Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/e-qDMdTbtmiNw1eY99Zvxji3790.roa
File: e-qDMdTbtmiNw1eY99Zvxji3790.roa (raw, json)
Hash identifier: rAjNKwDttf142Mu+7uwfX/OFpQYYqgzVqAG785xMd70=
Subject key identifier: 7B:EA:83:31:D4:DB:B6:68:8D:C3:57:98:F7:D6:6F:C6:38:B7:EF:DD
Certificate issuer: /CN=535825ce8bf544170282f720a2484141568b0e7d
Certificate serial: 019C2009F9505EC34CC8736A4E39E80E07DE
Authority key identifier: 53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/e-qDMdTbtmiNw1eY99Zvxji3790.roa
Signing time: Mon 02 Feb 2026 20:27:30 +0000
ROA not before: Mon 02 Feb 2026 20:27:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 43545
IP address blocks: 77.74.104.0/21 maxlen: 21
77.74.110.0/24 maxlen: 24
78.40.144.0/21 maxlen: 21
78.40.144.0/24 maxlen: 24
78.40.146.0/24 maxlen: 24
78.40.150.0/24 maxlen: 24
78.40.151.0/24 maxlen: 24
80.84.80.0/21 maxlen: 21
80.84.86.0/24 maxlen: 24
80.84.87.0/24 maxlen: 24
80.84.88.0/21 maxlen: 21
80.84.89.0/24 maxlen: 24
80.84.90.0/24 maxlen: 24
80.84.91.0/24 maxlen: 24
185.113.216.0/22 maxlen: 24
185.113.216.0/24 maxlen: 24
185.113.217.0/24 maxlen: 24
185.113.218.0/24 maxlen: 24
185.113.219.0/24 maxlen: 24
212.84.64.0/21 maxlen: 24
212.84.68.0/24 maxlen: 24
212.84.72.0/21 maxlen: 24
212.84.80.0/21 maxlen: 24
212.84.88.0/21 maxlen: 24
212.84.95.0/24 maxlen: 24
2a02:24d0::/32 maxlen: 32
2a02:24d0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.mft
rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 14:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:20:09:f9:50:5e:c3:4c:c8:73:6a:4e:39:e8:0e:07:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535825ce8bf544170282f720a2484141568b0e7d
Validity
Not Before: Feb 2 20:27:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7bea8331d4dbb6688dc35798f7d66fc638b7efdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:74:38:3d:29:a5:76:86:8a:ff:b6:1f:d0:7e:
ca:dc:21:ee:be:4b:2b:59:4c:70:46:bd:d4:9b:6d:
93:d3:82:e8:d0:63:1f:5f:69:ab:42:a2:78:0d:10:
1e:27:63:3b:f9:f2:e0:2e:95:da:42:c4:f4:5f:27:
04:31:49:e7:c8:6d:31:18:14:a4:c9:4d:ad:a0:c7:
51:1d:6f:2c:76:4f:e4:1a:8f:9d:ca:53:c6:22:54:
63:65:5f:18:25:a4:ea:62:e2:b3:60:fc:81:ec:36:
20:51:1f:5c:1c:16:00:a5:a6:e8:f9:a4:53:a6:41:
ff:52:98:be:cc:30:58:40:e0:aa:0a:f1:47:8c:53:
74:1f:92:cd:bf:40:08:4e:18:7c:f8:96:4d:16:c0:
c9:3f:62:ad:40:e0:48:74:33:4f:c6:f5:d5:19:e9:
11:9a:6e:03:20:a9:38:fa:d7:88:71:22:4e:53:f5:
ef:cb:d9:e9:d7:fa:33:85:b1:78:ab:a3:c0:1b:4d:
22:d6:78:77:50:cf:8a:04:94:4e:c9:18:bf:93:5a:
10:78:37:10:33:7d:96:69:eb:1d:e8:1e:bf:70:85:
4f:4d:9a:d5:e8:50:dc:ff:f4:a3:74:09:c5:1c:19:
c8:9a:e4:e8:d9:79:26:4d:e4:f2:7f:bc:3c:77:df:
3e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:EA:83:31:D4:DB:B6:68:8D:C3:57:98:F7:D6:6F:C6:38:B7:EF:DD
X509v3 Authority Key Identifier:
keyid:53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/e-qDMdTbtmiNw1eY99Zvxji3790.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.74.104.0/21
78.40.144.0/21
80.84.80.0/20
185.113.216.0/22
212.84.64.0/19
IPv6:
2a02:24d0::/32
Signature Algorithm: sha256WithRSAEncryption
6a:82:df:ba:5e:6d:5a:9f:b9:fe:94:d3:72:9d:ab:c8:c0:79:
b9:e7:68:fc:32:0f:db:e6:4d:a7:fb:b7:0b:e7:5a:06:44:66:
5b:0e:14:97:b7:e9:68:96:ff:74:c4:82:1a:32:7c:64:19:ba:
77:09:f6:ef:0e:98:fc:62:59:2b:c0:bf:67:15:a3:87:4c:de:
8c:f9:4b:61:b8:1c:9d:21:68:72:28:13:88:b8:20:52:21:9c:
b8:62:e5:d0:54:59:78:45:b1:90:c5:96:7b:c5:84:23:d1:a1:
49:37:08:ab:f3:f4:05:f9:92:ae:04:b1:59:2f:10:40:48:c4:
db:ee:44:e6:90:30:ef:23:15:fc:a8:e0:82:7d:6c:79:d2:d4:
d2:46:f3:99:aa:9c:fa:65:00:4d:d4:e3:fa:02:d4:02:c3:0e:
c6:d1:f1:31:42:0f:4a:45:b2:ea:b4:2a:eb:e6:18:bf:33:70:
df:a2:52:e6:28:1b:14:51:42:45:33:1c:40:d0:0a:c0:ea:c7:
0b:b2:25:1e:d1:a6:8f:ce:8e:6c:26:54:8c:21:b1:d2:37:a5:
36:f4:99:96:ae:33:aa:08:83:0e:3b:4c:b8:cd:e6:33:ad:f3:
85:bc:4c:ad:d1:7d:12:94:d9:19:80:8e:3e:7e:5c:15:ac:f2:
22:f3:8f:a6
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZwgCflQXsNMyHNqTjnoDgfeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTgyNWNlOGJmNTQ0MTcwMjgyZjcyMGEyNDg0MTQxNTY4
YjBlN2QwHhcNMjYwMjAyMjAyNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmVhODMzMWQ0ZGJiNjY4OGRjMzU3OThmN2Q2NmZjNjM4YjdlZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXQ4PSmldoaK/7Yf0H7K3CHuvksr
WUxwRr3Um22T04Lo0GMfX2mrQqJ4DRAeJ2M7+fLgLpXaQsT0XycEMUnnyG0xGBSk
yU2toMdRHW8sdk/kGo+dylPGIlRjZV8YJaTqYuKzYPyB7DYgUR9cHBYApabo+aRT
pkH/Upi+zDBYQOCqCvFHjFN0H5LNv0AIThh8+JZNFsDJP2KtQOBIdDNPxvXVGekR
mm4DIKk4+teIcSJOU/Xvy9np1/ozhbF4q6PAG00i1nh3UM+KBJROyRi/k1oQeDcQ
M32Waesd6B6/cIVPTZrV6FDc//SjdAnFHBnImuTo2XkmTeTyf7w8d98+OwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHvqgzHU27ZojcNXmPfWb8Y4t+/dMB8GA1UdIwQY
MBaAFFNYJc6L9UQXAoL3IKJIQUFWiw59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFnbHpvdjFSQmNDZ3ZjZ29raEJRVmFMRG4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wMWY3MzYtYWY4My00NTZjLThiNDUt
NTE0NmFiN2VhMDE1LzEvZS1xRE1kVGJ0bWlOdzFlWTk5WnZ4amkzNzkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wMWY3MzYtYWY4My00NTZjLThiNDUtNTE0NmFiN2VhMDE1
LzEvVTFnbHpvdjFSQmNDZ3ZjZ29raEJRVmFMRG4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDTUpoAwQD
TiiQAwQEUFRQAwQCuXHYAwQF1FRAMA0EAgACMAcDBQAqAiTQMA0GCSqGSIb3DQEB
CwUAA4IBAQBqgt+6Xm1an7n+lNNynavIwHm552j8Mg/b5k2n+7cL51oGRGZbDhSX
t+lolv90xIIaMnxkGbp3CfbvDpj8YlkrwL9nFaOHTN6M+UthuBydIWhyKBOIuCBS
IZy4YuXQVFl4RbGQxZZ7xYQj0aFJNwir8/QF+ZKuBLFZLxBASMTb7kTmkDDvIxX8
qOCCfWx50tTSRvOZqpz6ZQBN1OP6AtQCww7G0fExQg9KRbLqtCrr5hi/M3DfolLm
KBsUUUJFMxxA0ArA6scLsiUe0aaPzo5sJlSMIbHSN6U29JmWrjOqCIMOO0y4zeYz
rfOFvEyt0X0SlNkZgI4+flwVrPIi84+m
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:19:10 2026 by rpki-client