Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/cYgMOmj6u6TwRZVxPY0GRuR_57c.roa
File: cYgMOmj6u6TwRZVxPY0GRuR_57c.roa (raw, json)
Hash identifier: PFEwcIm0GvfowU+QS3ePDAQm79limgzxJJZAQhsXoQM=
Subject key identifier: 71:88:0C:3A:68:FA:BB:A4:F0:45:95:71:3D:8D:06:46:E4:7F:E7:B7
Certificate issuer: /CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Certificate serial: 019CB3DF132829A237F3F8B108D837463355
Authority key identifier: D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/cYgMOmj6u6TwRZVxPY0GRuR_57c.roa
Signing time: Tue 03 Mar 2026 13:24:26 +0000
ROA not before: Tue 03 Mar 2026 13:24:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197889
IP address blocks: 77.221.32.0/20 maxlen: 20
77.221.32.0/22 maxlen: 22
77.221.32.0/23 maxlen: 23
77.221.32.0/24 maxlen: 24
77.221.33.0/24 maxlen: 24
77.221.34.0/23 maxlen: 23
77.221.34.0/24 maxlen: 24
77.221.35.0/24 maxlen: 24
77.221.43.0/24 maxlen: 24
77.221.44.0/23 maxlen: 23
77.221.46.0/23 maxlen: 23
77.221.49.0/24 maxlen: 24
77.221.52.0/23 maxlen: 23
77.221.56.0/23 maxlen: 23
77.221.58.0/23 maxlen: 23
77.221.61.0/24 maxlen: 24
77.221.62.0/24 maxlen: 24
2a10:4940::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1wNkIHbSfiUvqQvxpClvi82dDPE.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1wNkIHbSfiUvqQvxpClvi82dDPE.mft
rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 21:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b3:df:13:28:29:a2:37:f3:f8:b1:08:d8:37:46:33:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d703642076d27e252fa90bf1a4296f8bcd9d0cf1
Validity
Not Before: Mar 3 13:24:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=71880c3a68fabba4f04595713d8d0646e47fe7b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3a:26:be:f4:83:ee:16:46:c6:ce:b4:f4:42:
a8:f5:77:be:1a:0f:c4:56:20:35:7b:c9:ec:f2:cb:
0f:b3:24:c0:a8:02:ec:98:c0:49:fd:c9:ad:a6:98:
b2:0e:9a:f4:dd:82:20:6b:dd:22:32:2c:a2:42:f4:
40:d0:0c:c8:78:c6:59:cc:14:39:a6:6d:cf:f1:81:
ea:44:bc:84:19:18:a5:9a:1f:a2:d7:9b:91:0d:7c:
c3:d6:87:44:03:00:26:4c:91:14:40:4e:2d:86:95:
39:97:0e:b0:b1:ae:93:0e:02:ca:e8:6d:25:61:71:
5f:f5:40:51:22:ba:19:22:db:ce:7c:d8:75:a5:ba:
a8:06:32:c3:ed:2a:87:52:c1:f2:e7:41:af:bc:f8:
3a:54:d5:d9:f8:64:eb:fe:59:12:e8:0b:c8:17:87:
e7:30:73:61:85:aa:6e:d3:6e:ca:38:26:51:89:b5:
e2:42:f1:15:20:b7:c5:a0:04:b4:9c:a4:9d:e0:f9:
bd:bf:24:4c:53:a7:da:4d:5d:49:a9:83:70:6d:10:
bf:58:37:77:ec:71:6b:99:72:d3:19:4c:1b:96:df:
32:47:2b:74:fe:57:73:1b:f2:f6:c5:e1:5f:8e:31:
09:ef:1c:f5:ff:2f:61:da:ca:5d:56:77:96:63:10:
f2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:88:0C:3A:68:FA:BB:A4:F0:45:95:71:3D:8D:06:46:E4:7F:E7:B7
X509v3 Authority Key Identifier:
keyid:D7:03:64:20:76:D2:7E:25:2F:A9:0B:F1:A4:29:6F:8B:CD:9D:0C:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1wNkIHbSfiUvqQvxpClvi82dDPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/cYgMOmj6u6TwRZVxPY0GRuR_57c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/38136c-db51-4f70-ad8b-654505a2d045/1/1wNkIHbSfiUvqQvxpClvi82dDPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.32.0/20
77.221.49.0/24
77.221.52.0/23
77.221.56.0/22
77.221.61.0-77.221.62.255
IPv6:
2a10:4940::/32
Signature Algorithm: sha256WithRSAEncryption
87:09:07:73:1f:22:46:74:17:27:60:a9:f6:b8:f2:0c:54:7d:
d4:73:66:b7:5c:32:f0:7e:db:90:50:b2:b3:45:ed:c8:a8:78:
e1:c9:56:65:f1:dd:08:2c:fd:a8:22:cc:2f:60:0c:2c:bb:31:
e8:64:cb:42:ce:21:91:71:27:83:61:57:d5:ad:ec:86:7c:63:
54:b7:c9:17:7b:66:ef:a4:c3:d0:4c:69:2c:83:87:59:bc:96:
44:91:a4:84:45:60:e6:ea:77:09:11:13:7d:39:2f:83:ab:3c:
a8:8a:d1:6d:d3:6c:04:5c:fe:60:05:92:fb:07:81:b7:5d:64:
26:be:74:2d:07:aa:c4:09:94:10:44:62:5c:84:81:b2:0a:27:
2c:3a:f5:7c:b7:93:8f:fe:a7:67:ce:86:11:6d:8d:b0:1d:4c:
81:f5:cd:bb:8e:46:60:14:ef:16:e7:33:e6:7d:7c:7e:c6:20:
5a:07:88:26:4f:5d:1e:ba:da:7c:3c:8f:7f:28:e3:e3:30:ae:
a5:5b:4b:2d:8c:e6:e0:f7:8a:de:5a:31:4f:69:16:2a:44:a9:
12:8e:38:2f:34:80:ee:e8:05:0c:81:2c:ff:a5:da:07:2d:91:
a0:82:96:f6:ea:18:b7:70:cd:13:52:5d:c2:ed:9d:83:85:a9:
a8:64:53:42
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZyz3xMoKaI38/ixCNg3RjNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MDM2NDIwNzZkMjdlMjUyZmE5MGJmMWE0Mjk2ZjhiY2Q5
ZDBjZjEwHhcNMjYwMzAzMTMyNDI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTg4MGMzYTY4ZmFiYmE0ZjA0NTk1NzEzZDhkMDY0NmU0N2ZlN2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzomvvSD7hZGxs609EKo9Xe+Gg/E
ViA1e8ns8ssPsyTAqALsmMBJ/cmtppiyDpr03YIga90iMiyiQvRA0AzIeMZZzBQ5
pm3P8YHqRLyEGRilmh+i15uRDXzD1odEAwAmTJEUQE4thpU5lw6wsa6TDgLK6G0l
YXFf9UBRIroZItvOfNh1pbqoBjLD7SqHUsHy50GvvPg6VNXZ+GTr/lkS6AvIF4fn
MHNhhapu027KOCZRibXiQvEVILfFoAS0nKSd4Pm9vyRMU6faTV1JqYNwbRC/WDd3
7HFrmXLTGUwblt8yRyt0/ldzG/L2xeFfjjEJ7xz1/y9h2spdVneWYxDyiQIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFHGIDDpo+ruk8EWVcT2NBkbkf+e3MB8GA1UdIwQY
MBaAFNcDZCB20n4lL6kL8aQpb4vNnQzxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGIt
NjU0NTA1YTJkMDQ1LzEvY1lnTU9tajZ1NlR3UlpWeFBZMEdSdVJfNTdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8zODEzNmMtZGI1MS00ZjcwLWFkOGItNjU0NTA1YTJkMDQ1
LzEvMXdOa0lIYlNmaVV2cVF2eHBDbHZpODJkRFBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQETd0gAwQA
Td0xAwQBTd00AwQCTd04MAwDBABN3T0DBABN3T4wDQQCAAIwBwMFACoQSUAwDQYJ
KoZIhvcNAQELBQADggEBAIcJB3MfIkZ0Fydgqfa48gxUfdRzZrdcMvB+25BQsrNF
7cioeOHJVmXx3Qgs/agizC9gDCy7Mehky0LOIZFxJ4NhV9Wt7IZ8Y1S3yRd7Zu+k
w9BMaSyDh1m8lkSRpIRFYObqdwkRE305L4OrPKiK0W3TbARc/mAFkvsHgbddZCa+
dC0HqsQJlBBEYlyEgbIKJyw69Xy3k4/+p2fOhhFtjbAdTIH1zbuORmAU7xbnM+Z9
fH7GIFoHiCZPXR662nw8j38o4+MwrqVbSy2M5uD3it5aMU9pFipEqRKOOC80gO7o
BQyBLP+l2gctkaCClvbqGLdwzRNSXcLtnYOFqahkU0I=
-----END CERTIFICATE-----
Generated at Fri Mar 13 03:04:36 2026 by rpki-client