Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/f0vhGxR72MG9W3aRCoI9VCH2wQA.roa
File: f0vhGxR72MG9W3aRCoI9VCH2wQA.roa (raw, json)
Hash identifier: PDzMyuMmfdbsbyADvkBIQZLummxADm7ztnq8hanW6ts=
Subject key identifier: 7F:4B:E1:1B:14:7B:D8:C1:BD:5B:76:91:0A:82:3D:54:21:F6:C1:00
Certificate issuer: /CN=1c28b07c157a5dc613c9264daf89e7c860e33e63
Certificate serial: 01991434BABA5D1EA84FD528D67E53C5CA9C
Authority key identifier: 1C:28:B0:7C:15:7A:5D:C6:13:C9:26:4D:AF:89:E7:C8:60:E3:3E:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HCiwfBV6XcYTySZNr4nnyGDjPmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/f0vhGxR72MG9W3aRCoI9VCH2wQA.roa
Signing time: Thu 04 Sep 2025 10:10:23 +0000
ROA not before: Thu 04 Sep 2025 10:10:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39273
IP address blocks: 77.83.88.0/22 maxlen: 22
77.83.88.0/24 maxlen: 24
77.83.89.0/24 maxlen: 24
77.83.90.0/24 maxlen: 24
77.83.91.0/24 maxlen: 24
77.92.168.0/21 maxlen: 21
77.92.168.0/24 maxlen: 24
77.92.169.0/24 maxlen: 24
77.92.170.0/24 maxlen: 24
77.92.171.0/24 maxlen: 24
77.92.172.0/24 maxlen: 24
77.92.173.0/24 maxlen: 24
77.92.174.0/24 maxlen: 24
77.92.175.0/24 maxlen: 24
77.92.176.0/21 maxlen: 21
77.92.176.0/24 maxlen: 24
77.92.177.0/24 maxlen: 24
77.92.178.0/24 maxlen: 24
77.92.179.0/24 maxlen: 24
77.92.180.0/24 maxlen: 24
77.92.181.0/24 maxlen: 24
77.92.182.0/24 maxlen: 24
77.92.183.0/24 maxlen: 24
77.92.184.0/21 maxlen: 21
77.92.184.0/24 maxlen: 24
77.92.185.0/24 maxlen: 24
77.92.186.0/24 maxlen: 24
77.92.187.0/24 maxlen: 24
77.92.188.0/24 maxlen: 24
77.92.189.0/24 maxlen: 24
77.92.190.0/24 maxlen: 24
77.92.191.0/24 maxlen: 24
78.110.64.0/20 maxlen: 20
78.110.64.0/21 maxlen: 21
78.110.64.0/24 maxlen: 24
78.110.65.0/24 maxlen: 24
78.110.66.0/24 maxlen: 24
78.110.67.0/24 maxlen: 24
78.110.68.0/24 maxlen: 24
78.110.69.0/24 maxlen: 24
78.110.70.0/24 maxlen: 24
78.110.71.0/24 maxlen: 24
78.110.72.0/21 maxlen: 21
78.110.72.0/24 maxlen: 24
78.110.73.0/24 maxlen: 24
78.110.74.0/24 maxlen: 24
78.110.75.0/24 maxlen: 24
78.110.76.0/24 maxlen: 24
78.110.77.0/24 maxlen: 24
78.110.78.0/24 maxlen: 24
78.110.79.0/24 maxlen: 24
81.22.16.0/20 maxlen: 20
81.22.16.0/24 maxlen: 24
81.22.17.0/24 maxlen: 24
81.22.18.0/24 maxlen: 24
81.22.19.0/24 maxlen: 24
81.22.20.0/24 maxlen: 24
81.22.21.0/24 maxlen: 24
81.22.22.0/24 maxlen: 24
81.22.23.0/24 maxlen: 24
81.22.24.0/24 maxlen: 24
81.22.25.0/24 maxlen: 24
81.22.26.0/24 maxlen: 24
81.22.27.0/24 maxlen: 24
81.22.28.0/24 maxlen: 24
81.22.29.0/24 maxlen: 24
81.22.30.0/24 maxlen: 24
81.22.31.0/24 maxlen: 24
87.236.48.0/21 maxlen: 21
87.236.48.0/22 maxlen: 22
87.236.48.0/24 maxlen: 24
87.236.49.0/24 maxlen: 24
87.236.50.0/24 maxlen: 24
87.236.51.0/24 maxlen: 24
87.236.52.0/22 maxlen: 22
87.236.52.0/24 maxlen: 24
87.236.53.0/24 maxlen: 24
87.236.54.0/24 maxlen: 24
87.236.55.0/24 maxlen: 24
185.33.176.0/22 maxlen: 22
185.33.176.0/24 maxlen: 24
185.33.177.0/24 maxlen: 24
185.33.178.0/24 maxlen: 24
185.33.179.0/24 maxlen: 24
2a00:6600::/29 maxlen: 29
2a00:6600::/32 maxlen: 32
2a04:8ac0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/HCiwfBV6XcYTySZNr4nnyGDjPmM.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/HCiwfBV6XcYTySZNr4nnyGDjPmM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HCiwfBV6XcYTySZNr4nnyGDjPmM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:14:34:ba:ba:5d:1e:a8:4f:d5:28:d6:7e:53:c5:ca:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c28b07c157a5dc613c9264daf89e7c860e33e63
Validity
Not Before: Sep 4 10:10:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7f4be11b147bd8c1bd5b76910a823d5421f6c100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e5:53:f7:1a:5c:1b:cc:6a:47:6e:1d:a0:d8:
8b:c7:b0:4b:38:b2:90:05:81:78:b9:9d:28:f2:bb:
17:01:9b:17:80:47:4d:b9:f4:b7:75:04:81:4f:53:
8a:79:d4:10:e1:b1:57:3b:d1:5b:7b:dd:bb:17:26:
ea:c6:93:86:1e:fa:3d:a1:b9:97:f3:6c:6a:2b:52:
d8:50:7b:e1:fd:44:a7:29:54:d8:36:a2:e8:9a:85:
10:17:1f:c0:30:ce:f9:54:ef:88:c5:de:eb:74:8b:
74:69:22:e5:83:34:32:65:53:a3:a2:e2:95:2b:8e:
98:98:4e:ed:c3:91:af:45:2c:b9:77:cb:f0:16:b8:
fc:e9:09:b4:40:b9:e4:6f:bf:56:2a:30:7f:71:94:
82:7b:1f:6a:ba:47:7e:b4:ea:54:e2:fd:10:0c:2b:
48:ea:94:17:1d:0e:72:e7:00:54:58:81:d7:57:7b:
9a:7a:99:f2:dc:72:79:aa:41:14:06:cd:4b:9e:31:
63:61:a1:11:22:36:f0:b6:c6:f8:9c:d6:a4:c9:45:
77:f6:7b:99:42:0c:d0:92:25:90:ea:53:f2:fc:f1:
08:70:50:87:e3:18:52:fa:b2:fe:6f:e0:22:54:18:
69:ba:ea:f5:33:a3:17:2f:95:76:ae:59:c2:56:d5:
81:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:4B:E1:1B:14:7B:D8:C1:BD:5B:76:91:0A:82:3D:54:21:F6:C1:00
X509v3 Authority Key Identifier:
keyid:1C:28:B0:7C:15:7A:5D:C6:13:C9:26:4D:AF:89:E7:C8:60:E3:3E:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HCiwfBV6XcYTySZNr4nnyGDjPmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/f0vhGxR72MG9W3aRCoI9VCH2wQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/fe7dfc-1264-4c94-9bcc-96333489e855/1/HCiwfBV6XcYTySZNr4nnyGDjPmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.88.0/22
77.92.168.0-77.92.191.255
78.110.64.0/20
81.22.16.0/20
87.236.48.0/21
185.33.176.0/22
IPv6:
2a00:6600::/29
2a04:8ac0::/29
Signature Algorithm: sha256WithRSAEncryption
4c:b9:ad:55:45:75:e5:8f:cc:79:8f:ee:cd:e8:d9:ff:a8:eb:
9f:d3:d2:68:61:7a:07:6a:5c:a2:53:95:d4:ec:6a:51:42:b9:
93:f6:13:da:a2:bb:98:29:55:67:4a:d2:8c:f0:c7:8b:a3:98:
95:b0:47:38:28:30:7c:89:98:0a:a6:6e:db:67:2b:d1:6e:fc:
eb:8e:db:34:6d:80:dd:77:b4:8e:c7:41:b1:7f:a7:9b:de:c7:
db:36:61:29:db:24:63:18:78:18:c6:ce:27:9e:79:f5:24:4e:
2f:c8:a8:9c:f9:a1:d2:a7:32:36:5c:01:4c:c7:4e:a7:18:c7:
bd:20:53:4a:78:f2:62:b7:a9:fb:1c:47:a9:6f:0b:de:4c:0e:
e6:8c:a0:b9:d7:4b:e7:39:80:23:d4:98:07:3c:1f:3c:9c:50:
a8:dc:29:2a:e2:f5:05:84:99:9d:5f:94:45:75:bc:ae:8f:c9:
d6:6f:1f:f6:ca:45:70:30:ef:f0:b2:a8:3a:64:16:e9:e3:5b:
df:c1:47:de:ad:9c:cc:c2:c7:a4:79:2a:60:89:56:64:78:30:
81:65:31:95:28:0d:62:9e:44:60:c8:0c:ed:8c:13:d1:b6:19:
79:b1:c4:ab:0b:dc:dd:60:e6:8e:f5:3e:66:e3:34:b0:92:f4:
8b:83:5b:6a
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZkUNLq6XR6oT9Uo1n5TxcqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMjhiMDdjMTU3YTVkYzYxM2M5MjY0ZGFmODllN2M4NjBl
MzNlNjMwHhcNMjUwOTA0MTAxMDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjRiZTExYjE0N2JkOGMxYmQ1Yjc2OTEwYTgyM2Q1NDIxZjZjMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuVT9xpcG8xqR24doNiLx7BLOLKQ
BYF4uZ0o8rsXAZsXgEdNufS3dQSBT1OKedQQ4bFXO9Fbe927FybqxpOGHvo9obmX
82xqK1LYUHvh/USnKVTYNqLomoUQFx/AMM75VO+Ixd7rdIt0aSLlgzQyZVOjouKV
K46YmE7tw5GvRSy5d8vwFrj86Qm0QLnkb79WKjB/cZSCex9qukd+tOpU4v0QDCtI
6pQXHQ5y5wBUWIHXV3uaepny3HJ5qkEUBs1LnjFjYaERIjbwtsb4nNakyUV39nuZ
QgzQkiWQ6lPy/PEIcFCH4xhS+rL+b+AiVBhpuur1M6MXL5V2rlnCVtWBPwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFH9L4RsUe9jBvVt2kQqCPVQh9sEAMB8GA1UdIwQY
MBaAFBwosHwVel3GE8kmTa+J58hg4z5jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSENpd2ZCVjZYY1lUeVNaTnI0bm55R0RqUG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9mZTdkZmMtMTI2NC00Yzk0LTliY2Mt
OTYzMzM0ODllODU1LzEvZjB2aEd4UjcyTUc5VzNhUkNvSTlWQ0gyd1FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9mZTdkZmMtMTI2NC00Yzk0LTliY2MtOTYzMzM0ODllODU1
LzEvSENpd2ZCVjZYY1lUeVNaTnI0bm55R0RqUG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAyBAIAATAsAwQCTVNYMAwD
BANNXKgDBAZNXIADBARObkADBARRFhADBANX7DADBAK5IbAwFAQCAAIwDgMFAyoA
ZgADBQMqBIrAMA0GCSqGSIb3DQEBCwUAA4IBAQBMua1VRXXlj8x5j+7N6Nn/qOuf
09JoYXoHalyiU5XU7GpRQrmT9hPaoruYKVVnStKM8MeLo5iVsEc4KDB8iZgKpm7b
ZyvRbvzrjts0bYDdd7SOx0Gxf6eb3sfbNmEp2yRjGHgYxs4nnnn1JE4vyKic+aHS
pzI2XAFMx06nGMe9IFNKePJit6n7HEepbwveTA7mjKC510vnOYAj1JgHPB88nFCo
3Ckq4vUFhJmdX5RFdbyuj8nWbx/2ykVwMO/wsqg6ZBbp41vfwUferZzMwsekeSpg
iVZkeDCBZTGVKA1inkRgyAztjBPRthl5scSrC9zdYOaO9T5m4zSwkvSLg1tq
-----END CERTIFICATE-----
Generated at Mon Sep 8 06:30:07 2025 by rpki-client