Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/VGL6GimIkrNlEBBiW4ncMBzPKWg.roa
File: VGL6GimIkrNlEBBiW4ncMBzPKWg.roa (raw, json)
Hash identifier: 2aErGWrOjketUDd8CWFjnoyEM3sWzcLcOD9CYbPzuro=
Subject key identifier: 54:62:FA:1A:29:88:92:B3:65:10:10:62:5B:89:DC:30:1C:CF:29:68
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 019EB5CADEB46AFB4A9A22089CFF703AB7CE
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/VGL6GimIkrNlEBBiW4ncMBzPKWg.roa
Signing time: Thu 11 Jun 2026 08:27:11 +0000
ROA not before: Thu 11 Jun 2026 08:27:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209847
IP address blocks: 5.182.36.0/24 maxlen: 24
5.182.37.0/24 maxlen: 24
5.182.38.0/24 maxlen: 24
5.182.39.0/24 maxlen: 24
45.8.144.0/24 maxlen: 24
45.8.145.0/24 maxlen: 24
45.8.146.0/24 maxlen: 24
45.8.147.0/24 maxlen: 24
45.67.34.0/24 maxlen: 24
45.67.35.0/24 maxlen: 24
45.84.0.0/24 maxlen: 24
45.87.152.0/24 maxlen: 24
45.87.153.0/24 maxlen: 24
45.87.154.0/24 maxlen: 24
45.87.155.0/24 maxlen: 24
45.89.52.0/24 maxlen: 24
45.89.53.0/24 maxlen: 24
45.89.54.0/24 maxlen: 24
45.89.55.0/24 maxlen: 24
45.93.10.0/24 maxlen: 24
45.93.11.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
45.159.249.0/24 maxlen: 24
45.159.250.0/24 maxlen: 24
45.159.251.0/24 maxlen: 24
141.98.168.0/24 maxlen: 24
141.98.169.0/24 maxlen: 24
141.98.170.0/24 maxlen: 24
185.231.204.0/24 maxlen: 24
185.231.205.0/24 maxlen: 24
185.231.206.0/24 maxlen: 24
185.231.207.0/24 maxlen: 24
188.119.123.0/24 maxlen: 24
193.43.146.0/24 maxlen: 24
193.43.147.0/24 maxlen: 24
193.46.56.0/24 maxlen: 24
193.46.57.0/24 maxlen: 24
193.57.136.0/24 maxlen: 24
193.57.137.0/24 maxlen: 24
193.57.138.0/24 maxlen: 24
193.57.139.0/24 maxlen: 24
194.4.48.0/24 maxlen: 24
194.4.49.0/24 maxlen: 24
194.4.50.0/24 maxlen: 24
194.4.51.0/24 maxlen: 24
194.31.109.0/24 maxlen: 24
194.116.172.0/24 maxlen: 24
194.116.173.0/24 maxlen: 24
194.116.190.0/24 maxlen: 24
194.116.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 05:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b5:ca:de:b4:6a:fb:4a:9a:22:08:9c:ff:70:3a:b7:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jun 11 08:27:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5462fa1a298892b3651010625b89dc301ccf2968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ad:74:30:9e:4f:2b:20:17:44:11:e9:15:e2:
0a:4f:77:91:79:c3:00:ae:a3:12:bc:aa:c8:8e:72:
6b:3e:4a:9a:de:84:32:75:ab:ea:4f:b2:30:b4:6a:
0c:7d:57:ee:64:85:5d:38:51:ed:5b:47:86:4d:f0:
0b:5d:38:f3:c1:52:46:93:13:e5:55:fe:10:24:1b:
af:1d:9c:81:98:28:8f:ea:68:ba:c0:37:e0:43:79:
df:9c:9d:e0:52:40:7f:47:5c:64:81:dc:d8:41:ce:
af:ec:91:3a:4f:44:ea:11:0d:f8:4c:cc:cb:31:73:
1b:b2:65:bd:a7:6d:91:80:c1:de:51:d5:a7:54:16:
2f:de:05:51:50:79:d2:52:7b:1e:85:4b:cc:13:92:
50:0d:c8:e4:ef:cf:d1:1e:28:fe:f6:98:c4:6e:77:
af:08:21:44:d6:85:0b:c8:d1:fd:05:28:38:ac:db:
48:f0:d1:5e:d2:fc:73:d7:d1:d7:40:49:16:7b:9e:
07:12:10:87:90:12:13:04:52:f5:8c:a1:77:5c:63:
b6:92:35:34:59:e5:a6:88:df:ff:ec:30:86:15:57:
59:f9:82:f2:30:a6:84:84:da:96:67:7a:00:fb:5d:
10:b7:4f:5e:93:43:fa:3a:9f:1a:79:49:27:05:a8:
59:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:62:FA:1A:29:88:92:B3:65:10:10:62:5B:89:DC:30:1C:CF:29:68
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/VGL6GimIkrNlEBBiW4ncMBzPKWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.36.0/22
45.8.144.0/22
45.67.34.0/23
45.84.0.0/24
45.87.152.0/22
45.89.52.0/22
45.93.10.0/23
45.159.248.0/22
141.98.168.0-141.98.170.255
185.231.204.0/22
188.119.123.0/24
193.43.146.0/23
193.46.56.0/23
193.57.136.0/22
194.4.48.0/22
194.31.109.0/24
194.116.172.0/23
194.116.190.0/23
Signature Algorithm: sha256WithRSAEncryption
b4:c9:ef:c2:23:a7:fa:2d:99:2b:c6:1d:df:15:db:09:07:65:
0e:53:b0:83:fe:3b:70:16:9e:f9:55:0b:0c:06:58:97:f7:fa:
25:07:9e:60:27:b6:cd:ab:1e:ba:a4:e1:88:63:b7:b9:64:98:
a0:40:71:56:da:5f:39:5f:7b:4e:79:1d:b8:e6:09:37:68:65:
6f:ab:80:46:4c:b1:a0:29:89:6d:9f:ac:e5:78:5f:88:d8:99:
dd:ef:51:8e:33:e1:77:cb:ba:12:67:61:be:2c:90:2a:09:5e:
e8:08:9a:29:8c:9a:b3:69:cb:cf:ca:b7:01:be:1c:fe:b9:a6:
11:ae:fc:05:ca:71:f2:af:b9:8a:ad:b3:7a:ae:9f:86:fc:6d:
97:69:c9:a6:4c:ed:b2:1f:07:b0:45:1b:ef:50:27:ae:8a:fe:
23:20:20:b3:f0:5f:7c:27:62:80:c8:4f:0b:87:7a:b8:cf:86:
1a:84:4c:2e:f9:dc:17:db:75:31:67:48:b3:60:8c:88:d9:e8:
05:59:2d:d8:87:5c:8c:8f:b2:c9:a5:80:f2:f9:de:d5:1d:01:
e5:ba:66:65:21:4d:4c:b8:10:35:1b:5e:97:70:00:68:e8:4b:
17:1b:56:ca:3d:64:48:ef:2c:a8:18:b9:ac:c8:29:aa:42:bd:
a2:6f:52:7e
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZ61yt60avtKmiIInP9wOrfOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjYwNjExMDgyNzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDYyZmExYTI5ODg5MmIzNjUxMDEwNjI1Yjg5ZGMzMDFjY2YyOTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtq10MJ5PKyAXRBHpFeIKT3eRecMA
rqMSvKrIjnJrPkqa3oQydavqT7IwtGoMfVfuZIVdOFHtW0eGTfALXTjzwVJGkxPl
Vf4QJBuvHZyBmCiP6mi6wDfgQ3nfnJ3gUkB/R1xkgdzYQc6v7JE6T0TqEQ34TMzL
MXMbsmW9p22RgMHeUdWnVBYv3gVRUHnSUnsehUvME5JQDcjk78/RHij+9pjEbnev
CCFE1oULyNH9BSg4rNtI8NFe0vxz19HXQEkWe54HEhCHkBITBFL1jKF3XGO2kjU0
WeWmiN//7DCGFVdZ+YLyMKaEhNqWZ3oA+10Qt09ek0P6Op8aeUknBahZnQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFFRi+hopiJKzZRAQYluJ3DAczyloMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvVkdMNkdpbUlrck5sRUJCaVc0bmNNQnpQS1dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAgW2JAME
Ai0IkAMEAS1DIgMEAC1UAAMEAi1XmAMEAi1ZNAMEAS1dCgMEAi2f+DAMAwQDjWKo
AwQAjWKqAwQCuefMAwQAvHd7AwQBwSuSAwQBwS44AwQCwTmIAwQCwgQwAwQAwh9t
AwQBwnSsAwQBwnS+MA0GCSqGSIb3DQEBCwUAA4IBAQC0ye/CI6f6LZkrxh3fFdsJ
B2UOU7CD/jtwFp75VQsMBliX9/olB55gJ7bNqx66pOGIY7e5ZJigQHFW2l85X3tO
eR245gk3aGVvq4BGTLGgKYltn6zleF+I2Jnd71GOM+F3y7oSZ2G+LJAqCV7oCJop
jJqzacvPyrcBvhz+uaYRrvwFynHyr7mKrbN6rp+G/G2XacmmTO2yHwewRRvvUCeu
iv4jICCz8F98J2KAyE8Lh3q4z4YahEwu+dwX23UxZ0izYIyI2egFWS3Yh1yMj7LJ
pYDy+d7VHQHlumZlIU1MuBA1G16XcABo6EsXG1bKPWRI7yyoGLmsyCmqQr2ib1J+
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:53:28 2026 by rpki-client