Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/kCC3Z1n9RE-MZ46Oh8LbtHLFKZs.roa
File: kCC3Z1n9RE-MZ46Oh8LbtHLFKZs.roa (raw, json)
Hash identifier: N8n9Dc8aT24H/qhrYGwWwa1g++ymMaqnaZe2nDxgQ/o=
Subject key identifier: 90:20:B7:67:59:FD:44:4F:8C:67:8E:8E:87:C2:DB:B4:72:C5:29:9B
Certificate issuer: /CN=19426325acb8ce609a686fa655b058968809b346
Certificate serial: 019DF1FAA851D7A34EBFAA24581213F6B706
Authority key identifier: 19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/kCC3Z1n9RE-MZ46Oh8LbtHLFKZs.roa
Signing time: Mon 04 May 2026 07:53:49 +0000
ROA not before: Mon 04 May 2026 07:53:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3319
IP address blocks: 77.47.142.0/24 maxlen: 24
77.47.152.0/24 maxlen: 24
77.47.153.0/24 maxlen: 24
77.47.154.0/24 maxlen: 24
77.47.155.0/24 maxlen: 24
77.47.178.0/24 maxlen: 24
77.47.210.0/24 maxlen: 24
77.47.211.0/24 maxlen: 24
77.47.242.0/24 maxlen: 24
77.47.248.0/22 maxlen: 24
77.47.248.0/24 maxlen: 24
77.47.249.0/24 maxlen: 24
77.47.250.0/24 maxlen: 24
77.47.251.0/24 maxlen: 24
77.47.252.0/22 maxlen: 24
185.143.56.0/22 maxlen: 24
185.143.57.0/24 maxlen: 24
195.178.128.0/24 maxlen: 24
195.178.129.0/24 maxlen: 24
195.178.130.0/24 maxlen: 24
195.178.131.0/24 maxlen: 24
195.178.132.0/24 maxlen: 24
195.178.133.0/24 maxlen: 24
195.178.134.0/24 maxlen: 24
195.178.135.0/24 maxlen: 24
195.178.136.0/24 maxlen: 24
195.178.139.0/24 maxlen: 24
195.178.144.0/23 maxlen: 23
195.178.146.0/24 maxlen: 24
195.178.147.0/24 maxlen: 24
195.178.148.0/24 maxlen: 24
195.178.149.0/24 maxlen: 24
195.178.154.0/24 maxlen: 24
195.178.156.0/24 maxlen: 24
212.111.194.0/24 maxlen: 24
212.111.200.0/24 maxlen: 24
212.111.207.0/24 maxlen: 24
212.111.216.0/24 maxlen: 24
212.111.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 May 2026 11:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f1:fa:a8:51:d7:a3:4e:bf:aa:24:58:12:13:f6:b7:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19426325acb8ce609a686fa655b058968809b346
Validity
Not Before: May 4 07:53:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9020b76759fd444f8c678e8e87c2dbb472c5299b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:05:95:54:98:2a:e6:76:c2:9d:46:2d:b9:07:
ec:b8:e5:60:dd:36:b8:f2:51:4c:d2:b0:41:fa:04:
d6:7f:51:ef:85:49:a8:49:3d:12:80:7f:dc:85:93:
e8:44:a1:c2:c3:ba:f1:e1:9d:2d:dc:c0:b4:c4:52:
b7:e6:c6:bd:78:d6:5b:5d:41:f8:df:b6:18:2c:97:
1b:c7:34:d2:2d:36:2d:e1:99:c1:9b:dc:55:da:45:
e3:1e:39:f6:90:ec:c9:8b:c2:8f:24:a4:75:7c:74:
07:bc:e9:f1:8b:ac:66:dc:75:2f:17:42:a2:6b:25:
14:e6:35:37:5e:9f:82:62:b3:34:54:1d:2d:04:47:
01:d0:d4:ff:c7:d1:ab:c9:d3:06:e9:61:71:68:7b:
e6:78:8f:7a:0a:70:a4:97:bc:0d:4a:d4:11:7e:9d:
78:d5:9b:3a:fe:8b:db:e6:aa:5b:04:0d:91:dd:9a:
cc:4b:8b:2f:77:bd:7a:55:b3:e8:86:86:89:8e:c3:
50:7f:bd:c2:59:46:a6:9d:a4:d1:36:c4:1b:5b:db:
c5:74:79:f4:43:37:c8:ed:44:c0:d3:d7:ef:04:ad:
ce:9d:24:8d:73:9e:9f:f1:e5:19:ea:4f:8c:59:df:
33:5b:d4:f8:32:e4:3c:a1:ef:d6:b4:d3:77:41:d2:
9c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:20:B7:67:59:FD:44:4F:8C:67:8E:8E:87:C2:DB:B4:72:C5:29:9B
X509v3 Authority Key Identifier:
keyid:19:42:63:25:AC:B8:CE:60:9A:68:6F:A6:55:B0:58:96:88:09:B3:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GUJjJay4zmCaaG-mVbBYlogJs0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/kCC3Z1n9RE-MZ46Oh8LbtHLFKZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/8b6fb0-a875-4947-8ae4-03f4c7113c34/1/GUJjJay4zmCaaG-mVbBYlogJs0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.47.142.0/24
77.47.152.0/22
77.47.178.0/24
77.47.210.0/23
77.47.242.0/24
77.47.248.0/21
185.143.56.0/22
195.178.128.0-195.178.136.255
195.178.139.0/24
195.178.144.0-195.178.149.255
195.178.154.0/24
195.178.156.0/24
212.111.194.0/24
212.111.200.0/24
212.111.207.0/24
212.111.216.0/23
Signature Algorithm: sha256WithRSAEncryption
74:3a:42:af:d6:25:ae:3a:56:65:58:b7:09:5e:14:27:9e:80:
f0:87:71:37:dd:ab:5b:cb:5b:5d:a7:53:e0:cc:2e:9e:39:49:
3e:c0:8c:f5:c7:f2:0c:a9:f5:68:81:77:24:04:c5:ad:60:72:
dd:6a:db:28:63:2e:da:77:60:ff:4b:f3:d1:b0:c5:32:a9:2f:
1b:48:e6:d4:76:d3:37:46:2e:6e:4a:a3:dc:23:66:ab:c7:15:
48:f9:e5:75:3e:36:52:50:7b:9f:11:68:af:83:a9:e0:e8:59:
7f:f3:d0:95:3f:1e:82:68:20:84:1b:08:c4:8f:5d:4e:58:f4:
f8:77:6a:22:e2:e0:88:71:52:c1:4d:62:2d:5f:d8:90:a5:b9:
8a:fc:7d:48:4d:4d:00:b3:06:e8:08:29:38:c1:cd:7b:b1:96:
ad:20:1f:3d:b3:c7:c2:ce:fb:3a:4e:54:9b:00:ca:10:40:64:
1d:ec:a9:73:6a:50:0f:d9:b3:a9:dc:05:2c:3f:a9:06:ae:c1:
d3:cf:a7:b7:0e:ac:39:f6:80:9a:7b:8a:20:69:25:bf:8a:b7:
8f:55:bc:31:21:68:1c:16:ee:4e:45:b0:a0:55:4a:24:df:d8:
b5:a2:10:42:ac:f2:d5:48:66:7e:c1:d6:f4:de:61:5c:7b:09:
74:a0:44:06
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZ3x+qhR16NOv6okWBIT9rcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NDI2MzI1YWNiOGNlNjA5YTY4NmZhNjU1YjA1ODk2ODgw
OWIzNDYwHhcNMjYwNTA0MDc1MzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDIwYjc2NzU5ZmQ0NDRmOGM2NzhlOGU4N2MyZGJiNDcyYzUyOTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQWVVJgq5nbCnUYtuQfsuOVg3Ta4
8lFM0rBB+gTWf1HvhUmoST0SgH/chZPoRKHCw7rx4Z0t3MC0xFK35sa9eNZbXUH4
37YYLJcbxzTSLTYt4ZnBm9xV2kXjHjn2kOzJi8KPJKR1fHQHvOnxi6xm3HUvF0Ki
ayUU5jU3Xp+CYrM0VB0tBEcB0NT/x9GrydMG6WFxaHvmeI96CnCkl7wNStQRfp14
1Zs6/ovb5qpbBA2R3ZrMS4svd716VbPohoaJjsNQf73CWUamnaTRNsQbW9vFdHn0
QzfI7UTA09fvBK3OnSSNc56f8eUZ6k+MWd8zW9T4MuQ8oe/WtNN3QdKcJwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFJAgt2dZ/URPjGeOjofC27RyxSmbMB8GA1UdIwQY
MBaAFBlCYyWsuM5gmmhvplWwWJaICbNGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQt
MDNmNGM3MTEzYzM0LzEva0NDM1oxbjlSRS1NWjQ2T2g4TGJ0SExGS1pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS84YjZmYjAtYTg3NS00OTQ3LThhZTQtMDNmNGM3MTEzYzM0
LzEvR1VKakpheTR6bUNhYUctbVZiQllsb2dKczBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAE0vjgME
Ak0vmAMEAE0vsgMEAU0v0gMEAE0v8gMEA00v+AMEArmPODAMAwQHw7KAAwQAw7KI
AwQAw7KLMAwDBATDspADBAHDspQDBADDspoDBADDspwDBADUb8IDBADUb8gDBADU
b88DBAHUb9gwDQYJKoZIhvcNAQELBQADggEBAHQ6Qq/WJa46VmVYtwleFCeegPCH
cTfdq1vLW12nU+DMLp45ST7AjPXH8gyp9WiBdyQExa1gct1q2yhjLtp3YP9L89Gw
xTKpLxtI5tR20zdGLm5Ko9wjZqvHFUj55XU+NlJQe58RaK+DqeDoWX/z0JU/HoJo
IIQbCMSPXU5Y9Ph3aiLi4IhxUsFNYi1f2JCluYr8fUhNTQCzBugIKTjBzXuxlq0g
Hz2zx8LO+zpOVJsAyhBAZB3sqXNqUA/Zs6ncBSw/qQauwdPPp7cOrDn2gJp7iiBp
Jb+Kt49VvDEhaBwW7k5FsKBVSiTf2LWiEEKs8tVIZn7B1vTeYVx7CXSgRAY=
-----END CERTIFICATE-----
Generated at Sat May 9 20:48:19 2026 by rpki-client