Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/qUsAx2DraAMa8Y5SzlSNQuP2bY8.roa
File: qUsAx2DraAMa8Y5SzlSNQuP2bY8.roa (raw, json)
Hash identifier: V4y7uRpiHHEvs+KyRNbN4UiObrLMrthyO3Rv6xbOhyQ=
Subject key identifier: A9:4B:00:C7:60:EB:68:03:1A:F1:8E:52:CE:54:8D:42:E3:F6:6D:8F
Certificate issuer: /CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Certificate serial: 019C322C58EF28AA5FFA3F578467E260EF93
Authority key identifier: 8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/qUsAx2DraAMa8Y5SzlSNQuP2bY8.roa
Signing time: Fri 06 Feb 2026 08:58:12 +0000
ROA not before: Fri 06 Feb 2026 08:58:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56835
IP address blocks: 77.83.188.0/23 maxlen: 23
77.83.190.0/23 maxlen: 23
185.143.146.0/23 maxlen: 23
195.49.128.0/23 maxlen: 23
195.49.130.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:32:2c:58:ef:28:aa:5f:fa:3f:57:84:67:e2:60:ef:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8eb441dadbbecb6965d4ea1f046cc5c8e28817fc
Validity
Not Before: Feb 6 08:58:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a94b00c760eb68031af18e52ce548d42e3f66d8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:04:c3:be:ec:3d:f0:eb:1d:1a:e9:ab:ad:90:
9f:6e:b1:25:4c:3c:a8:85:13:14:49:5d:ad:01:f3:
ea:75:b0:91:c0:a9:39:a1:4d:cd:19:e2:15:80:13:
f8:3a:60:88:19:c6:0a:17:2c:9c:4b:5c:e2:77:f3:
e0:24:e4:a7:33:2c:b3:d5:eb:d0:e5:db:b4:8d:3d:
28:bd:a2:22:ee:54:b1:e2:d4:68:8d:62:e1:82:e9:
c4:bd:c6:e5:09:ed:27:91:c0:7a:04:12:9d:58:a0:
b8:d2:7e:fb:47:fa:dc:eb:ad:e0:0d:e8:92:dc:30:
66:52:19:fb:32:76:80:d4:b0:e4:c8:2d:d5:a7:25:
a8:aa:57:27:16:07:46:3f:b8:73:78:e6:34:bb:96:
f3:66:c2:b6:39:da:80:e0:1a:99:71:9f:e4:ea:09:
a6:2f:76:d2:e8:49:c9:01:a2:0d:02:8b:db:dd:0c:
18:5a:4a:1e:2a:2e:d9:43:eb:20:af:d7:3b:ff:78:
f4:ec:c1:31:6b:3c:cd:de:0f:b8:e9:43:77:d3:95:
de:b1:42:62:49:17:89:47:7f:d3:32:c7:4b:1b:23:
30:92:ce:e9:18:c9:e7:b4:b4:1d:d6:61:72:a2:24:
13:1c:cb:07:d0:d6:95:59:73:b9:bf:20:f8:03:dc:
ec:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:4B:00:C7:60:EB:68:03:1A:F1:8E:52:CE:54:8D:42:E3:F6:6D:8F
X509v3 Authority Key Identifier:
keyid:8E:B4:41:DA:DB:BE:CB:69:65:D4:EA:1F:04:6C:C5:C8:E2:88:17:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jrRB2tu-y2ll1OofBGzFyOKIF_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/qUsAx2DraAMa8Y5SzlSNQuP2bY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/978d0f-9297-4c71-9cfb-46b949092cbe/1/jrRB2tu-y2ll1OofBGzFyOKIF_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.188.0/22
185.143.146.0/23
195.49.128.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:55:32:a1:e1:a1:f1:56:71:0e:a3:4b:70:11:1d:95:6b:21:
66:93:e3:aa:36:ab:dc:08:b4:54:b5:59:ce:0d:79:c5:15:c2:
0a:85:88:de:f0:5e:f0:1f:38:c2:4b:fb:cb:fd:35:23:7e:d7:
8a:df:ca:8d:b8:29:18:02:dd:11:bf:fc:6a:8e:5e:8e:cf:e4:
20:a0:ae:34:8c:0b:fe:57:f2:09:fe:01:03:f4:33:44:29:04:
cf:92:fb:22:54:42:a1:a5:aa:96:db:02:d8:5b:40:02:54:de:
ca:e7:88:1f:64:4b:c1:14:c0:b8:12:cc:ec:43:5e:fa:00:c8:
7f:45:e1:2a:a0:03:1a:3d:59:bc:e4:e8:e2:95:48:6d:d4:0c:
4d:a0:92:2d:a8:d1:39:a9:12:91:30:79:00:d8:b1:e5:29:38:
44:44:b6:0a:ab:41:4e:5a:37:f8:9b:ea:fd:06:37:36:f8:c5:
15:ee:1c:db:ff:35:fe:46:92:3a:e3:4e:7b:f8:c6:10:ba:8c:
7e:f5:32:0c:20:9e:6b:3f:3f:f0:27:a7:da:a0:a8:33:93:02:
4f:41:ec:4d:05:a4:b4:71:8c:69:5b:79:bf:89:f0:e7:a5:a8:
6e:9c:8f:76:02:36:be:8c:2d:46:fd:81:a9:ba:d7:b4:ef:85:
47:c6:65:10
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZwyLFjvKKpf+j9XhGfiYO+TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlYjQ0MWRhZGJiZWNiNjk2NWQ0ZWExZjA0NmNjNWM4ZTI4
ODE3ZmMwHhcNMjYwMjA2MDg1ODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTRiMDBjNzYwZWI2ODAzMWFmMThlNTJjZTU0OGQ0MmUzZjY2ZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQTDvuw98OsdGumrrZCfbrElTDyo
hRMUSV2tAfPqdbCRwKk5oU3NGeIVgBP4OmCIGcYKFyycS1zid/PgJOSnMyyz1evQ
5du0jT0ovaIi7lSx4tRojWLhgunEvcblCe0nkcB6BBKdWKC40n77R/rc663gDeiS
3DBmUhn7MnaA1LDkyC3VpyWoqlcnFgdGP7hzeOY0u5bzZsK2OdqA4BqZcZ/k6gmm
L3bS6EnJAaINAovb3QwYWkoeKi7ZQ+sgr9c7/3j07MExazzN3g+46UN305XesUJi
SReJR3/TMsdLGyMwks7pGMnntLQd1mFyoiQTHMsH0NaVWXO5vyD4A9zsmwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKlLAMdg62gDGvGOUs5UjULj9m2PMB8GA1UdIwQY
MBaAFI60QdrbvstpZdTqHwRsxcjiiBf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmIt
NDZiOTQ5MDkyY2JlLzEvcVVzQXgyRHJhQU1hOFk1U3psU05RdVAyYlk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85NzhkMGYtOTI5Ny00YzcxLTljZmItNDZiOTQ5MDkyY2Jl
LzEvanJSQjJ0dS15MmxsMU9vZkJHekZ5T0tJRl93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCTVO8AwQB
uY+SAwQCwzGAMA0GCSqGSIb3DQEBCwUAA4IBAQClVTKh4aHxVnEOo0twER2VayFm
k+OqNqvcCLRUtVnODXnFFcIKhYje8F7wHzjCS/vL/TUjfteK38qNuCkYAt0Rv/xq
jl6Oz+QgoK40jAv+V/IJ/gED9DNEKQTPkvsiVEKhpaqW2wLYW0ACVN7K54gfZEvB
FMC4EszsQ176AMh/ReEqoAMaPVm85OjilUht1AxNoJItqNE5qRKRMHkA2LHlKThE
RLYKq0FOWjf4m+r9Bjc2+MUV7hzb/zX+RpI64057+MYQuox+9TIMIJ5rPz/wJ6fa
oKgzkwJPQexNBaS0cYxpW3m/ifDnpahunI92Aja+jC1G/YGpute074VHxmUQ
-----END CERTIFICATE-----
Generated at Mon Mar 2 20:50:08 2026 by rpki-client