Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/5HiWtdiMDRvE8rxME8_xEHMCzGw.roa
File: 5HiWtdiMDRvE8rxME8_xEHMCzGw.roa (raw, json)
Hash identifier: HisInbhChhY7fllPKG+tBbS3r60RVlsIX8CdzEhJYUE=
Subject key identifier: E4:78:96:B5:D8:8C:0D:1B:C4:F2:BC:4C:13:CF:F1:10:73:02:CC:6C
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 019CB2A8B6103DE6BD631A1D777C754CFDB5
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/5HiWtdiMDRvE8rxME8_xEHMCzGw.roa
Signing time: Tue 03 Mar 2026 07:45:26 +0000
ROA not before: Tue 03 Mar 2026 07:45:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44112
IP address blocks: 77.222.32.0/24 maxlen: 24
77.222.35.0/24 maxlen: 24
77.222.36.0/22 maxlen: 24
77.222.40.0/21 maxlen: 24
77.222.48.0/20 maxlen: 24
77.222.48.0/23 maxlen: 24
80.93.52.0/24 maxlen: 24
80.93.60.0/22 maxlen: 24
2a02:408:7722::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.mft
rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 16:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b2:a8:b6:10:3d:e6:bd:63:1a:1d:77:7c:75:4c:fd:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Mar 3 07:45:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e47896b5d88c0d1bc4f2bc4c13cff1107302cc6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b2:fc:32:df:74:2e:a6:12:66:57:52:42:a6:
cd:bc:44:4c:77:a7:c7:8a:03:1c:47:fb:ec:63:fa:
e5:44:1e:bf:84:42:4d:ee:81:f2:31:72:3d:d9:0a:
e4:05:31:23:45:10:18:8f:40:4b:d7:06:50:c1:cc:
9f:db:85:b0:e6:56:2e:ef:9a:d9:50:65:fa:f3:fc:
03:ee:22:2b:e1:dd:97:c0:22:cf:ab:b2:34:0d:a9:
44:d2:d3:79:30:42:3b:59:6e:cc:df:44:16:cf:01:
ff:6f:0f:e4:cd:15:66:64:cf:39:b2:1f:53:c6:03:
1b:64:f4:38:ea:b3:64:c5:89:d9:82:6f:60:e9:3a:
b8:56:33:c9:50:df:b6:85:45:3d:d6:cc:65:af:56:
f6:63:89:6a:19:05:ba:07:ec:f2:e1:a5:08:94:2a:
90:e6:99:d8:c9:65:04:8b:c8:d1:fb:13:94:15:4a:
79:bf:31:d8:f3:74:20:dc:34:cd:e3:ca:98:41:38:
1e:da:0e:e2:3a:56:68:8a:2e:c0:2e:f5:24:60:b0:
a6:32:31:77:2a:06:b9:58:81:7d:cd:f5:10:c5:81:
83:aa:ca:61:8b:99:c6:94:b8:4a:45:7c:66:c1:b7:
91:21:ed:47:7b:d3:58:be:7d:c3:a3:4c:69:eb:4e:
35:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:78:96:B5:D8:8C:0D:1B:C4:F2:BC:4C:13:CF:F1:10:73:02:CC:6C
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/5HiWtdiMDRvE8rxME8_xEHMCzGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.222.32.0/24
77.222.35.0-77.222.63.255
80.93.52.0/24
80.93.60.0/22
IPv6:
2a02:408:7722::/48
Signature Algorithm: sha256WithRSAEncryption
79:be:e6:85:a5:dd:49:a3:23:a9:ad:88:48:3c:f8:5f:c9:27:
7d:bb:81:6c:27:9b:43:e8:29:1e:43:ea:1a:2e:42:74:5a:fe:
89:23:22:7a:7f:bf:b0:87:2e:27:8f:29:bd:c6:6f:d7:36:3c:
9e:69:ad:30:f5:86:65:53:96:2b:be:e4:87:0a:33:e1:73:8e:
75:e5:fa:d1:5e:e9:f4:a0:a8:0e:c8:bc:6e:d5:06:de:9e:fa:
ab:64:4d:99:13:87:c6:ab:f0:13:0f:be:22:b1:85:24:cf:04:
e3:e9:08:2f:9a:31:47:9e:3f:1f:b5:3b:3d:6f:0f:ef:e3:39:
fc:13:07:29:80:46:90:62:67:a6:92:d9:05:40:27:9f:43:34:
f1:c7:a8:5e:2e:ab:72:ef:c4:3a:ba:86:12:86:2d:96:59:19:
ca:30:8b:16:0f:83:2b:11:42:12:6d:98:44:2f:07:89:9f:d7:
96:f4:7c:03:f8:a7:23:1f:b6:99:8f:65:11:02:ce:11:a7:c4:
9a:a8:13:4a:27:b1:55:69:8e:f7:cc:54:cb:80:33:fe:4f:00:
93:77:5c:2a:2a:62:6f:9c:f1:35:46:d4:4a:d7:6a:63:94:11:
cc:0f:97:09:3b:91:f7:23:29:dc:53:d4:40:ce:ac:bb:64:84:
c9:ae:5b:60
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZyyqLYQPea9Yxodd3x1TP21MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjYwMzAzMDc0NTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDc4OTZiNWQ4OGMwZDFiYzRmMmJjNGMxM2NmZjExMDczMDJjYzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrL8Mt90LqYSZldSQqbNvERMd6fH
igMcR/vsY/rlRB6/hEJN7oHyMXI92QrkBTEjRRAYj0BL1wZQwcyf24Ww5lYu75rZ
UGX68/wD7iIr4d2XwCLPq7I0DalE0tN5MEI7WW7M30QWzwH/bw/kzRVmZM85sh9T
xgMbZPQ46rNkxYnZgm9g6Tq4VjPJUN+2hUU91sxlr1b2Y4lqGQW6B+zy4aUIlCqQ
5pnYyWUEi8jR+xOUFUp5vzHY83Qg3DTN48qYQTge2g7iOlZoii7ALvUkYLCmMjF3
Kga5WIF9zfUQxYGDqsphi5nGlLhKRXxmwbeRIe1He9NYvn3Do0xp6041cwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFOR4lrXYjA0bxPK8TBPP8RBzAsxsMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvNUhpV3RkaU1EUnZFOHJ4TUU4X3hFSE1Dekd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgAwQATd4gMAwD
BABN3iMDBAZN3gADBABQXTQDBAJQXTwwDwQCAAIwCQMHACoCBAh3IjANBgkqhkiG
9w0BAQsFAAOCAQEAeb7mhaXdSaMjqa2ISDz4X8knfbuBbCebQ+gpHkPqGi5CdFr+
iSMien+/sIcuJ48pvcZv1zY8nmmtMPWGZVOWK77khwoz4XOOdeX60V7p9KCoDsi8
btUG3p76q2RNmROHxqvwEw++IrGFJM8E4+kIL5oxR54/H7U7PW8P7+M5/BMHKYBG
kGJnppLZBUAnn0M08ceoXi6rcu/EOrqGEoYtllkZyjCLFg+DKxFCEm2YRC8HiZ/X
lvR8A/inIx+2mY9lEQLOEafEmqgTSiexVWmO98xUy4Az/k8Ak3dcKipib5zxNUbU
StdqY5QRzA+XCTuR9yMp3FPUQM6su2SEya5bYA==
-----END CERTIFICATE-----
Generated at Fri Mar 13 23:51:24 2026 by rpki-client