Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/aUTLhAvrhsBYxWKiDmQGC38BjhQ.roa
File: aUTLhAvrhsBYxWKiDmQGC38BjhQ.roa (raw, json)
Hash identifier: 5+AabM1Hg0+riMBbwfquDNzOYkemJFC41hMTbQQHTf0=
Subject key identifier: 69:44:CB:84:0B:EB:86:C0:58:C5:62:A2:0E:64:06:0B:7F:01:8E:14
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 019DC941352A2FEF45106076FEE4E7C00E3E
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/aUTLhAvrhsBYxWKiDmQGC38BjhQ.roa
Signing time: Sun 26 Apr 2026 10:06:26 +0000
ROA not before: Sun 26 Apr 2026 10:06:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3319
IP address blocks: 77.47.210.0/24 maxlen: 24
77.47.211.0/24 maxlen: 24
77.47.242.0/24 maxlen: 24
77.47.252.0/22 maxlen: 24
185.143.56.0/22 maxlen: 24
185.143.57.0/24 maxlen: 24
195.178.132.0/24 maxlen: 24
195.178.133.0/24 maxlen: 24
195.178.134.0/24 maxlen: 24
195.178.135.0/24 maxlen: 24
195.178.136.0/24 maxlen: 24
195.178.139.0/24 maxlen: 24
195.178.144.0/23 maxlen: 23
195.178.146.0/24 maxlen: 24
195.178.147.0/24 maxlen: 24
195.178.149.0/24 maxlen: 24
195.178.154.0/24 maxlen: 24
195.178.156.0/24 maxlen: 24
212.111.194.0/24 maxlen: 24
212.111.200.0/24 maxlen: 24
212.111.207.0/24 maxlen: 24
212.111.216.0/24 maxlen: 24
212.111.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c9:41:35:2a:2f:ef:45:10:60:76:fe:e4:e7:c0:0e:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: Apr 26 10:06:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6944cb840beb86c058c562a20e64060b7f018e14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ad:d9:1b:aa:fb:83:bf:8e:cc:c4:a3:63:d5:
d6:b4:81:4a:cd:53:74:5c:c1:b7:5d:9f:27:9e:d6:
24:58:b2:38:5f:d7:a2:66:51:2e:0b:e8:6f:d1:ab:
71:ff:12:bf:69:ef:7e:ab:fc:6c:4b:8a:eb:be:3e:
bb:10:4e:06:b5:55:a9:4c:6c:b3:a2:ca:82:cf:6e:
25:05:aa:7e:3b:75:d2:02:06:08:e3:9f:7f:8a:87:
0c:50:0a:aa:69:d1:f6:23:83:a1:b6:88:b7:fa:19:
9d:57:f5:30:84:70:d8:9f:ae:f7:33:e3:44:36:72:
7c:bf:69:e0:3c:78:1b:35:0d:5b:b6:ef:b5:22:d8:
2d:6c:3a:9d:b7:87:a3:aa:d1:35:51:0c:fc:8d:ef:
fe:ca:b3:8c:a1:c4:c3:e5:1a:16:2f:0b:b8:58:ad:
88:f6:c5:e3:49:d8:af:a2:d7:81:a3:95:5b:29:52:
d4:06:37:2f:d4:3d:0d:99:2c:ea:7f:f1:ca:c5:b5:
76:ec:ad:0b:3c:85:a0:70:30:7c:88:5f:97:e8:dd:
f5:fb:86:a7:c7:2f:90:eb:2e:48:b1:a9:33:1c:6e:
53:53:3a:ec:17:41:b3:37:32:60:6d:f1:dc:97:d9:
dd:ab:8d:6c:22:20:e1:fc:ef:fe:94:b0:fe:09:d2:
fd:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:44:CB:84:0B:EB:86:C0:58:C5:62:A2:0E:64:06:0B:7F:01:8E:14
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/aUTLhAvrhsBYxWKiDmQGC38BjhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.210.0/23
77.47.242.0/24
77.47.252.0/22
185.143.56.0/22
195.178.132.0-195.178.136.255
195.178.139.0/24
195.178.144.0/22
195.178.149.0/24
195.178.154.0/24
195.178.156.0/24
212.111.194.0/24
212.111.200.0/24
212.111.207.0/24
212.111.216.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:92:ea:98:3d:60:a0:6a:bd:dd:9e:d5:34:ce:a2:46:ee:30:
c2:8d:5a:67:3a:24:a3:35:0c:35:0d:39:bd:65:ea:a9:ac:79:
15:70:ec:ca:7b:79:f1:a1:c3:86:79:f2:1f:f7:fa:33:ea:a1:
dd:45:ec:fa:41:21:28:9b:06:d7:20:f4:37:8f:0f:4d:bc:58:
df:dd:47:48:11:ab:be:aa:bd:f7:37:fb:7b:ea:5d:0d:0a:7a:
8f:31:23:fb:91:b7:16:15:2b:a1:8f:1f:3d:23:23:82:8d:f5:
ec:c4:20:40:d2:1a:3f:3a:07:5d:66:49:46:45:a4:b8:69:64:
0e:d4:f7:4e:32:02:b0:2f:ae:a0:3b:5d:68:36:ea:37:71:9f:
18:a9:e4:15:b0:cd:4b:35:ce:d4:5e:f7:96:fb:1e:ca:7f:56:
6b:71:20:b7:e3:21:e4:0d:6f:89:b7:54:bb:81:4a:e2:5d:1c:
07:47:7c:8e:d7:3d:a7:0b:5d:14:f9:65:66:79:44:e7:e9:b7:
ca:f9:ab:df:28:67:7d:26:29:cd:76:9a:b2:98:e5:ee:aa:e4:
7e:87:83:8d:52:e3:fa:c5:2f:28:92:8b:35:ad:cc:b1:fb:1e:
8e:ad:78:03:14:f0:6c:26:7f:ed:a8:e3:0d:45:84:e8:a2:04:
cb:f1:5b:6f
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZ3JQTUqL+9FEGB2/uTnwA4+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjYwNDI2MTAwNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTQ0Y2I4NDBiZWI4NmMwNThjNTYyYTIwZTY0MDYwYjdmMDE4ZTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuq3ZG6r7g7+OzMSjY9XWtIFKzVN0
XMG3XZ8nntYkWLI4X9eiZlEuC+hv0atx/xK/ae9+q/xsS4rrvj67EE4GtVWpTGyz
osqCz24lBap+O3XSAgYI459/iocMUAqqadH2I4Ohtoi3+hmdV/UwhHDYn673M+NE
NnJ8v2ngPHgbNQ1btu+1ItgtbDqdt4ejqtE1UQz8je/+yrOMocTD5RoWLwu4WK2I
9sXjSdivoteBo5VbKVLUBjcv1D0NmSzqf/HKxbV27K0LPIWgcDB8iF+X6N31+4an
xy+Q6y5IsakzHG5TUzrsF0GzNzJgbfHcl9ndq41sIiDh/O/+lLD+CdL9wwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFGlEy4QL64bAWMViog5kBgt/AY4UMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEvYVVUTGhBdnJoc0JZeFdLaURtUUdDMzhCamhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQBTS/SAwQA
TS/yAwQCTS/8AwQCuY84MAwDBALDsoQDBADDsogDBADDsosDBALDspADBADDspUD
BADDspoDBADDspwDBADUb8IDBADUb8gDBADUb88DBAHUb9gwDQYJKoZIhvcNAQEL
BQADggEBAEqS6pg9YKBqvd2e1TTOokbuMMKNWmc6JKM1DDUNOb1l6qmseRVw7Mp7
efGhw4Z58h/3+jPqod1F7PpBISibBtcg9DePD028WN/dR0gRq76qvfc3+3vqXQ0K
eo8xI/uRtxYVK6GPHz0jI4KN9ezEIEDSGj86B11mSUZFpLhpZA7U904yArAvrqA7
XWg26jdxnxip5BWwzUs1ztRe95b7Hsp/VmtxILfjIeQNb4m3VLuBSuJdHAdHfI7X
PacLXRT5ZWZ5ROfpt8r5q98oZ30mKc12mrKY5e6q5H6Hg41S4/rFLyiSizWtzLH7
Ho6teAMU8Gwmf+2o4w1FhOiiBMvxW28=
-----END CERTIFICATE-----
Generated at Mon Apr 27 15:44:38 2026 by rpki-client