWmE8tXktzjVLx1b+TY9XujVTxVd4ba8OFSowu
r0mrBFKXHjl4N7frxmNMjFHUYoIMWQY6aOsToVQ9cCjDbNWGd6eb5CDULhSl7ary
vA4I5Srnrk9hAs8+ziSauc7I351fDbjmBbb4+gsDofqYQ48VHvsvMejZWWgbV9A9
cAEAe2NE8ZnvYRN6D6Y9D4wwaCojkncpn/SyphYF49d7IMpxD6B7jCTs0r72FdqW
dFcSOY21Ebwrud5h9A==
-----END CERTIFICATE-----
Generated at Mon Mar 2 21:19:54 2026 by rpki-client