Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/d1e324-54f3-4df8-8ec6-038d53c23c39/1/jkf9uYsYVRJJo7-7ziQQDEzWpm8.roa
File: jkf9uYsYVRJJo7-7ziQQDEzWpm8.roa (raw, json)
Hash identifier: KJPWOCNh5BY9Xr2oC9jvPyLkj0+8kyflAtM1BYsxhv4=
Subject key identifier: 8E:47:FD:B9:8B:18:55:12:49:A3:BF:BB:CE:24:10:0C:4C:D6:A6:6F
Certificate issuer: /CN=f9aa8a3ea991333393f3ef2a1822451123d3eec7
Certificate serial: 019B7F15EED0CAB946BE5B4D3EE7729E8DAC
Authority key identifier: F9:AA:8A:3E:A9:91:33:33:93:F3:EF:2A:18:22:45:11:23:D3:EE:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-aqKPqmRMzOT8-8qGCJFESPT7sc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/d1e324-54f3-4df8-8ec6-038d53c23c39/1/jkf9uYsYVRJJo7-7ziQQDEzWpm8.roa
Signing time: Fri 02 Jan 2026 14:21:42 +0000
ROA not before: Fri 02 Jan 2026 14:21:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 42539
IP address blocks: 77.235.80.0/21 maxlen: 21
77.235.88.0/22 maxlen: 22
77.235.92.0/23 maxlen: 23
77.235.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/d1e324-54f3-4df8-8ec6-038d53c23c39/1/1-aqKPqmRMzOT8-8qGCJFESPT7sc.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/d1e324-54f3-4df8-8ec6-038d53c23c39/1/1-aqKPqmRMzOT8-8qGCJFESPT7sc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-aqKPqmRMzOT8-8qGCJFESPT7sc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:15:ee:d0:ca:b9:46:be:5b:4d:3e:e7:72:9e:8d:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9aa8a3ea991333393f3ef2a1822451123d3eec7
Validity
Not Before: Jan 2 14:21:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8e47fdb98b18551249a3bfbbce24100c4cd6a66f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:4a:1b:f3:4c:37:f1:b2:73:4c:c3:d6:41:ce:
7b:c9:c9:d8:ba:a3:7d:56:3a:9a:74:ff:e3:1a:1c:
af:89:87:60:ca:3e:8c:dd:8d:a7:1d:8a:07:b4:cd:
c0:d2:48:e4:5f:e1:c7:f0:63:22:9d:9b:dd:49:94:
e9:95:58:9c:4c:da:84:f6:35:67:58:9f:5d:62:d2:
99:b2:bb:e1:e8:d1:24:53:7d:aa:d1:7f:dc:54:e4:
4c:33:a8:ad:66:4b:39:11:71:b4:ce:58:d3:43:cf:
f0:35:22:68:b0:0f:85:e6:ff:0a:61:50:b4:a9:ac:
fc:14:6e:11:37:5b:3f:d2:2e:a0:03:d5:38:38:b7:
cb:0e:fa:ac:c5:19:39:d2:37:00:43:03:dd:80:fd:
ba:da:f9:c5:6a:b3:3d:4f:fe:ec:b2:b2:35:ff:1d:
41:3c:cd:cf:9a:8a:a0:cc:df:ca:2d:9c:ff:6c:a6:
41:86:66:8f:71:d1:6a:19:8f:4b:0f:04:cd:74:a1:
f6:b2:6d:25:a6:f6:c4:97:55:08:78:1b:73:e3:e1:
c9:48:64:2e:6d:f7:f5:40:5f:69:90:cc:b7:85:d1:
30:08:ab:13:50:78:3b:52:87:e0:22:f9:a4:67:48:
78:b3:b9:a4:3e:85:b7:a6:01:d6:51:81:9f:1c:1d:
f3:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:47:FD:B9:8B:18:55:12:49:A3:BF:BB:CE:24:10:0C:4C:D6:A6:6F
X509v3 Authority Key Identifier:
keyid:F9:AA:8A:3E:A9:91:33:33:93:F3:EF:2A:18:22:45:11:23:D3:EE:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-aqKPqmRMzOT8-8qGCJFESPT7sc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d1e324-54f3-4df8-8ec6-038d53c23c39/1/jkf9uYsYVRJJo7-7ziQQDEzWpm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/d1e324-54f3-4df8-8ec6-038d53c23c39/1/1-aqKPqmRMzOT8-8qGCJFESPT7sc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.235.80.0-77.235.94.255
Signature Algorithm: sha256WithRSAEncryption
14:39:d7:29:16:96:1d:71:23:41:c0:91:d6:63:b4:cb:68:9b:
b5:cd:fd:da:21:70:e9:26:e2:0b:f9:15:3a:5d:8f:a2:5c:65:
c3:b1:e8:c8:ea:80:ad:34:ca:bd:3c:df:59:a4:2e:be:69:af:
4a:5f:9e:a7:b7:c8:7a:4d:1d:99:8f:4c:91:26:63:b8:48:ab:
85:41:17:5f:ba:f7:da:c0:b7:71:0d:e1:44:5b:11:87:02:13:
d1:0d:d3:07:0e:24:67:73:54:66:aa:6a:3a:84:84:c9:af:0d:
14:94:07:5e:0a:85:a4:13:a8:d1:04:99:b5:c3:50:1b:53:de:
59:53:1d:4e:a8:e9:a4:72:80:38:16:ba:be:91:7a:cc:aa:2e:
67:ad:f9:82:dc:f9:29:31:26:c9:4e:2b:e2:3b:c8:e2:65:47:
69:62:71:1a:6b:ad:10:96:7d:9f:67:ad:6b:43:f4:70:eb:0b:
05:ca:77:ac:37:95:41:c4:0d:0b:3e:9b:c6:40:6e:c2:82:e4:
9b:d6:af:8f:15:58:e6:8d:96:95:6a:89:1d:18:0f:f3:e9:23:
6c:67:45:a5:fe:13:6b:31:d2:0a:c0:bf:36:79:59:c7:b3:23:
49:c0:9a:1f:70:cb:e2:16:dc:36:d0:e2:9b:19:4d:4a:8a:d9:
d9:0a:63:f8
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgISAZt/Fe7QyrlGvltNPudyno2sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5YWE4YTNlYTk5MTMzMzM5M2YzZWYyYTE4MjI0NTExMjNk
M2VlYzcwHhcNMjYwMTAyMTQyMTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTQ3ZmRiOThiMTg1NTEyNDlhM2JmYmJjZTI0MTAwYzRjZDZhNjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0ob80w38bJzTMPWQc57ycnYuqN9
VjqadP/jGhyviYdgyj6M3Y2nHYoHtM3A0kjkX+HH8GMinZvdSZTplVicTNqE9jVn
WJ9dYtKZsrvh6NEkU32q0X/cVORMM6itZks5EXG0zljTQ8/wNSJosA+F5v8KYVC0
qaz8FG4RN1s/0i6gA9U4OLfLDvqsxRk50jcAQwPdgP262vnFarM9T/7ssrI1/x1B
PM3PmoqgzN/KLZz/bKZBhmaPcdFqGY9LDwTNdKH2sm0lpvbEl1UIeBtz4+HJSGQu
bff1QF9pkMy3hdEwCKsTUHg7UofgIvmkZ0h4s7mkPoW3pgHWUYGfHB3zhwIDAQAB
o4ICEzCCAg8wHQYDVR0OBBYEFI5H/bmLGFUSSaO/u84kEAxM1qZvMB8GA1UdIwQY
MBaAFPmqij6pkTMzk/PvKhgiRREj0+7HMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1hcUtQcW1STXpPVDgtOHFHQ0pGRVNQVDdzYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2QvZDFlMzI0LTU0ZjMtNGRmOC04ZWM2
LTAzOGQ1M2MyM2MzOS8xL2prZjl1WXNZVlJKSm83LTd6aVFRREV6V3BtOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2QvZDFlMzI0LTU0ZjMtNGRmOC04ZWM2LTAzOGQ1M2MyM2Mz
OS8xLzEtYXFLUHFtUk16T1Q4LThxR0NKRkVTUFQ3c2MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJwYIKwYBBQUHAQcBAf8EGDAWMBQEAgABMA4wDAMEBE3r
UAMEAE3rXjANBgkqhkiG9w0BAQsFAAOCAQEAFDnXKRaWHXEjQcCR1mO0y2ibtc39
2iFw6SbiC/kVOl2Polxlw7HoyOqArTTKvTzfWaQuvmmvSl+ep7fIek0dmY9MkSZj
uEirhUEXX7r32sC3cQ3hRFsRhwIT0Q3TBw4kZ3NUZqpqOoSEya8NFJQHXgqFpBOo
0QSZtcNQG1PeWVMdTqjppHKAOBa6vpF6zKouZ635gtz5KTEmyU4r4jvI4mVHaWJx
GmutEJZ9n2eta0P0cOsLBcp3rDeVQcQNCz6bxkBuwoLkm9avjxVY5o2WlWqJHRgP
8+kjbGdFpf4TazHSCsC/NnlZx7MjScCaH3DL4hbcNtDimxlNSorZ2Qpj+A==
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:53:24 2026 by rpki-client