Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/dy76V1ix5yxdY-tabefpplwtBcg.roa
File: dy76V1ix5yxdY-tabefpplwtBcg.roa (raw, json)
Hash identifier: mvJpR7HJ/RwJX0cef9HFmzi8tXMbX+eSEHc59Ps4dew=
Subject key identifier: 77:2E:FA:57:58:B1:E7:2C:5D:63:EB:5A:6D:E7:E9:A6:5C:2D:05:C8
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 019DBF54ACD2BEA4033BEB240FD497BA85F1
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/dy76V1ix5yxdY-tabefpplwtBcg.roa
Signing time: Fri 24 Apr 2026 11:51:30 +0000
ROA not before: Fri 24 Apr 2026 11:51:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57367
IP address blocks: 31.186.80.0/21 maxlen: 21
77.79.211.0/24 maxlen: 24
77.79.227.0/24 maxlen: 24
77.79.248.0/24 maxlen: 24
77.79.250.0/24 maxlen: 24
85.194.240.0/22 maxlen: 22
85.194.242.0/24 maxlen: 24
85.194.244.0/22 maxlen: 22
85.194.246.0/24 maxlen: 24
85.194.247.0/24 maxlen: 24
85.232.241.0/24 maxlen: 24
91.185.184.0/24 maxlen: 24
91.185.185.0/24 maxlen: 24
91.185.186.0/24 maxlen: 24
91.185.187.0/24 maxlen: 24
91.185.188.0/24 maxlen: 24
91.185.189.0/24 maxlen: 24
91.185.190.0/24 maxlen: 24
91.185.191.0/24 maxlen: 24
128.204.216.0/24 maxlen: 24
128.204.217.0/24 maxlen: 24
128.204.218.0/24 maxlen: 24
128.204.219.0/24 maxlen: 24
128.204.220.0/22 maxlen: 22
128.204.220.0/24 maxlen: 24
128.204.221.0/24 maxlen: 24
128.204.222.0/24 maxlen: 24
128.204.223.0/24 maxlen: 24
185.36.168.0/22 maxlen: 22
195.167.159.0/24 maxlen: 24
206.252.232.0/24 maxlen: 24
206.252.251.0/24 maxlen: 24
212.91.26.0/24 maxlen: 24
212.91.27.0/24 maxlen: 24
213.189.52.0/24 maxlen: 24
213.189.53.0/24 maxlen: 24
213.189.54.0/24 maxlen: 24
213.189.55.0/24 maxlen: 24
213.189.56.0/24 maxlen: 24
213.189.58.0/24 maxlen: 24
2001:1a68:19::/48 maxlen: 48
2001:1a68:1a::/48 maxlen: 48
2001:1a68:ec00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 02:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:bf:54:ac:d2:be:a4:03:3b:eb:24:0f:d4:97:ba:85:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Apr 24 11:51:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=772efa5758b1e72c5d63eb5a6de7e9a65c2d05c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:eb:9f:c4:7b:c7:e8:e4:df:70:96:fe:01:4f:
8e:c7:11:2c:b3:09:25:eb:09:c6:da:6f:d7:c6:55:
65:84:4f:9b:84:27:6a:00:8d:e4:af:db:b0:e5:9a:
c5:c5:e7:f3:ae:31:4e:81:4f:db:ca:f0:64:cc:e4:
c8:e3:45:f1:45:ed:62:73:88:78:7d:1e:c5:b5:c9:
be:48:ce:8f:26:76:6c:d1:b0:33:a2:50:f2:c6:3c:
02:52:43:cd:f1:1b:34:2c:82:d8:e4:e2:6d:55:57:
86:4a:c8:49:07:f7:0c:7d:f6:43:a2:3a:79:54:1d:
2b:96:b3:24:29:90:1e:67:30:9d:f3:a5:53:6f:ab:
42:20:d1:22:6f:33:1e:2a:d3:c9:0d:37:7f:2f:98:
75:2d:7f:b3:60:71:9b:c5:86:90:71:2e:14:14:43:
65:a5:3a:4a:2c:90:74:58:98:22:9f:c8:5e:3c:60:
59:14:f9:f9:b4:be:f7:47:9b:06:ab:2d:65:c2:61:
aa:12:11:a9:16:25:7b:13:a2:de:38:89:e3:9a:7a:
5c:38:71:4e:a4:56:12:6f:24:6b:07:10:cc:75:c0:
50:19:28:27:a6:68:a1:64:72:dd:e6:ae:11:56:f1:
30:48:3e:16:6f:a2:9e:bf:e2:fa:f8:46:78:c4:ba:
6b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:2E:FA:57:58:B1:E7:2C:5D:63:EB:5A:6D:E7:E9:A6:5C:2D:05:C8
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/dy76V1ix5yxdY-tabefpplwtBcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.80.0/21
77.79.211.0/24
77.79.227.0/24
77.79.248.0/24
77.79.250.0/24
85.194.240.0/21
85.232.241.0/24
91.185.184.0/21
128.204.216.0/21
185.36.168.0/22
195.167.159.0/24
206.252.232.0/24
206.252.251.0/24
212.91.26.0/23
213.189.52.0-213.189.56.255
213.189.58.0/24
IPv6:
2001:1a68:19::-2001:1a68:1a:ffff:ffff:ffff:ffff:ffff
2001:1a68:ec00::/40
Signature Algorithm: sha256WithRSAEncryption
44:d0:2b:ea:12:04:4a:29:f5:a4:8e:fe:fa:a1:fd:6d:84:67:
c3:4d:f0:4d:fa:f3:78:4d:04:22:f2:aa:3a:37:f4:71:22:c8:
3d:c5:89:5d:3a:bb:3d:64:63:09:67:71:1d:31:39:34:25:ee:
ba:76:6b:78:42:24:09:0f:84:e1:cd:11:e4:9a:ea:b7:54:74:
99:0b:41:56:a6:1a:9f:9a:48:71:7b:05:8f:02:f7:ce:be:b6:
2f:41:81:6b:a2:01:cc:c4:1f:cb:21:ae:8c:e9:c9:79:a4:6f:
dc:a7:4b:89:2b:45:1f:a6:1d:17:86:36:a0:ce:0d:62:b9:9b:
f8:77:c6:0e:ea:53:85:57:ad:30:78:11:27:ec:a1:d0:b5:c4:
7e:43:a4:28:b7:40:07:b2:fd:dd:84:f0:bd:f3:f9:9c:dc:aa:
3a:55:71:12:48:93:6a:14:48:39:ea:d7:d8:72:73:9d:02:00:
51:e3:42:33:53:e8:82:67:ea:b7:f3:ae:30:f2:32:91:36:6d:
0b:62:2e:74:cf:40:2d:83:b1:25:db:02:c8:49:57:e1:c6:34:
8e:b4:06:15:14:d0:9b:60:59:ec:30:34:99:50:20:0f:3f:08:
62:85:27:88:d2:22:67:c7:c1:1f:30:84:aa:4e:4c:7c:02:bb:
87:52:42:ff
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZ2/VKzSvqQDO+skD9SXuoXxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjYwNDI0MTE1MTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzJlZmE1NzU4YjFlNzJjNWQ2M2ViNWE2ZGU3ZTlhNjVjMmQwNWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeufxHvH6OTfcJb+AU+OxxEsswkl
6wnG2m/XxlVlhE+bhCdqAI3kr9uw5ZrFxefzrjFOgU/byvBkzOTI40XxRe1ic4h4
fR7Ftcm+SM6PJnZs0bAzolDyxjwCUkPN8Rs0LILY5OJtVVeGSshJB/cMffZDojp5
VB0rlrMkKZAeZzCd86VTb6tCINEibzMeKtPJDTd/L5h1LX+zYHGbxYaQcS4UFENl
pTpKLJB0WJgin8hePGBZFPn5tL73R5sGqy1lwmGqEhGpFiV7E6LeOInjmnpcOHFO
pFYSbyRrBxDMdcBQGSgnpmihZHLd5q4RVvEwSD4Wb6Kev+L6+EZ4xLprXQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFHcu+ldYsecsXWPrWm3n6aZcLQXIMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvZHk3NlYxaXg1eXhkWS10YWJlZnBwbHd0QmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDBuBAIAATBoAwQDH7pQ
AwQATU/TAwQATU/jAwQATU/4AwQATU/6AwQDVcLwAwQAVejxAwQDW7m4AwQDgMzY
AwQCuSSoAwQAw6efAwQAzvzoAwQAzvz7AwQB1FsaMAwDBALVvTQDBADVvTgDBADV
vTowIgQCAAIwHDASAwcAIAEaaAAZAwcAIAEaaAAaAwYAIAEaaOwwDQYJKoZIhvcN
AQELBQADggEBAETQK+oSBEop9aSO/vqh/W2EZ8NN8E3683hNBCLyqjo39HEiyD3F
iV06uz1kYwlncR0xOTQl7rp2a3hCJAkPhOHNEeSa6rdUdJkLQVamGp+aSHF7BY8C
986+ti9BgWuiAczEH8shrozpyXmkb9ynS4krRR+mHReGNqDODWK5m/h3xg7qU4VX
rTB4ESfsodC1xH5DpCi3QAey/d2E8L3z+ZzcqjpVcRJIk2oUSDnq19hyc50CAFHj
QjNT6IJn6rfzrjDyMpE2bQtiLnTPQC2DsSXbAshJV+HGNI60BhUU0JtgWewwNJlQ
IA8/CGKFJ4jSImfHwR8whKpOTHwCu4dSQv8=
-----END CERTIFICATE-----
Generated at Mon Apr 27 11:52:31 2026 by rpki-client