Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/90ab8e-e573-41c4-a1bb-c6d2b8d1f566/1/VfPqQIUYDVEcRMuY0y_1WkG7tNM.roa
File: VfPqQIUYDVEcRMuY0y_1WkG7tNM.roa (raw, json)
Hash identifier: jXhdAhn6nzRP7djqjR0wEfaKlgEOeT24wYK6k5lvQMQ=
Subject key identifier: 55:F3:EA:40:85:18:0D:51:1C:44:CB:98:D3:2F:F5:5A:41:BB:B4:D3
Certificate issuer: /CN=dca46b1fcd92b47f4f55fad038c9581340a9d370
Certificate serial: 019D79531059AAD35E2517663EA1F61CA2F7
Authority key identifier: DC:A4:6B:1F:CD:92:B4:7F:4F:55:FA:D0:38:C9:58:13:40:A9:D3:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3KRrH82StH9PVfrQOMlYE0Cp03A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/90ab8e-e573-41c4-a1bb-c6d2b8d1f566/1/VfPqQIUYDVEcRMuY0y_1WkG7tNM.roa
Signing time: Fri 10 Apr 2026 21:36:20 +0000
ROA not before: Fri 10 Apr 2026 21:36:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43019
IP address blocks: 77.75.88.0/24 maxlen: 24
77.75.89.0/24 maxlen: 24
77.75.90.0/24 maxlen: 24
77.75.91.0/24 maxlen: 24
77.75.92.0/24 maxlen: 24
77.75.92.32/27 maxlen: 27
77.75.93.0/24 maxlen: 24
77.75.94.0/24 maxlen: 24
77.75.95.0/24 maxlen: 24
185.206.200.0/24 maxlen: 24
185.206.201.0/24 maxlen: 24
185.206.202.0/24 maxlen: 24
185.206.203.0/24 maxlen: 24
2a0b:3f80::/29 maxlen: 29
2a0b:3f80::/32 maxlen: 32
2a0b:3f81::/32 maxlen: 32
2a0b:3f82::/32 maxlen: 32
2a0b:3f83::/32 maxlen: 32
2a0b:3f84::/32 maxlen: 32
2a0b:3f85::/32 maxlen: 32
2a0b:3f85:aebd:201::/64 maxlen: 64
2a0b:3f86::/32 maxlen: 32
2a0b:3f87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/90ab8e-e573-41c4-a1bb-c6d2b8d1f566/1/3KRrH82StH9PVfrQOMlYE0Cp03A.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/90ab8e-e573-41c4-a1bb-c6d2b8d1f566/1/3KRrH82StH9PVfrQOMlYE0Cp03A.mft
rsync://rpki.ripe.net/repository/DEFAULT/3KRrH82StH9PVfrQOMlYE0Cp03A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 15:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:79:53:10:59:aa:d3:5e:25:17:66:3e:a1:f6:1c:a2:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dca46b1fcd92b47f4f55fad038c9581340a9d370
Validity
Not Before: Apr 10 21:36:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=55f3ea4085180d511c44cb98d32ff55a41bbb4d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:4d:e1:c5:21:47:b1:fd:c6:13:b0:2b:d8:76:
91:88:05:0f:b0:ca:a5:9b:c5:52:06:c6:2a:b2:50:
bc:69:e2:e4:b9:31:62:7a:c3:e2:07:59:2e:e3:d8:
1e:8d:eb:bc:d2:d1:de:0c:1a:3d:d2:46:b1:06:95:
86:aa:4c:2e:cc:16:fb:64:1f:4c:6c:7f:f2:37:1e:
08:8a:f6:64:93:fc:fb:d8:69:28:f4:3b:a9:16:3f:
66:9a:a1:36:94:b6:c0:27:42:23:41:f0:0e:f2:d8:
40:f9:40:cc:7d:46:3f:c5:5a:82:8e:e1:11:22:05:
01:35:3c:ff:77:05:f7:d4:96:f5:90:13:41:c3:22:
9b:94:65:a7:cc:8c:10:64:a5:8d:c1:fc:1f:f9:df:
8a:8c:a4:fc:16:e7:03:9e:f1:a5:aa:33:8f:c2:ad:
ff:71:63:dd:9a:cf:fb:8b:17:e6:ee:c4:65:2b:78:
ca:36:88:11:c3:89:cb:2b:93:df:25:e7:b7:48:7e:
6b:1a:7b:b4:62:e6:8e:67:ad:cc:57:72:aa:d0:0c:
04:b5:fe:15:fa:84:bc:0e:02:4b:96:f9:93:99:0a:
dc:1e:1b:fd:c7:15:d8:f4:8a:5f:a5:01:cd:a2:84:
15:5a:b7:73:cb:5a:54:af:89:5b:f2:98:d2:0f:42:
c5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:F3:EA:40:85:18:0D:51:1C:44:CB:98:D3:2F:F5:5A:41:BB:B4:D3
X509v3 Authority Key Identifier:
keyid:DC:A4:6B:1F:CD:92:B4:7F:4F:55:FA:D0:38:C9:58:13:40:A9:D3:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3KRrH82StH9PVfrQOMlYE0Cp03A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/90ab8e-e573-41c4-a1bb-c6d2b8d1f566/1/VfPqQIUYDVEcRMuY0y_1WkG7tNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/90ab8e-e573-41c4-a1bb-c6d2b8d1f566/1/3KRrH82StH9PVfrQOMlYE0Cp03A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.75.88.0/21
185.206.200.0/22
IPv6:
2a0b:3f80::/29
Signature Algorithm: sha256WithRSAEncryption
02:28:67:bd:90:ef:54:10:d9:d6:ea:64:be:cd:7f:bf:e8:06:
f7:32:cb:fd:1c:5c:fe:f9:d4:4f:49:e7:8c:fa:96:2d:6a:0e:
f6:cc:07:75:f7:8a:7e:d3:5a:25:4c:72:49:9f:44:6f:21:11:
be:85:7d:ed:12:82:22:0d:ef:04:dc:55:26:ea:5b:60:f9:3e:
ab:ca:25:80:57:9c:e8:0c:c5:54:8a:b7:b2:fb:1d:19:9d:e4:
e2:38:aa:d0:80:17:5d:24:bb:ac:82:b6:99:6b:25:21:ea:74:
ad:6c:6a:70:64:61:19:4b:8b:85:12:24:19:98:8a:3a:9c:b2:
f5:18:ce:63:18:5e:d7:c8:c6:0e:60:c7:a7:ea:ed:c2:10:84:
c9:8d:bb:1b:c5:12:74:33:36:78:25:f2:42:71:34:f8:f7:6e:
69:0e:17:dd:2f:27:39:8b:a8:14:d2:a7:b5:fc:a7:61:04:8e:
17:46:b8:c7:81:87:00:b7:d7:bc:97:92:b4:49:e1:9f:76:5f:
22:58:95:c9:dc:c5:71:0a:fd:e0:fc:5f:26:7b:3a:44:18:3a:
df:a7:cc:bc:f5:d1:b5:db:66:31:12:9d:0b:2b:3a:6d:a3:68:
12:57:53:bc:9a:cb:e9:fb:39:f8:de:13:7d:6f:ce:02:96:93:
c5:f2:7e:76
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ15UxBZqtNeJRdmPqH2HKL3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYTQ2YjFmY2Q5MmI0N2Y0ZjU1ZmFkMDM4Yzk1ODEzNDBh
OWQzNzAwHhcNMjYwNDEwMjEzNjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWYzZWE0MDg1MTgwZDUxMWM0NGNiOThkMzJmZjU1YTQxYmJiNGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA103hxSFHsf3GE7Ar2HaRiAUPsMql
m8VSBsYqslC8aeLkuTFiesPiB1ku49gejeu80tHeDBo90kaxBpWGqkwuzBb7ZB9M
bH/yNx4IivZkk/z72Gko9DupFj9mmqE2lLbAJ0IjQfAO8thA+UDMfUY/xVqCjuER
IgUBNTz/dwX31Jb1kBNBwyKblGWnzIwQZKWNwfwf+d+KjKT8FucDnvGlqjOPwq3/
cWPdms/7ixfm7sRlK3jKNogRw4nLK5PfJee3SH5rGnu0YuaOZ63MV3Kq0AwEtf4V
+oS8DgJLlvmTmQrcHhv9xxXY9IpfpQHNooQVWrdzy1pUr4lb8pjSD0LFBwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFXz6kCFGA1RHETLmNMv9VpBu7TTMB8GA1UdIwQY
MBaAFNykax/NkrR/T1X60DjJWBNAqdNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0tSckg4MlN0SDlQVmZyUU9NbFlFMENwMDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS85MGFiOGUtZTU3My00MWM0LWExYmIt
YzZkMmI4ZDFmNTY2LzEvVmZQcVFJVVlEVkVjUk11WTB5XzFXa0c3dE5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS85MGFiOGUtZTU3My00MWM0LWExYmItYzZkMmI4ZDFmNTY2
LzEvM0tSckg4MlN0SDlQVmZyUU9NbFlFMENwMDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDTUtYAwQC
uc7IMA0EAgACMAcDBQMqCz+AMA0GCSqGSIb3DQEBCwUAA4IBAQACKGe9kO9UENnW
6mS+zX+/6Ab3Msv9HFz++dRPSeeM+pYtag72zAd194p+01olTHJJn0RvIRG+hX3t
EoIiDe8E3FUm6ltg+T6ryiWAV5zoDMVUirey+x0ZneTiOKrQgBddJLusgraZayUh
6nStbGpwZGEZS4uFEiQZmIo6nLL1GM5jGF7XyMYOYMen6u3CEITJjbsbxRJ0MzZ4
JfJCcTT4925pDhfdLyc5i6gU0qe1/KdhBI4XRrjHgYcAt9e8l5K0SeGfdl8iWJXJ
3MVxCv3g/F8mezpEGDrfp8y89dG122YxEp0LKzpto2gSV1O8msvp+zn43hN9b84C
lpPF8n52
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:51:26 2026 by rpki-client