Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/mQRanHoIY0IoJuE4VcyHEcinjeo.roa
File: mQRanHoIY0IoJuE4VcyHEcinjeo.roa (raw, json)
Hash identifier: fBz0EC50LChidWvY4MFa5hHhW36+s8IY+jpOw7hyIu8=
Subject key identifier: 99:04:5A:9C:7A:08:63:42:28:26:E1:38:55:CC:87:11:C8:A7:8D:EA
Certificate issuer: /CN=682c842dfa2a1e714727bccb95f165347103f277
Certificate serial: 019CE206A02FF19069D2B8AC5D1B70DC551F
Authority key identifier: 68:2C:84:2D:FA:2A:1E:71:47:27:BC:CB:95:F1:65:34:71:03:F2:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aCyELfoqHnFHJ7zLlfFlNHED8nc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/mQRanHoIY0IoJuE4VcyHEcinjeo.roa
Signing time: Thu 12 Mar 2026 12:30:10 +0000
ROA not before: Thu 12 Mar 2026 12:30:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25037
IP address blocks: 77.80.128.0/17 maxlen: 17
77.80.128.0/19 maxlen: 19
77.80.216.0/21 maxlen: 21
77.80.224.0/21 maxlen: 21
77.80.240.0/21 maxlen: 21
77.80.248.0/21 maxlen: 21
2a05:2242::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/aCyELfoqHnFHJ7zLlfFlNHED8nc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/aCyELfoqHnFHJ7zLlfFlNHED8nc.mft
rsync://rpki.ripe.net/repository/DEFAULT/aCyELfoqHnFHJ7zLlfFlNHED8nc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:e2:06:a0:2f:f1:90:69:d2:b8:ac:5d:1b:70:dc:55:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=682c842dfa2a1e714727bccb95f165347103f277
Validity
Not Before: Mar 12 12:30:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=99045a9c7a0863422826e13855cc8711c8a78dea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a9:28:77:a3:07:9e:2a:10:31:bc:eb:ea:d0:
81:5c:33:98:22:28:76:76:c8:46:d6:59:15:d9:13:
b0:0c:28:e2:a7:a1:39:a9:1f:07:3f:e4:27:20:bc:
3e:09:cb:fc:b2:d5:20:9c:36:e1:a7:8e:86:ac:ca:
2d:24:cf:82:25:bf:95:a7:b2:d1:eb:2c:ab:61:62:
75:dc:d6:4b:11:0f:f9:70:11:2a:0e:4a:d2:ac:1d:
36:ad:d2:a1:1c:a2:96:26:06:53:56:23:4b:3a:cb:
41:72:ba:eb:f9:61:cc:95:84:8a:36:63:1e:7c:9f:
77:72:d6:ba:47:b7:6d:24:67:b4:6c:99:6d:cd:41:
39:10:76:33:ce:58:7d:cf:08:37:27:30:04:b1:7c:
36:f4:65:9b:da:ad:2d:db:ea:ad:d4:1e:09:72:47:
80:b0:0d:6f:20:e6:19:c1:c2:9b:7c:62:97:63:be:
c6:3d:8d:2f:59:36:78:bc:af:24:4e:2a:fa:f8:94:
ff:93:e6:fe:3d:90:01:04:8b:84:40:1c:5b:7d:d2:
d1:ce:77:a0:c2:88:e7:5d:5b:19:a5:c8:3c:e8:02:
a0:06:3b:3e:74:8f:73:ba:e7:3b:14:0e:7c:7b:09:
4b:39:45:c0:6c:8a:dc:65:cf:4d:69:c4:f6:81:96:
59:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:04:5A:9C:7A:08:63:42:28:26:E1:38:55:CC:87:11:C8:A7:8D:EA
X509v3 Authority Key Identifier:
keyid:68:2C:84:2D:FA:2A:1E:71:47:27:BC:CB:95:F1:65:34:71:03:F2:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aCyELfoqHnFHJ7zLlfFlNHED8nc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/mQRanHoIY0IoJuE4VcyHEcinjeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/000465-83cb-41b4-8e60-08d65b38639d/1/aCyELfoqHnFHJ7zLlfFlNHED8nc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.80.128.0/17
IPv6:
2a05:2242::/32
Signature Algorithm: sha256WithRSAEncryption
98:6d:01:8e:89:f8:7f:c9:d2:fe:5b:09:39:cd:fe:8e:37:d0:
ed:49:ec:73:82:3d:54:58:74:5d:b3:fb:d4:dd:d8:06:9a:36:
86:77:76:05:04:eb:7a:5a:d9:0c:4b:b6:ce:59:5a:39:28:3c:
9f:dc:15:fa:a0:04:76:1e:96:77:42:0a:57:c0:a7:00:a6:ed:
74:a5:85:d4:45:d6:75:3b:60:50:bf:7f:94:76:41:42:b9:57:
53:93:d4:09:b4:dd:2f:42:c7:32:44:fd:f6:20:56:cc:9f:b1:
9a:9e:2b:25:2a:e3:96:86:1a:6a:6a:ef:b0:4f:b2:dc:d9:09:
f8:14:cf:6c:68:29:e9:32:81:8d:77:ff:a3:2c:9e:df:6e:bf:
a1:0c:19:1e:b7:36:0a:4c:41:85:39:e5:a5:b9:79:6a:33:44:
a5:4c:d3:52:84:6e:08:15:b7:0c:2a:95:db:03:3e:8c:5b:7a:
9d:da:17:e2:6d:95:1e:56:19:3a:08:d0:e9:d1:ce:45:a1:31:
bd:82:6f:3c:bf:0a:ec:7f:83:6e:a1:47:6a:53:b2:30:53:00:
1a:56:4a:f9:58:08:91:f4:a5:b7:dd:ed:8c:29:1c:7e:7a:cf:
09:cb:e9:b6:0f:74:d9:76:da:84:b3:b6:cc:f7:43:0f:4d:fb:
17:84:04:a3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZziBqAv8ZBp0risXRtw3FUfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MmM4NDJkZmEyYTFlNzE0NzI3YmNjYjk1ZjE2NTM0NzEw
M2YyNzcwHhcNMjYwMzEyMTIzMDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTA0NWE5YzdhMDg2MzQyMjgyNmUxMzg1NWNjODcxMWM4YTc4ZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6kod6MHnioQMbzr6tCBXDOYIih2
dshG1lkV2ROwDCjip6E5qR8HP+QnILw+Ccv8stUgnDbhp46GrMotJM+CJb+Vp7LR
6yyrYWJ13NZLEQ/5cBEqDkrSrB02rdKhHKKWJgZTViNLOstBcrrr+WHMlYSKNmMe
fJ93cta6R7dtJGe0bJltzUE5EHYzzlh9zwg3JzAEsXw29GWb2q0t2+qt1B4JckeA
sA1vIOYZwcKbfGKXY77GPY0vWTZ4vK8kTir6+JT/k+b+PZABBIuEQBxbfdLRzneg
wojnXVsZpcg86AKgBjs+dI9zuuc7FA58ewlLOUXAbIrcZc9NacT2gZZZDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJkEWpx6CGNCKCbhOFXMhxHIp43qMB8GA1UdIwQY
MBaAFGgshC36Kh5xRye8y5XxZTRxA/J3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUN5RUxmb3FIbkZISjd6TGxmRmxOSEVEOG5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8wMDA0NjUtODNjYi00MWI0LThlNjAt
MDhkNjViMzg2MzlkLzEvbVFSYW5Ib0lZMElvSnVFNFZjeUhFY2luamVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8wMDA0NjUtODNjYi00MWI0LThlNjAtMDhkNjViMzg2Mzlk
LzEvYUN5RUxmb3FIbkZISjd6TGxmRmxOSEVEOG5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQHTVCAMA0E
AgACMAcDBQAqBSJCMA0GCSqGSIb3DQEBCwUAA4IBAQCYbQGOifh/ydL+Wwk5zf6O
N9DtSexzgj1UWHRds/vU3dgGmjaGd3YFBOt6WtkMS7bOWVo5KDyf3BX6oAR2HpZ3
QgpXwKcApu10pYXURdZ1O2BQv3+UdkFCuVdTk9QJtN0vQscyRP32IFbMn7Ganisl
KuOWhhpqau+wT7Lc2Qn4FM9saCnpMoGNd/+jLJ7fbr+hDBketzYKTEGFOeWluXlq
M0SlTNNShG4IFbcMKpXbAz6MW3qd2hfibZUeVhk6CNDp0c5FoTG9gm88vwrsf4Nu
oUdqU7IwUwAaVkr5WAiR9KW33e2MKRx+es8Jy+m2D3TZdtqEs7bM90MPTfsXhASj
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:58:25 2026 by rpki-client