Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/6d6b76-b4b7-4f7e-8628-cf794658f5be/1/vaF2ggurkdMa29mOe8Ln8Gh0s84.roa
File: vaF2ggurkdMa29mOe8Ln8Gh0s84.roa (raw, json)
Hash identifier: 0hWPx/v7SQ3YrJu6uA8c9hJgR2g58Nd5ph2a6xS95t0=
Subject key identifier: BD:A1:76:82:0B:AB:91:D3:1A:DB:D9:8E:7B:C2:E7:F0:68:74:B3:CE
Certificate issuer: /CN=e76210e38b16909a7ee8fe3b8d06647f0665292b
Certificate serial: 019A49EF7D294A5072F590873A881339E714
Authority key identifier: E7:62:10:E3:8B:16:90:9A:7E:E8:FE:3B:8D:06:64:7F:06:65:29:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/52IQ44sWkJp-6P47jQZkfwZlKSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/6d6b76-b4b7-4f7e-8628-cf794658f5be/1/vaF2ggurkdMa29mOe8Ln8Gh0s84.roa
Signing time: Mon 03 Nov 2025 13:37:03 +0000
ROA not before: Mon 03 Nov 2025 13:37:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15726
IP address blocks: 37.60.200.0/21 maxlen: 24
46.231.232.0/21 maxlen: 24
193.39.192.0/24 maxlen: 24
213.149.64.0/20 maxlen: 24
217.14.160.0/20 maxlen: 24
2a00:f88::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/6d6b76-b4b7-4f7e-8628-cf794658f5be/1/52IQ44sWkJp-6P47jQZkfwZlKSs.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/6d6b76-b4b7-4f7e-8628-cf794658f5be/1/52IQ44sWkJp-6P47jQZkfwZlKSs.mft
rsync://rpki.ripe.net/repository/DEFAULT/52IQ44sWkJp-6P47jQZkfwZlKSs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 01:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:49:ef:7d:29:4a:50:72:f5:90:87:3a:88:13:39:e7:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e76210e38b16909a7ee8fe3b8d06647f0665292b
Validity
Not Before: Nov 3 13:37:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bda176820bab91d31adbd98e7bc2e7f06874b3ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f9:a9:35:56:f4:f9:a2:32:14:91:c3:0e:8e:
77:3c:9d:c0:ed:82:db:c5:ef:58:1f:93:f8:02:60:
3a:6a:3e:0e:83:a5:de:2b:8b:f6:b2:50:a0:69:51:
9c:6c:10:8b:4b:dd:af:31:f0:bd:96:8c:74:9a:2a:
1a:e4:a4:d8:3b:3f:44:a2:d4:05:2c:ab:2d:99:07:
29:fe:da:3f:1c:46:f0:40:47:07:c6:24:4e:6f:00:
86:49:4a:8e:c0:10:15:0a:e3:f3:ed:89:cd:5b:87:
94:57:b3:66:c8:37:49:d4:4e:e1:df:c0:c3:73:5b:
8f:85:16:9b:de:26:3d:88:95:21:c8:6c:b6:8c:4f:
75:35:6a:4c:9f:d4:91:4d:ab:41:bd:7c:54:a4:a0:
b4:40:15:bb:6b:c8:52:9a:3b:18:9a:71:bb:53:12:
cb:e9:8f:c6:26:f0:b3:eb:13:6e:68:6a:d2:28:53:
15:36:e4:cd:f9:18:96:4d:3f:fe:d1:ba:a8:0f:f1:
6b:11:32:4d:d9:5e:45:23:4b:99:1c:a7:dd:8e:e0:
a7:c0:75:c7:75:76:fa:be:bd:db:15:13:07:93:71:
26:1d:75:df:88:37:41:32:1a:be:ee:f1:f2:a4:0f:
ac:5d:b4:c6:0e:09:ae:d3:9f:4a:d9:cd:10:ba:a1:
39:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:A1:76:82:0B:AB:91:D3:1A:DB:D9:8E:7B:C2:E7:F0:68:74:B3:CE
X509v3 Authority Key Identifier:
keyid:E7:62:10:E3:8B:16:90:9A:7E:E8:FE:3B:8D:06:64:7F:06:65:29:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52IQ44sWkJp-6P47jQZkfwZlKSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/6d6b76-b4b7-4f7e-8628-cf794658f5be/1/vaF2ggurkdMa29mOe8Ln8Gh0s84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/6d6b76-b4b7-4f7e-8628-cf794658f5be/1/52IQ44sWkJp-6P47jQZkfwZlKSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.200.0/21
46.231.232.0/21
193.39.192.0/24
213.149.64.0/20
217.14.160.0/20
IPv6:
2a00:f88::/32
Signature Algorithm: sha256WithRSAEncryption
4c:c8:d8:ab:5d:79:c0:60:06:b3:53:cb:3e:32:7b:c8:a7:36:
34:de:e6:fa:83:5f:00:86:80:17:b6:9b:fe:1e:c8:ae:28:6c:
d0:7f:4a:22:06:63:90:4c:7d:dc:18:ea:3d:84:ea:76:46:73:
25:2b:74:fe:90:0e:81:b0:09:a4:13:84:4a:dc:78:80:2a:06:
e1:86:57:11:d2:1e:ee:2b:a6:63:68:19:fb:9b:c5:d8:39:1c:
cd:96:f6:b1:75:10:7f:63:f4:40:de:99:0a:09:69:e6:43:7d:
81:03:3c:44:ca:6c:02:20:4d:a0:56:20:f9:6b:37:05:38:0f:
55:c3:cf:61:46:bc:36:77:44:42:99:58:3a:c9:73:4b:41:c6:
e2:10:3e:b7:4c:90:36:a0:a1:d3:9e:f2:7e:8b:d6:c4:43:a0:
05:a0:a9:27:d7:2a:ae:69:24:6a:a8:86:eb:19:e5:59:28:b3:
5c:87:e3:32:cd:fc:ae:82:58:3d:87:94:c1:1f:5b:90:1d:55:
7b:b5:3c:a8:c8:6d:d6:e7:87:ed:db:02:a4:91:03:37:aa:38:
ab:a0:b6:e2:a8:4d:d2:65:56:c3:a6:45:96:77:cc:37:85:86:
ac:bc:06:b2:24:cc:63:14:fd:47:1b:79:15:75:e7:72:7c:4e:
87:82:b2:90
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZpJ730pSlBy9ZCHOogTOecUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NjIxMGUzOGIxNjkwOWE3ZWU4ZmUzYjhkMDY2NDdmMDY2
NTI5MmIwHhcNMjUxMTAzMTMzNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGExNzY4MjBiYWI5MWQzMWFkYmQ5OGU3YmMyZTdmMDY4NzRiM2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfmpNVb0+aIyFJHDDo53PJ3A7YLb
xe9YH5P4AmA6aj4Og6XeK4v2slCgaVGcbBCLS92vMfC9lox0mioa5KTYOz9EotQF
LKstmQcp/to/HEbwQEcHxiRObwCGSUqOwBAVCuPz7YnNW4eUV7NmyDdJ1E7h38DD
c1uPhRab3iY9iJUhyGy2jE91NWpMn9SRTatBvXxUpKC0QBW7a8hSmjsYmnG7UxLL
6Y/GJvCz6xNuaGrSKFMVNuTN+RiWTT/+0bqoD/FrETJN2V5FI0uZHKfdjuCnwHXH
dXb6vr3bFRMHk3EmHXXfiDdBMhq+7vHypA+sXbTGDgmu059K2c0QuqE5MQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFL2hdoILq5HTGtvZjnvC5/BodLPOMB8GA1UdIwQY
MBaAFOdiEOOLFpCafuj+O40GZH8GZSkrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTJJUTQ0c1drSnAtNlA0N2pRWmtmd1psS1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82ZDZiNzYtYjRiNy00ZjdlLTg2Mjgt
Y2Y3OTQ2NThmNWJlLzEvdmFGMmdndXJrZE1hMjltT2U4TG44R2gwczg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82ZDZiNzYtYjRiNy00ZjdlLTg2MjgtY2Y3OTQ2NThmNWJl
LzEvNTJJUTQ0c1drSnAtNlA0N2pRWmtmd1psS1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJTzIAwQD
LufoAwQAwSfAAwQE1ZVAAwQE2Q6gMA0EAgACMAcDBQAqAA+IMA0GCSqGSIb3DQEB
CwUAA4IBAQBMyNirXXnAYAazU8s+MnvIpzY03ub6g18AhoAXtpv+HsiuKGzQf0oi
BmOQTH3cGOo9hOp2RnMlK3T+kA6BsAmkE4RK3HiAKgbhhlcR0h7uK6ZjaBn7m8XY
ORzNlvaxdRB/Y/RA3pkKCWnmQ32BAzxEymwCIE2gViD5azcFOA9Vw89hRrw2d0RC
mVg6yXNLQcbiED63TJA2oKHTnvJ+i9bEQ6AFoKkn1yquaSRqqIbrGeVZKLNch+My
zfyuglg9h5TBH1uQHVV7tTyoyG3W54ft2wKkkQM3qjiroLbiqE3SZVbDpkWWd8w3
hYasvAayJMxjFP1HG3kVdedyfE6HgrKQ
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:45:15 2025 by rpki-client