Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/czip9fB3eES0M4GiRgiFLUFG2LU.roa
File: czip9fB3eES0M4GiRgiFLUFG2LU.roa (raw, json)
Hash identifier: kV0itFYP13LMUao8KqcZelmv0P9H0e0lmM8ENEJ/MZk=
Subject key identifier: 73:38:A9:F5:F0:77:78:44:B4:33:81:A2:46:08:85:2D:41:46:D8:B5
Certificate issuer: /CN=d4ce2bf0001cd430e9277fb00ed1abe51c0b5c7c
Certificate serial: 019CF81FF498FA6DC0A1885989B2A4811CD8
Authority key identifier: D4:CE:2B:F0:00:1C:D4:30:E9:27:7F:B0:0E:D1:AB:E5:1C:0B:5C:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/czip9fB3eES0M4GiRgiFLUFG2LU.roa
Signing time: Mon 16 Mar 2026 19:29:29 +0000
ROA not before: Mon 16 Mar 2026 19:29:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 55154
IP address blocks: 77.110.66.0/24 maxlen: 24
77.110.76.0/24 maxlen: 24
77.110.81.0/24 maxlen: 24
77.110.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f8:1f:f4:98:fa:6d:c0:a1:88:59:89:b2:a4:81:1c:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ce2bf0001cd430e9277fb00ed1abe51c0b5c7c
Validity
Not Before: Mar 16 19:29:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7338a9f5f0777844b43381a24608852d4146d8b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:bf:cc:2b:44:a3:08:a3:8f:93:c2:55:88:a1:
a5:70:7f:3a:30:1f:ee:46:cb:7e:30:e1:64:24:01:
4b:3d:62:c4:45:2f:a4:a6:05:2c:b5:69:30:a2:89:
b1:18:68:ed:50:94:83:c2:fa:f2:6a:4b:f5:d6:ce:
5b:a9:bd:f0:e2:08:3e:ef:44:60:68:d1:ea:21:bb:
90:c2:6f:19:77:91:e3:c7:3e:41:4a:98:99:74:7c:
7e:fd:77:08:b2:51:be:21:5e:85:bb:bc:62:b1:c8:
84:5a:b7:37:e4:27:a6:b3:bc:1b:55:74:20:b1:be:
4b:79:02:e1:24:50:0f:59:c4:f2:3f:71:a7:36:e4:
a9:a3:d0:ed:a0:70:95:d5:fe:79:0b:6b:37:fd:f6:
e9:17:6b:98:4a:f6:d6:06:7d:fd:7f:14:6d:4b:6e:
b2:51:3b:e9:e3:6d:39:b8:1b:37:82:7b:a6:4f:5d:
4e:6a:11:af:bd:7c:55:f5:83:af:44:c2:d0:b0:04:
77:cd:81:fe:ba:57:01:58:34:81:26:6d:95:16:34:
1b:93:5d:97:f1:fe:45:17:09:ae:6e:75:cf:b2:cc:
93:df:db:dd:07:7d:5d:2d:df:fc:8c:f9:a4:35:a9:
fb:5f:56:86:9b:a4:fd:2c:f7:c3:7d:fd:2c:d2:6d:
0c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:38:A9:F5:F0:77:78:44:B4:33:81:A2:46:08:85:2D:41:46:D8:B5
X509v3 Authority Key Identifier:
keyid:D4:CE:2B:F0:00:1C:D4:30:E9:27:7F:B0:0E:D1:AB:E5:1C:0B:5C:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/czip9fB3eES0M4GiRgiFLUFG2LU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.110.66.0/24
77.110.76.0/24
77.110.81.0/24
77.110.84.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:8f:33:70:33:9d:f7:e4:06:19:aa:ea:aa:ff:bf:34:aa:27:
0e:48:bd:e4:6f:75:42:c4:fa:63:84:da:75:b6:dd:ee:d5:05:
9c:67:24:72:2c:7f:40:7e:2a:4b:d1:ac:21:52:b2:1a:78:60:
af:db:91:70:45:35:4d:5b:e0:5d:27:1b:97:30:ef:13:57:3b:
36:72:48:88:af:1c:93:ee:3f:2d:9a:8c:22:b3:be:64:1f:fb:
17:d2:4d:84:96:eb:d4:c5:0c:e9:cf:4d:54:6a:05:35:1c:b2:
aa:6e:45:a4:2e:bc:e2:8d:13:46:d3:56:b7:69:a1:34:91:54:
4b:d6:6e:da:4e:46:ec:15:f8:55:12:80:5e:15:9e:be:54:25:
d2:b5:47:f0:5b:cf:82:99:79:9d:2a:1e:b0:c0:53:95:75:64:
3e:bc:3c:34:75:2b:28:08:26:d8:7d:cb:82:bf:d5:08:52:2f:
1b:3f:13:39:23:9f:2b:3e:11:fc:bb:8b:55:40:bb:c5:dd:85:
62:e8:1d:eb:83:47:f5:0f:db:2b:3d:84:6a:a8:ea:9b:8d:e1:
db:c4:2c:3c:a0:93:bd:61:df:09:7d:20:66:93:78:4d:ad:9c:
53:96:a9:23:b7:9e:eb:f7:49:75:98:c5:bc:ae:e9:e7:74:f6:
80:b5:6e:61
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZz4H/SY+m3AoYhZibKkgRzYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Y2UyYmYwMDAxY2Q0MzBlOTI3N2ZiMDBlZDFhYmU1MWMw
YjVjN2MwHhcNMjYwMzE2MTkyOTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzM4YTlmNWYwNzc3ODQ0YjQzMzgxYTI0NjA4ODUyZDQxNDZkOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL/MK0SjCKOPk8JViKGlcH86MB/u
Rst+MOFkJAFLPWLERS+kpgUstWkwoomxGGjtUJSDwvryakv11s5bqb3w4gg+70Rg
aNHqIbuQwm8Zd5Hjxz5BSpiZdHx+/XcIslG+IV6Fu7xisciEWrc35Cems7wbVXQg
sb5LeQLhJFAPWcTyP3GnNuSpo9DtoHCV1f55C2s3/fbpF2uYSvbWBn39fxRtS26y
UTvp4205uBs3gnumT11OahGvvXxV9YOvRMLQsAR3zYH+ulcBWDSBJm2VFjQbk12X
8f5FFwmubnXPssyT39vdB31dLd/8jPmkNan7X1aGm6T9LPfDff0s0m0MTwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHM4qfXwd3hEtDOBokYIhS1BRti1MB8GA1UdIwQY
MBaAFNTOK/AAHNQw6Sd/sA7Rq+UcC1x8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU00cjhBQWMxRERwSjMtd0R0R3I1UndMWEh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iYTBiZDMtYjM2NS00NDYxLThmZmEt
MWY1NDMxZTJhNWFmLzEvY3ppcDlmQjNlRVMwTTRHaVJnaUZMVUZHMkxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iYTBiZDMtYjM2NS00NDYxLThmZmEtMWY1NDMxZTJhNWFm
LzEvMU00cjhBQWMxRERwSjMtd0R0R3I1UndMWEh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATW5CAwQA
TW5MAwQATW5RAwQATW5UMA0GCSqGSIb3DQEBCwUAA4IBAQCKjzNwM5335AYZquqq
/780qicOSL3kb3VCxPpjhNp1tt3u1QWcZyRyLH9AfipL0awhUrIaeGCv25FwRTVN
W+BdJxuXMO8TVzs2ckiIrxyT7j8tmowis75kH/sX0k2EluvUxQzpz01UagU1HLKq
bkWkLrzijRNG01a3aaE0kVRL1m7aTkbsFfhVEoBeFZ6+VCXStUfwW8+CmXmdKh6w
wFOVdWQ+vDw0dSsoCCbYfcuCv9UIUi8bPxM5I58rPhH8u4tVQLvF3YVi6B3rg0f1
D9srPYRqqOqbjeHbxCw8oJO9Yd8JfSBmk3hNrZxTlqkjt57r90l1mMW8runndPaA
tW5h
-----END CERTIFICATE-----
Generated at Sat Mar 21 15:27:48 2026 by rpki-client