Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/f787a9-5763-4c36-8c73-341f5173fcf7/1/vBd96lvIsDsfGISTsOxkg88egXA.roa
File: vBd96lvIsDsfGISTsOxkg88egXA.roa (raw, json)
Hash identifier: RnnbPzBvvvPoGwsnPKy9bGG71tb5eaAdI+LKM3Dltq4=
Subject key identifier: BC:17:7D:EA:5B:C8:B0:3B:1F:18:84:93:B0:EC:64:83:CF:1E:81:70
Certificate issuer: /CN=5d0c27f85581e2e7bde0c98fbd54be1d49670517
Certificate serial: 019C33EEC9D5B2194D6FE1A6D39AA66E2825
Authority key identifier: 5D:0C:27:F8:55:81:E2:E7:BD:E0:C9:8F:BD:54:BE:1D:49:67:05:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XQwn-FWB4ue94MmPvVS-HUlnBRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/f787a9-5763-4c36-8c73-341f5173fcf7/1/vBd96lvIsDsfGISTsOxkg88egXA.roa
Signing time: Fri 06 Feb 2026 17:10:12 +0000
ROA not before: Fri 06 Feb 2026 17:10:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48159
IP address blocks: 178.251.208.0/24 maxlen: 24
178.251.212.0/24 maxlen: 24
178.251.213.0/24 maxlen: 24
178.251.214.0/24 maxlen: 24
178.251.215.0/24 maxlen: 24
185.11.88.0/22 maxlen: 22
185.11.88.0/24 maxlen: 24
185.11.89.0/24 maxlen: 24
185.11.90.0/24 maxlen: 24
185.11.91.0/24 maxlen: 24
2a03:57c0::/32 maxlen: 32
2a03:57c0:7c00::1208:3/128 maxlen: 128
2a03:57c0:7c00::1208:25/128 maxlen: 128
2a03:57c0:7c00::1208:27/128 maxlen: 128
2a03:57c0:7c00::1208:45/128 maxlen: 128
2a03:57c0:7c00::1208:55/128 maxlen: 128
2a03:57c0:7c00::1208:65/128 maxlen: 128
2a03:57c0:7c00::1208:75/128 maxlen: 128
2a03:57c0:7c00::1208:95/128 maxlen: 128
2a03:57c0:7c00::1208:137/128 maxlen: 128
2a03:57c0:7c00::1208:143/128 maxlen: 128
2a03:57c0:7c00::1208:165/128 maxlen: 128
2a03:57c0:7c00::1208:175/128 maxlen: 128
2a03:57c0:7c00::1208:177/128 maxlen: 128
2a03:57c0:7c00::1208:185/128 maxlen: 128
2a03:57c0:7c00::1208:201/128 maxlen: 128
2a03:57c0:7c00::1208:215/128 maxlen: 128
2a03:57c0:7c00::1208:220/128 maxlen: 128
2a03:57c0:7c00::1208:235/128 maxlen: 128
2a03:57c0:7c00::1209:25/128 maxlen: 128
2a03:57c0:7c00::1209:27/128 maxlen: 128
2a03:57c0:7c00::1209:55/128 maxlen: 128
2a03:57c0:7c00::1209:75/128 maxlen: 128
2a03:57c0:7c00::1209:85/128 maxlen: 128
2a03:57c0:7c00::1209:95/128 maxlen: 128
2a03:57c0:7c00::1209:135/128 maxlen: 128
2a03:57c0:7c00::1209:155/128 maxlen: 128
2a03:57c0:7c00::1209:165/128 maxlen: 128
2a03:57c0:7c00::1209:177/128 maxlen: 128
2a03:57c0:7c00::1209:211/128 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/f787a9-5763-4c36-8c73-341f5173fcf7/1/XQwn-FWB4ue94MmPvVS-HUlnBRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/f787a9-5763-4c36-8c73-341f5173fcf7/1/XQwn-FWB4ue94MmPvVS-HUlnBRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/XQwn-FWB4ue94MmPvVS-HUlnBRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 23:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:33:ee:c9:d5:b2:19:4d:6f:e1:a6:d3:9a:a6:6e:28:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d0c27f85581e2e7bde0c98fbd54be1d49670517
Validity
Not Before: Feb 6 17:10:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bc177dea5bc8b03b1f188493b0ec6483cf1e8170
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1b:c4:b1:66:89:b3:bc:d6:03:f9:c7:5d:25:
73:11:e7:8f:db:f7:ff:d1:db:51:88:71:13:51:cc:
91:c2:03:4c:59:28:80:4b:78:f3:92:9f:2d:5f:1c:
44:22:a7:ac:4d:71:2e:60:c0:2f:5b:7a:2c:b4:7f:
23:64:83:2c:20:a5:ac:b4:76:98:fe:a0:1e:5e:a7:
d3:4b:68:87:20:f6:5d:39:78:dd:72:80:69:ce:16:
e4:10:4e:b5:48:91:69:bc:9c:54:44:c4:5c:ed:9a:
7a:9b:a7:94:fc:bb:33:79:83:75:55:55:af:1c:e4:
13:ad:5d:b2:81:bd:c2:b8:56:de:78:65:24:c9:79:
ba:58:52:08:1d:6e:49:ac:19:6c:fd:ac:21:6a:57:
f4:a8:6b:cd:15:da:b9:be:13:9e:44:7c:6e:fb:e0:
cc:cf:c1:17:58:63:12:02:dc:d3:98:e5:27:b9:d6:
44:37:f0:d6:43:a6:9f:f9:6d:e5:ad:01:66:9e:26:
f2:fa:d2:d9:ce:ff:f3:b7:3b:97:59:91:cf:88:ce:
59:85:e3:c9:9f:a9:ff:fd:dd:97:0a:82:3c:7c:f7:
19:09:9c:98:16:9c:5e:bc:62:b8:58:6a:26:85:a6:
73:91:0a:69:8a:92:33:35:26:12:01:44:e4:31:0a:
cf:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:17:7D:EA:5B:C8:B0:3B:1F:18:84:93:B0:EC:64:83:CF:1E:81:70
X509v3 Authority Key Identifier:
keyid:5D:0C:27:F8:55:81:E2:E7:BD:E0:C9:8F:BD:54:BE:1D:49:67:05:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XQwn-FWB4ue94MmPvVS-HUlnBRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f787a9-5763-4c36-8c73-341f5173fcf7/1/vBd96lvIsDsfGISTsOxkg88egXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/f787a9-5763-4c36-8c73-341f5173fcf7/1/XQwn-FWB4ue94MmPvVS-HUlnBRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.208.0/24
178.251.212.0/22
185.11.88.0/22
IPv6:
2a03:57c0::/32
Signature Algorithm: sha256WithRSAEncryption
0d:6c:51:8c:3c:dc:4d:dd:4e:3b:dd:92:39:11:bb:bc:1a:cb:
a4:79:29:d4:fd:79:94:10:1f:5e:68:16:f9:3f:83:6c:2d:44:
35:87:2d:97:dc:8f:00:08:6e:9f:c4:93:11:95:dd:f2:d7:4b:
32:39:e6:26:b1:f0:cd:f0:18:d0:ec:c1:7c:a0:c3:fd:36:3f:
4b:e6:34:e0:d4:4d:a1:39:31:ba:75:e7:51:bf:af:62:f3:72:
a9:64:8e:ea:25:e5:b9:31:b5:7d:03:a6:31:bc:1f:bf:d7:45:
53:4c:8a:6e:3e:9e:63:9d:89:40:df:90:d3:54:84:ab:08:71:
09:89:c1:3f:8c:e3:ef:99:2f:0f:50:3c:73:6c:1d:59:c6:71:
0d:a8:3d:6e:60:38:e5:b4:31:3a:d9:fb:fb:0e:bf:95:b9:89:
98:a6:dd:ff:00:df:af:f3:ef:e9:b9:2f:9b:c6:69:7d:96:f4:
df:b4:16:ae:7e:05:88:3c:79:cd:41:da:78:36:23:8c:94:79:
cd:57:4d:2b:ce:3d:49:e3:90:9f:a7:32:2d:62:ea:f4:42:ea:
ff:8e:0c:47:fd:ef:0f:f0:71:2d:88:7e:9c:15:e9:21:f3:1f:
31:41:4e:0d:10:5b:81:76:74:19:20:19:6a:dc:4a:60:5e:1b:
d1:43:13:19
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZwz7snVshlNb+Gm05qmbiglMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkMGMyN2Y4NTU4MWUyZTdiZGUwYzk4ZmJkNTRiZTFkNDk2
NzA1MTcwHhcNMjYwMjA2MTcxMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzE3N2RlYTViYzhiMDNiMWYxODg0OTNiMGVjNjQ4M2NmMWU4MTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhvEsWaJs7zWA/nHXSVzEeeP2/f/
0dtRiHETUcyRwgNMWSiAS3jzkp8tXxxEIqesTXEuYMAvW3ostH8jZIMsIKWstHaY
/qAeXqfTS2iHIPZdOXjdcoBpzhbkEE61SJFpvJxURMRc7Zp6m6eU/LszeYN1VVWv
HOQTrV2ygb3CuFbeeGUkyXm6WFIIHW5JrBls/awhalf0qGvNFdq5vhOeRHxu++DM
z8EXWGMSAtzTmOUnudZEN/DWQ6af+W3lrQFmniby+tLZzv/ztzuXWZHPiM5ZhePJ
n6n//d2XCoI8fPcZCZyYFpxevGK4WGomhaZzkQppipIzNSYSAUTkMQrPWwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLwXfepbyLA7HxiEk7DsZIPPHoFwMB8GA1UdIwQY
MBaAFF0MJ/hVgeLnveDJj71Uvh1JZwUXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFF3bi1GV0I0dWU5NE1tUHZWUy1IVWxuQlJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9mNzg3YTktNTc2My00YzM2LThjNzMt
MzQxZjUxNzNmY2Y3LzEvdkJkOTZsdklzRHNmR0lTVHNPeGtnODhlZ1hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9mNzg3YTktNTc2My00YzM2LThjNzMtMzQxZjUxNzNmY2Y3
LzEvWFF3bi1GV0I0dWU5NE1tUHZWUy1IVWxuQlJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAsvvQAwQC
svvUAwQCuQtYMA0EAgACMAcDBQAqA1fAMA0GCSqGSIb3DQEBCwUAA4IBAQANbFGM
PNxN3U473ZI5Ebu8GsukeSnU/XmUEB9eaBb5P4NsLUQ1hy2X3I8ACG6fxJMRld3y
10syOeYmsfDN8BjQ7MF8oMP9Nj9L5jTg1E2hOTG6dedRv69i83KpZI7qJeW5MbV9
A6YxvB+/10VTTIpuPp5jnYlA35DTVISrCHEJicE/jOPvmS8PUDxzbB1ZxnENqD1u
YDjltDE62fv7Dr+VuYmYpt3/AN+v8+/puS+bxml9lvTftBaufgWIPHnNQdp4NiOM
lHnNV00rzj1J45CfpzItYur0Qur/jgxH/e8P8HEtiH6cFekh8x8xQU4NEFuBdnQZ
IBlq3EpgXhvRQxMZ
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:30:38 2026 by rpki-client