Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/K-N36rOGMrajAoKgQRnFws3cYZQ.roa
File: K-N36rOGMrajAoKgQRnFws3cYZQ.roa (raw, json)
Hash identifier: nuImM5LcJvcHXxZcDwo2uunodGLbKRgkWdkeXxE++0Y=
Subject key identifier: 2B:E3:77:EA:B3:86:32:B6:A3:02:82:A0:41:19:C5:C2:CD:DC:61:94
Certificate issuer: /CN=896a82a725ed22bb46847ae568912078de25c108
Certificate serial: 0199A5B0F8EFB2ADFAFC8797A3455081FD5B
Authority key identifier: 89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/K-N36rOGMrajAoKgQRnFws3cYZQ.roa
Signing time: Thu 02 Oct 2025 16:11:02 +0000
ROA not before: Thu 02 Oct 2025 16:11:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44431
IP address blocks: 77.70.176.0/22 maxlen: 24
77.70.181.0/24 maxlen: 24
77.70.184.0/21 maxlen: 24
193.220.160.0/24 maxlen: 24
193.220.162.0/23 maxlen: 24
193.220.224.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a5:b0:f8:ef:b2:ad:fa:fc:87:97:a3:45:50:81:fd:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896a82a725ed22bb46847ae568912078de25c108
Validity
Not Before: Oct 2 16:11:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2be377eab38632b6a30282a04119c5c2cddc6194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:57:39:3b:95:0d:e5:98:e7:75:f7:33:13:81:
26:37:5c:55:5b:3d:cc:ae:31:c2:82:5b:fb:03:68:
66:e8:6c:06:3e:09:de:45:76:2c:b3:3d:cd:77:54:
7e:4e:d9:e6:59:69:68:86:04:b3:f6:da:e6:ce:7a:
84:b6:c7:50:70:02:78:d9:6d:09:ac:db:48:cc:77:
a5:98:78:7b:8c:e2:ab:ff:34:19:bb:32:4e:87:a3:
6e:f4:31:b5:c1:cf:57:13:a2:b9:cb:3a:38:09:f2:
7d:de:3f:5c:54:d1:a6:db:d5:56:53:b8:86:36:b2:
ce:52:d3:dc:e8:8a:97:bb:3c:c0:d1:42:71:33:70:
c5:40:cb:c6:b5:df:08:7b:71:88:b9:4d:c6:66:93:
66:f4:eb:35:35:ac:d6:78:4f:88:43:c7:02:31:23:
a4:c1:22:53:17:6d:2a:1c:60:2d:4b:17:b5:83:69:
b7:1b:3e:1e:59:c3:9b:be:3c:f4:8b:70:62:15:e9:
6f:64:e3:b1:9e:45:15:1a:5e:f2:40:36:88:c0:29:
65:e6:07:0d:bb:cd:4c:f5:06:ad:74:29:cd:4a:86:
69:8b:e6:4d:66:28:9a:07:5d:81:e2:35:f7:e0:d2:
a4:c8:86:2c:aa:b8:26:1e:e2:2f:74:20:fd:f1:b1:
5e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:E3:77:EA:B3:86:32:B6:A3:02:82:A0:41:19:C5:C2:CD:DC:61:94
X509v3 Authority Key Identifier:
keyid:89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/K-N36rOGMrajAoKgQRnFws3cYZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.70.176.0/22
77.70.181.0/24
77.70.184.0/21
193.220.160.0/24
193.220.162.0/23
193.220.224.0/20
Signature Algorithm: sha256WithRSAEncryption
20:1e:6e:0d:3d:73:e2:af:ba:67:95:4c:bc:97:ee:0c:3b:20:
29:2d:25:c5:13:67:10:70:c2:1c:d8:43:a7:5d:79:4f:63:31:
b9:4a:23:7f:23:c2:d2:50:b7:45:6f:1f:9a:d8:8d:3e:81:9b:
cf:1d:64:9c:92:5f:9d:f5:66:f5:73:c6:31:8f:0b:f8:dd:43:
ab:05:d8:f0:7a:93:73:15:61:61:87:71:7f:aa:6b:0e:4d:b8:
08:34:a1:e1:1c:be:1f:28:b6:81:8d:4d:0a:80:39:fb:78:94:
3b:18:92:37:f0:17:a7:2e:c7:f1:e7:c1:80:fc:d6:9a:5a:82:
f5:0a:67:d9:d8:18:85:de:06:3c:55:30:de:08:e0:82:e6:87:
f1:43:ab:9d:ad:70:69:a9:4a:27:c2:86:a2:dd:4f:b0:60:a1:
46:7b:02:f5:2d:9f:5b:8e:05:5a:60:7d:61:d1:94:e1:de:0e:
42:e3:aa:5b:11:ad:eb:f3:98:da:f4:f6:92:39:0b:3b:dd:a4:
8b:62:3c:c4:95:58:16:0d:4c:d5:6b:d3:85:0b:de:50:44:f8:
a8:00:4f:63:87:27:85:a6:d2:00:df:88:f0:0c:7e:b2:ff:e3:
0c:7b:7a:3b:58:52:d2:c0:60:fd:72:11:21:b0:13:ce:3b:d0:
bb:54:aa:d8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZmlsPjvsq36/IeXo0VQgf1bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NmE4MmE3MjVlZDIyYmI0Njg0N2FlNTY4OTEyMDc4ZGUy
NWMxMDgwHhcNMjUxMDAyMTYxMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmUzNzdlYWIzODYzMmI2YTMwMjgyYTA0MTE5YzVjMmNkZGM2MTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Vc5O5UN5ZjndfczE4EmN1xVWz3M
rjHCglv7A2hm6GwGPgneRXYssz3Nd1R+TtnmWWlohgSz9trmznqEtsdQcAJ42W0J
rNtIzHelmHh7jOKr/zQZuzJOh6Nu9DG1wc9XE6K5yzo4CfJ93j9cVNGm29VWU7iG
NrLOUtPc6IqXuzzA0UJxM3DFQMvGtd8Ie3GIuU3GZpNm9Os1NazWeE+IQ8cCMSOk
wSJTF20qHGAtSxe1g2m3Gz4eWcObvjz0i3BiFelvZOOxnkUVGl7yQDaIwCll5gcN
u81M9QatdCnNSoZpi+ZNZiiaB12B4jX34NKkyIYsqrgmHuIvdCD98bFeKQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFCvjd+qzhjK2owKCoEEZxcLN3GGUMB8GA1UdIwQY
MBaAFIlqgqcl7SK7RoR65WiRIHjeJcEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUt
MDQwMTI3MTAyMjA5LzEvSy1OMzZyT0dNcmFqQW9LZ1FSbkZ3czNjWVpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zZmM4ZGEtMzUxNS00MzRkLTlmMGUtMDQwMTI3MTAyMjA5
LzEvaVdxQ3B5WHRJcnRHaEhybGFKRWdlTjRsd1FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCTUawAwQA
TUa1AwQDTUa4AwQAwdygAwQBwdyiAwQEwdzgMA0GCSqGSIb3DQEBCwUAA4IBAQAg
Hm4NPXPir7pnlUy8l+4MOyApLSXFE2cQcMIc2EOnXXlPYzG5SiN/I8LSULdFbx+a
2I0+gZvPHWSckl+d9Wb1c8Yxjwv43UOrBdjwepNzFWFhh3F/qmsOTbgINKHhHL4f
KLaBjU0KgDn7eJQ7GJI38BenLsfx58GA/NaaWoL1CmfZ2BiF3gY8VTDeCOCC5ofx
Q6udrXBpqUonwoai3U+wYKFGewL1LZ9bjgVaYH1h0ZTh3g5C46pbEa3r85ja9PaS
OQs73aSLYjzElVgWDUzVa9OFC95QRPioAE9jhyeFptIA34jwDH6y/+MMe3o7WFLS
wGD9chEhsBPOO9C7VKrY
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:49:33 2025 by rpki-client