Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/JYtV1xya2PeTYSiqPGeg1v3D1hU.roa
File: JYtV1xya2PeTYSiqPGeg1v3D1hU.roa (raw, json)
Hash identifier: jSaIThGpGsn1CtL3kupT6o9d7MS0BOry41A4muvp5uA=
Subject key identifier: 25:8B:55:D7:1C:9A:D8:F7:93:61:28:AA:3C:67:A0:D6:FD:C3:D6:15
Certificate issuer: /CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Certificate serial: 0199F172F1B400F172B5D4F76BB772E5141D
Authority key identifier: 65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/JYtV1xya2PeTYSiqPGeg1v3D1hU.roa
Signing time: Fri 17 Oct 2025 09:14:26 +0000
ROA not before: Fri 17 Oct 2025 09:14:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13306
IP address blocks: 77.76.150.0/23 maxlen: 23
77.76.176.0/22 maxlen: 22
89.106.102.0/23 maxlen: 23
89.106.104.0/23 maxlen: 23
89.106.127.0/24 maxlen: 24
109.107.70.0/23 maxlen: 23
178.75.252.0/22 maxlen: 22
188.124.92.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f1:72:f1:b4:00:f1:72:b5:d4:f7:6b:b7:72:e5:14:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65816774b7c5665d67a86c20ceb6487b5b78b38d
Validity
Not Before: Oct 17 09:14:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=258b55d71c9ad8f7936128aa3c67a0d6fdc3d615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f7:da:81:60:b5:39:00:6a:f2:3e:47:3a:fd:
e5:42:2c:37:d3:3b:b9:da:9e:ba:71:6a:4f:ce:64:
82:ea:cf:97:4f:9d:3e:7f:f7:59:08:ef:78:88:29:
7b:39:54:ec:00:10:2f:e3:1c:0b:42:eb:82:4c:9b:
34:0b:36:a8:70:2a:0f:78:38:4c:48:10:34:46:26:
25:82:db:7c:c2:e8:8c:cc:6f:ab:c3:ce:7f:05:9c:
5a:87:26:76:5a:3e:c0:a9:bd:a1:0f:f7:90:0b:87:
1c:0c:55:34:06:4b:e3:21:54:a7:e4:78:b8:f2:d8:
79:f4:b6:af:82:04:f5:e6:08:28:bc:c5:60:e2:ca:
21:b8:8e:f8:aa:9d:30:63:4f:8d:b0:27:05:e7:aa:
97:59:a1:3c:93:02:9e:f1:0b:51:f7:94:ca:56:c7:
6d:c2:a4:35:6d:63:92:10:a1:d1:68:62:fc:07:0c:
a4:88:4c:74:bb:5b:29:e7:4a:1b:26:7d:37:60:39:
c0:48:46:4e:b4:f2:84:4f:0e:ea:5f:29:5a:46:dc:
c5:59:bf:51:69:65:61:0d:ee:7f:5b:8c:79:0d:46:
67:e4:05:a1:4d:dd:90:3d:79:92:7b:65:79:26:76:
b2:3c:ca:15:69:35:9b:91:dc:a6:2b:7f:13:29:72:
06:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:8B:55:D7:1C:9A:D8:F7:93:61:28:AA:3C:67:A0:D6:FD:C3:D6:15
X509v3 Authority Key Identifier:
keyid:65:81:67:74:B7:C5:66:5D:67:A8:6C:20:CE:B6:48:7B:5B:78:B3:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYFndLfFZl1nqGwgzrZIe1t4s40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/JYtV1xya2PeTYSiqPGeg1v3D1hU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/f3b825-cbc0-49d2-8b76-6b1469c3b95a/1/ZYFndLfFZl1nqGwgzrZIe1t4s40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.76.150.0/23
77.76.176.0/22
89.106.102.0-89.106.105.255
89.106.127.0/24
109.107.70.0/23
178.75.252.0/22
188.124.92.0/22
Signature Algorithm: sha256WithRSAEncryption
37:16:e3:d9:78:c2:af:f5:9b:5d:18:99:3d:09:0c:ee:90:58:
35:cc:62:3c:33:3f:d7:39:2e:99:99:e8:8f:20:ff:d1:83:a5:
0b:cc:ec:78:35:2f:0a:88:17:67:96:91:73:dc:7c:fa:19:ee:
46:22:4e:e0:be:71:b8:a5:3d:2b:0a:54:5d:2a:a1:c1:e9:be:
cd:f4:bd:fc:5c:df:45:85:e0:be:8b:57:7d:e4:9a:64:16:05:
20:ab:7a:38:e1:21:7d:d8:78:fd:98:e3:3f:c0:62:f6:d1:a0:
f1:5d:ad:79:b1:e0:48:56:c9:fb:47:da:76:06:f7:6b:12:b1:
a5:8f:90:c2:c3:c7:d4:63:8e:2c:0b:00:13:c9:09:6a:66:89:
b6:60:54:64:b7:a5:04:e5:a4:2c:29:9b:75:4a:9a:ef:8f:8b:
33:c1:02:34:fe:c4:49:c3:35:9c:af:dc:4e:88:91:fe:2d:cf:
79:0f:51:c6:e6:82:92:10:9e:25:f6:41:61:a6:75:b3:04:d9:
60:92:51:fe:e6:ad:19:95:5e:1e:aa:de:7d:a4:64:61:29:cb:
a3:99:82:fb:87:60:d4:e6:27:f8:6c:a0:3e:d0:c7:29:e7:74:
d4:b3:f4:fa:25:0a:6e:42:2f:bc:c9:13:9c:57:c2:fd:ae:44:
1c:8e:f6:b8
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZnxcvG0APFytdT3a7dy5RQdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1ODE2Nzc0YjdjNTY2NWQ2N2E4NmMyMGNlYjY0ODdiNWI3
OGIzOGQwHhcNMjUxMDE3MDkxNDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNThiNTVkNzFjOWFkOGY3OTM2MTI4YWEzYzY3YTBkNmZkYzNkNjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovfagWC1OQBq8j5HOv3lQiw30zu5
2p66cWpPzmSC6s+XT50+f/dZCO94iCl7OVTsABAv4xwLQuuCTJs0CzaocCoPeDhM
SBA0RiYlgtt8wuiMzG+rw85/BZxahyZ2Wj7Aqb2hD/eQC4ccDFU0BkvjIVSn5Hi4
8th59LavggT15ggovMVg4sohuI74qp0wY0+NsCcF56qXWaE8kwKe8QtR95TKVsdt
wqQ1bWOSEKHRaGL8BwykiEx0u1sp50obJn03YDnASEZOtPKETw7qXylaRtzFWb9R
aWVhDe5/W4x5DUZn5AWhTd2QPXmSe2V5JnayPMoVaTWbkdymK38TKXIGewIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFCWLVdccmtj3k2EoqjxnoNb9w9YVMB8GA1UdIwQY
MBaAFGWBZ3S3xWZdZ6hsIM62SHtbeLONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYt
NmIxNDY5YzNiOTVhLzEvSll0VjF4eWEyUGVUWVNpcVBHZWcxdjNEMWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9mM2I4MjUtY2JjMC00OWQyLThiNzYtNmIxNDY5YzNiOTVh
LzEvWllGbmRMZkZabDFucUd3Z3pyWkllMXQ0czQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBTUyWAwQC
TUywMAwDBAFZamYDBAFZamgDBABZan8DBAFta0YDBAKyS/wDBAK8fFwwDQYJKoZI
hvcNAQELBQADggEBADcW49l4wq/1m10YmT0JDO6QWDXMYjwzP9c5LpmZ6I8g/9GD
pQvM7Hg1LwqIF2eWkXPcfPoZ7kYiTuC+cbilPSsKVF0qocHpvs30vfxc30WF4L6L
V33kmmQWBSCrejjhIX3YeP2Y4z/AYvbRoPFdrXmx4EhWyftH2nYG92sSsaWPkMLD
x9RjjiwLABPJCWpmibZgVGS3pQTlpCwpm3VKmu+PizPBAjT+xEnDNZyv3E6Ikf4t
z3kPUcbmgpIQniX2QWGmdbME2WCSUf7mrRmVXh6q3n2kZGEpy6OZgvuHYNTmJ/hs
oD7QxynndNSz9PolCm5CL7zJE5xXwv2uRByO9rg=
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:01:00 2025 by rpki-client