Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/zlq4yjrsiwQ-lDB1rbbuPd4T-JA.roa
File: zlq4yjrsiwQ-lDB1rbbuPd4T-JA.roa (raw, json)
Hash identifier: uXc6oUOSXmZtScGHVD8LMsXSU4xPZkADb1L4rjkI9VU=
Subject key identifier: CE:5A:B8:CA:3A:EC:8B:04:3E:94:30:75:AD:B6:EE:3D:DE:13:F8:90
Certificate issuer: /CN=d4ce2bf0001cd430e9277fb00ed1abe51c0b5c7c
Certificate serial: 019CB39400382B20E79453337BEA8BE65054
Authority key identifier: D4:CE:2B:F0:00:1C:D4:30:E9:27:7F:B0:0E:D1:AB:E5:1C:0B:5C:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/zlq4yjrsiwQ-lDB1rbbuPd4T-JA.roa
Signing time: Tue 03 Mar 2026 12:02:26 +0000
ROA not before: Tue 03 Mar 2026 12:02:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215059
IP address blocks: 77.110.67.0/24 maxlen: 24
77.110.69.0/24 maxlen: 24
77.110.73.0/24 maxlen: 24
77.110.78.0/24 maxlen: 24
77.110.86.0/24 maxlen: 24
77.110.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 05:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b3:94:00:38:2b:20:e7:94:53:33:7b:ea:8b:e6:50:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4ce2bf0001cd430e9277fb00ed1abe51c0b5c7c
Validity
Not Before: Mar 3 12:02:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ce5ab8ca3aec8b043e943075adb6ee3dde13f890
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:65:30:b7:9e:de:70:97:ca:51:e0:92:ee:c5:
ee:ee:6b:3d:3e:7f:b5:af:b7:43:d3:0a:44:66:6b:
80:84:a0:35:67:b0:f1:7c:42:51:e0:32:84:bc:42:
c8:d5:ea:c1:18:73:7d:4d:28:67:d5:ac:0f:1a:96:
0a:03:f4:1f:f7:34:fe:3b:1f:57:c9:f2:6a:ac:55:
b0:1c:a4:0c:f8:56:c9:65:3d:71:6d:83:f8:27:63:
57:fa:35:5d:e5:b2:e4:99:78:51:54:a3:9f:2e:cd:
6e:3f:0f:00:78:b4:aa:65:ff:67:46:d8:d1:7f:9d:
c7:e0:29:56:6f:86:9c:e2:04:a3:fb:de:3d:89:24:
93:21:76:75:6e:1d:26:b8:4a:23:e6:a4:14:97:6a:
26:46:b7:ca:de:08:69:cc:ca:4e:8d:c2:78:36:0e:
26:0e:48:1b:4f:f6:a3:85:a9:cd:93:8b:e4:0c:5c:
86:00:c7:92:34:7b:ce:62:c6:68:48:99:20:61:a8:
ac:81:ba:28:57:2b:62:41:46:d4:00:67:76:e8:32:
60:d7:6d:b6:20:6a:1f:5a:19:f4:fd:15:17:e8:03:
6d:76:0e:aa:1b:3f:73:fc:78:ee:8a:69:60:b3:39:
ca:b9:45:b3:af:31:c5:c0:ed:a2:95:dd:5d:ec:04:
04:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:5A:B8:CA:3A:EC:8B:04:3E:94:30:75:AD:B6:EE:3D:DE:13:F8:90
X509v3 Authority Key Identifier:
keyid:D4:CE:2B:F0:00:1C:D4:30:E9:27:7F:B0:0E:D1:AB:E5:1C:0B:5C:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/zlq4yjrsiwQ-lDB1rbbuPd4T-JA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ba0bd3-b365-4461-8ffa-1f5431e2a5af/1/1M4r8AAc1DDpJ3-wDtGr5RwLXHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.110.67.0/24
77.110.69.0/24
77.110.73.0/24
77.110.78.0/24
77.110.86.0/24
77.110.92.0/24
Signature Algorithm: sha256WithRSAEncryption
46:99:50:64:52:df:11:7d:a0:f6:f0:bc:05:c7:3f:f8:a0:ed:
b3:de:e7:28:cd:00:ec:11:c9:e2:df:37:95:67:e8:ee:0c:86:
33:db:25:26:7c:2a:cf:7c:1d:17:0e:0f:f1:06:01:c7:64:a7:
91:d2:a7:08:a2:22:ea:2f:bf:a3:dc:be:6e:82:35:b1:4b:44:
64:bc:d2:91:8a:a5:99:b8:43:58:40:f8:2c:4b:ae:58:06:be:
d8:5e:5a:47:23:fe:03:51:9c:da:8b:8f:cc:69:d8:f7:34:54:
9b:07:ae:33:28:0a:62:1d:63:f5:36:36:c1:34:bd:8d:f6:4f:
4d:da:09:fd:4e:43:07:3b:87:86:bd:bb:7d:67:a7:bc:d5:8e:
4b:98:29:5b:01:01:c8:19:35:e6:88:59:1e:51:09:a1:b5:e8:
13:3e:3e:04:69:ee:ae:bf:bf:1f:b8:79:c6:dd:bf:fb:65:88:
4a:90:26:20:2a:2d:30:9d:44:5d:88:01:5c:70:f7:56:5e:e2:
44:ef:6f:42:39:3f:f6:e2:cd:6e:9e:2f:58:8c:bc:25:a0:cf:
df:eb:31:f5:01:78:2d:b8:4f:2d:74:21:db:9f:dc:32:89:b5:
21:de:50:66:26:98:0e:b0:be:d8:08:b6:85:1e:2d:fd:c5:16:
33:1c:cb:1f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZyzlAA4KyDnlFMze+qL5lBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Y2UyYmYwMDAxY2Q0MzBlOTI3N2ZiMDBlZDFhYmU1MWMw
YjVjN2MwHhcNMjYwMzAzMTIwMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTVhYjhjYTNhZWM4YjA0M2U5NDMwNzVhZGI2ZWUzZGRlMTNmODkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmUwt57ecJfKUeCS7sXu7ms9Pn+1
r7dD0wpEZmuAhKA1Z7DxfEJR4DKEvELI1erBGHN9TShn1awPGpYKA/Qf9zT+Ox9X
yfJqrFWwHKQM+FbJZT1xbYP4J2NX+jVd5bLkmXhRVKOfLs1uPw8AeLSqZf9nRtjR
f53H4ClWb4ac4gSj+949iSSTIXZ1bh0muEoj5qQUl2omRrfK3ghpzMpOjcJ4Ng4m
DkgbT/ajhanNk4vkDFyGAMeSNHvOYsZoSJkgYaisgbooVytiQUbUAGd26DJg1222
IGofWhn0/RUX6ANtdg6qGz9z/HjuimlgsznKuUWzrzHFwO2ild1d7AQEqwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFM5auMo67IsEPpQwda227j3eE/iQMB8GA1UdIwQY
MBaAFNTOK/AAHNQw6Sd/sA7Rq+UcC1x8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU00cjhBQWMxRERwSjMtd0R0R3I1UndMWEh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9iYTBiZDMtYjM2NS00NDYxLThmZmEt
MWY1NDMxZTJhNWFmLzEvemxxNHlqcnNpd1EtbERCMXJiYnVQZDRULUpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9iYTBiZDMtYjM2NS00NDYxLThmZmEtMWY1NDMxZTJhNWFm
LzEvMU00cjhBQWMxRERwSjMtd0R0R3I1UndMWEh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATW5DAwQA
TW5FAwQATW5JAwQATW5OAwQATW5WAwQATW5cMA0GCSqGSIb3DQEBCwUAA4IBAQBG
mVBkUt8RfaD28LwFxz/4oO2z3ucozQDsEcni3zeVZ+juDIYz2yUmfCrPfB0XDg/x
BgHHZKeR0qcIoiLqL7+j3L5ugjWxS0RkvNKRiqWZuENYQPgsS65YBr7YXlpHI/4D
UZzai4/Madj3NFSbB64zKApiHWP1NjbBNL2N9k9N2gn9TkMHO4eGvbt9Z6e81Y5L
mClbAQHIGTXmiFkeUQmhtegTPj4Eae6uv78fuHnG3b/7ZYhKkCYgKi0wnURdiAFc
cPdWXuJE729COT/24s1uni9YjLwloM/f6zH1AXgtuE8tdCHbn9wyibUh3lBmJpgO
sL7YCLaFHi39xRYzHMsf
-----END CERTIFICATE-----
Generated at Sat Mar 21 15:27:48 2026 by rpki-client