Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/501fd3-a8cd-4e2d-9d32-2fb72a0aef6d/1/VgX2YIG6L_L8c5HWMPiqq1n_S1o.roa
File: VgX2YIG6L_L8c5HWMPiqq1n_S1o.roa (raw, json)
Hash identifier: BRlNIKeJrtOTaA3OLFtig45D6GjYy7gWY1CCeaiI+5U=
Subject key identifier: 56:05:F6:60:81:BA:2F:F2:FC:73:91:D6:30:F8:AA:AB:59:FF:4B:5A
Certificate issuer: /CN=1faacab8e456bb291979a7357a7024f00bebaaf5
Certificate serial: 0199F6CDFEBFC5D0A8A3CED4CE9D84EF4D58
Authority key identifier: 1F:AA:CA:B8:E4:56:BB:29:19:79:A7:35:7A:70:24:F0:0B:EB:AA:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H6rKuORWuykZeac1enAk8AvrqvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/501fd3-a8cd-4e2d-9d32-2fb72a0aef6d/1/VgX2YIG6L_L8c5HWMPiqq1n_S1o.roa
Signing time: Sat 18 Oct 2025 10:11:59 +0000
ROA not before: Sat 18 Oct 2025 10:11:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50937
IP address blocks: 66.33.37.0/24 maxlen: 24
194.117.85.0/24 maxlen: 24
2a14:3b40::/32 maxlen: 48
2a14:3b40::/36 maxlen: 48
2a14:3b41::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/501fd3-a8cd-4e2d-9d32-2fb72a0aef6d/1/H6rKuORWuykZeac1enAk8AvrqvU.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/501fd3-a8cd-4e2d-9d32-2fb72a0aef6d/1/H6rKuORWuykZeac1enAk8AvrqvU.mft
rsync://rpki.ripe.net/repository/DEFAULT/H6rKuORWuykZeac1enAk8AvrqvU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f6:cd:fe:bf:c5:d0:a8:a3:ce:d4:ce:9d:84:ef:4d:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1faacab8e456bb291979a7357a7024f00bebaaf5
Validity
Not Before: Oct 18 10:11:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5605f66081ba2ff2fc7391d630f8aaab59ff4b5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e7:0d:f9:88:7e:59:98:c8:d4:77:7d:7c:33:
12:eb:6c:9f:11:02:92:77:a2:3f:32:bf:7f:ca:f2:
8d:1f:5c:c6:ce:c9:f2:5f:43:57:0a:02:6d:4c:1d:
7c:2e:47:fa:48:c6:7e:7d:6c:20:38:3e:9c:35:5b:
f1:fb:1d:33:7a:c3:10:c9:8e:1c:93:8d:7b:d8:3e:
20:c8:52:6e:af:02:64:0a:26:a4:8c:97:57:84:89:
6a:37:93:f4:18:24:7b:de:7e:06:84:f2:c6:bb:b2:
f7:8f:bc:aa:b1:a6:4a:47:d5:5c:df:45:59:f9:39:
25:41:d1:31:5f:85:69:de:9b:e8:d5:6d:40:d2:0d:
c4:74:70:e0:a7:94:4e:94:d5:cd:60:0d:e7:4b:89:
8c:42:a6:2e:7a:42:aa:5d:07:a6:19:a6:03:9e:55:
cb:f0:fb:76:52:7d:72:61:66:ca:61:f4:39:37:06:
d4:6d:de:09:a8:06:ab:2a:5c:5c:97:5b:4b:a4:58:
b7:9c:b4:53:11:0c:c3:3c:44:0a:46:1f:ea:eb:25:
56:aa:fd:4e:7b:db:f2:fe:ed:20:9c:02:e6:55:de:
5e:7c:f0:7c:27:ce:0b:08:b3:2a:99:e6:83:14:60:
41:6a:e2:e7:00:ce:d2:1d:0f:21:74:a7:44:6c:21:
03:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:05:F6:60:81:BA:2F:F2:FC:73:91:D6:30:F8:AA:AB:59:FF:4B:5A
X509v3 Authority Key Identifier:
keyid:1F:AA:CA:B8:E4:56:BB:29:19:79:A7:35:7A:70:24:F0:0B:EB:AA:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H6rKuORWuykZeac1enAk8AvrqvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/501fd3-a8cd-4e2d-9d32-2fb72a0aef6d/1/VgX2YIG6L_L8c5HWMPiqq1n_S1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/501fd3-a8cd-4e2d-9d32-2fb72a0aef6d/1/H6rKuORWuykZeac1enAk8AvrqvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.33.37.0/24
194.117.85.0/24
IPv6:
2a14:3b40::/31
Signature Algorithm: sha256WithRSAEncryption
c7:6c:6e:b0:57:f8:63:ca:3f:fa:8c:67:44:49:00:3d:e8:06:
3d:23:bd:11:03:ec:6e:9a:c2:38:a9:84:a0:b0:08:23:07:64:
c9:b3:44:51:71:50:8b:82:84:ec:06:3f:59:c3:10:9e:86:9a:
d7:94:f4:95:5f:06:49:71:ce:fd:04:18:c4:bb:35:1e:65:0a:
87:0a:d2:2c:5f:76:4f:97:b3:5f:83:8a:2f:a3:00:92:8b:b2:
14:b9:24:17:1c:fb:2e:61:ab:a4:45:c7:99:77:36:fe:a0:42:
57:c6:4f:81:4c:04:cb:2e:62:1f:9d:65:d8:19:a0:ed:76:a4:
c0:af:ad:21:a4:6b:3c:b5:1f:67:51:1e:f6:cf:d8:bc:41:2d:
31:f6:d4:60:60:f2:01:40:22:88:81:cf:c8:0e:0b:53:7e:25:
13:66:d3:ad:b1:15:23:9f:7c:c1:bf:df:13:ee:54:f3:c1:a9:
0f:d5:5c:4f:9d:d0:ef:bd:67:f5:f3:5f:81:91:81:50:ee:fe:
06:03:4b:52:50:2b:17:87:a4:52:9c:e7:f1:19:60:6c:ef:04:
94:7b:8a:40:23:a0:f3:a8:c3:4d:19:24:f6:b3:4f:98:7f:d3:
a8:53:4e:97:2c:5b:5d:dc:e4:c5:d3:40:df:cd:cc:0a:87:25:
15:4c:0d:cd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZn2zf6/xdCoo87Uzp2E701YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmYWFjYWI4ZTQ1NmJiMjkxOTc5YTczNTdhNzAyNGYwMGJl
YmFhZjUwHhcNMjUxMDE4MTAxMTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjA1ZjY2MDgxYmEyZmYyZmM3MzkxZDYzMGY4YWFhYjU5ZmY0YjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+cN+Yh+WZjI1Hd9fDMS62yfEQKS
d6I/Mr9/yvKNH1zGzsnyX0NXCgJtTB18Lkf6SMZ+fWwgOD6cNVvx+x0zesMQyY4c
k4172D4gyFJurwJkCiakjJdXhIlqN5P0GCR73n4GhPLGu7L3j7yqsaZKR9Vc30VZ
+TklQdExX4Vp3pvo1W1A0g3EdHDgp5ROlNXNYA3nS4mMQqYuekKqXQemGaYDnlXL
8Pt2Un1yYWbKYfQ5NwbUbd4JqAarKlxcl1tLpFi3nLRTEQzDPEQKRh/q6yVWqv1O
e9vy/u0gnALmVd5efPB8J84LCLMqmeaDFGBBauLnAM7SHQ8hdKdEbCED2wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFYF9mCBui/y/HOR1jD4qqtZ/0taMB8GA1UdIwQY
MBaAFB+qyrjkVrspGXmnNXpwJPAL66r1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDZyS3VPUld1eWtaZWFjMWVuQWs4QXZycXZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My81MDFmZDMtYThjZC00ZTJkLTlkMzIt
MmZiNzJhMGFlZjZkLzEvVmdYMllJRzZMX0w4YzVIV01QaXFxMW5fUzFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My81MDFmZDMtYThjZC00ZTJkLTlkMzItMmZiNzJhMGFlZjZk
LzEvSDZyS3VPUld1eWtaZWFjMWVuQWs4QXZycXZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAQiElAwQA
wnVVMA0EAgACMAcDBQEqFDtAMA0GCSqGSIb3DQEBCwUAA4IBAQDHbG6wV/hjyj/6
jGdESQA96AY9I70RA+xumsI4qYSgsAgjB2TJs0RRcVCLgoTsBj9ZwxCehprXlPSV
XwZJcc79BBjEuzUeZQqHCtIsX3ZPl7Nfg4ovowCSi7IUuSQXHPsuYaukRceZdzb+
oEJXxk+BTATLLmIfnWXYGaDtdqTAr60hpGs8tR9nUR72z9i8QS0x9tRgYPIBQCKI
gc/IDgtTfiUTZtOtsRUjn3zBv98T7lTzwakP1VxPndDvvWf181+BkYFQ7v4GA0tS
UCsXh6RSnOfxGWBs7wSUe4pAI6DzqMNNGST2s0+Yf9OoU06XLFtd3OTF00DfzcwK
hyUVTA3N
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:30:18 2025 by rpki-client