Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/SqLjz_YZ1ox7hHX_e2Fbl6iZekQ.roa
File: SqLjz_YZ1ox7hHX_e2Fbl6iZekQ.roa (raw, json)
Hash identifier: H0HNrcJQzEmfkf815xlHJlafhtiV6TFeniX2HAOlK+U=
Subject key identifier: 4A:A2:E3:CF:F6:19:D6:8C:7B:84:75:FF:7B:61:5B:97:A8:99:7A:44
Certificate issuer: /CN=77b8cf454b0962d16a4855808fd3abc15852bbd8
Certificate serial: 019E92EA9E572A1C68101BF38306F432B3AC
Authority key identifier: 77:B8:CF:45:4B:09:62:D1:6A:48:55:80:8F:D3:AB:C1:58:52:BB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/SqLjz_YZ1ox7hHX_e2Fbl6iZekQ.roa
Signing time: Thu 04 Jun 2026 13:55:09 +0000
ROA not before: Thu 04 Jun 2026 13:55:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 19905
IP address blocks: 185.77.72.0/24 maxlen: 24
185.78.207.0/24 maxlen: 24
195.157.4.0/24 maxlen: 24
195.245.201.0/24 maxlen: 24
212.126.159.0/24 maxlen: 24
2001:67c:1088::/48 maxlen: 48
2001:67c:27dc::/48 maxlen: 48
2001:a88:8::/48 maxlen: 48
2a00:ed0:8::/48 maxlen: 48
2a00:62e0:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 04:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:92:ea:9e:57:2a:1c:68:10:1b:f3:83:06:f4:32:b3:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77b8cf454b0962d16a4855808fd3abc15852bbd8
Validity
Not Before: Jun 4 13:55:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4aa2e3cff619d68c7b8475ff7b615b97a8997a44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:66:77:30:4e:4e:c4:91:b6:7c:d2:eb:f7:11:
ce:73:35:fa:3b:05:fe:5d:8a:df:07:64:59:84:e1:
c0:5e:a8:36:bf:dc:0a:8d:26:cd:d4:02:29:61:85:
1c:13:79:20:2d:19:67:dc:1a:61:8b:63:7c:c8:a7:
91:c2:e7:61:50:48:89:b4:b5:3e:35:72:63:e2:c3:
6e:31:eb:a2:ef:23:f8:b7:51:df:0c:07:19:5d:61:
16:cd:37:68:d2:69:20:8e:28:9c:97:1d:d3:2e:14:
d9:13:bc:e4:76:f1:d9:77:ad:86:6a:95:c7:d1:2c:
8c:91:ec:17:cf:d7:6b:d9:6e:74:95:cf:77:75:75:
0c:2e:48:b9:85:82:72:8d:fc:df:b0:19:17:0a:71:
32:6c:42:a3:d6:5d:cf:f5:ea:c3:6f:b9:8c:bf:9f:
ae:aa:34:e8:1b:d4:76:78:7d:b3:1f:10:80:8f:d6:
bd:44:05:b8:8e:a1:5f:2b:80:86:72:56:43:a3:f3:
ec:34:78:ae:d6:70:12:e4:aa:71:1c:a8:94:b6:fa:
af:81:c8:bb:95:3a:49:0a:21:17:21:b7:80:17:be:
4c:d7:cd:47:0b:b6:1d:24:e5:07:66:55:c4:69:a3:
b7:25:43:ff:91:09:fb:ee:3e:65:4d:5a:b6:d2:76:
8f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:A2:E3:CF:F6:19:D6:8C:7B:84:75:FF:7B:61:5B:97:A8:99:7A:44
X509v3 Authority Key Identifier:
keyid:77:B8:CF:45:4B:09:62:D1:6A:48:55:80:8F:D3:AB:C1:58:52:BB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7jPRUsJYtFqSFWAj9OrwVhSu9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/SqLjz_YZ1ox7hHX_e2Fbl6iZekQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c171ca-4b1b-4187-ba46-a4fc9e2458ec/1/d7jPRUsJYtFqSFWAj9OrwVhSu9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.72.0/24
185.78.207.0/24
195.157.4.0/24
195.245.201.0/24
212.126.159.0/24
IPv6:
2001:67c:1088::/48
2001:67c:27dc::/48
2001:a88:8::/48
2a00:ed0:8::/48
2a00:62e0:8::/48
Signature Algorithm: sha256WithRSAEncryption
aa:c8:88:96:cc:26:0b:7f:af:e6:0c:89:2f:14:99:a8:bb:1e:
af:c1:0e:e3:9b:0b:76:05:95:03:88:47:20:71:b9:da:4f:69:
41:04:17:12:b0:ce:ac:c8:13:c8:67:4e:14:f6:95:0f:2d:20:
16:b5:9f:de:35:28:43:e4:e5:8f:da:7a:13:74:1e:11:b8:b4:
2b:da:6c:61:75:c3:17:db:5c:84:a6:27:53:b8:5f:72:a3:be:
27:21:12:91:e8:bb:12:42:e8:22:e0:2f:37:dd:2b:56:3c:02:
ec:08:ea:e2:3d:12:f1:29:64:03:fb:da:09:b0:13:17:e7:93:
fa:38:03:2f:87:fb:26:5b:87:a8:3c:5c:44:88:1a:85:3c:a8:
f2:a3:8e:3c:85:fe:14:97:a3:ba:c9:b9:41:27:1e:25:db:28:
61:90:03:cd:71:c7:6f:44:00:be:a4:aa:5c:57:e8:ae:39:d0:
55:9f:d0:5d:76:68:1f:48:08:b6:c4:16:ab:57:70:3c:54:07:
1e:fd:8c:32:25:fa:a6:54:42:90:4e:b1:57:94:16:73:11:c3:
05:ec:84:48:fd:2f:91:be:e5:c8:b8:6e:59:35:dc:fb:62:eb:
a8:70:f2:f6:67:c8:87:77:31:2f:8f:90:21:d9:24:3d:bd:75:
2a:02:99:45
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZ6S6p5XKhxoEBvzgwb0MrOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjhjZjQ1NGIwOTYyZDE2YTQ4NTU4MDhmZDNhYmMxNTg1
MmJiZDgwHhcNMjYwNjA0MTM1NTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWEyZTNjZmY2MTlkNjhjN2I4NDc1ZmY3YjYxNWI5N2E4OTk3YTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmZ3ME5OxJG2fNLr9xHOczX6OwX+
XYrfB2RZhOHAXqg2v9wKjSbN1AIpYYUcE3kgLRln3Bphi2N8yKeRwudhUEiJtLU+
NXJj4sNuMeui7yP4t1HfDAcZXWEWzTdo0mkgjiiclx3TLhTZE7zkdvHZd62GapXH
0SyMkewXz9dr2W50lc93dXUMLki5hYJyjfzfsBkXCnEybEKj1l3P9erDb7mMv5+u
qjToG9R2eH2zHxCAj9a9RAW4jqFfK4CGclZDo/PsNHiu1nAS5KpxHKiUtvqvgci7
lTpJCiEXIbeAF75M181HC7YdJOUHZlXEaaO3JUP/kQn77j5lTVq20naPhwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFEqi48/2GdaMe4R1/3thW5eomXpEMB8GA1UdIwQY
MBaAFHe4z0VLCWLRakhVgI/Tq8FYUrvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdqUFJVc0pZdEZxU0ZXQWo5T3J3VmhTdTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jMTcxY2EtNGIxYi00MTg3LWJhNDYt
YTRmYzllMjQ1OGVjLzEvU3FManpfWVoxb3g3aEhYX2UyRmJsNmlaZWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jMTcxY2EtNGIxYi00MTg3LWJhNDYtYTRmYzllMjQ1OGVj
LzEvZDdqUFJVc0pZdEZxU0ZXQWo5T3J3VmhTdTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzAkBAIAATAeAwQAuU1IAwQA
uU7PAwQAw50EAwQAw/XJAwQA1H6fMDMEAgACMC0DBwAgAQZ8EIgDBwAgAQZ8J9wD
BwAgAQqIAAgDBwAqAA7QAAgDBwAqAGLgAAgwDQYJKoZIhvcNAQELBQADggEBAKrI
iJbMJgt/r+YMiS8Umai7Hq/BDuObC3YFlQOIRyBxudpPaUEEFxKwzqzIE8hnThT2
lQ8tIBa1n941KEPk5Y/aehN0HhG4tCvabGF1wxfbXISmJ1O4X3KjvichEpHouxJC
6CLgLzfdK1Y8AuwI6uI9EvEpZAP72gmwExfnk/o4Ay+H+yZbh6g8XESIGoU8qPKj
jjyF/hSXo7rJuUEnHiXbKGGQA81xx29EAL6kqlxX6K450FWf0F12aB9ICLbEFqtX
cDxUBx79jDIl+qZUQpBOsVeUFnMRwwXshEj9L5G+5ci4blk13Pti66hw8vZnyId3
MS+PkCHZJD29dSoCmUU=
-----END CERTIFICATE-----
Generated at Sat Jun 13 14:59:58 2026 by rpki-client