Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/Ccy2Qq_pkfbWxi1V73tQEBTeaBc.roa
File: Ccy2Qq_pkfbWxi1V73tQEBTeaBc.roa (raw, json)
Hash identifier: BASNed/Anj8zT+aeymbLQibHymnetKJWWdZSURwdFz8=
Subject key identifier: 09:CC:B6:42:AF:E9:91:F6:D6:C6:2D:55:EF:7B:50:10:14:DE:68:17
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 019E73B9A7C56B792B50C3962FD53C30FF6F
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/Ccy2Qq_pkfbWxi1V73tQEBTeaBc.roa
Signing time: Fri 29 May 2026 12:33:27 +0000
ROA not before: Fri 29 May 2026 12:33:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 0
IP address blocks: 77.76.4.0/22 maxlen: 22
78.128.3.0/24 maxlen: 24
78.128.41.0/24 maxlen: 24
78.128.86.0/23 maxlen: 23
78.128.88.0/22 maxlen: 22
78.128.97.0/24 maxlen: 24
78.128.100.0/22 maxlen: 22
78.128.104.0/22 maxlen: 22
78.128.116.0/23 maxlen: 23
78.142.3.0/24 maxlen: 24
78.142.31.0/24 maxlen: 24
83.222.190.0/23 maxlen: 23
84.201.224.0/20 maxlen: 20
91.148.162.0/23 maxlen: 23
91.148.164.0/23 maxlen: 23
91.148.169.0/24 maxlen: 24
91.148.170.0/23 maxlen: 23
91.148.172.0/22 maxlen: 22
91.148.176.0/21 maxlen: 21
130.185.227.0/24 maxlen: 24
130.185.234.0/24 maxlen: 24
185.81.120.0/24 maxlen: 24
193.24.240.0/22 maxlen: 22
193.200.14.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:73:b9:a7:c5:6b:79:2b:50:c3:96:2f:d5:3c:30:ff:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: May 29 12:33:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=09ccb642afe991f6d6c62d55ef7b501014de6817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:21:5d:d6:cb:b2:30:a2:75:c9:16:57:c9:f3:
0e:17:db:39:8a:7b:e6:5d:91:3b:a5:9e:99:5b:89:
40:6a:1c:2d:d9:9a:4c:51:16:5a:bf:f0:58:13:59:
bf:b2:75:dc:9d:29:be:28:8a:57:e6:a1:8b:e3:94:
93:ac:94:56:11:fc:bd:10:49:39:59:5f:d6:f9:32:
b2:f9:86:48:e4:17:3b:08:dd:92:9b:29:31:89:61:
b9:84:e3:62:78:2b:2d:1e:6d:fd:aa:b4:20:77:14:
e0:ae:f1:74:f8:fc:0a:ad:e6:75:1b:42:b9:da:a6:
be:2e:44:49:b0:88:19:7a:6d:c2:89:cc:bf:c8:8b:
08:90:cd:e9:e1:7a:d6:90:16:7e:5a:92:08:1b:27:
1b:eb:78:17:dd:a8:66:0b:0f:41:ee:e4:31:36:10:
f3:c7:c4:0e:f5:dd:02:d3:f1:05:5e:4c:be:de:dd:
d6:91:ea:e2:2c:a1:cf:58:3a:e3:95:be:e6:37:c6:
8e:fb:4a:e2:08:15:94:e5:13:fc:c4:17:34:23:93:
f3:34:34:d2:13:30:86:d1:9a:05:40:36:1f:f9:b7:
42:71:a1:67:45:f9:71:5b:0e:2c:a4:40:31:06:a8:
c0:11:5c:75:ed:dc:bf:27:ff:88:a5:89:5a:90:78:
7b:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:CC:B6:42:AF:E9:91:F6:D6:C6:2D:55:EF:7B:50:10:14:DE:68:17
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/Ccy2Qq_pkfbWxi1V73tQEBTeaBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.4.0/22
78.128.3.0/24
78.128.41.0/24
78.128.86.0-78.128.91.255
78.128.97.0/24
78.128.100.0-78.128.107.255
78.128.116.0/23
78.142.3.0/24
78.142.31.0/24
83.222.190.0/23
84.201.224.0/20
91.148.162.0-91.148.165.255
91.148.169.0-91.148.183.255
130.185.227.0/24
130.185.234.0/24
185.81.120.0/24
193.24.240.0/22
193.200.14.0/23
Signature Algorithm: sha256WithRSAEncryption
83:db:14:3d:31:7a:f0:f3:68:12:43:58:b7:20:16:15:35:d6:
ab:21:8a:1c:0e:fd:0e:39:55:12:50:53:10:c2:61:06:e7:4b:
08:1a:51:09:3c:ed:e7:65:d1:e1:6c:eb:5a:da:8f:47:2a:38:
aa:71:cd:7e:0c:36:ff:c5:ee:ae:62:53:4d:10:40:70:0a:ef:
55:29:02:04:f5:f1:e0:e0:59:96:3a:b2:a8:cb:9f:e3:96:f7:
f3:6a:72:7d:9b:8e:dc:bd:08:a1:44:98:8e:50:2b:1e:d7:e2:
eb:6f:db:82:a1:28:cd:85:75:13:49:3d:f1:70:47:b6:7b:d2:
a7:75:c0:11:e3:08:78:4b:81:c3:fe:3f:a6:16:bc:4a:18:a0:
21:45:5e:63:eb:67:7d:45:00:03:5a:77:b9:ad:39:22:a8:15:
43:4d:c4:da:d4:b1:6c:f6:bd:0d:93:6d:93:79:76:56:4d:49:
18:b4:a1:9a:bb:d0:dd:24:a1:41:fb:03:a8:f5:a2:cb:3e:84:
05:92:25:97:80:59:32:2d:79:9a:48:49:ca:42:7d:71:0b:47:
3a:73:02:e8:c5:56:33:c3:db:44:47:9f:d9:a9:11:ec:9e:f5:
6e:bb:2d:1d:5c:21:5d:b2:30:8a:99:ff:ac:15:8e:1b:c7:f4:
0e:d9:0b:bd
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZ5zuafFa3krUMOWL9U8MP9vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjYwNTI5MTIzMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWNjYjY0MmFmZTk5MWY2ZDZjNjJkNTVlZjdiNTAxMDE0ZGU2ODE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSFd1suyMKJ1yRZXyfMOF9s5invm
XZE7pZ6ZW4lAahwt2ZpMURZav/BYE1m/snXcnSm+KIpX5qGL45STrJRWEfy9EEk5
WV/W+TKy+YZI5Bc7CN2SmykxiWG5hONieCstHm39qrQgdxTgrvF0+PwKreZ1G0K5
2qa+LkRJsIgZem3Cicy/yIsIkM3p4XrWkBZ+WpIIGycb63gX3ahmCw9B7uQxNhDz
x8QO9d0C0/EFXky+3t3WkeriLKHPWDrjlb7mN8aO+0riCBWU5RP8xBc0I5PzNDTS
EzCG0ZoFQDYf+bdCcaFnRflxWw4spEAxBqjAEVx17dy/J/+IpYlakHh7KwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFAnMtkKv6ZH21sYtVe97UBAU3mgXMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvQ2N5MlFxX3BrZmJXeGkxVjczdFFFQlRlYUJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAJN
TAQDBABOgAMDBABOgCkwDAMEAU6AVgMEAk6AWAMEAE6AYTAMAwQCToBkAwQCToBo
AwQBToB0AwQATo4DAwQATo4fAwQBU96+AwQEVMngMAwDBAFblKIDBAFblKQwDAME
AFuUqQMEA1uUsAMEAIK54wMEAIK56gMEALlReAMEAsEY8AMEAcHIDjANBgkqhkiG
9w0BAQsFAAOCAQEAg9sUPTF68PNoEkNYtyAWFTXWqyGKHA79DjlVElBTEMJhBudL
CBpRCTzt52XR4WzrWtqPRyo4qnHNfgw2/8XurmJTTRBAcArvVSkCBPXx4OBZljqy
qMuf45b382pyfZuO3L0IoUSYjlArHtfi62/bgqEozYV1E0k98XBHtnvSp3XAEeMI
eEuBw/4/pha8ShigIUVeY+tnfUUAA1p3ua05IqgVQ03E2tSxbPa9DZNtk3l2Vk1J
GLShmrvQ3SShQfsDqPWiyz6EBZIll4BZMi15mkhJykJ9cQtHOnMC6MVWM8PbREef
2akR7J71brstHVwhXbIwipn/rBWOG8f0DtkLvQ==
-----END CERTIFICATE-----
Generated at Thu Jun 11 19:13:05 2026 by rpki-client