
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/vexU20eqD75GiV-RYHWmgxEH73I.roa
File: vexU20eqD75GiV-RYHWmgxEH73I.roa (raw, json)
Hash identifier: nDoTWPqSH3IWThsKOgFZF4UZDo4G9OwYH0ta4b9ZP0Q=
Subject key identifier: BD:EC:54:DB:47:AA:0F:BE:46:89:5F:91:60:75:A6:83:11:07:EF:72
Certificate issuer: /CN=f815e02bda7a9071487837d31558b5e0221d3cf9
Certificate serial: 019880CF81C0B9BF57FF98C1F3FCA8A90ACC
Authority key identifier: F8:15:E0:2B:DA:7A:90:71:48:78:37:D3:15:58:B5:E0:22:1D:3C:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-BXgK9p6kHFIeDfTFVi14CIdPPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/vexU20eqD75GiV-RYHWmgxEH73I.roa
Signing time: Wed 06 Aug 2025 19:15:39 +0000
ROA not before: Wed 06 Aug 2025 19:15:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212315
IP address blocks: 193.176.32.0/24 maxlen: 24
194.164.239.0/24 maxlen: 24
195.200.23.0/24 maxlen: 24
2a14:2040::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/1-BXgK9p6kHFIeDfTFVi14CIdPPk.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/1-BXgK9p6kHFIeDfTFVi14CIdPPk.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-BXgK9p6kHFIeDfTFVi14CIdPPk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 07:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:80:cf:81:c0:b9:bf:57:ff:98:c1:f3:fc:a8:a9:0a:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f815e02bda7a9071487837d31558b5e0221d3cf9
Validity
Not Before: Aug 6 19:15:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdec54db47aa0fbe46895f916075a6831107ef72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ec:7b:58:a1:0c:4d:d2:e1:4e:eb:14:0c:3f:
25:77:b6:16:bc:d1:ed:9c:c8:30:dd:f5:33:ae:35:
d0:5b:81:eb:79:61:ee:27:be:f8:88:08:85:17:d6:
b6:61:5a:76:76:f5:c6:4c:be:fb:8b:c2:f9:8f:ee:
e0:9b:e6:2d:a9:f3:25:bc:9e:7d:59:0d:4e:5b:1b:
e9:76:71:88:78:6e:d5:b5:b1:a6:fd:1b:cb:85:57:
d9:1d:b4:c6:ce:7a:9d:29:f8:a4:44:b3:8c:fa:01:
dc:91:5c:39:f8:23:2f:d2:24:f9:e9:97:e3:06:22:
fa:de:b7:c3:24:69:38:d2:46:95:69:fb:25:4a:f5:
73:fd:0c:e9:30:57:6f:e8:a2:05:14:9a:1c:1e:c6:
1c:cb:b3:60:c8:8e:39:e6:92:5a:32:e3:df:8c:0c:
83:64:64:a4:f8:51:4a:cb:15:04:a9:c1:1e:ed:24:
80:91:b3:ea:a0:49:db:56:01:87:aa:d9:9d:83:96:
1a:ca:17:34:33:b1:17:87:26:1c:a3:ba:5c:db:29:
3b:8b:c0:9c:73:d2:03:88:dc:d7:65:8e:b2:73:73:
da:74:17:eb:a6:6c:1a:54:e0:e7:ce:74:ba:20:c9:
a7:2f:ed:71:4b:47:bd:b1:2d:36:c8:8a:08:ea:e8:
e2:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:EC:54:DB:47:AA:0F:BE:46:89:5F:91:60:75:A6:83:11:07:EF:72
X509v3 Authority Key Identifier:
keyid:F8:15:E0:2B:DA:7A:90:71:48:78:37:D3:15:58:B5:E0:22:1D:3C:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-BXgK9p6kHFIeDfTFVi14CIdPPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/vexU20eqD75GiV-RYHWmgxEH73I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/cd472c-4256-40ff-98e2-d98384397929/1/1-BXgK9p6kHFIeDfTFVi14CIdPPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.32.0/24
194.164.239.0/24
195.200.23.0/24
IPv6:
2a14:2040::/29
Signature Algorithm: sha256WithRSAEncryption
a3:6e:84:a4:46:ba:5e:a4:fd:1b:1d:3a:de:c8:13:50:cb:29:
8c:ab:c6:4a:c6:6a:3d:f4:43:ba:13:eb:e0:91:37:bf:25:87:
65:ee:14:31:6d:e5:19:13:05:1c:9b:c0:e9:f0:37:51:71:7e:
b9:cc:14:3b:d6:82:ee:63:3f:43:10:8e:eb:02:5d:d2:0a:ad:
74:e6:07:49:6a:f3:07:eb:f0:34:7e:80:3b:8b:77:6d:80:12:
ed:30:e3:46:04:80:65:ca:30:31:93:a0:6e:a4:af:8a:81:4b:
f6:14:5e:e2:c4:61:90:c4:3a:48:af:3c:b8:a5:d0:ae:d9:8e:
a7:d3:77:46:18:10:65:35:b1:f0:23:9a:70:f3:19:c9:82:57:
f2:03:94:0c:a3:88:71:c4:df:31:5c:d4:21:a2:27:26:70:ad:
53:c6:58:c9:f5:82:49:11:d7:5c:56:2d:4d:b9:40:a2:ae:da:
65:fd:fa:39:a8:41:a8:91:b9:c4:b1:0c:1c:81:14:71:37:8d:
e2:3f:e0:96:52:4b:2d:47:67:3a:68:11:ac:9b:bc:d3:33:b8:
7c:f7:8f:cd:a4:e5:51:bf:bd:f1:15:7f:f5:0a:a9:47:f3:a9:
94:a1:ea:ec:5d:b9:ad:42:21:e8:f0:7c:2d:f5:e3:e0:c1:2a:
fb:c6:f8:60
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZiAz4HAub9X/5jB8/yoqQrMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MTVlMDJiZGE3YTkwNzE0ODc4MzdkMzE1NThiNWUwMjIx
ZDNjZjkwHhcNMjUwODA2MTkxNTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGVjNTRkYjQ3YWEwZmJlNDY4OTVmOTE2MDc1YTY4MzExMDdlZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Ox7WKEMTdLhTusUDD8ld7YWvNHt
nMgw3fUzrjXQW4HreWHuJ774iAiFF9a2YVp2dvXGTL77i8L5j+7gm+YtqfMlvJ59
WQ1OWxvpdnGIeG7VtbGm/RvLhVfZHbTGznqdKfikRLOM+gHckVw5+CMv0iT56Zfj
BiL63rfDJGk40kaVafslSvVz/QzpMFdv6KIFFJocHsYcy7NgyI455pJaMuPfjAyD
ZGSk+FFKyxUEqcEe7SSAkbPqoEnbVgGHqtmdg5Yayhc0M7EXhyYco7pc2yk7i8Cc
c9IDiNzXZY6yc3PadBfrpmwaVODnznS6IMmnL+1xS0e9sS02yIoI6ujiVwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFL3sVNtHqg++RolfkWB1poMRB+9yMB8GA1UdIwQY
MBaAFPgV4CvaepBxSHg30xVYteAiHTz5MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1CWGdLOXA2a0hGSWVEZlRGVmkxNENJZFBQay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgvY2Q0NzJjLTQyNTYtNDBmZi05OGUy
LWQ5ODM4NDM5NzkyOS8xL3ZleFUyMGVxRDc1R2lWLVJZSFdtZ3hFSDczSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjgvY2Q0NzJjLTQyNTYtNDBmZi05OGUyLWQ5ODM4NDM5Nzky
OS8xLzEtQlhnSzlwNmtIRkllRGZURlZpMTRDSWRQUGsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBADBsCAD
BADCpO8DBADDyBcwDQQCAAIwBwMFAyoUIEAwDQYJKoZIhvcNAQELBQADggEBAKNu
hKRGul6k/RsdOt7IE1DLKYyrxkrGaj30Q7oT6+CRN78lh2XuFDFt5RkTBRybwOnw
N1FxfrnMFDvWgu5jP0MQjusCXdIKrXTmB0lq8wfr8DR+gDuLd22AEu0w40YEgGXK
MDGToG6kr4qBS/YUXuLEYZDEOkivPLil0K7ZjqfTd0YYEGU1sfAjmnDzGcmCV/ID
lAyjiHHE3zFc1CGiJyZwrVPGWMn1gkkR11xWLU25QKKu2mX9+jmoQaiRucSxDByB
FHE3jeI/4JZSSy1HZzpoEaybvNMzuHz3j82k5VG/vfEVf/UKqUfzqZSh6uxdua1C
IejwfC314+DBKvvG+GA=
-----END CERTIFICATE-----
Generated at Mon Aug 11 14:42:40 2025 by rpki-client