Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/vR6geB2IJnI1DRLUG8sUqATNeUQ.roa
File: vR6geB2IJnI1DRLUG8sUqATNeUQ.roa (raw, json)
Hash identifier: 6Ld2mRTI5n33TWw/OgClAhSZl/FU5wJ1uGoGQJPXSaw=
Subject key identifier: BD:1E:A0:78:1D:88:26:72:35:0D:12:D4:1B:CB:14:A8:04:CD:79:44
Certificate issuer: /CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Certificate serial: 019D3DA94BB8118251C4A111F08AB778D9EC
Authority key identifier: 64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/vR6geB2IJnI1DRLUG8sUqATNeUQ.roa
Signing time: Mon 30 Mar 2026 07:33:18 +0000
ROA not before: Mon 30 Mar 2026 07:33:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 401838
IP address blocks: 77.111.117.0/24 maxlen: 24
77.111.123.0/24 maxlen: 24
92.61.103.0/24 maxlen: 24
92.61.106.0/24 maxlen: 24
92.61.109.0/24 maxlen: 24
185.112.241.0/24 maxlen: 24
185.112.242.0/24 maxlen: 24
185.112.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:3d:a9:4b:b8:11:82:51:c4:a1:11:f0:8a:b7:78:d9:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=641975583b250362c8150f63adb30a0f6a0c6fc3
Validity
Not Before: Mar 30 07:33:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bd1ea0781d882672350d12d41bcb14a804cd7944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:1d:4b:88:e6:15:0b:6d:f4:f8:33:f9:03:e3:
1b:4f:48:2d:05:8b:60:d8:5e:b9:f7:89:3a:6c:67:
a4:5c:68:56:37:af:85:bf:ea:1d:dd:83:18:df:cf:
11:70:46:9c:72:15:b2:51:62:7b:c0:18:38:d5:4d:
56:35:62:51:28:3c:16:9f:3c:d9:95:8b:57:24:b4:
da:52:7e:70:49:39:cd:dd:f5:35:3c:f1:4d:dd:00:
69:12:ef:b2:c2:65:43:d4:3a:f5:c1:6b:5d:b9:a6:
2b:22:76:00:81:9f:b7:85:0d:0a:d5:25:19:e2:61:
c7:a9:ae:fc:e8:5d:25:80:54:7b:7e:8d:a1:94:7f:
8e:15:a2:77:cd:95:93:80:83:ff:ab:91:62:b5:26:
43:fe:66:9b:b9:3d:5b:b4:5c:a0:12:b7:25:d9:9e:
0b:67:76:a3:22:a8:6f:a2:5c:c9:a0:51:c4:4e:12:
7e:4c:f3:1e:16:7e:7b:a3:78:4b:3a:6a:25:f6:c6:
57:e1:08:ed:34:c4:ef:47:3d:b3:b4:98:45:b7:04:
15:80:f2:d1:f4:b3:cf:47:84:b9:c4:fd:a0:6d:7d:
10:89:69:b8:77:d9:13:4d:4f:cd:7b:c4:f5:5f:1f:
3c:39:74:72:ca:47:c1:fb:2c:89:18:86:ec:70:78:
ec:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:1E:A0:78:1D:88:26:72:35:0D:12:D4:1B:CB:14:A8:04:CD:79:44
X509v3 Authority Key Identifier:
keyid:64:19:75:58:3B:25:03:62:C8:15:0F:63:AD:B3:0A:0F:6A:0C:6F:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/vR6geB2IJnI1DRLUG8sUqATNeUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/98a5ed-905e-4bfa-9154-f1c33aa2fd50/1/ZBl1WDslA2LIFQ9jrbMKD2oMb8M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.117.0/24
77.111.123.0/24
92.61.103.0/24
92.61.106.0/24
92.61.109.0/24
185.112.241.0-185.112.243.255
Signature Algorithm: sha256WithRSAEncryption
5c:1c:bd:99:fe:83:a7:67:d2:78:92:74:29:cf:07:14:5c:8b:
7c:c9:f4:0e:b6:f9:a8:87:76:32:50:57:00:b1:74:28:05:ce:
68:05:ef:a3:ee:ef:8a:6c:b8:72:85:4a:12:e8:ed:3a:7f:0a:
49:25:25:e0:d6:4b:e8:e7:26:96:e3:9c:70:40:d3:3e:7f:ff:
12:5d:b6:bf:f9:1c:68:36:6d:78:52:a3:9d:bc:c8:d1:b9:b9:
94:01:af:f5:b4:5c:ae:a4:7a:d0:7c:56:ee:fa:1f:7f:c7:db:
9b:fa:d7:40:45:ed:ba:46:19:f9:b8:c1:10:26:4e:9f:7c:e7:
33:ad:62:bf:28:3d:97:9d:85:a8:7c:f8:05:24:3b:15:03:99:
63:1e:f1:c4:bd:57:4f:29:7d:bb:1a:2f:02:99:82:74:58:70:
0c:86:0c:a2:75:f8:58:36:8b:90:fe:b7:53:c6:89:c3:fd:84:
f8:97:2e:f3:ad:0f:ae:5d:36:b4:73:6c:63:93:7a:24:2a:07:
fe:54:50:ae:9c:d8:6e:a0:cb:6a:13:27:31:69:55:40:b2:fd:
eb:64:66:4b:a6:aa:a3:93:a2:e2:29:b1:19:49:9c:55:12:e1:
93:4a:7a:e2:7e:88:07:52:ab:22:d9:54:cb:59:78:ab:0b:50:
33:03:07:eb
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZ09qUu4EYJRxKER8Iq3eNnsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTk3NTU4M2IyNTAzNjJjODE1MGY2M2FkYjMwYTBmNmEw
YzZmYzMwHhcNMjYwMzMwMDczMzE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDFlYTA3ODFkODgyNjcyMzUwZDEyZDQxYmNiMTRhODA0Y2Q3OTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvh1LiOYVC230+DP5A+MbT0gtBYtg
2F6594k6bGekXGhWN6+Fv+od3YMY388RcEacchWyUWJ7wBg41U1WNWJRKDwWnzzZ
lYtXJLTaUn5wSTnN3fU1PPFN3QBpEu+ywmVD1Dr1wWtduaYrInYAgZ+3hQ0K1SUZ
4mHHqa786F0lgFR7fo2hlH+OFaJ3zZWTgIP/q5FitSZD/mabuT1btFygErcl2Z4L
Z3ajIqhvolzJoFHEThJ+TPMeFn57o3hLOmol9sZX4QjtNMTvRz2ztJhFtwQVgPLR
9LPPR4S5xP2gbX0QiWm4d9kTTU/Ne8T1Xx88OXRyykfB+yyJGIbscHjs5QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFL0eoHgdiCZyNQ0S1BvLFKgEzXlEMB8GA1UdIwQY
MBaAFGQZdVg7JQNiyBUPY62zCg9qDG/DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQt
ZjFjMzNhYTJmZDUwLzEvdlI2Z2VCMklKbkkxRFJMVUc4c1VxQVROZVVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC85OGE1ZWQtOTA1ZS00YmZhLTkxNTQtZjFjMzNhYTJmZDUw
LzEvWkJsMVdEc2xBMkxJRlE5anJiTUtEMm9NYjhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQATW91AwQA
TW97AwQAXD1nAwQAXD1qAwQAXD1tMAwDBAC5cPEDBAK5cPAwDQYJKoZIhvcNAQEL
BQADggEBAFwcvZn+g6dn0niSdCnPBxRci3zJ9A62+aiHdjJQVwCxdCgFzmgF76Pu
74psuHKFShLo7Tp/CkklJeDWS+jnJpbjnHBA0z5//xJdtr/5HGg2bXhSo528yNG5
uZQBr/W0XK6ketB8Vu76H3/H25v610BF7bpGGfm4wRAmTp985zOtYr8oPZedhah8
+AUkOxUDmWMe8cS9V08pfbsaLwKZgnRYcAyGDKJ1+Fg2i5D+t1PGicP9hPiXLvOt
D65dNrRzbGOTeiQqB/5UUK6c2G6gy2oTJzFpVUCy/etkZkumqqOTouIpsRlJnFUS
4ZNKeuJ+iAdSqyLZVMtZeKsLUDMDB+s=
-----END CERTIFICATE-----
Generated at Fri Apr 17 12:11:19 2026 by rpki-client