Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/OiZkApTkbsub96VB1Z9E4YWYXsY.roa
File: OiZkApTkbsub96VB1Z9E4YWYXsY.roa (raw, json)
Hash identifier: 8WK7mfrWGnsXUnqRlkBdlaeLjGIF0lIsOcdanN+xnyE=
Subject key identifier: 3A:26:64:02:94:E4:6E:CB:9B:F7:A5:41:D5:9F:44:E1:85:98:5E:C6
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019D0554FFD41D4E96C5D59FBE0083868047
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/OiZkApTkbsub96VB1Z9E4YWYXsY.roa
Signing time: Thu 19 Mar 2026 09:02:29 +0000
ROA not before: Thu 19 Mar 2026 09:02:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209697
IP address blocks: 77.242.145.0/24 maxlen: 24
77.242.149.0/24 maxlen: 24
77.242.157.0/24 maxlen: 24
88.209.200.0/24 maxlen: 24
88.209.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Mar 2026 07:14:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:05:54:ff:d4:1d:4e:96:c5:d5:9f:be:00:83:86:80:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 19 09:02:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3a26640294e46ecb9bf7a541d59f44e185985ec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:28:1d:b9:fa:95:9e:3e:24:ee:53:06:8e:64:
4b:d4:d9:1b:b2:9b:42:31:ba:92:f3:e1:5c:e4:94:
60:af:0a:6b:45:52:a1:7a:e0:9d:23:11:b4:f8:c3:
47:74:6b:03:50:cd:a3:a7:16:cc:23:94:40:8d:af:
94:33:05:66:76:7e:9a:ba:78:eb:17:31:65:2e:ae:
98:f5:d7:60:12:82:4a:c4:83:57:c0:61:b7:47:7b:
6b:05:21:84:eb:2b:ee:df:46:46:ff:91:8b:bf:9f:
47:7c:01:75:d5:05:3e:ea:86:3a:36:e5:f6:a3:23:
8c:4c:e9:bf:48:b7:3f:0f:e5:53:2e:d4:5d:b3:fb:
1f:4b:a9:1b:f0:d8:94:53:ab:18:46:9d:70:7f:a0:
7e:99:e5:6d:7f:3c:05:ce:2d:f1:6c:5e:d8:8d:a2:
4b:83:35:2d:e5:cf:0d:d9:b1:c1:ff:76:10:aa:dd:
bb:ac:13:a9:3f:17:fd:9e:22:08:02:2b:d7:53:b7:
8f:49:21:3e:a8:d0:df:44:13:50:77:b8:c2:df:92:
c5:51:f8:3d:9e:1b:42:32:8b:b8:97:35:c5:ba:3d:
ab:63:d7:78:46:68:b3:f4:ad:40:6e:91:7c:96:0e:
15:8f:a8:27:67:26:9e:ba:0c:03:45:5f:d2:dd:df:
a2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:26:64:02:94:E4:6E:CB:9B:F7:A5:41:D5:9F:44:E1:85:98:5E:C6
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/OiZkApTkbsub96VB1Z9E4YWYXsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.145.0/24
77.242.149.0/24
77.242.157.0/24
88.209.200.0/24
88.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
78:c4:59:61:44:56:17:50:d5:5e:bf:47:67:92:b4:f8:75:a1:
40:e3:5e:1d:62:6b:a1:a4:13:e6:fa:c7:31:b4:39:47:ba:1f:
1c:86:c6:0e:b2:cd:b6:23:60:a9:08:89:71:40:80:4d:88:26:
ad:a5:79:13:51:b2:0e:92:66:17:26:a3:14:94:92:c2:6a:72:
70:f2:a8:93:f5:e4:0a:d5:45:12:51:da:9e:b7:97:ad:6e:62:
a7:c6:05:33:7c:68:3e:c9:e8:87:06:da:a4:fb:13:23:24:6a:
c9:61:33:74:08:e6:d1:0c:d7:37:3a:5c:50:fa:28:8b:6b:c3:
d2:8e:fd:43:bb:f8:81:c0:ef:e5:46:e7:ef:b6:cf:24:b7:4c:
eb:72:08:fe:77:38:1d:81:7f:56:7e:81:21:77:6a:d7:fe:01:
c7:b2:4e:91:ed:d8:a1:40:99:53:c4:82:29:b7:d2:90:a9:74:
22:4d:22:00:84:1a:c0:08:fe:95:87:29:4f:69:68:7c:eb:0a:
a8:4f:55:ce:38:9f:ee:44:d9:f4:b3:f1:1c:2b:4f:78:82:87:
68:78:8a:79:dc:ac:9a:cb:28:d9:62:31:30:4a:ab:6a:2b:fd:
79:18:d8:c3:11:80:89:f1:d8:9e:a5:9f:c5:38:6d:4b:2f:c2:
4e:a0:95:45
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ0FVP/UHU6WxdWfvgCDhoBHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjYwMzE5MDkwMjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTI2NjQwMjk0ZTQ2ZWNiOWJmN2E1NDFkNTlmNDRlMTg1OTg1ZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCgdufqVnj4k7lMGjmRL1NkbsptC
MbqS8+Fc5JRgrwprRVKheuCdIxG0+MNHdGsDUM2jpxbMI5RAja+UMwVmdn6aunjr
FzFlLq6Y9ddgEoJKxINXwGG3R3trBSGE6yvu30ZG/5GLv59HfAF11QU+6oY6NuX2
oyOMTOm/SLc/D+VTLtRds/sfS6kb8NiUU6sYRp1wf6B+meVtfzwFzi3xbF7YjaJL
gzUt5c8N2bHB/3YQqt27rBOpPxf9niIIAivXU7ePSSE+qNDfRBNQd7jC35LFUfg9
nhtCMou4lzXFuj2rY9d4Rmiz9K1AbpF8lg4Vj6gnZyaeugwDRV/S3d+iIwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDomZAKU5G7Lm/elQdWfROGFmF7GMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvT2laa0FwVGtic3ViOTZWQjFaOUU0WVdZWHNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATfKRAwQA
TfKVAwQATfKdAwQAWNHIAwQAWNHcMA0GCSqGSIb3DQEBCwUAA4IBAQB4xFlhRFYX
UNVev0dnkrT4daFA414dYmuhpBPm+scxtDlHuh8chsYOss22I2CpCIlxQIBNiCat
pXkTUbIOkmYXJqMUlJLCanJw8qiT9eQK1UUSUdqet5etbmKnxgUzfGg+yeiHBtqk
+xMjJGrJYTN0CObRDNc3OlxQ+iiLa8PSjv1Du/iBwO/lRufvts8kt0zrcgj+dzgd
gX9WfoEhd2rX/gHHsk6R7dihQJlTxIIpt9KQqXQiTSIAhBrACP6VhylPaWh86wqo
T1XOOJ/uRNn0s/EcK094godoeIp53KyayyjZYjEwSqtqK/15GNjDEYCJ8diepZ/F
OG1LL8JOoJVF
-----END CERTIFICATE-----
Generated at Fri Mar 20 15:56:04 2026 by rpki-client