Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/4z6sHiblnOj7MnFQaNkVuzgroX8.roa
File: 4z6sHiblnOj7MnFQaNkVuzgroX8.roa (raw, json)
Hash identifier: w5kchDsjlTcifKkNX7kupRmlvcQpQvsoan5WNjp82H4=
Subject key identifier: E3:3E:AC:1E:26:E5:9C:E8:FB:32:71:50:68:D9:15:BB:38:2B:A1:7F
Certificate issuer: /CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Certificate serial: 019D2E8E192980AF682D9303D3BCC5DFB973
Authority key identifier: 51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/4z6sHiblnOj7MnFQaNkVuzgroX8.roa
Signing time: Fri 27 Mar 2026 09:09:17 +0000
ROA not before: Fri 27 Mar 2026 09:09:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 77.246.221.0/24 maxlen: 24
185.58.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.mft
rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 31 Mar 2026 14:02:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2e:8e:19:29:80:af:68:2d:93:03:d3:bc:c5:df:b9:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5124fba1e401c03e5ba1cd77ae9ee39cfd631bfb
Validity
Not Before: Mar 27 09:09:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e33eac1e26e59ce8fb32715068d915bb382ba17f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:79:c1:15:69:77:d7:6d:18:84:45:10:33:f0:
38:69:55:9e:b1:85:91:5a:db:f3:23:fd:62:d0:70:
99:6d:75:53:75:e7:76:3e:f2:4b:b0:65:0d:aa:be:
aa:88:a8:34:8c:02:03:e0:ff:8a:61:f8:b1:ca:b0:
9a:54:ba:02:23:28:66:be:7e:17:22:f4:d3:17:3e:
a2:70:7e:7f:89:03:21:fb:2f:83:7e:f5:53:6b:ec:
67:75:72:10:87:71:8c:03:3f:5e:22:6d:ad:7e:3e:
d5:76:77:01:10:42:24:08:e2:0f:37:13:b2:3f:60:
81:95:c7:c7:ac:8f:c3:cb:e7:a9:ca:3f:ef:bd:c6:
40:cf:2a:aa:0e:0d:5f:9e:96:fc:35:23:9b:63:54:
87:30:59:31:f5:05:c5:52:39:d8:5a:a9:cb:55:7c:
e4:04:e4:9c:c9:44:41:14:4e:5b:b8:44:fc:11:6c:
9a:b4:c8:d1:68:6d:ac:4d:b7:17:d8:fb:81:ad:2c:
04:45:a5:de:12:be:9c:3d:22:e2:0d:4c:dc:c8:a8:
3b:bc:35:a8:01:4f:9c:0b:0d:e1:a8:cd:b9:ad:8f:
63:ff:55:15:8d:8d:b7:ea:1c:06:a2:a5:66:ad:fe:
4a:1a:af:ec:d4:4a:be:7a:e1:84:d4:0a:97:44:a7:
40:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:3E:AC:1E:26:E5:9C:E8:FB:32:71:50:68:D9:15:BB:38:2B:A1:7F
X509v3 Authority Key Identifier:
keyid:51:24:FB:A1:E4:01:C0:3E:5B:A1:CD:77:AE:9E:E3:9C:FD:63:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UST7oeQBwD5boc13rp7jnP1jG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/4z6sHiblnOj7MnFQaNkVuzgroX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/b714ad-1f78-4a10-8e61-ab8f1f3387ee/1/UST7oeQBwD5boc13rp7jnP1jG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.246.221.0/24
185.58.23.0/24
Signature Algorithm: sha256WithRSAEncryption
26:81:e6:02:76:82:06:36:0f:70:a5:ba:c3:dd:74:3d:27:2a:
3d:a7:1f:de:bc:06:f1:76:ed:e7:72:f3:78:13:f0:f1:af:88:
89:2a:b1:52:ae:83:ad:e8:0e:4a:50:ff:38:1d:fa:3c:a6:84:
eb:e2:c7:a7:72:8d:87:9c:3e:56:35:8f:8a:2c:8f:58:57:76:
88:4a:4e:1e:4b:28:80:13:ee:89:d6:f1:0e:84:90:f5:f5:96:
bc:a6:fa:4a:54:6c:bb:f7:29:e2:7b:12:a3:4d:36:dd:f0:6f:
f6:a8:fa:41:19:8b:35:80:a8:2f:a6:22:4f:40:32:03:f1:d8:
15:1c:b5:8d:dd:5d:87:9e:e5:71:fd:b4:29:79:1e:a1:ee:8f:
2f:49:4d:5f:fa:a2:51:d2:97:a4:7f:7f:fc:a2:0c:8a:7b:d4:
0b:e8:cc:38:93:67:33:b2:37:9c:08:d3:b8:ca:04:52:6e:08:
03:f6:3e:29:15:ed:95:fd:10:a1:34:48:32:5c:9e:63:95:24:
2f:e9:91:e4:dd:75:0c:76:da:b4:65:4e:60:19:b5:e0:cd:97:
83:5e:e1:45:96:c4:58:8e:b3:13:e3:e9:f4:7e:06:5c:5d:01:
a4:a8:6a:86:cb:07:ac:f4:17:55:73:a9:4e:d4:d2:d8:9c:61:
4d:4d:07:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0ujhkpgK9oLZMD07zF37lzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMjRmYmExZTQwMWMwM2U1YmExY2Q3N2FlOWVlMzljZmQ2
MzFiZmIwHhcNMjYwMzI3MDkwOTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzNlYWMxZTI2ZTU5Y2U4ZmIzMjcxNTA2OGQ5MTViYjM4MmJhMTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsnnBFWl3120YhEUQM/A4aVWesYWR
WtvzI/1i0HCZbXVTded2PvJLsGUNqr6qiKg0jAID4P+KYfixyrCaVLoCIyhmvn4X
IvTTFz6icH5/iQMh+y+DfvVTa+xndXIQh3GMAz9eIm2tfj7VdncBEEIkCOIPNxOy
P2CBlcfHrI/Dy+epyj/vvcZAzyqqDg1fnpb8NSObY1SHMFkx9QXFUjnYWqnLVXzk
BOScyURBFE5buET8EWyatMjRaG2sTbcX2PuBrSwERaXeEr6cPSLiDUzcyKg7vDWo
AU+cCw3hqM25rY9j/1UVjY236hwGoqVmrf5KGq/s1Eq+euGE1AqXRKdAQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOM+rB4m5Zzo+zJxUGjZFbs4K6F/MB8GA1UdIwQY
MBaAFFEk+6HkAcA+W6HNd66e45z9Yxv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEt
YWI4ZjFmMzM4N2VlLzEvNHo2c0hpYmxuT2o3TW5GUWFOa1Z1emdyb1g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iNzE0YWQtMWY3OC00YTEwLThlNjEtYWI4ZjFmMzM4N2Vl
LzEvVVNUN29lUUJ3RDVib2MxM3JwN2puUDFqR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATfbdAwQA
uToXMA0GCSqGSIb3DQEBCwUAA4IBAQAmgeYCdoIGNg9wpbrD3XQ9Jyo9px/evAbx
du3ncvN4E/Dxr4iJKrFSroOt6A5KUP84Hfo8poTr4senco2HnD5WNY+KLI9YV3aI
Sk4eSyiAE+6J1vEOhJD19Za8pvpKVGy79yniexKjTTbd8G/2qPpBGYs1gKgvpiJP
QDID8dgVHLWN3V2HnuVx/bQpeR6h7o8vSU1f+qJR0pekf3/8ogyKe9QL6Mw4k2cz
sjecCNO4ygRSbggD9j4pFe2V/RChNEgyXJ5jlSQv6ZHk3XUMdtq0ZU5gGbXgzZeD
XuFFlsRYjrMT4+n0fgZcXQGkqGqGywes9BdVc6lO1NLYnGFNTQdS
-----END CERTIFICATE-----
Generated at Mon Mar 30 23:19:05 2026 by rpki-client