Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/VrPDKYMKmnp2V6k_WEnwqOalUuk.roa
File: VrPDKYMKmnp2V6k_WEnwqOalUuk.roa (raw, json)
Hash identifier: ZZB+gfVCQKe+xuNcEMqRNy9VWy20utbLNNHfbV/UCLc=
Subject key identifier: 56:B3:C3:29:83:0A:9A:7A:76:57:A9:3F:58:49:F0:A8:E6:A5:52:E9
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 019E4464CAE24C939B32A3C2E5C24D0E181F
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/VrPDKYMKmnp2V6k_WEnwqOalUuk.roa
Signing time: Wed 20 May 2026 07:58:36 +0000
ROA not before: Wed 20 May 2026 07:58:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58289
IP address blocks: 78.109.19.0/24 maxlen: 24
82.115.58.0/24 maxlen: 24
85.159.94.0/24 maxlen: 24
86.54.184.0/24 maxlen: 24
91.147.108.0/24 maxlen: 24
91.147.111.0/24 maxlen: 24
92.240.243.0/24 maxlen: 24
109.175.215.0/24 maxlen: 24
185.162.234.0/24 maxlen: 24
193.43.251.0/24 maxlen: 24
194.31.133.0/24 maxlen: 24
194.31.135.0/24 maxlen: 24
212.108.87.0/24 maxlen: 24
2a0e:6600::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 07:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:44:64:ca:e2:4c:93:9b:32:a3:c2:e5:c2:4d:0e:18:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: May 20 07:58:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=56b3c329830a9a7a7657a93f5849f0a8e6a552e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f9:3c:b4:eb:ec:f6:bc:33:89:01:41:be:a9:
98:3c:fe:e4:5d:fd:69:a0:3a:2b:7a:28:8d:4c:0d:
37:63:2a:ff:88:e8:85:35:51:0b:0d:24:68:a9:c9:
28:a4:35:21:be:ae:26:f9:19:5b:d7:21:79:32:c5:
96:ad:75:d0:c9:15:83:b0:c7:63:dc:33:76:ee:ba:
bd:04:4a:1c:02:82:77:8a:44:3b:b1:8e:96:ac:77:
bd:59:03:69:49:3e:93:0f:bf:ae:31:fa:8d:55:be:
92:96:16:aa:76:60:30:ef:56:a7:c0:59:f5:98:83:
93:ef:4f:cf:73:c6:0a:e3:ee:f8:61:d7:2e:4e:b6:
8d:6b:9c:59:12:e0:7c:1c:bb:46:e8:5f:55:67:f1:
01:14:61:f9:57:5a:ff:cc:1b:eb:e8:cc:1a:8d:1b:
a4:0c:d6:78:bd:62:b8:6e:69:b0:6d:2c:2f:51:d4:
43:c8:81:fc:99:21:a9:cb:dd:37:f0:68:5b:c7:95:
0a:52:ea:a0:87:5e:cc:0a:95:32:01:de:7b:f0:17:
7f:ac:b7:29:cf:09:e1:c4:dc:52:17:75:e1:ab:34:
ff:1a:0a:d3:ea:08:e1:90:1b:ef:5f:cf:51:97:fd:
8c:9d:e1:4e:b9:1c:d1:24:13:dd:96:ed:ae:8d:1f:
9d:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B3:C3:29:83:0A:9A:7A:76:57:A9:3F:58:49:F0:A8:E6:A5:52:E9
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/VrPDKYMKmnp2V6k_WEnwqOalUuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.19.0/24
82.115.58.0/24
85.159.94.0/24
86.54.184.0/24
91.147.108.0/24
91.147.111.0/24
92.240.243.0/24
109.175.215.0/24
185.162.234.0/24
193.43.251.0/24
194.31.133.0/24
194.31.135.0/24
212.108.87.0/24
IPv6:
2a0e:6600::/48
Signature Algorithm: sha256WithRSAEncryption
6d:6e:60:23:86:ae:ac:5c:7a:a3:33:a8:c3:57:96:45:08:e0:
4c:06:b3:08:77:ff:38:27:db:f7:3d:8d:3f:fd:32:e7:08:5c:
9e:c5:22:17:ca:4c:c6:9e:29:e7:30:7e:7e:48:f6:c4:48:90:
cb:d0:38:25:fb:3f:a3:e4:1e:97:3a:55:2a:fa:dd:6b:f4:79:
93:5d:6f:f4:d0:84:8f:4a:b3:20:3f:85:4b:fd:4b:0d:9c:20:
04:f8:4f:8d:cd:8d:90:6a:23:89:a8:d1:34:a4:37:c6:ba:46:
5f:37:62:83:dd:5a:7a:98:c1:0f:6a:4e:c7:95:9c:55:f3:72:
02:99:3e:44:01:d3:f0:fc:56:92:f5:f5:93:19:62:c3:01:31:
04:6b:fb:18:85:94:a5:2f:f8:bf:7a:a1:19:58:79:03:47:e6:
b4:62:34:f9:2f:29:87:49:e8:41:ad:07:0a:83:3b:30:78:1d:
c7:4c:78:6a:00:75:1a:07:4d:e5:36:68:81:34:f7:1d:3a:bf:
01:83:4d:5a:88:b4:b4:d5:ba:f5:73:f2:d8:1b:92:d1:0e:6c:
b9:73:31:6a:83:e8:77:7d:08:f9:2b:8f:1c:e5:64:8b:9e:d6:
71:b9:00:e4:c9:9f:02:b1:74:fe:7f:78:38:bd:fe:ce:67:a7:
00:12:98:48
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZ5EZMriTJObMqPC5cJNDhgfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjYwNTIwMDc1ODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmIzYzMyOTgzMGE5YTdhNzY1N2E5M2Y1ODQ5ZjBhOGU2YTU1MmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfk8tOvs9rwziQFBvqmYPP7kXf1p
oDoreiiNTA03Yyr/iOiFNVELDSRoqckopDUhvq4m+Rlb1yF5MsWWrXXQyRWDsMdj
3DN27rq9BEocAoJ3ikQ7sY6WrHe9WQNpST6TD7+uMfqNVb6SlhaqdmAw71anwFn1
mIOT70/Pc8YK4+74YdcuTraNa5xZEuB8HLtG6F9VZ/EBFGH5V1r/zBvr6MwajRuk
DNZ4vWK4bmmwbSwvUdRDyIH8mSGpy9038Ghbx5UKUuqgh17MCpUyAd578Bd/rLcp
zwnhxNxSF3XhqzT/GgrT6gjhkBvvX89Rl/2MneFOuRzRJBPdlu2ujR+diQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFFazwymDCpp6dlepP1hJ8KjmpVLpMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvVnJQREtZTUttbnAyVjZrX1dFbndxT2FsVXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBUBAIAATBOAwQATm0TAwQA
UnM6AwQAVZ9eAwQAVja4AwQAW5NsAwQAW5NvAwQAXPDzAwQAba/XAwQAuaLqAwQA
wSv7AwQAwh+FAwQAwh+HAwQA1GxXMA8EAgACMAkDBwAqDmYAAAAwDQYJKoZIhvcN
AQELBQADggEBAG1uYCOGrqxceqMzqMNXlkUI4EwGswh3/zgn2/c9jT/9MucIXJ7F
IhfKTMaeKecwfn5I9sRIkMvQOCX7P6PkHpc6VSr63Wv0eZNdb/TQhI9KsyA/hUv9
Sw2cIAT4T43NjZBqI4mo0TSkN8a6Rl83YoPdWnqYwQ9qTseVnFXzcgKZPkQB0/D8
VpL19ZMZYsMBMQRr+xiFlKUv+L96oRlYeQNH5rRiNPkvKYdJ6EGtBwqDOzB4HcdM
eGoAdRoHTeU2aIE09x06vwGDTVqItLTVuvVz8tgbktEObLlzMWqD6Hd9CPkrjxzl
ZIue1nG5AOTJnwKxdP5/eDi9/s5npwASmEg=
-----END CERTIFICATE-----
Generated at Sat Jun 13 18:05:11 2026 by rpki-client