Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Q93pjmnqLroDhbs01L2YnpXUnCo.roa
File: Q93pjmnqLroDhbs01L2YnpXUnCo.roa (raw, json)
Hash identifier: tP26Y2llB08CouVk+nyhz359TadgDQoAR+6ICvcBjTE=
Subject key identifier: 43:DD:E9:8E:69:EA:2E:BA:03:85:BB:34:D4:BD:98:9E:95:D4:9C:2A
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019D2B1F33E2437C82881FC887DB8E2BCEA7
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Q93pjmnqLroDhbs01L2YnpXUnCo.roa
Signing time: Thu 26 Mar 2026 17:09:18 +0000
ROA not before: Thu 26 Mar 2026 17:09:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 273221
IP address blocks: 77.247.120.0/24 maxlen: 24
77.247.121.0/24 maxlen: 24
77.247.122.0/24 maxlen: 24
77.247.123.0/24 maxlen: 24
181.41.148.0/24 maxlen: 24
181.41.149.0/24 maxlen: 24
181.41.150.0/24 maxlen: 24
181.41.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2b:1f:33:e2:43:7c:82:88:1f:c8:87:db:8e:2b:ce:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Mar 26 17:09:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=43dde98e69ea2eba0385bb34d4bd989e95d49c2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:55:9c:22:ea:cc:f0:45:2e:b4:6a:72:03:d0:
36:1b:4f:cc:80:6c:b0:2b:ba:6b:de:92:8b:45:15:
f9:c7:db:0a:a4:20:05:5b:23:f0:9e:28:43:2f:83:
42:e2:a1:22:ab:56:41:d5:9b:69:05:9e:c0:05:27:
ed:69:84:58:71:92:2a:be:b9:47:2d:22:82:cf:c4:
86:9d:62:e2:bb:5b:33:9c:73:de:87:13:6a:36:37:
14:79:9f:29:03:2c:e1:26:ca:f1:4b:24:aa:ab:69:
8f:7b:8f:dd:ed:a7:b4:51:80:1e:cc:b1:46:60:9c:
60:b6:a3:23:1d:f8:9a:c0:36:1e:60:66:af:ba:70:
4a:19:38:79:b6:4b:97:4a:af:71:57:05:fa:ff:91:
7c:db:0c:bf:c2:53:29:9c:19:46:f3:55:73:98:f5:
1d:54:f8:8d:4f:6a:a2:58:01:f3:70:8e:f7:5f:38:
0f:58:7b:73:bd:12:f8:d5:82:3c:56:72:a6:dc:37:
0c:bd:54:3f:83:ab:2d:93:02:f5:ee:c9:01:88:ab:
b5:0f:80:51:f1:7d:6d:de:ab:ba:66:58:e0:3a:bb:
c1:f2:3d:86:ff:8e:d3:72:f9:6c:14:74:53:f7:9c:
43:a0:3a:6e:ac:0f:c8:ca:cd:0f:1b:a8:03:a1:8b:
75:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:DD:E9:8E:69:EA:2E:BA:03:85:BB:34:D4:BD:98:9E:95:D4:9C:2A
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Q93pjmnqLroDhbs01L2YnpXUnCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.120.0/22
181.41.148.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:82:65:a0:c9:97:c7:e5:25:3f:48:e7:3c:d7:30:a5:eb:23:
cc:82:0e:c6:d8:d3:04:9a:5b:6d:33:37:e7:24:46:5b:dd:96:
af:e0:4c:d7:16:c7:99:2c:c8:12:11:f0:0e:ae:6a:c7:5b:02:
aa:bb:45:13:42:5e:0e:8d:45:8e:5c:a3:b1:39:05:4e:2e:4b:
26:ef:64:c9:ec:34:8e:3b:c0:93:7a:89:c7:5f:26:64:84:ac:
1b:19:ad:75:89:d6:b8:bc:e3:94:69:fe:72:72:75:7e:33:da:
81:fb:cd:7f:6d:de:64:d9:1a:55:d3:29:93:d1:06:0b:18:8e:
72:8c:da:77:c3:81:b3:a6:23:6d:e2:f1:3c:70:89:15:09:73:
b3:a7:bf:36:af:bc:31:6a:9e:31:5d:f3:9b:24:af:6b:03:95:
d2:3e:37:5c:d3:96:20:af:00:87:87:4f:00:2f:0e:c7:9d:01:
82:c0:ab:f9:c2:d4:3c:13:0f:fe:51:47:ee:2d:ed:03:35:87:
4a:18:61:6f:6c:2f:4a:a9:a5:c8:a4:59:2c:5c:f7:25:bb:b1:
d8:b3:63:3b:f3:91:46:cf:8b:a2:74:cc:ed:05:c3:d2:24:97:
64:c2:02:46:2d:01:98:42:09:68:89:eb:42:cd:e2:79:2e:f7:
5e:9e:3e:3e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0rHzPiQ3yCiB/Ih9uOK86nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjYwMzI2MTcwOTE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2RkZTk4ZTY5ZWEyZWJhMDM4NWJiMzRkNGJkOTg5ZTk1ZDQ5YzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlWcIurM8EUutGpyA9A2G0/MgGyw
K7pr3pKLRRX5x9sKpCAFWyPwnihDL4NC4qEiq1ZB1ZtpBZ7ABSftaYRYcZIqvrlH
LSKCz8SGnWLiu1sznHPehxNqNjcUeZ8pAyzhJsrxSySqq2mPe4/d7ae0UYAezLFG
YJxgtqMjHfiawDYeYGavunBKGTh5tkuXSq9xVwX6/5F82wy/wlMpnBlG81VzmPUd
VPiNT2qiWAHzcI73XzgPWHtzvRL41YI8VnKm3DcMvVQ/g6stkwL17skBiKu1D4BR
8X1t3qu6ZljgOrvB8j2G/47TcvlsFHRT95xDoDpurA/Iys0PG6gDoYt1vQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEPd6Y5p6i66A4W7NNS9mJ6V1JwqMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvUTkzcGptbnFMcm9EaGJzMDFMMllucFhVbkNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCTfd4AwQC
tSmUMA0GCSqGSIb3DQEBCwUAA4IBAQAvgmWgyZfH5SU/SOc81zCl6yPMgg7G2NME
mlttMzfnJEZb3Zav4EzXFseZLMgSEfAOrmrHWwKqu0UTQl4OjUWOXKOxOQVOLksm
72TJ7DSOO8CTeonHXyZkhKwbGa11ida4vOOUaf5ycnV+M9qB+81/bd5k2RpV0ymT
0QYLGI5yjNp3w4GzpiNt4vE8cIkVCXOzp782r7wxap4xXfObJK9rA5XSPjdc05Yg
rwCHh08ALw7HnQGCwKv5wtQ8Ew/+UUfuLe0DNYdKGGFvbC9KqaXIpFksXPclu7HY
s2M785FGz4uidMztBcPSJJdkwgJGLQGYQgloietCzeJ5Lvdenj4+
-----END CERTIFICATE-----
Generated at Fri Mar 27 02:25:35 2026 by rpki-client