Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/JuSXc7ZVBBGZXnDq-To8XVkAvig.roa
File: JuSXc7ZVBBGZXnDq-To8XVkAvig.roa (raw, json)
Hash identifier: /cuVo97iW83fjQf6bGYtrLtSHZqgpkHovYO/W3VrbBk=
Subject key identifier: 26:E4:97:73:B6:55:04:11:99:5E:70:EA:F9:3A:3C:5D:59:00:BE:28
Certificate issuer: /CN=df895a3ee2211b6ee2df7202f09a426680d66269
Certificate serial: 019D022E6B4EB4E7666CB083F72AD7D8B12B
Authority key identifier: DF:89:5A:3E:E2:21:1B:6E:E2:DF:72:02:F0:9A:42:66:80:D6:62:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34laPuIhG27i33IC8JpCZoDWYmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/JuSXc7ZVBBGZXnDq-To8XVkAvig.roa
Signing time: Wed 18 Mar 2026 18:21:29 +0000
ROA not before: Wed 18 Mar 2026 18:21:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216300
IP address blocks: 77.105.128.0/24 maxlen: 24
77.105.129.0/24 maxlen: 24
77.105.130.0/24 maxlen: 24
77.105.132.0/24 maxlen: 24
77.105.134.0/24 maxlen: 24
77.105.135.0/24 maxlen: 24
77.105.160.0/24 maxlen: 24
77.105.164.0/24 maxlen: 24
185.225.202.0/24 maxlen: 24
185.225.203.0/24 maxlen: 24
193.163.170.0/24 maxlen: 24
194.50.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/34laPuIhG27i33IC8JpCZoDWYmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/34laPuIhG27i33IC8JpCZoDWYmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/34laPuIhG27i33IC8JpCZoDWYmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:02:2e:6b:4e:b4:e7:66:6c:b0:83:f7:2a:d7:d8:b1:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df895a3ee2211b6ee2df7202f09a426680d66269
Validity
Not Before: Mar 18 18:21:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=26e49773b6550411995e70eaf93a3c5d5900be28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fb:a3:a4:df:d6:fe:4e:89:5e:8d:51:9f:80:
fe:ef:96:f1:ae:5c:c7:77:fb:59:97:94:f5:cf:97:
ea:c4:58:2b:62:08:71:39:7e:c0:82:c7:2c:e6:b2:
60:97:04:b8:3e:15:a3:3d:2f:60:58:a3:b6:b7:74:
0c:70:2f:31:cf:c9:71:ef:7a:8e:37:39:ea:bd:32:
0b:6c:16:fc:b9:18:83:dd:57:48:65:23:92:5e:98:
f0:20:7a:62:67:22:0e:e5:29:f1:66:ec:fa:d8:24:
2f:03:f4:eb:e2:c6:1c:3c:64:a7:3c:0a:c8:2c:b5:
db:23:da:7a:93:1e:d6:de:5c:a6:69:73:64:01:2a:
fa:f3:a8:1a:94:d6:11:ea:ea:d2:e0:dc:85:d2:8d:
c4:97:aa:92:8d:c3:b6:a3:e0:91:7b:e0:78:bf:3c:
59:40:b2:bd:d2:6b:56:f2:02:b7:1c:e3:e7:96:40:
43:7b:ec:13:6d:a8:bc:d0:4b:51:54:ed:92:de:8a:
d8:a9:b7:95:7d:20:b2:d4:5b:1d:9d:8a:d7:29:fc:
cb:62:16:bb:10:32:89:6d:42:38:25:e1:60:ff:af:
7d:a1:a6:18:bd:fd:a7:e5:c2:bf:82:22:ca:a9:fb:
ba:99:63:d4:0b:37:94:7e:64:1a:a2:4b:b7:a5:25:
4a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:E4:97:73:B6:55:04:11:99:5E:70:EA:F9:3A:3C:5D:59:00:BE:28
X509v3 Authority Key Identifier:
keyid:DF:89:5A:3E:E2:21:1B:6E:E2:DF:72:02:F0:9A:42:66:80:D6:62:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34laPuIhG27i33IC8JpCZoDWYmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/JuSXc7ZVBBGZXnDq-To8XVkAvig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/34laPuIhG27i33IC8JpCZoDWYmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.128.0-77.105.130.255
77.105.132.0/24
77.105.134.0/23
77.105.160.0/24
77.105.164.0/24
185.225.202.0/23
193.163.170.0/24
194.50.153.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:d6:f6:79:72:d9:da:7d:f7:4d:76:41:c1:3a:f8:14:14:f4:
f9:1d:b4:0e:fd:62:92:8d:58:0c:9f:d5:c5:98:59:5c:44:1e:
cd:3f:db:4b:63:f1:61:f9:b3:4d:0a:a7:ad:0b:2a:1f:f1:87:
3e:df:29:7d:6b:e3:40:0a:97:e1:c7:fd:b7:bd:53:4c:43:eb:
01:e9:13:d0:79:21:e6:c8:63:0d:70:f3:44:7c:18:2d:d0:9c:
08:d9:98:29:d2:43:99:b6:42:65:11:fb:1f:cf:81:42:41:f2:
3e:0f:0b:4e:4d:5b:0a:a0:ae:f7:3c:0a:0c:d7:84:cd:4c:33:
8e:24:c5:45:7c:f6:2a:5f:64:ab:f1:2c:5c:64:88:f2:16:70:
53:ed:2f:2f:4f:d2:8d:77:c8:fc:9d:a4:8a:a0:85:18:ae:8d:
57:9a:31:99:20:bb:ea:d2:04:99:fd:0d:3c:6d:1b:cb:11:81:
96:9c:9d:5d:08:b4:00:3f:eb:a8:75:ab:55:9c:d1:a0:67:68:
78:23:ec:af:6a:c4:51:30:45:39:d5:6a:69:98:95:c2:5e:59:
61:83:78:97:84:97:c9:d5:c6:24:a0:d4:bf:fa:9e:42:66:53:
ef:0d:f2:2d:18:dd:c1:b4:67:f6:5e:c5:02:bb:71:bc:16:f4:
8f:22:5f:54
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ0CLmtOtOdmbLCD9yrX2LErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmODk1YTNlZTIyMTFiNmVlMmRmNzIwMmYwOWE0MjY2ODBk
NjYyNjkwHhcNMjYwMzE4MTgyMTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmU0OTc3M2I2NTUwNDExOTk1ZTcwZWFmOTNhM2M1ZDU5MDBiZTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/ujpN/W/k6JXo1Rn4D+75bxrlzH
d/tZl5T1z5fqxFgrYghxOX7Agscs5rJglwS4PhWjPS9gWKO2t3QMcC8xz8lx73qO
NznqvTILbBb8uRiD3VdIZSOSXpjwIHpiZyIO5SnxZuz62CQvA/Tr4sYcPGSnPArI
LLXbI9p6kx7W3lymaXNkASr686galNYR6urS4NyF0o3El6qSjcO2o+CRe+B4vzxZ
QLK90mtW8gK3HOPnlkBDe+wTbai80EtRVO2S3orYqbeVfSCy1FsdnYrXKfzLYha7
EDKJbUI4JeFg/699oaYYvf2n5cK/giLKqfu6mWPUCzeUfmQaoku3pSVKRQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFCbkl3O2VQQRmV5w6vk6PF1ZAL4oMB8GA1UdIwQY
MBaAFN+JWj7iIRtu4t9yAvCaQmaA1mJpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzRsYVB1SWhHMjdpMzNJQzhKcENab0RXWW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8xYTcyYTctMjc3ZC00NGY1LTg3ZGUt
NzBiMmViZDUxNDM4LzEvSnVTWGM3WlZCQkdaWG5EcS1UbzhYVmtBdmlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8xYTcyYTctMjc3ZC00NGY1LTg3ZGUtNzBiMmViZDUxNDM4
LzEvMzRsYVB1SWhHMjdpMzNJQzhKcENab0RXWW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBAdNaYAD
BABNaYIDBABNaYQDBAFNaYYDBABNaaADBABNaaQDBAG54coDBADBo6oDBADCMpkw
DQYJKoZIhvcNAQELBQADggEBAJ7W9nly2dp99012QcE6+BQU9PkdtA79YpKNWAyf
1cWYWVxEHs0/20tj8WH5s00Kp60LKh/xhz7fKX1r40AKl+HH/be9U0xD6wHpE9B5
IebIYw1w80R8GC3QnAjZmCnSQ5m2QmUR+x/PgUJB8j4PC05NWwqgrvc8CgzXhM1M
M44kxUV89ipfZKvxLFxkiPIWcFPtLy9P0o13yPydpIqghRiujVeaMZkgu+rSBJn9
DTxtG8sRgZacnV0ItAA/66h1q1Wc0aBnaHgj7K9qxFEwRTnVammYlcJeWWGDeJeE
l8nVxiSg1L/6nkJmU+8N8i0Y3cG0Z/ZexQK7cbwW9I8iX1Q=
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:34:34 2026 by rpki-client