Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/vWtN_gXKNLSGsyT8ljkJqrsg6Vc.roa
File: vWtN_gXKNLSGsyT8ljkJqrsg6Vc.roa (raw, json)
Hash identifier: GJsKArL/KXP9H4DLGdf2urrY+CGDeGdlULQWdLxfKRg=
Subject key identifier: BD:6B:4D:FE:05:CA:34:B4:86:B3:24:FC:96:39:09:AA:BB:20:E9:57
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 019D4CFC72857CC15AF4FF6ABE0DFBACD86C
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/vWtN_gXKNLSGsyT8ljkJqrsg6Vc.roa
Signing time: Thu 02 Apr 2026 06:58:25 +0000
ROA not before: Thu 02 Apr 2026 06:58:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 5.102.100.0/22 maxlen: 24
5.102.116.0/22 maxlen: 24
5.102.120.0/22 maxlen: 24
31.186.180.0/22 maxlen: 23
82.163.64.0/22 maxlen: 24
82.163.168.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
185.86.140.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 06:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4c:fc:72:85:7c:c1:5a:f4:ff:6a:be:0d:fb:ac:d8:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Apr 2 06:58:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bd6b4dfe05ca34b486b324fc963909aabb20e957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:44:85:a0:a9:d8:50:c6:cc:8e:54:54:d9:86:
e7:e2:2f:5d:8a:82:8e:d5:b7:3d:ee:98:2d:73:21:
69:0d:65:4d:09:2b:1e:cf:62:0a:a7:be:39:29:8c:
91:15:74:f9:da:7b:3d:b1:49:2d:d4:7f:d0:ec:46:
0e:0b:71:bf:e4:3b:f7:69:a1:d4:5b:e5:51:85:8b:
93:ec:08:e2:f1:ef:88:21:56:49:96:25:f1:00:43:
b5:de:19:29:5a:74:2b:8b:f0:79:d4:92:aa:1a:72:
fc:b4:db:df:89:c3:51:bb:20:2d:5b:f8:7b:fe:3f:
95:d7:cc:9d:1d:85:90:f0:df:ed:2a:02:ad:83:90:
e1:87:3a:43:03:db:c7:3c:eb:9a:51:11:4d:e8:f5:
e3:3a:82:df:76:99:4c:ab:93:20:fc:14:8f:47:cf:
cb:d5:2b:d0:0b:87:ba:97:3c:d2:23:c7:90:9e:d1:
ec:b2:a2:b8:cd:b0:27:00:64:4a:1a:ff:56:6f:98:
c5:c7:ee:38:c2:e8:08:83:85:97:be:89:f2:39:17:
d0:0e:34:3c:d2:f0:c0:6a:da:d5:7d:2f:91:ae:ee:
53:9d:6b:ef:55:5a:c8:db:7e:48:a5:2f:6b:ee:dd:
8a:fe:23:3e:1b:54:a9:86:1d:f0:b3:2b:fb:e3:c5:
1b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:6B:4D:FE:05:CA:34:B4:86:B3:24:FC:96:39:09:AA:BB:20:E9:57
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/vWtN_gXKNLSGsyT8ljkJqrsg6Vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.100.0/22
5.102.116.0-5.102.123.255
31.186.180.0/22
82.163.64.0/22
82.163.168.0/22
82.163.224.0/22
185.86.140.0/23
Signature Algorithm: sha256WithRSAEncryption
78:a9:9d:0b:a4:5d:c6:8a:a9:49:99:4c:cd:99:88:36:62:71:
3d:c8:a7:e5:c9:15:70:e9:fa:61:e4:06:51:88:48:7d:dc:13:
c6:93:ee:59:7b:5c:fc:15:fa:7b:8a:ad:43:f9:82:21:b0:7b:
44:36:dc:58:d5:62:92:de:30:46:23:1f:b9:86:f6:58:41:4e:
b6:66:56:c7:83:c6:ad:72:c7:57:91:d5:4c:3f:81:d8:33:08:
7d:83:a8:6d:94:c9:9c:bf:01:cd:86:18:be:19:1a:f1:88:b0:
bf:64:d1:1a:86:3c:4b:e2:69:b7:be:91:83:bf:4a:e1:04:65:
97:a6:5d:a9:2a:5d:a6:bf:c9:a1:03:15:72:04:e5:37:af:ed:
1d:fd:dc:59:75:e5:e5:7e:57:c0:a2:01:ea:eb:d6:0d:d8:4f:
63:d6:58:2a:e7:91:1a:be:3e:33:21:21:aa:29:1d:90:d3:4d:
64:88:7e:05:ed:c0:27:3f:26:a3:08:d2:56:6b:f5:0a:a2:44:
95:08:f5:bf:46:07:61:6e:be:79:3c:ed:98:74:4c:f6:56:b1:
e3:7f:86:30:be:b2:71:31:02:0c:dc:20:b2:fb:b3:d4:c1:77:
ba:e0:3b:d2:2a:e8:45:2b:eb:36:3c:3a:f4:bf:23:e5:2d:a4:
66:a7:4c:ee
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZ1M/HKFfMFa9P9qvg37rNhsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjYwNDAyMDY1ODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDZiNGRmZTA1Y2EzNGI0ODZiMzI0ZmM5NjM5MDlhYWJiMjBlOTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUSFoKnYUMbMjlRU2Ybn4i9dioKO
1bc97pgtcyFpDWVNCSsez2IKp745KYyRFXT52ns9sUkt1H/Q7EYOC3G/5Dv3aaHU
W+VRhYuT7Aji8e+IIVZJliXxAEO13hkpWnQri/B51JKqGnL8tNvficNRuyAtW/h7
/j+V18ydHYWQ8N/tKgKtg5DhhzpDA9vHPOuaURFN6PXjOoLfdplMq5Mg/BSPR8/L
1SvQC4e6lzzSI8eQntHssqK4zbAnAGRKGv9Wb5jFx+44wugIg4WXvonyORfQDjQ8
0vDAatrVfS+Rru5TnWvvVVrI235IpS9r7t2K/iM+G1Sphh3wsyv748UbMQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFL1rTf4FyjS0hrMk/JY5Caq7IOlXMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdld0Tl9nWEtOTFNHc3lUOGxqa0pxcnNnNlZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCBWZkMAwD
BAIFZnQDBAIFZngDBAIfurQDBAJSo0ADBAJSo6gDBAJSo+ADBAG5VowwDQYJKoZI
hvcNAQELBQADggEBAHipnQukXcaKqUmZTM2ZiDZicT3Ip+XJFXDp+mHkBlGISH3c
E8aT7ll7XPwV+nuKrUP5giGwe0Q23FjVYpLeMEYjH7mG9lhBTrZmVseDxq1yx1eR
1Uw/gdgzCH2DqG2UyZy/Ac2GGL4ZGvGIsL9k0RqGPEviabe+kYO/SuEEZZemXakq
Xaa/yaEDFXIE5Tev7R393Fl15eV+V8CiAerr1g3YT2PWWCrnkRq+PjMhIaopHZDT
TWSIfgXtwCc/JqMI0lZr9QqiRJUI9b9GB2Fuvnk87Zh0TPZWseN/hjC+snExAgzc
ILL7s9TBd7rgO9Iq6EUr6zY8OvS/I+UtpGanTO4=
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:48:13 2026 by rpki-client