Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/Br8jDqLYrkaBjiJL6wr8w6b0avs.roa
File: Br8jDqLYrkaBjiJL6wr8w6b0avs.roa (raw, json)
Hash identifier: W7Sv+CJ6euSWOJRS/NssioWUOsmXYLBpEHMl3h7F400=
Subject key identifier: 06:BF:23:0E:A2:D8:AE:46:81:8E:22:4B:EB:0A:FC:C3:A6:F4:6A:FB
Certificate issuer: /CN=ae261a8df53292c730e2ae1dfcfc4fe3ff76b1d0
Certificate serial: 019D61998E784658F7A35285E5AF4DD69748
Authority key identifier: AE:26:1A:8D:F5:32:92:C7:30:E2:AE:1D:FC:FC:4F:E3:FF:76:B1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/riYajfUykscw4q4d_PxP4_92sdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/Br8jDqLYrkaBjiJL6wr8w6b0avs.roa
Signing time: Mon 06 Apr 2026 07:02:26 +0000
ROA not before: Mon 06 Apr 2026 07:02:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25467
IP address blocks: 62.77.137.0/24 maxlen: 24
62.77.138.0/24 maxlen: 24
62.77.139.0/24 maxlen: 24
62.77.140.0/24 maxlen: 24
62.77.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/riYajfUykscw4q4d_PxP4_92sdA.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/riYajfUykscw4q4d_PxP4_92sdA.mft
rsync://rpki.ripe.net/repository/DEFAULT/riYajfUykscw4q4d_PxP4_92sdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:61:99:8e:78:46:58:f7:a3:52:85:e5:af:4d:d6:97:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae261a8df53292c730e2ae1dfcfc4fe3ff76b1d0
Validity
Not Before: Apr 6 07:02:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=06bf230ea2d8ae46818e224beb0afcc3a6f46afb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:84:81:04:ac:4c:78:32:22:22:c1:19:84:14:
2c:d2:e0:8c:cb:60:df:ee:cd:50:3b:7b:d1:b8:7c:
9a:20:a6:7b:43:fc:1b:c5:ea:49:11:9d:92:18:04:
da:f6:64:7d:1a:2d:bb:56:70:67:4a:02:75:47:4b:
24:8f:68:9a:b9:4d:d7:8b:9e:8e:bf:28:dd:9f:4b:
db:22:c8:c7:ef:f4:2c:22:fa:4c:40:e2:e3:bb:60:
4d:fe:b7:4a:c2:93:d5:a8:2d:42:45:80:ee:c2:56:
b2:f6:2c:b3:09:2f:87:42:1d:e7:b3:c2:7f:3e:95:
ff:fe:a3:cb:fa:34:b4:a0:2a:af:72:92:19:74:05:
d0:3c:88:8f:d0:5e:b5:12:8e:7c:d2:b2:0a:98:42:
ef:e2:c0:c0:d8:27:db:e3:d7:92:16:69:bf:55:f0:
a9:e6:ca:6b:21:1e:b9:4a:3c:c1:1c:2b:e0:89:3d:
cd:d9:de:0f:ee:f1:62:de:88:57:f7:9b:c7:c3:3b:
7b:a9:5d:0f:ae:87:c1:b9:15:64:e7:8c:21:ff:42:
41:3d:78:7d:e0:63:74:19:4b:3e:bb:ad:ad:7c:46:
c9:a1:e5:eb:f3:af:01:6e:b6:13:5d:23:e8:38:6a:
97:70:6e:10:4c:2e:5c:b3:c4:19:ca:4e:7f:5e:29:
20:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:BF:23:0E:A2:D8:AE:46:81:8E:22:4B:EB:0A:FC:C3:A6:F4:6A:FB
X509v3 Authority Key Identifier:
keyid:AE:26:1A:8D:F5:32:92:C7:30:E2:AE:1D:FC:FC:4F:E3:FF:76:B1:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/riYajfUykscw4q4d_PxP4_92sdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/Br8jDqLYrkaBjiJL6wr8w6b0avs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/1a849e-861c-4c4d-bcf4-5695d89d7b36/1/riYajfUykscw4q4d_PxP4_92sdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.77.137.0-62.77.141.255
Signature Algorithm: sha256WithRSAEncryption
0f:42:d3:b9:bf:29:42:05:77:9f:a5:3f:10:0c:4f:0b:a4:b8:
5a:56:40:2a:56:b4:74:0d:ef:88:9c:5d:90:ae:0b:6c:08:0f:
3e:d6:ca:61:09:4d:08:5c:e3:81:ea:48:bc:44:fe:0f:19:50:
55:d7:c9:09:f7:66:52:9b:e5:54:8e:19:1f:86:ef:74:db:2e:
1e:fc:ee:7d:26:15:9e:18:52:a1:06:35:cb:31:11:1d:1e:8a:
49:be:32:6e:93:84:02:02:0f:83:b9:4c:37:23:31:51:95:bf:
cf:72:f8:91:e3:05:bb:fc:2e:21:f2:8b:65:49:36:3a:fa:64:
f5:61:95:bc:c7:f0:ea:2d:69:93:64:2e:13:cd:47:2e:4b:55:
85:ec:1d:0b:0b:8c:a0:18:62:e7:88:f9:03:cb:4b:76:2c:e2:
54:16:67:26:95:0d:6f:1e:8a:49:3b:78:db:74:64:fa:23:4b:
bc:5c:4d:77:4c:96:3a:d3:ae:81:ee:3c:78:d8:00:11:0a:11:
96:a9:8b:aa:9c:cb:ea:cf:0a:9b:a0:90:93:b6:bb:8d:09:7b:
e4:3f:8a:5e:8e:20:02:a7:87:1a:26:14:a5:20:37:f7:62:8c:
21:75:86:d5:c8:cf:b7:51:e2:14:6b:f5:9e:9f:58:7f:73:0e:
c6:74:9a:30
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ1hmY54Rlj3o1KF5a9N1pdIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMjYxYThkZjUzMjkyYzczMGUyYWUxZGZjZmM0ZmUzZmY3
NmIxZDAwHhcNMjYwNDA2MDcwMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmJmMjMwZWEyZDhhZTQ2ODE4ZTIyNGJlYjBhZmNjM2E2ZjQ2YWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4SBBKxMeDIiIsEZhBQs0uCMy2Df
7s1QO3vRuHyaIKZ7Q/wbxepJEZ2SGATa9mR9Gi27VnBnSgJ1R0skj2iauU3Xi56O
vyjdn0vbIsjH7/QsIvpMQOLju2BN/rdKwpPVqC1CRYDuwlay9iyzCS+HQh3ns8J/
PpX//qPL+jS0oCqvcpIZdAXQPIiP0F61Eo580rIKmELv4sDA2Cfb49eSFmm/VfCp
5sprIR65SjzBHCvgiT3N2d4P7vFi3ohX95vHwzt7qV0ProfBuRVk54wh/0JBPXh9
4GN0GUs+u62tfEbJoeXr868BbrYTXSPoOGqXcG4QTC5cs8QZyk5/XikgdwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAa/Iw6i2K5GgY4iS+sK/MOm9Gr7MB8GA1UdIwQY
MBaAFK4mGo31MpLHMOKuHfz8T+P/drHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmlZYWpmVXlrc2N3NHE0ZF9QeFA0Xzkyc2RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy8xYTg0OWUtODYxYy00YzRkLWJjZjQt
NTY5NWQ4OWQ3YjM2LzEvQnI4akRxTFlya2FCamlKTDZ3cjh3NmIwYXZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy8xYTg0OWUtODYxYy00YzRkLWJjZjQtNTY5NWQ4OWQ3YjM2
LzEvcmlZYWpmVXlrc2N3NHE0ZF9QeFA0Xzkyc2RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAA+TYkD
BAE+TYwwDQYJKoZIhvcNAQELBQADggEBAA9C07m/KUIFd5+lPxAMTwukuFpWQCpW
tHQN74icXZCuC2wIDz7WymEJTQhc44HqSLxE/g8ZUFXXyQn3ZlKb5VSOGR+G73Tb
Lh787n0mFZ4YUqEGNcsxER0eikm+Mm6ThAICD4O5TDcjMVGVv89y+JHjBbv8LiHy
i2VJNjr6ZPVhlbzH8OotaZNkLhPNRy5LVYXsHQsLjKAYYueI+QPLS3Ys4lQWZyaV
DW8eikk7eNt0ZPojS7xcTXdMljrTroHuPHjYABEKEZapi6qcy+rPCpugkJO2u40J
e+Q/il6OIAKnhxomFKUgN/dijCF1htXIz7dR4hRr9Z6fWH9zDsZ0mjA=
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:29:13 2026 by rpki-client