Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/pKWVvpSOH4TxdNha6GPiYZtQRwY.roa
File: pKWVvpSOH4TxdNha6GPiYZtQRwY.roa (raw, json)
Hash identifier: kSz+LZnvOAyVDNMq5so/uVx8NhNwkT1NQCp2vwsbeY4=
Subject key identifier: A4:A5:95:BE:94:8E:1F:84:F1:74:D8:5A:E8:63:E2:61:9B:50:47:06
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 019E6472AB3AC3A2EEC388CEDED927B3CB8F
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/pKWVvpSOH4TxdNha6GPiYZtQRwY.roa
Signing time: Tue 26 May 2026 13:21:37 +0000
ROA not before: Tue 26 May 2026 13:21:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211306
IP address blocks: 77.36.56.0/24 maxlen: 24
77.232.216.0/23 maxlen: 23
77.232.218.0/24 maxlen: 24
91.200.132.0/24 maxlen: 24
91.231.227.0/24 maxlen: 24
91.232.55.0/24 maxlen: 24
91.237.49.0/24 maxlen: 24
91.237.193.0/24 maxlen: 24
91.238.38.0/24 maxlen: 24
91.239.225.0/24 maxlen: 24
93.120.44.0/23 maxlen: 23
176.96.92.0/24 maxlen: 24
178.159.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 04:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:64:72:ab:3a:c3:a2:ee:c3:88:ce:de:d9:27:b3:cb:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: May 26 13:21:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a4a595be948e1f84f174d85ae863e2619b504706
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a1:95:df:29:7d:32:05:da:48:bd:0e:ea:6e:
74:f3:7d:7b:94:1a:aa:3b:0b:db:b6:f3:7a:60:87:
ce:8c:c3:1d:fe:c9:98:bf:2f:a8:88:57:18:5d:b1:
45:62:11:62:23:d3:f6:9e:59:0d:cb:66:9a:e0:bc:
0f:e6:e7:95:ea:9c:27:19:50:f0:aa:61:06:b8:b4:
14:94:30:2b:e7:fa:a5:68:2c:dd:fa:81:bf:8a:d5:
88:5d:23:04:72:83:fa:5a:e6:c8:4c:48:45:5d:d5:
5a:ab:e3:c9:4b:ab:dd:90:92:1a:ad:51:cf:5e:f8:
9b:35:d9:3e:b1:af:94:3c:47:8f:a4:f5:55:ed:d5:
ed:a6:ab:f9:b0:b0:fa:11:e2:df:5b:02:eb:e8:ea:
00:62:30:b1:47:7a:e4:17:be:b4:7d:93:7f:b6:bf:
c1:b1:a0:df:c2:97:e1:44:ba:ed:0c:f3:1a:ad:2b:
c5:6c:78:46:0f:5b:a5:2a:e5:ec:58:97:8c:41:81:
f7:79:ce:9e:2d:68:97:1a:e1:b2:ba:40:23:af:2b:
f3:e4:50:4d:da:b5:18:62:1e:8a:a2:26:3e:7e:2a:
06:de:df:38:84:1d:86:7f:d2:ff:dd:82:d6:67:bd:
c9:83:f5:54:27:85:71:10:92:59:5c:4c:03:68:c0:
a8:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:A5:95:BE:94:8E:1F:84:F1:74:D8:5A:E8:63:E2:61:9B:50:47:06
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/pKWVvpSOH4TxdNha6GPiYZtQRwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.36.56.0/24
77.232.216.0-77.232.218.255
91.200.132.0/24
91.231.227.0/24
91.232.55.0/24
91.237.49.0/24
91.237.193.0/24
91.238.38.0/24
91.239.225.0/24
93.120.44.0/23
176.96.92.0/24
178.159.146.0/24
Signature Algorithm: sha256WithRSAEncryption
36:77:93:b8:3e:fa:67:b1:fb:e7:d4:51:0b:20:4c:46:5c:ed:
76:b6:be:38:d8:6b:9e:65:c0:48:42:99:ed:58:03:ce:15:83:
b8:89:e2:fc:1c:c2:54:f9:7b:cb:dc:29:95:1a:05:0d:c2:9c:
ba:f0:2c:33:5f:26:76:67:40:12:8f:69:be:cb:71:fc:88:95:
9e:3a:20:da:e4:e3:df:05:7d:5a:1a:89:16:b0:20:d7:5b:20:
84:b8:a2:8d:40:77:b9:f6:cb:29:f3:f1:42:bd:a6:21:e8:4a:
aa:7d:32:d6:89:d4:36:2c:21:76:e2:26:e1:f9:b4:8f:b4:d7:
3b:30:ea:c2:e7:e6:9c:ba:4a:1f:dd:e1:9c:bb:69:c4:61:2a:
92:35:ee:85:df:50:aa:33:b2:d8:94:b5:c6:5f:1b:7d:54:46:
9b:a7:c1:a3:6f:de:1e:81:2d:3e:ec:a5:ae:bd:11:8b:3a:7e:
88:e2:0c:0b:b9:15:84:46:af:5f:19:67:86:87:e4:a6:68:45:
c8:87:10:42:7e:0a:f0:f6:f9:e9:d7:5b:2f:01:14:dd:91:8b:
91:70:8f:e6:0c:b7:09:3b:8f:12:9c:d7:87:af:dc:80:30:73:
7f:c5:e4:e8:d2:dd:08:0a:9b:ee:c4:3d:37:a4:7f:9d:a8:bb:
f1:b6:7b:81
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZ5kcqs6w6Luw4jO3tkns8uPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjYwNTI2MTMyMTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGE1OTViZTk0OGUxZjg0ZjE3NGQ4NWFlODYzZTI2MTliNTA0NzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqGV3yl9MgXaSL0O6m508317lBqq
OwvbtvN6YIfOjMMd/smYvy+oiFcYXbFFYhFiI9P2nlkNy2aa4LwP5ueV6pwnGVDw
qmEGuLQUlDAr5/qlaCzd+oG/itWIXSMEcoP6WubITEhFXdVaq+PJS6vdkJIarVHP
XvibNdk+sa+UPEePpPVV7dXtpqv5sLD6EeLfWwLr6OoAYjCxR3rkF760fZN/tr/B
saDfwpfhRLrtDPMarSvFbHhGD1ulKuXsWJeMQYH3ec6eLWiXGuGyukAjryvz5FBN
2rUYYh6KoiY+fioG3t84hB2Gf9L/3YLWZ73Jg/VUJ4VxEJJZXEwDaMCobQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFKSllb6Ujh+E8XTYWuhj4mGbUEcGMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvcEtXVnZwU09INFR4ZE5oYTZHUGlZWnRRUndZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQATSQ4MAwD
BANN6NgDBABN6NoDBABbyIQDBABb5+MDBABb6DcDBABb7TEDBABb7cEDBABb7iYD
BABb7+EDBAFdeCwDBACwYFwDBACyn5IwDQYJKoZIhvcNAQELBQADggEBADZ3k7g+
+mex++fUUQsgTEZc7Xa2vjjYa55lwEhCme1YA84Vg7iJ4vwcwlT5e8vcKZUaBQ3C
nLrwLDNfJnZnQBKPab7LcfyIlZ46INrk498FfVoaiRawINdbIIS4oo1Ad7n2yynz
8UK9piHoSqp9MtaJ1DYsIXbiJuH5tI+01zsw6sLn5py6Sh/d4Zy7acRhKpI17oXf
UKozstiUtcZfG31URpunwaNv3h6BLT7spa69EYs6fojiDAu5FYRGr18ZZ4aH5KZo
RciHEEJ+CvD2+enXWy8BFN2Ri5Fwj+YMtwk7jxKc14ev3IAwc3/F5OjS3QgKm+7E
PTekf52ou/G2e4E=
-----END CERTIFICATE-----
Generated at Thu Jun 4 10:00:00 2026 by rpki-client