Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/5bR7nT59SotPCJORPgk6-Za1Bvs.roa
File: 5bR7nT59SotPCJORPgk6-Za1Bvs.roa (raw, json)
Hash identifier: gNeb/+m7Tq5iEn5VGp9K0GqVSpSfj8azrbqnnkUnsvo=
Subject key identifier: E5:B4:7B:9D:3E:7D:4A:8B:4F:08:93:91:3E:09:3A:F9:96:B5:06:FB
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 019C6FC8224A0FD28ADBF61FE73F44428ADC
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/5bR7nT59SotPCJORPgk6-Za1Bvs.roa
Signing time: Wed 18 Feb 2026 08:05:12 +0000
ROA not before: Wed 18 Feb 2026 08:05:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44112
IP address blocks: 77.222.32.0/24 maxlen: 24
77.222.35.0/24 maxlen: 24
77.222.36.0/22 maxlen: 24
77.222.40.0/21 maxlen: 24
77.222.48.0/20 maxlen: 24
77.222.48.0/23 maxlen: 24
80.93.60.0/22 maxlen: 24
2a02:408:7722::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 23:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:6f:c8:22:4a:0f:d2:8a:db:f6:1f:e7:3f:44:42:8a:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Feb 18 08:05:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e5b47b9d3e7d4a8b4f0893913e093af996b506fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:fc:d4:89:4b:bf:eb:d3:61:9c:1e:1d:ad:99:
a6:04:f8:e2:95:15:f1:c7:d1:49:fd:bf:21:bb:e6:
8c:a9:ae:07:48:dc:f4:85:b3:26:bc:05:52:56:6e:
73:4f:c3:88:f4:e1:f6:ad:c2:9c:69:00:f3:57:93:
38:3b:3e:92:6d:18:3b:ec:3e:28:7c:7d:25:e7:48:
f6:13:6b:20:af:3a:03:1f:78:1a:ba:bc:a4:4d:7a:
64:66:ed:10:aa:64:ea:d1:f8:89:4b:42:23:38:ae:
f7:3f:dd:e8:85:34:e1:f4:12:34:d1:6e:e1:1d:f6:
c3:8b:af:4e:a6:83:15:18:a7:eb:70:9e:51:9a:4b:
53:40:d2:da:4a:bf:70:7b:99:17:1e:23:72:9a:9e:
6a:6b:4e:b3:d7:75:05:75:0e:e8:b5:47:a4:e9:29:
77:6f:26:31:be:0b:05:f3:0e:f6:c7:91:38:0b:34:
09:52:45:d8:f7:4b:22:95:2a:68:46:d3:84:17:cb:
5a:22:5a:e4:12:23:76:59:bb:bc:ea:9d:64:8a:bf:
64:94:7c:e6:3f:e9:0b:fd:2f:17:f0:22:c1:c2:7e:
47:97:92:0b:fa:68:90:33:b3:90:5f:0c:30:ab:16:
b5:ba:0f:fe:ba:18:11:66:ca:26:c0:39:48:b7:12:
06:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:B4:7B:9D:3E:7D:4A:8B:4F:08:93:91:3E:09:3A:F9:96:B5:06:FB
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/5bR7nT59SotPCJORPgk6-Za1Bvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.222.32.0/24
77.222.35.0-77.222.63.255
80.93.60.0/22
IPv6:
2a02:408:7722::/48
Signature Algorithm: sha256WithRSAEncryption
8f:5a:37:e2:73:ab:c2:55:20:c4:37:36:e2:4c:3a:f0:0b:8b:
b2:a2:60:ac:f6:ee:6b:1c:63:fd:0f:b5:e8:e8:47:70:a5:1f:
82:65:fe:11:a1:56:cc:7f:25:33:4a:ea:9c:49:8d:46:1f:36:
37:f3:20:26:d7:c7:c5:c8:67:7d:82:fc:f5:49:86:43:71:21:
fb:50:9e:00:9e:64:53:5a:02:33:6d:d2:cd:a4:87:f7:1f:aa:
2e:cf:42:95:10:a8:4d:5c:54:53:de:17:f1:82:83:6f:a0:f3:
88:a9:74:48:71:dd:6d:ce:57:5d:3d:ba:17:51:fa:f6:37:2c:
3b:82:aa:be:dc:cf:99:e2:0e:14:fd:7a:be:bb:be:fd:12:d4:
9b:9e:53:f7:da:7c:1b:57:68:51:69:d9:9c:c7:f4:06:aa:b2:
1b:4c:7c:71:78:e0:2a:7d:a6:43:4a:44:83:da:fa:dc:99:7a:
dc:18:c0:86:ef:29:4c:1e:e0:6c:2b:4a:3a:0d:a2:43:a5:26:
b6:79:a6:7b:50:c4:18:76:e7:3e:ac:cd:ee:18:3e:f1:68:ed:
8f:59:26:ac:a7:e8:b0:cb:13:fb:67:1d:ca:96:08:73:92:cd:
84:1f:9f:2c:70:a5:9e:22:ff:03:18:20:fb:e2:34:b4:71:12:
52:ec:4c:90
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZxvyCJKD9KK2/Yf5z9EQorcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjYwMjE4MDgwNTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWI0N2I5ZDNlN2Q0YThiNGYwODkzOTEzZTA5M2FmOTk2YjUwNmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvvzUiUu/69NhnB4drZmmBPjilRXx
x9FJ/b8hu+aMqa4HSNz0hbMmvAVSVm5zT8OI9OH2rcKcaQDzV5M4Oz6SbRg77D4o
fH0l50j2E2sgrzoDH3gaurykTXpkZu0QqmTq0fiJS0IjOK73P93ohTTh9BI00W7h
HfbDi69OpoMVGKfrcJ5RmktTQNLaSr9we5kXHiNymp5qa06z13UFdQ7otUek6Sl3
byYxvgsF8w72x5E4CzQJUkXY90silSpoRtOEF8taIlrkEiN2Wbu86p1kir9klHzm
P+kL/S8X8CLBwn5Hl5IL+miQM7OQXwwwqxa1ug/+uhgRZsomwDlItxIGUwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFOW0e50+fUqLTwiTkT4JOvmWtQb7MB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvNWJSN25UNTlTb3RQQ0pPUlBnazYtWmExQnZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaAwQATd4gMAwD
BABN3iMDBAZN3gADBAJQXTwwDwQCAAIwCQMHACoCBAh3IjANBgkqhkiG9w0BAQsF
AAOCAQEAj1o34nOrwlUgxDc24kw68AuLsqJgrPbuaxxj/Q+16OhHcKUfgmX+EaFW
zH8lM0rqnEmNRh82N/MgJtfHxchnfYL89UmGQ3Eh+1CeAJ5kU1oCM23SzaSH9x+q
Ls9ClRCoTVxUU94X8YKDb6DziKl0SHHdbc5XXT26F1H69jcsO4KqvtzPmeIOFP16
vru+/RLUm55T99p8G1doUWnZnMf0BqqyG0x8cXjgKn2mQ0pEg9r63Jl63BjAhu8p
TB7gbCtKOg2iQ6Umtnmme1DEGHbnPqzN7hg+8Wjtj1kmrKfosMsT+2cdypYIc5LN
hB+fLHClniL/Axgg++I0tHESUuxMkA==
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:22:50 2026 by rpki-client