Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/aDmk7bmr7GaG3aSI9qiX-uXwSWg.roa
File: aDmk7bmr7GaG3aSI9qiX-uXwSWg.roa (raw, json)
Hash identifier: PRIIqS3HIlOlOVEL7UW8zij6bOh1J2Z1Qs2Esv77scQ=
Subject key identifier: 68:39:A4:ED:B9:AB:EC:66:86:DD:A4:88:F6:A8:97:FA:E5:F0:49:68
Certificate issuer: /CN=df895a3ee2211b6ee2df7202f09a426680d66269
Certificate serial: 019DE2B29B3F36860902C37E9B2AEA61B563
Authority key identifier: DF:89:5A:3E:E2:21:1B:6E:E2:DF:72:02:F0:9A:42:66:80:D6:62:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/34laPuIhG27i33IC8JpCZoDWYmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/aDmk7bmr7GaG3aSI9qiX-uXwSWg.roa
Signing time: Fri 01 May 2026 08:40:49 +0000
ROA not before: Fri 01 May 2026 08:40:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216300
IP address blocks: 77.105.128.0/24 maxlen: 24
77.105.129.0/24 maxlen: 24
77.105.130.0/24 maxlen: 24
77.105.132.0/24 maxlen: 24
77.105.134.0/24 maxlen: 24
77.105.135.0/24 maxlen: 24
77.105.160.0/24 maxlen: 24
77.105.161.0/24 maxlen: 24
77.105.164.0/24 maxlen: 24
185.225.202.0/24 maxlen: 24
185.225.203.0/24 maxlen: 24
193.163.170.0/24 maxlen: 24
194.50.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/34laPuIhG27i33IC8JpCZoDWYmk.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/34laPuIhG27i33IC8JpCZoDWYmk.mft
rsync://rpki.ripe.net/repository/DEFAULT/34laPuIhG27i33IC8JpCZoDWYmk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e2:b2:9b:3f:36:86:09:02:c3:7e:9b:2a:ea:61:b5:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df895a3ee2211b6ee2df7202f09a426680d66269
Validity
Not Before: May 1 08:40:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6839a4edb9abec6686dda488f6a897fae5f04968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:92:6e:50:b1:dd:a1:7c:75:73:73:3d:32:0b:
47:92:e8:f6:4f:ed:3d:bd:01:83:71:8c:ba:ad:6d:
ec:a4:7b:3a:fb:00:04:5b:8e:07:17:14:8b:74:6d:
b3:b0:ea:f2:4b:6c:c1:44:35:5d:4a:5e:b7:f2:e0:
ae:21:13:79:3a:d0:d4:c5:58:35:79:a1:79:4a:89:
de:40:4e:5c:73:8d:87:08:69:0e:03:72:01:04:2f:
16:1c:2d:af:8a:35:5e:db:00:2b:74:86:05:97:85:
5a:4b:f3:8a:14:ef:73:c2:a1:18:95:43:e1:6e:3d:
d6:1b:0b:3a:06:b2:36:3a:73:d1:69:ba:a3:30:ce:
53:4e:de:b5:f8:8c:7b:1b:ab:6c:91:87:f3:a7:a8:
bd:c4:23:0b:67:9e:ae:9f:b9:9a:85:77:f9:44:bc:
9c:c3:3a:1d:ba:5e:45:96:35:a1:64:5c:fe:2d:38:
a6:69:2b:f6:d5:01:4a:bc:77:c1:e2:af:78:11:83:
5e:c3:9b:e5:f4:85:23:ec:e8:27:5c:5e:70:12:6a:
c5:64:44:ce:e6:e8:d5:7b:79:20:8f:d0:ee:e6:2b:
55:6f:a7:f5:0d:83:c5:bd:e9:1d:ea:2a:93:2b:8d:
99:fa:93:ea:33:bc:65:0b:d4:34:30:13:e5:7f:27:
4a:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:39:A4:ED:B9:AB:EC:66:86:DD:A4:88:F6:A8:97:FA:E5:F0:49:68
X509v3 Authority Key Identifier:
keyid:DF:89:5A:3E:E2:21:1B:6E:E2:DF:72:02:F0:9A:42:66:80:D6:62:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/34laPuIhG27i33IC8JpCZoDWYmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/aDmk7bmr7GaG3aSI9qiX-uXwSWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/1a72a7-277d-44f5-87de-70b2ebd51438/1/34laPuIhG27i33IC8JpCZoDWYmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.128.0-77.105.130.255
77.105.132.0/24
77.105.134.0/23
77.105.160.0/23
77.105.164.0/24
185.225.202.0/23
193.163.170.0/24
194.50.153.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:d4:42:da:54:20:b6:2d:74:df:73:9b:51:33:36:fa:f6:75:
4b:24:e9:ad:82:bc:96:e8:b4:e6:84:bb:85:30:f1:ce:2e:c5:
6d:2a:ac:97:91:6f:27:65:a3:d8:8c:e4:69:4e:f8:c4:ad:c9:
25:14:27:a0:36:2a:f7:e7:94:39:9a:3c:f5:cf:f3:59:2e:fa:
49:00:b1:cb:e6:ba:a2:8c:5a:8a:5a:6f:b2:27:40:ac:3f:21:
6e:d0:b6:dc:30:df:44:e4:a8:06:8c:9d:f4:b2:93:92:95:f8:
b7:a2:66:7e:98:cb:15:2d:74:4a:b7:a5:cc:38:15:db:59:54:
71:fe:64:81:99:e1:05:62:6f:af:41:ad:62:08:59:4e:2b:ac:
31:4a:f5:4b:eb:4d:13:58:c5:25:a8:93:3b:9b:cf:87:70:6c:
c8:fb:d6:2c:88:3a:e7:df:97:10:eb:bd:5e:81:fd:4f:ca:59:
63:e6:07:a6:3d:22:b8:b2:78:45:68:66:2d:f6:a4:42:3c:aa:
f0:76:fd:40:cd:cc:c0:2c:8c:01:42:ee:af:eb:94:84:fb:41:
31:e3:3d:39:44:59:41:93:16:af:7c:0b:13:cb:43:bd:d8:74:
08:0c:0f:9a:6b:af:ef:5d:21:80:50:82:71:e4:49:18:a3:41:
3c:8a:12:53
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ3isps/NoYJAsN+myrqYbVjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmODk1YTNlZTIyMTFiNmVlMmRmNzIwMmYwOWE0MjY2ODBk
NjYyNjkwHhcNMjYwNTAxMDg0MDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODM5YTRlZGI5YWJlYzY2ODZkZGE0ODhmNmE4OTdmYWU1ZjA0OTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJJuULHdoXx1c3M9MgtHkuj2T+09
vQGDcYy6rW3spHs6+wAEW44HFxSLdG2zsOryS2zBRDVdSl638uCuIRN5OtDUxVg1
eaF5SoneQE5cc42HCGkOA3IBBC8WHC2vijVe2wArdIYFl4VaS/OKFO9zwqEYlUPh
bj3WGws6BrI2OnPRabqjMM5TTt61+Ix7G6tskYfzp6i9xCMLZ56un7mahXf5RLyc
wzodul5FljWhZFz+LTimaSv21QFKvHfB4q94EYNew5vl9IUj7OgnXF5wEmrFZETO
5ujVe3kgj9Du5itVb6f1DYPFvekd6iqTK42Z+pPqM7xlC9Q0MBPlfydKVQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFGg5pO25q+xmht2kiPaol/rl8EloMB8GA1UdIwQY
MBaAFN+JWj7iIRtu4t9yAvCaQmaA1mJpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzRsYVB1SWhHMjdpMzNJQzhKcENab0RXWW1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8xYTcyYTctMjc3ZC00NGY1LTg3ZGUt
NzBiMmViZDUxNDM4LzEvYURtazdibXI3R2FHM2FTSTlxaVgtdVh3U1dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8xYTcyYTctMjc3ZC00NGY1LTg3ZGUtNzBiMmViZDUxNDM4
LzEvMzRsYVB1SWhHMjdpMzNJQzhKcENab0RXWW1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBAdNaYAD
BABNaYIDBABNaYQDBAFNaYYDBAFNaaADBABNaaQDBAG54coDBADBo6oDBADCMpkw
DQYJKoZIhvcNAQELBQADggEBAC3UQtpUILYtdN9zm1EzNvr2dUsk6a2CvJbotOaE
u4Uw8c4uxW0qrJeRbydlo9iM5GlO+MStySUUJ6A2KvfnlDmaPPXP81ku+kkAscvm
uqKMWopab7InQKw/IW7Qttww30TkqAaMnfSyk5KV+LeiZn6YyxUtdEq3pcw4FdtZ
VHH+ZIGZ4QVib69BrWIIWU4rrDFK9UvrTRNYxSWokzubz4dwbMj71iyIOufflxDr
vV6B/U/KWWPmB6Y9IriyeEVoZi32pEI8qvB2/UDNzMAsjAFC7q/rlIT7QTHjPTlE
WUGTFq98CxPLQ73YdAgMD5prr+9dIYBQgnHkSRijQTyKElM=
-----END CERTIFICATE-----
Generated at Wed May 13 02:38:03 2026 by rpki-client