Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/vcr-6g3TK2GYTVHKOjK6Olnw9Ts.roa
File: vcr-6g3TK2GYTVHKOjK6Olnw9Ts.roa (raw, json)
Hash identifier: QCiqjvGXLw1k7s3OtOy2umQOwfZQsPmSpej0Sdd4eUQ=
Subject key identifier: BD:CA:FE:EA:0D:D3:2B:61:98:4D:51:CA:3A:32:BA:3A:59:F0:F5:3B
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 019C903745044422FDAF034AD5AC53E3FAEA
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/vcr-6g3TK2GYTVHKOjK6Olnw9Ts.roa
Signing time: Tue 24 Feb 2026 15:14:27 +0000
ROA not before: Tue 24 Feb 2026 15:14:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57043
IP address blocks: 138.249.117.0/24 maxlen: 24
138.249.141.0/24 maxlen: 24
138.249.149.0/24 maxlen: 24
170.168.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:90:37:45:04:44:22:fd:af:03:4a:d5:ac:53:e3:fa:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Feb 24 15:14:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bdcafeea0dd32b61984d51ca3a32ba3a59f0f53b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:75:29:60:82:9c:23:91:43:6d:c3:26:f4:94:
18:dc:7a:f2:b6:66:23:c9:a6:f3:d8:4b:15:16:80:
34:7e:6e:a4:29:87:7d:37:3a:6d:7d:64:08:22:db:
e0:c1:c5:a4:b4:fa:47:87:6a:69:52:e3:88:f6:a4:
ee:5f:88:1c:9f:b1:d6:97:6a:ef:88:87:a3:c0:39:
72:7a:c2:98:e0:b6:37:9a:8c:70:f4:5a:a0:0f:37:
ee:d3:92:d5:d1:d3:bb:ad:c9:1b:9f:c3:2f:63:d4:
70:ed:2a:36:88:27:2a:c0:7e:d3:04:1c:6e:f7:59:
13:69:5b:17:fb:14:95:80:88:58:0d:e1:9a:d2:80:
58:43:22:17:c4:91:8c:cc:f5:02:9b:be:0d:9c:51:
fb:14:68:89:a5:78:b9:16:ea:64:59:da:74:74:1c:
19:fd:e1:8c:91:52:79:6b:d0:9f:0b:06:a5:19:1a:
e1:78:46:37:51:d7:a7:87:9c:88:6b:89:9c:47:ae:
62:ed:cd:43:05:cc:a1:17:9a:f5:0e:7a:93:62:30:
7c:fb:53:e4:8b:ca:57:b6:e3:5e:81:e7:ab:57:01:
1a:d8:28:63:f3:87:46:64:e7:4b:30:7f:2d:c4:0d:
b7:6a:c4:bc:c1:d1:46:13:93:fe:dc:cb:5f:ea:95:
3a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:CA:FE:EA:0D:D3:2B:61:98:4D:51:CA:3A:32:BA:3A:59:F0:F5:3B
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/vcr-6g3TK2GYTVHKOjK6Olnw9Ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.249.117.0/24
138.249.141.0/24
138.249.149.0/24
170.168.91.0/24
Signature Algorithm: sha256WithRSAEncryption
66:54:aa:82:8e:79:5b:92:05:0c:6f:6d:f3:39:c8:ae:63:ba:
db:12:35:ce:eb:95:cf:0b:0d:75:fc:0a:7e:97:a2:ec:e7:f3:
88:2f:f8:4e:f8:84:4f:d6:fd:a0:9a:81:89:d7:e5:97:6a:26:
c6:e4:cb:00:ff:d7:35:fd:b6:eb:d5:80:4d:34:08:13:0d:cb:
61:e4:8b:d4:e2:fe:75:19:83:7a:b6:fd:61:90:d7:44:26:a6:
38:89:a6:5f:c9:95:99:ab:e0:ee:ad:c5:69:ce:fc:c0:45:28:
37:49:59:bf:6b:79:1c:99:40:69:df:c5:ba:cf:1a:49:48:0c:
17:dd:9a:d0:7b:d1:43:af:2e:32:b1:9d:0b:89:2c:b8:36:73:
31:37:75:44:24:0c:e5:cd:4c:39:e1:ba:30:2b:66:c4:31:75:
1a:85:2e:c1:07:77:e5:c5:5d:34:d5:49:35:74:a9:42:8a:11:
6b:6a:c1:9d:de:ed:06:e4:6a:09:22:29:f3:8b:7b:b0:a8:d4:
7c:3e:27:6e:fc:cf:39:9e:57:6e:1c:20:9d:cd:33:e8:05:42:
ba:8e:75:e5:d9:db:7d:62:e2:04:32:85:53:66:35:67:f3:0d:
83:0f:8d:ed:1c:48:0c:a2:dd:6a:cb:ed:6c:bd:55:2f:e1:58:
ef:7f:50:fc
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZyQN0UERCL9rwNK1axT4/rqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjYwMjI0MTUxNDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGNhZmVlYTBkZDMyYjYxOTg0ZDUxY2EzYTMyYmEzYTU5ZjBmNTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnUpYIKcI5FDbcMm9JQY3HrytmYj
yabz2EsVFoA0fm6kKYd9NzptfWQIItvgwcWktPpHh2ppUuOI9qTuX4gcn7HWl2rv
iIejwDlyesKY4LY3moxw9FqgDzfu05LV0dO7rckbn8MvY9Rw7So2iCcqwH7TBBxu
91kTaVsX+xSVgIhYDeGa0oBYQyIXxJGMzPUCm74NnFH7FGiJpXi5FupkWdp0dBwZ
/eGMkVJ5a9CfCwalGRrheEY3Udenh5yIa4mcR65i7c1DBcyhF5r1DnqTYjB8+1Pk
i8pXtuNegeerVwEa2Chj84dGZOdLMH8txA23asS8wdFGE5P+3Mtf6pU6/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFL3K/uoN0ythmE1RyjoyujpZ8PU7MB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvdmNyLTZnM1RLMkdZVFZIS09qSzZPbG53OVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAivl1AwQA
ivmNAwQAivmVAwQAqqhbMA0GCSqGSIb3DQEBCwUAA4IBAQBmVKqCjnlbkgUMb23z
OciuY7rbEjXO65XPCw11/Ap+l6Ls5/OIL/hO+IRP1v2gmoGJ1+WXaibG5MsA/9c1
/bbr1YBNNAgTDcth5IvU4v51GYN6tv1hkNdEJqY4iaZfyZWZq+DurcVpzvzARSg3
SVm/a3kcmUBp38W6zxpJSAwX3ZrQe9FDry4ysZ0LiSy4NnMxN3VEJAzlzUw54bow
K2bEMXUahS7BB3flxV001Uk1dKlCihFrasGd3u0G5GoJIinzi3uwqNR8Pidu/M85
nlduHCCdzTPoBUK6jnXl2dt9YuIEMoVTZjVn8w2DD43tHEgMot1qy+1svVUv4Vjv
f1D8
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:11:22 2026 by rpki-client