Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/vBMa8D8eNzxBLsrPL1k9GTnXOn8.roa
File: vBMa8D8eNzxBLsrPL1k9GTnXOn8.roa (raw, json)
Hash identifier: UWwcbYv9HPvCfSynjrPEzR7bd4IIJE8KZlMTmIbnci0=
Subject key identifier: BC:13:1A:F0:3F:1E:37:3C:41:2E:CA:CF:2F:59:3D:19:39:D7:3A:7F
Certificate issuer: /CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Certificate serial: 01985B098CC13FBA29718FCFAEC112ECED86
Authority key identifier: 8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/vBMa8D8eNzxBLsrPL1k9GTnXOn8.roa
Signing time: Wed 30 Jul 2025 11:13:29 +0000
ROA not before: Wed 30 Jul 2025 11:13:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39855
IP address blocks: 45.11.52.0/22 maxlen: 24
45.11.176.0/22 maxlen: 24
45.13.108.0/22 maxlen: 24
45.14.216.0/22 maxlen: 24
45.91.117.0/24 maxlen: 24
45.133.140.0/24 maxlen: 24
45.133.142.0/24 maxlen: 24
91.212.20.0/24 maxlen: 24
91.212.27.0/24 maxlen: 24
193.39.246.0/24 maxlen: 24
195.80.230.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.mft
rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5b:09:8c:c1:3f:ba:29:71:8f:cf:ae:c1:12:ec:ed:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e1c11658d2041eaf2502fe5408ed493bbd4f318
Validity
Not Before: Jul 30 11:13:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc131af03f1e373c412ecacf2f593d1939d73a7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b5:f4:70:df:b0:e9:be:66:8a:69:7d:74:c7:
95:c5:9d:22:bf:68:08:05:2b:43:9d:bf:69:6d:8c:
fa:0f:0b:33:b9:78:f9:04:3c:b9:46:78:dd:5f:10:
14:2f:87:39:ed:d2:6c:2d:e4:00:d7:1f:a2:a5:d1:
80:0f:07:ec:9e:7a:ea:04:cc:52:0f:ac:f0:ad:fc:
c7:25:d9:32:99:2e:a1:15:3b:0d:85:44:4c:55:a9:
03:26:ee:af:22:a7:d9:f3:4b:e2:c1:77:a7:01:99:
0f:3c:cb:94:23:71:72:c0:76:61:13:fe:ac:67:88:
c7:18:e1:f8:c0:51:1a:d6:ab:21:4f:13:18:08:c9:
03:c8:34:3b:78:a4:c3:ca:e7:af:5d:b7:79:68:86:
3b:78:7c:ee:fb:ac:e3:1a:b0:24:c7:1e:39:9a:3b:
c2:58:db:0c:24:e6:48:43:d8:39:29:38:89:2d:df:
bd:13:17:f8:7a:22:96:7f:6d:ad:9e:f6:e5:7f:e2:
86:d3:f4:87:36:32:b7:dd:d1:68:e4:d7:ce:18:f5:
ae:0f:83:4c:f4:73:75:36:c8:22:41:84:49:4e:35:
54:a7:7e:98:7e:5c:ea:13:96:7b:d9:a5:f9:6e:c6:
16:0f:13:98:60:9f:6f:79:b4:83:37:a7:d3:f7:c0:
13:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:13:1A:F0:3F:1E:37:3C:41:2E:CA:CF:2F:59:3D:19:39:D7:3A:7F
X509v3 Authority Key Identifier:
keyid:8E:1C:11:65:8D:20:41:EA:F2:50:2F:E5:40:8E:D4:93:BB:D4:F3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jhwRZY0gQeryUC_lQI7Uk7vU8xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/vBMa8D8eNzxBLsrPL1k9GTnXOn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/70bf8b-d8c4-40c3-9022-63348cdbf024/1/jhwRZY0gQeryUC_lQI7Uk7vU8xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.52.0/22
45.11.176.0/22
45.13.108.0/22
45.14.216.0/22
45.91.117.0/24
45.133.140.0/24
45.133.142.0/24
91.212.20.0/24
91.212.27.0/24
193.39.246.0/24
195.80.230.0/23
Signature Algorithm: sha256WithRSAEncryption
88:54:72:d9:be:c7:c4:5b:3e:8c:13:7b:08:33:ca:81:1a:24:
37:d0:c0:83:62:3e:be:1c:50:fa:9b:ce:06:f2:5f:90:6c:f2:
9e:06:68:19:8d:b9:b9:90:b8:22:43:bb:bc:55:2a:dd:ae:a4:
10:be:72:00:69:f6:c7:d1:32:21:cd:f3:a3:26:79:34:d9:32:
46:2a:db:dd:20:4e:0d:dc:d6:73:dc:6e:fb:04:d0:85:c9:97:
43:fc:86:59:52:c7:7b:eb:94:3f:fd:e3:84:05:ba:7f:67:8b:
ae:08:fc:b2:f2:e3:40:a3:7b:6b:36:b8:d1:5b:17:8a:56:63:
56:0f:0d:08:19:31:52:4a:99:ee:4b:df:76:d4:a2:35:1f:3b:
37:b3:9e:ee:aa:6a:22:0c:af:82:e3:0f:1d:6e:48:87:a9:f2:
e3:19:88:01:bb:ae:fb:f8:16:a1:2e:5f:72:00:30:0e:ac:73:
8a:05:ae:37:90:92:fa:c1:09:5b:1b:d2:c0:1f:21:c9:84:f6:
5b:81:21:af:01:bf:f9:e4:f0:c8:e8:1d:b4:6f:18:59:46:c0:
21:38:c3:26:d4:03:2c:3c:a0:ea:49:d8:7f:31:c7:72:4f:8d:
af:72:9d:79:79:97:ac:14:2f:df:8e:68:6d:b7:b7:a6:8e:90:
e9:77:f1:d2
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZhbCYzBP7opcY/PrsES7O2GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMWMxMTY1OGQyMDQxZWFmMjUwMmZlNTQwOGVkNDkzYmJk
NGYzMTgwHhcNMjUwNzMwMTExMzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzEzMWFmMDNmMWUzNzNjNDEyZWNhY2YyZjU5M2QxOTM5ZDczYTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbX0cN+w6b5miml9dMeVxZ0iv2gI
BStDnb9pbYz6DwszuXj5BDy5RnjdXxAUL4c57dJsLeQA1x+ipdGADwfsnnrqBMxS
D6zwrfzHJdkymS6hFTsNhURMVakDJu6vIqfZ80viwXenAZkPPMuUI3FywHZhE/6s
Z4jHGOH4wFEa1qshTxMYCMkDyDQ7eKTDyuevXbd5aIY7eHzu+6zjGrAkxx45mjvC
WNsMJOZIQ9g5KTiJLd+9Exf4eiKWf22tnvblf+KG0/SHNjK33dFo5NfOGPWuD4NM
9HN1NsgiQYRJTjVUp36YflzqE5Z72aX5bsYWDxOYYJ9vebSDN6fT98ATjQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFLwTGvA/Hjc8QS7Kzy9ZPRk51zp/MB8GA1UdIwQY
MBaAFI4cEWWNIEHq8lAv5UCO1JO71PMYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjIt
NjMzNDhjZGJmMDI0LzEvdkJNYThEOGVOenhCTHNyUEwxazlHVG5YT244LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83MGJmOGItZDhjNC00MGMzLTkwMjItNjMzNDhjZGJmMDI0
LzEvamh3UlpZMGdRZXJ5VUNfbFFJN1VrN3ZVOHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCLQs0AwQC
LQuwAwQCLQ1sAwQCLQ7YAwQALVt1AwQALYWMAwQALYWOAwQAW9QUAwQAW9QbAwQA
wSf2AwQBw1DmMA0GCSqGSIb3DQEBCwUAA4IBAQCIVHLZvsfEWz6ME3sIM8qBGiQ3
0MCDYj6+HFD6m84G8l+QbPKeBmgZjbm5kLgiQ7u8VSrdrqQQvnIAafbH0TIhzfOj
Jnk02TJGKtvdIE4N3NZz3G77BNCFyZdD/IZZUsd765Q//eOEBbp/Z4uuCPyy8uNA
o3trNrjRWxeKVmNWDw0IGTFSSpnuS9921KI1Hzs3s57uqmoiDK+C4w8dbkiHqfLj
GYgBu677+BahLl9yADAOrHOKBa43kJL6wQlbG9LAHyHJhPZbgSGvAb/55PDI6B20
bxhZRsAhOMMm1AMsPKDqSdh/McdyT42vcp15eZesFC/fjmhtt7emjpDpd/HS
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:52:04 2025 by rpki-client