Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/BSsRECuRcbwMW98kdWWK05egVBw.roa
File: BSsRECuRcbwMW98kdWWK05egVBw.roa (raw, json)
Hash identifier: ug6KO2Zk1MrKsNXGJ9omTpAuU0xr+emz7VoOCmkwvpw=
Subject key identifier: 05:2B:11:10:2B:91:71:BC:0C:5B:DF:24:75:65:8A:D3:97:A0:54:1C
Certificate issuer: /CN=f2e160f0ce5e035af3cb21f4dfd04eab9ea7ee51
Certificate serial: 019C302E2AEF6D38AEF97B2330D6CB0DCC32
Authority key identifier: F2:E1:60:F0:CE:5E:03:5A:F3:CB:21:F4:DF:D0:4E:AB:9E:A7:EE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8uFg8M5eA1rzyyH039BOq56n7lE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/BSsRECuRcbwMW98kdWWK05egVBw.roa
Signing time: Thu 05 Feb 2026 23:40:57 +0000
ROA not before: Thu 05 Feb 2026 23:40:57 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215826
IP address blocks: 77.91.96.0/23 maxlen: 23
77.91.96.0/24 maxlen: 24
77.91.97.0/24 maxlen: 24
91.214.78.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/8uFg8M5eA1rzyyH039BOq56n7lE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/8uFg8M5eA1rzyyH039BOq56n7lE.mft
rsync://rpki.ripe.net/repository/DEFAULT/8uFg8M5eA1rzyyH039BOq56n7lE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:30:2e:2a:ef:6d:38:ae:f9:7b:23:30:d6:cb:0d:cc:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2e160f0ce5e035af3cb21f4dfd04eab9ea7ee51
Validity
Not Before: Feb 5 23:40:57 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=052b11102b9171bc0c5bdf2475658ad397a0541c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:57:8a:50:7a:80:a9:2a:ee:24:9b:ef:bc:68:
49:21:8f:24:a8:4f:ef:20:1d:fd:3b:18:cf:29:b6:
04:ea:7e:78:a5:c7:08:00:fc:b1:4f:bc:60:d5:35:
52:ef:bb:88:34:7f:4b:4f:02:e2:53:80:54:4e:18:
5d:19:3e:03:55:63:91:4f:ab:9a:a6:f0:2e:54:d1:
d5:20:21:1f:93:b2:6e:19:1c:e9:de:9c:52:7b:13:
80:b8:65:d2:4f:10:c5:70:44:cd:0b:88:5c:eb:89:
21:b6:f8:12:af:27:82:ec:f8:8f:6a:73:8f:21:eb:
e0:a2:63:16:0b:4f:10:19:c5:c6:72:b7:ec:8e:fe:
a2:06:50:b2:bb:34:3e:5d:9d:9f:c4:ae:b9:5c:32:
0f:28:04:cf:ac:03:08:ec:26:53:c7:8f:68:83:e5:
33:78:64:e3:f7:c3:46:05:77:0d:d6:c5:e8:39:71:
ad:cc:60:24:92:c2:ba:28:fd:60:d5:70:a0:e9:d2:
45:88:09:0d:8c:1d:4f:96:f2:19:90:05:1b:9f:39:
d3:b6:e5:f0:ca:8d:07:2f:9c:9b:9a:15:55:c2:f5:
70:2d:fd:e6:d3:39:5c:33:a9:4d:03:61:32:45:93:
af:ec:ce:10:1d:a7:91:1d:69:2a:13:a5:74:d0:db:
d8:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:2B:11:10:2B:91:71:BC:0C:5B:DF:24:75:65:8A:D3:97:A0:54:1C
X509v3 Authority Key Identifier:
keyid:F2:E1:60:F0:CE:5E:03:5A:F3:CB:21:F4:DF:D0:4E:AB:9E:A7:EE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8uFg8M5eA1rzyyH039BOq56n7lE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/BSsRECuRcbwMW98kdWWK05egVBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/3b1544-4b50-4684-ab75-fce214c6ffda/1/8uFg8M5eA1rzyyH039BOq56n7lE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.91.96.0/23
91.214.78.0/24
Signature Algorithm: sha256WithRSAEncryption
78:a1:b6:57:0f:f1:7a:7d:12:27:a9:db:4e:3c:a7:b4:aa:a7:
3b:93:1c:2b:6a:25:72:41:29:0c:de:70:1c:9b:a5:1e:50:9c:
b6:40:60:29:bc:05:56:71:0a:1d:d1:6a:b9:86:2b:a5:3f:e0:
08:c9:15:a4:63:f7:1a:67:6d:c4:72:63:b3:17:fc:b6:78:d4:
50:e5:2c:68:ad:3b:60:11:4a:78:3a:17:a0:44:fa:b1:db:f0:
bc:d3:f9:5d:18:ad:67:a4:84:9e:ea:fa:8d:8b:32:71:9e:61:
2b:89:6e:09:3e:13:6b:b7:dd:15:f6:bf:01:80:3d:ff:9b:21:
b9:aa:81:38:eb:16:8f:ae:06:9f:a3:55:69:c9:41:49:3f:7b:
e1:c7:37:52:b7:c7:04:e1:99:ea:1c:b2:02:a4:b9:ac:a0:d0:
d2:b9:fc:4e:09:49:d4:bc:ac:3a:3a:f1:4e:34:3a:be:75:42:
84:95:13:ee:2f:9f:a6:c9:37:d3:fa:38:b3:73:f0:d0:f6:a0:
79:57:dc:b0:4a:6a:53:63:a6:bf:36:d5:62:8b:58:8a:28:37:
e7:29:d5:e4:79:6b:af:8a:68:de:c9:16:f1:37:e1:d0:9c:22:
81:19:48:aa:33:44:ab:2e:6c:2d:81:a7:a0:76:62:aa:b4:9d:
15:86:a1:dd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZwwLirvbTiu+XsjMNbLDcwyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZTE2MGYwY2U1ZTAzNWFmM2NiMjFmNGRmZDA0ZWFiOWVh
N2VlNTEwHhcNMjYwMjA1MjM0MDU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTJiMTExMDJiOTE3MWJjMGM1YmRmMjQ3NTY1OGFkMzk3YTA1NDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVeKUHqAqSruJJvvvGhJIY8kqE/v
IB39OxjPKbYE6n54pccIAPyxT7xg1TVS77uINH9LTwLiU4BUThhdGT4DVWORT6ua
pvAuVNHVICEfk7JuGRzp3pxSexOAuGXSTxDFcETNC4hc64khtvgSryeC7PiPanOP
IevgomMWC08QGcXGcrfsjv6iBlCyuzQ+XZ2fxK65XDIPKATPrAMI7CZTx49og+Uz
eGTj98NGBXcN1sXoOXGtzGAkksK6KP1g1XCg6dJFiAkNjB1PlvIZkAUbnznTtuXw
yo0HL5ybmhVVwvVwLf3m0zlcM6lNA2EyRZOv7M4QHaeRHWkqE6V00NvYiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAUrERArkXG8DFvfJHVlitOXoFQcMB8GA1UdIwQY
MBaAFPLhYPDOXgNa88sh9N/QTquep+5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHVGZzhNNWVBMXJ6eXlIMDM5Qk9xNTZuN2xFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8zYjE1NDQtNGI1MC00Njg0LWFiNzUt
ZmNlMjE0YzZmZmRhLzEvQlNzUkVDdVJjYndNVzk4a2RXV0swNWVnVkJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8zYjE1NDQtNGI1MC00Njg0LWFiNzUtZmNlMjE0YzZmZmRh
LzEvOHVGZzhNNWVBMXJ6eXlIMDM5Qk9xNTZuN2xFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBTVtgAwQA
W9ZOMA0GCSqGSIb3DQEBCwUAA4IBAQB4obZXD/F6fRInqdtOPKe0qqc7kxwraiVy
QSkM3nAcm6UeUJy2QGApvAVWcQod0Wq5hiulP+AIyRWkY/caZ23EcmOzF/y2eNRQ
5SxorTtgEUp4OhegRPqx2/C80/ldGK1npISe6vqNizJxnmEriW4JPhNrt90V9r8B
gD3/myG5qoE46xaPrgafo1VpyUFJP3vhxzdSt8cE4ZnqHLICpLmsoNDSufxOCUnU
vKw6OvFONDq+dUKElRPuL5+myTfT+jizc/DQ9qB5V9ywSmpTY6a/NtVii1iKKDfn
KdXkeWuvimjeyRbxN+HQnCKBGUiqM0SrLmwtgaegdmKqtJ0VhqHd
-----END CERTIFICATE-----
Generated at Mon Mar 2 05:03:33 2026 by rpki-client