Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/577b09-8d12-42c7-9af3-a164886ffc20/1/APCVsNpvhqWeQcqweSvgt5Wftok.roa
File: APCVsNpvhqWeQcqweSvgt5Wftok.roa (raw, json)
Hash identifier: c6yMfxg6aqbcbGYpnlzDdHyhq9WGqsNthHIttzMp2bY=
Subject key identifier: 00:F0:95:B0:DA:6F:86:A5:9E:41:CA:B0:79:2B:E0:B7:95:9F:B6:89
Certificate issuer: /CN=552986484ecd015857ebf61dc4b361302c7916c6
Certificate serial: 019B78A2A78118FA4EC3874C3EAA33700BA0
Authority key identifier: 55:29:86:48:4E:CD:01:58:57:EB:F6:1D:C4:B3:61:30:2C:79:16:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VSmGSE7NAVhX6_YdxLNhMCx5FsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/577b09-8d12-42c7-9af3-a164886ffc20/1/APCVsNpvhqWeQcqweSvgt5Wftok.roa
Signing time: Thu 01 Jan 2026 08:18:04 +0000
ROA not before: Thu 01 Jan 2026 08:18:04 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60534
IP address blocks: 91.225.8.0/22 maxlen: 32
185.54.102.0/24 maxlen: 32
185.135.120.0/22 maxlen: 32
185.244.239.0/24 maxlen: 32
2a06:f3c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/577b09-8d12-42c7-9af3-a164886ffc20/1/VSmGSE7NAVhX6_YdxLNhMCx5FsY.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/577b09-8d12-42c7-9af3-a164886ffc20/1/VSmGSE7NAVhX6_YdxLNhMCx5FsY.mft
rsync://rpki.ripe.net/repository/DEFAULT/VSmGSE7NAVhX6_YdxLNhMCx5FsY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 14:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:78:a2:a7:81:18:fa:4e:c3:87:4c:3e:aa:33:70:0b:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=552986484ecd015857ebf61dc4b361302c7916c6
Validity
Not Before: Jan 1 08:18:04 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=00f095b0da6f86a59e41cab0792be0b7959fb689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:ae:2d:d6:38:db:e4:92:54:14:31:49:48:61:
59:76:66:76:8b:de:b8:2e:34:b4:6d:7f:b6:60:bc:
ee:f3:2c:99:b0:1a:fd:79:37:23:3a:b8:8d:ea:b0:
f6:4a:8e:0f:13:ea:99:50:98:45:3b:d5:56:53:3a:
31:3b:9e:bb:08:ca:bd:96:5b:3d:bb:84:97:97:07:
9a:90:e0:b6:60:b5:69:c2:bc:9f:f6:0b:1e:41:65:
70:df:e0:b1:69:dc:96:53:32:8b:53:47:ce:85:73:
97:96:43:f3:40:25:80:7b:c1:cf:d8:48:0d:b7:b4:
60:b8:54:fd:b2:99:91:73:da:f1:1e:3e:18:7b:c0:
39:44:d7:2b:72:f0:cb:db:72:fd:09:98:a4:c1:b7:
fc:f5:91:6f:71:5a:cc:81:83:d9:0b:94:6e:4d:db:
32:a9:3b:98:aa:a6:2a:53:32:4b:e7:44:c1:4c:83:
ce:94:9c:5e:8c:42:cc:41:3d:99:36:30:6a:2f:67:
4b:8b:36:50:e1:00:f5:4f:a5:f6:e9:e4:43:f3:4d:
72:eb:66:af:8a:eb:a2:55:55:84:39:f1:c0:8a:c3:
a9:93:44:a4:bb:78:7d:e1:4e:9f:ee:77:45:18:42:
74:3e:92:5e:da:cd:4f:c5:9b:ff:11:92:01:56:33:
d3:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:F0:95:B0:DA:6F:86:A5:9E:41:CA:B0:79:2B:E0:B7:95:9F:B6:89
X509v3 Authority Key Identifier:
keyid:55:29:86:48:4E:CD:01:58:57:EB:F6:1D:C4:B3:61:30:2C:79:16:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VSmGSE7NAVhX6_YdxLNhMCx5FsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/577b09-8d12-42c7-9af3-a164886ffc20/1/APCVsNpvhqWeQcqweSvgt5Wftok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/577b09-8d12-42c7-9af3-a164886ffc20/1/VSmGSE7NAVhX6_YdxLNhMCx5FsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.8.0/22
185.54.102.0/24
185.135.120.0/22
185.244.239.0/24
IPv6:
2a06:f3c0::/29
Signature Algorithm: sha256WithRSAEncryption
4e:8a:86:26:f6:43:50:ec:95:9b:f7:cf:19:7e:00:67:42:bb:
af:f8:bb:da:95:fb:0d:de:e6:9e:9b:98:c5:9b:06:43:f8:25:
56:c9:8b:b7:a0:3f:3d:ca:12:6e:52:3c:6e:f9:4d:69:3d:64:
37:a7:a6:90:1b:d1:ca:30:8f:5e:47:ce:85:24:bc:b9:0a:9b:
4f:d5:f5:84:96:d0:b5:ff:a0:f7:ab:3c:5d:0f:56:20:83:09:
a8:59:f7:52:7b:a5:ab:87:3f:31:55:79:88:36:9d:7d:c9:4c:
b0:84:5c:26:48:0a:4c:a9:fa:f1:4d:16:31:97:23:d4:57:06:
5a:51:f2:4c:4c:81:62:88:b0:ae:e0:3a:29:e0:73:3f:85:a8:
9b:31:1d:cf:dc:4b:75:27:6d:77:85:fa:b7:65:0c:6c:ed:f9:
2d:d9:4c:e9:1d:6d:f5:48:9c:6d:84:69:73:08:a3:2e:74:02:
13:b1:b4:a0:5b:cc:fc:0d:47:d0:b5:66:44:62:b3:49:cd:9e:
5d:79:35:54:04:c8:7e:60:fe:b2:7e:9f:66:a3:54:6c:1e:61:
ae:fd:56:b1:75:d8:a1:f0:f5:15:6c:b6:1f:d7:95:2d:25:df:
50:86:86:38:4e:03:5d:f9:18:1c:68:04:b7:58:04:a5:1d:f1:
eb:3d:da:c6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZt4oqeBGPpOw4dMPqozcAugMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1Mjk4NjQ4NGVjZDAxNTg1N2ViZjYxZGM0YjM2MTMwMmM3
OTE2YzYwHhcNMjYwMTAxMDgxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGYwOTViMGRhNmY4NmE1OWU0MWNhYjA3OTJiZTBiNzk1OWZiNjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA564t1jjb5JJUFDFJSGFZdmZ2i964
LjS0bX+2YLzu8yyZsBr9eTcjOriN6rD2So4PE+qZUJhFO9VWUzoxO567CMq9lls9
u4SXlweakOC2YLVpwryf9gseQWVw3+CxadyWUzKLU0fOhXOXlkPzQCWAe8HP2EgN
t7RguFT9spmRc9rxHj4Ye8A5RNcrcvDL23L9CZikwbf89ZFvcVrMgYPZC5RuTdsy
qTuYqqYqUzJL50TBTIPOlJxejELMQT2ZNjBqL2dLizZQ4QD1T6X26eRD801y62av
iuuiVVWEOfHAisOpk0Sku3h94U6f7ndFGEJ0PpJe2s1PxZv/EZIBVjPTgwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFADwlbDab4alnkHKsHkr4LeVn7aJMB8GA1UdIwQY
MBaAFFUphkhOzQFYV+v2HcSzYTAseRbGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlNtR1NFN05BVmhYNl9ZZHhMTmhNQ3g1RnNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS81NzdiMDktOGQxMi00MmM3LTlhZjMt
YTE2NDg4NmZmYzIwLzEvQVBDVnNOcHZocVdlUWNxd2VTdmd0NVdmdG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS81NzdiMDktOGQxMi00MmM3LTlhZjMtYTE2NDg4NmZmYzIw
LzEvVlNtR1NFN05BVmhYNl9ZZHhMTmhNQ3g1RnNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCW+EIAwQA
uTZmAwQCuYd4AwQAufTvMA0EAgACMAcDBQMqBvPAMA0GCSqGSIb3DQEBCwUAA4IB
AQBOioYm9kNQ7JWb988ZfgBnQruv+LvalfsN3uaem5jFmwZD+CVWyYu3oD89yhJu
Ujxu+U1pPWQ3p6aQG9HKMI9eR86FJLy5CptP1fWEltC1/6D3qzxdD1YggwmoWfdS
e6Wrhz8xVXmINp19yUywhFwmSApMqfrxTRYxlyPUVwZaUfJMTIFiiLCu4Dop4HM/
haibMR3P3Et1J213hfq3ZQxs7fkt2UzpHW31SJxthGlzCKMudAITsbSgW8z8DUfQ
tWZEYrNJzZ5deTVUBMh+YP6yfp9mo1RsHmGu/Vaxddih8PUVbLYf15UtJd9QhoY4
TgNd+RgcaAS3WASlHfHrPdrG
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:46:09 2026 by rpki-client