Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/4Sx5ZBCD2Xo186rzplqlwJ6UC4I.roa
File: 4Sx5ZBCD2Xo186rzplqlwJ6UC4I.roa (raw, json)
Hash identifier: EedOvbINinIPr1nDTQjADXAtFVJTDiOy2bXsDFfK0Ms=
Subject key identifier: E1:2C:79:64:10:83:D9:7A:35:F3:AA:F3:A6:5A:A5:C0:9E:94:0B:82
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 019C5CEBA4D7DBFADA74E189E2625180D066
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/4Sx5ZBCD2Xo186rzplqlwJ6UC4I.roa
Signing time: Sat 14 Feb 2026 16:11:12 +0000
ROA not before: Sat 14 Feb 2026 16:11:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6079
IP address blocks: 77.111.117.0/24 maxlen: 24
77.111.119.0/24 maxlen: 24
77.111.123.0/24 maxlen: 24
91.190.187.0/24 maxlen: 24
92.61.106.0/24 maxlen: 24
92.61.109.0/24 maxlen: 24
185.112.241.0/24 maxlen: 24
185.112.242.0/24 maxlen: 24
185.112.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 12:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:5c:eb:a4:d7:db:fa:da:74:e1:89:e2:62:51:80:d0:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Feb 14 16:11:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e12c79641083d97a35f3aaf3a65aa5c09e940b82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:39:83:72:f1:4f:32:55:43:bf:9b:a3:dd:e2:
47:9d:f3:40:41:00:3d:a0:ee:2c:32:2f:8d:41:1a:
67:3d:b4:23:a7:9c:d7:58:2d:84:6b:c8:55:35:1d:
eb:3f:bc:e1:85:de:51:09:cc:3a:b8:f7:eb:6e:a1:
aa:12:91:52:f0:d7:4b:2b:bb:7f:24:d8:a2:ec:5f:
c8:ee:a7:05:87:e3:79:40:7f:f6:8d:57:cf:7b:ad:
79:b9:f0:84:60:df:b9:91:ea:47:d7:7f:ab:3f:55:
82:e4:c2:a7:5f:73:47:0a:2c:de:15:52:9a:ad:29:
02:76:ce:fe:36:08:e7:5f:fd:d0:3f:e6:5d:32:50:
53:b0:5b:43:71:db:96:e5:44:28:0d:f9:6a:47:7d:
9d:6c:48:12:71:bb:95:f5:8b:e5:2d:9d:6c:cd:ee:
fe:2b:86:9c:40:d7:24:4b:db:79:6b:fd:7d:13:49:
0f:62:d3:bb:cd:ca:4b:d0:d9:90:ea:c3:4e:55:b4:
45:99:49:f7:ad:33:1e:4a:a2:72:03:51:b6:8f:91:
27:3b:49:45:14:9c:c9:5b:00:a5:9a:ce:85:02:49:
2a:67:30:45:71:44:f4:1f:af:34:cd:65:59:13:fd:
d1:76:fb:00:db:72:0d:42:a6:ea:6a:ee:b2:ef:5e:
6f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:2C:79:64:10:83:D9:7A:35:F3:AA:F3:A6:5A:A5:C0:9E:94:0B:82
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/4Sx5ZBCD2Xo186rzplqlwJ6UC4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.117.0/24
77.111.119.0/24
77.111.123.0/24
91.190.187.0/24
92.61.106.0/24
92.61.109.0/24
185.112.241.0-185.112.243.255
Signature Algorithm: sha256WithRSAEncryption
b1:a3:d4:66:89:b0:6a:56:d5:02:23:bd:ef:ea:1a:05:fb:e0:
ef:9a:40:a1:fb:e3:07:fa:50:e4:53:28:97:f0:e8:f3:a5:bf:
9c:0f:57:ab:3e:98:7d:5f:ce:c9:c1:f7:43:71:a4:5a:fd:05:
f9:6c:fd:f8:88:8a:55:29:d3:e2:4f:ba:8d:f6:fd:62:db:25:
22:f2:4d:a3:c9:c4:5c:fe:75:92:11:af:cd:57:6a:66:fb:fd:
b8:33:77:87:f1:52:99:ff:44:89:68:2e:5b:ef:bc:a8:14:ba:
27:14:0d:72:db:8f:71:c5:e1:35:39:36:d0:a9:f5:f9:41:3b:
55:00:16:8e:85:d6:43:62:b3:26:fa:5b:4a:29:fd:c3:5a:cd:
41:80:e3:83:94:64:c4:73:23:98:9a:18:d9:4f:26:5d:61:ae:
5d:a7:de:75:47:8c:7d:94:c1:be:2f:30:a6:e9:b3:aa:83:9d:
a4:15:49:f7:42:d9:ad:ee:68:56:50:a2:48:16:c4:07:ed:a2:
05:32:15:90:00:d7:14:4c:30:16:a1:82:12:02:52:17:26:8c:
70:4a:af:b3:d7:3f:c3:3b:4c:0f:80:0c:79:e1:0a:ce:38:16:
ac:49:d7:48:75:e6:39:e6:ef:f5:10:4a:bb:3a:33:7a:7b:56:
e2:48:be:65
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZxc66TX2/radOGJ4mJRgNBmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjYwMjE0MTYxMTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTJjNzk2NDEwODNkOTdhMzVmM2FhZjNhNjVhYTVjMDllOTQwYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzmDcvFPMlVDv5uj3eJHnfNAQQA9
oO4sMi+NQRpnPbQjp5zXWC2Ea8hVNR3rP7zhhd5RCcw6uPfrbqGqEpFS8NdLK7t/
JNii7F/I7qcFh+N5QH/2jVfPe615ufCEYN+5kepH13+rP1WC5MKnX3NHCizeFVKa
rSkCds7+NgjnX/3QP+ZdMlBTsFtDcduW5UQoDflqR32dbEgScbuV9YvlLZ1sze7+
K4acQNckS9t5a/19E0kPYtO7zcpL0NmQ6sNOVbRFmUn3rTMeSqJyA1G2j5EnO0lF
FJzJWwClms6FAkkqZzBFcUT0H680zWVZE/3RdvsA23INQqbqau6y715vUwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOEseWQQg9l6NfOq86ZapcCelAuCMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvNFN4NVpCQ0QyWG8xODZyenBscWx3SjZVQzRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQATW91AwQA
TW93AwQATW97AwQAW767AwQAXD1qAwQAXD1tMAwDBAC5cPEDBAK5cPAwDQYJKoZI
hvcNAQELBQADggEBALGj1GaJsGpW1QIjve/qGgX74O+aQKH74wf6UORTKJfw6POl
v5wPV6s+mH1fzsnB90NxpFr9Bfls/fiIilUp0+JPuo32/WLbJSLyTaPJxFz+dZIR
r81Xamb7/bgzd4fxUpn/RIloLlvvvKgUuicUDXLbj3HF4TU5NtCp9flBO1UAFo6F
1kNisyb6W0op/cNazUGA44OUZMRzI5iaGNlPJl1hrl2n3nVHjH2Uwb4vMKbps6qD
naQVSfdC2a3uaFZQokgWxAftogUyFZAA1xRMMBahghICUhcmjHBKr7PXP8M7TA+A
DHnhCs44FqxJ10h15jnm7/UQSrs6M3p7VuJIvmU=
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:19:23 2026 by rpki-client