Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/a6c7eb-b72f-4833-a528-6b49a3893c79/1/p02eC1ERUvLK_cq6pNwVZ0xig4Y.roa
File: p02eC1ERUvLK_cq6pNwVZ0xig4Y.roa (raw, json)
Hash identifier: KZhXcbJBxIMqDSefFB3crfwCuJzwZV0N5GJvMfY9BtY=
Subject key identifier: A7:4D:9E:0B:51:11:52:F2:CA:FD:CA:BA:A4:DC:15:67:4C:62:83:86
Certificate issuer: /CN=1c8e17411e0100c914b040d514c28e1d7d36991e
Certificate serial: 019ED1C0D65BC15711B5756C1EF506ADB004
Authority key identifier: 1C:8E:17:41:1E:01:00:C9:14:B0:40:D5:14:C2:8E:1D:7D:36:99:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HI4XQR4BAMkUsEDVFMKOHX02mR4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/a6c7eb-b72f-4833-a528-6b49a3893c79/1/p02eC1ERUvLK_cq6pNwVZ0xig4Y.roa
Signing time: Tue 16 Jun 2026 18:45:36 +0000
ROA not before: Tue 16 Jun 2026 18:45:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41931
IP address blocks: 77.46.4.0/22 maxlen: 22
77.46.8.0/21 maxlen: 21
77.46.16.0/20 maxlen: 20
77.46.32.0/19 maxlen: 19
77.46.64.0/20 maxlen: 20
77.46.80.0/20 maxlen: 20
77.46.96.0/20 maxlen: 20
77.46.112.0/20 maxlen: 20
195.177.196.0/23 maxlen: 23
2a00:1ac8:1000::/48 maxlen: 48
2a00:1ac8:1001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/a6c7eb-b72f-4833-a528-6b49a3893c79/1/HI4XQR4BAMkUsEDVFMKOHX02mR4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/a6c7eb-b72f-4833-a528-6b49a3893c79/1/HI4XQR4BAMkUsEDVFMKOHX02mR4.mft
rsync://rpki.ripe.net/repository/DEFAULT/HI4XQR4BAMkUsEDVFMKOHX02mR4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 25 Jun 2026 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:d1:c0:d6:5b:c1:57:11:b5:75:6c:1e:f5:06:ad:b0:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c8e17411e0100c914b040d514c28e1d7d36991e
Validity
Not Before: Jun 16 18:45:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a74d9e0b511152f2cafdcabaa4dc15674c628386
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:32:30:e5:28:9a:52:ca:75:c7:81:13:8e:e7:
04:52:45:ab:7c:08:00:c0:0a:2a:60:02:0e:f2:0b:
5a:80:d8:45:f9:61:bd:5c:c5:ab:1f:28:96:4d:5c:
fa:e5:95:91:84:fc:5f:cf:ec:ac:f4:99:d0:78:c0:
7e:b7:ed:ed:31:4e:6c:d8:7d:17:db:a0:95:0b:e1:
1a:7b:b0:0d:5e:2c:76:80:ff:61:7e:55:57:35:8d:
84:8e:b3:fd:15:18:26:a4:97:17:c1:79:79:9c:61:
30:e1:40:5d:28:f8:a0:76:e7:8c:ed:11:9b:41:1a:
e5:b7:9f:ba:bf:09:36:92:2a:74:f9:05:b6:78:ba:
28:f4:25:e1:70:c9:1f:a4:f3:81:a0:59:c6:b2:76:
ac:8d:e2:88:c0:af:70:b8:27:32:e8:5f:b8:e4:ed:
88:ab:c0:86:65:cc:bc:62:16:93:6c:ec:33:22:22:
b3:95:5a:7c:7d:f4:62:12:34:4c:cf:63:0f:fb:b0:
7c:e7:5b:f3:4a:de:a0:92:6b:41:05:17:e0:80:6d:
9a:da:7c:aa:71:6a:76:10:01:01:d7:2b:9d:9c:8e:
50:8a:0e:36:a7:bf:d3:03:34:cb:00:e8:48:5a:ac:
e2:cf:75:34:10:ba:48:ee:3e:d4:32:8b:37:47:b5:
1a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:4D:9E:0B:51:11:52:F2:CA:FD:CA:BA:A4:DC:15:67:4C:62:83:86
X509v3 Authority Key Identifier:
keyid:1C:8E:17:41:1E:01:00:C9:14:B0:40:D5:14:C2:8E:1D:7D:36:99:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HI4XQR4BAMkUsEDVFMKOHX02mR4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/a6c7eb-b72f-4833-a528-6b49a3893c79/1/p02eC1ERUvLK_cq6pNwVZ0xig4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/a6c7eb-b72f-4833-a528-6b49a3893c79/1/HI4XQR4BAMkUsEDVFMKOHX02mR4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.46.4.0-77.46.127.255
195.177.196.0/23
IPv6:
2a00:1ac8:1000::/47
Signature Algorithm: sha256WithRSAEncryption
c7:28:67:e0:10:68:7a:61:d2:85:0b:30:bb:78:8b:86:1e:40:
51:1a:b2:d9:7c:01:08:bd:37:64:0d:4d:52:72:3c:b3:f1:01:
c7:90:06:d9:85:01:96:05:19:8e:3c:c5:23:87:ff:50:e9:9e:
a2:ac:49:58:f4:fe:3f:4f:6f:f4:8b:13:38:92:74:cd:71:7e:
a3:98:f5:e9:65:c5:19:be:98:d4:6a:7f:6a:9b:be:bc:c4:96:
14:6a:56:90:65:67:d0:8b:ba:8b:dd:23:30:19:6f:06:18:69:
77:f2:1a:ba:8c:4a:70:b0:46:ae:12:61:44:21:69:27:81:a8:
c7:56:e0:3a:6a:54:da:de:5f:de:f7:53:d4:14:e1:6e:b9:04:
75:4b:f3:e7:39:15:28:28:89:73:16:65:45:0d:df:16:b0:db:
b1:97:27:92:56:a1:c6:fd:7f:79:c2:b9:e2:90:11:af:59:cb:
67:ff:13:7f:c0:10:8b:b4:40:2c:55:15:22:3b:b6:9e:12:74:
fb:33:1c:82:10:72:45:a8:8d:07:2f:3a:51:6e:8f:1a:42:65:
23:84:4a:11:74:bd:3a:be:c4:25:0a:ad:2e:33:f5:5a:e9:e3:
3b:1d:ac:75:8b:61:ff:6c:6a:93:22:e2:2c:31:7b:22:db:1d:
bc:88:7b:44
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZ7RwNZbwVcRtXVsHvUGrbAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOGUxNzQxMWUwMTAwYzkxNGIwNDBkNTE0YzI4ZTFkN2Qz
Njk5MWUwHhcNMjYwNjE2MTg0NTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzRkOWUwYjUxMTE1MmYyY2FmZGNhYmFhNGRjMTU2NzRjNjI4Mzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzIw5SiaUsp1x4ETjucEUkWrfAgA
wAoqYAIO8gtagNhF+WG9XMWrHyiWTVz65ZWRhPxfz+ys9JnQeMB+t+3tMU5s2H0X
26CVC+Eae7ANXix2gP9hflVXNY2EjrP9FRgmpJcXwXl5nGEw4UBdKPigdueM7RGb
QRrlt5+6vwk2kip0+QW2eLoo9CXhcMkfpPOBoFnGsnasjeKIwK9wuCcy6F+45O2I
q8CGZcy8YhaTbOwzIiKzlVp8ffRiEjRMz2MP+7B851vzSt6gkmtBBRfggG2a2nyq
cWp2EAEB1yudnI5Qig42p7/TAzTLAOhIWqziz3U0ELpI7j7UMos3R7Ua1QIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFKdNngtREVLyyv3KuqTcFWdMYoOGMB8GA1UdIwQY
MBaAFByOF0EeAQDJFLBA1RTCjh19NpkeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEk0WFFSNEJBTWtVc0VEVkZNS09IWDAybVI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9hNmM3ZWItYjcyZi00ODMzLWE1Mjgt
NmI0OWEzODkzYzc5LzEvcDAyZUMxRVJVdkxLX2NxNnBOd1ZaMHhpZzRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9hNmM3ZWItYjcyZi00ODMzLWE1MjgtNmI0OWEzODkzYzc5
LzEvSEk0WFFSNEJBTWtVc0VEVkZNS09IWDAybVI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAJNLgQD
BAdNLgADBAHDscQwDwQCAAIwCQMHASoAGsgQADANBgkqhkiG9w0BAQsFAAOCAQEA
xyhn4BBoemHShQswu3iLhh5AURqy2XwBCL03ZA1NUnI8s/EBx5AG2YUBlgUZjjzF
I4f/UOmeoqxJWPT+P09v9IsTOJJ0zXF+o5j16WXFGb6Y1Gp/apu+vMSWFGpWkGVn
0Iu6i90jMBlvBhhpd/IauoxKcLBGrhJhRCFpJ4Gox1bgOmpU2t5f3vdT1BThbrkE
dUvz5zkVKCiJcxZlRQ3fFrDbsZcnklahxv1/ecK54pARr1nLZ/8Tf8AQi7RALFUV
Iju2nhJ0+zMcghByRaiNBy86UW6PGkJlI4RKEXS9Or7EJQqtLjP1WunjOx2sdYth
/2xqkyLiLDF7ItsdvIh7RA==
-----END CERTIFICATE-----
Generated at Thu Jun 25 08:26:12 2026 by rpki-client