Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/OVrPb2BEdDCFu49I-AWzIY26uO4.roa
File: OVrPb2BEdDCFu49I-AWzIY26uO4.roa (raw, json)
Hash identifier: a9OUh4uCWatFvjH2U2slxah9uFjBxNwqugOrIllnX9I=
Subject key identifier: 39:5A:CF:6F:60:44:74:30:85:BB:8F:48:F8:05:B3:21:8D:BA:B8:EE
Certificate issuer: /CN=54b0bec8f58db0ce5b91f34505277e40bfd3ae11
Certificate serial: 019A3B86D3A70F26449094B8942C970B14AF
Authority key identifier: 54:B0:BE:C8:F5:8D:B0:CE:5B:91:F3:45:05:27:7E:40:BF:D3:AE:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VLC-yPWNsM5bkfNFBSd-QL_TrhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/OVrPb2BEdDCFu49I-AWzIY26uO4.roa
Signing time: Fri 31 Oct 2025 18:28:03 +0000
ROA not before: Fri 31 Oct 2025 18:28:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216246
IP address blocks: 95.85.224.0/24 maxlen: 24
95.85.225.0/24 maxlen: 24
95.85.226.0/24 maxlen: 24
95.85.227.0/24 maxlen: 24
95.85.228.0/24 maxlen: 24
95.85.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/VLC-yPWNsM5bkfNFBSd-QL_TrhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/VLC-yPWNsM5bkfNFBSd-QL_TrhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VLC-yPWNsM5bkfNFBSd-QL_TrhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3b:86:d3:a7:0f:26:44:90:94:b8:94:2c:97:0b:14:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54b0bec8f58db0ce5b91f34505277e40bfd3ae11
Validity
Not Before: Oct 31 18:28:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=395acf6f6044743085bb8f48f805b3218dbab8ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:94:dd:86:04:89:b0:a0:16:fb:c7:ad:d9:69:
67:a8:c8:e5:2e:54:94:51:c4:15:3b:b4:b1:96:19:
ce:fe:da:5c:c1:40:3d:16:4b:81:2f:6c:da:44:59:
cc:f8:0b:b3:22:e9:95:2c:f7:e3:3a:00:c6:de:97:
c9:04:2b:46:3b:5b:0b:da:de:66:95:55:f0:41:ab:
06:3c:cd:24:f0:fa:47:b9:35:50:4e:11:35:c0:00:
a3:f8:ee:be:cd:fd:13:d5:e2:25:84:10:c9:6f:ba:
24:96:b0:83:01:7e:db:43:c4:a3:38:aa:b1:8e:cb:
83:8f:d8:b8:0a:15:8a:0a:81:30:76:b6:c1:a9:7e:
e6:c6:0c:3b:4b:39:7d:ae:7f:fb:fb:5a:c8:a3:80:
e4:9e:f2:83:a1:1d:a9:79:2b:53:40:38:f5:8a:20:
4a:02:2c:84:25:22:4a:b7:00:fc:2f:39:bc:c6:89:
b8:cb:0e:d5:05:b9:9f:0e:36:20:26:38:42:88:7d:
b2:4e:6f:78:79:9a:63:fb:7a:d5:e9:10:93:a5:12:
6f:63:49:1e:e4:1b:e2:7e:98:08:9a:7f:d0:a0:d5:
fa:4a:b7:f0:a6:15:2e:f5:da:ea:7b:88:db:c2:4e:
67:c2:40:43:35:10:3d:be:62:e5:60:02:a3:a7:1f:
45:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:5A:CF:6F:60:44:74:30:85:BB:8F:48:F8:05:B3:21:8D:BA:B8:EE
X509v3 Authority Key Identifier:
keyid:54:B0:BE:C8:F5:8D:B0:CE:5B:91:F3:45:05:27:7E:40:BF:D3:AE:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VLC-yPWNsM5bkfNFBSd-QL_TrhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/OVrPb2BEdDCFu49I-AWzIY26uO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/VLC-yPWNsM5bkfNFBSd-QL_TrhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.85.224.0-95.85.229.255
Signature Algorithm: sha256WithRSAEncryption
b4:1e:a1:cd:42:0b:cd:b7:6e:17:14:20:48:95:13:87:ba:71:
90:fb:f2:a7:f7:58:07:2c:68:d8:be:01:72:c6:82:30:13:f0:
e6:66:9d:77:db:ee:df:ac:59:89:6c:07:3f:6a:75:ba:a1:e8:
e2:0b:d1:5a:0b:65:58:55:40:b0:96:24:11:b9:93:19:8b:6a:
47:70:7a:cc:01:2b:c1:cb:fa:ba:4f:5d:da:4a:37:dc:44:5c:
55:61:54:d0:82:b8:a5:94:a3:18:dd:e3:63:15:62:41:ac:c2:
ec:54:c2:d3:22:0c:48:67:1d:a1:ac:5d:d8:f7:0c:8e:4d:2b:
ba:41:2c:b1:54:a7:b8:ae:6f:fa:72:b5:ac:9c:e5:b7:f3:7e:
4d:2e:62:27:59:c8:78:82:5d:54:e9:5e:2c:25:d7:35:de:83:
e4:c0:3d:b5:c7:4e:f4:7d:ae:9a:9d:50:0f:1f:f0:5d:9c:25:
2f:0b:ff:39:17:de:de:59:5c:29:14:64:1a:79:a0:d1:de:0e:
2e:00:4c:df:85:99:dd:e0:78:35:24:ca:bf:6c:77:cf:b7:da:
f7:29:df:55:19:d6:f4:d9:b6:39:e3:77:e1:64:c9:2d:49:df:
b5:37:e9:0d:1a:58:23:e5:ba:79:4d:16:4c:0d:b0:e8:16:36:
bf:5c:6b:49
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZo7htOnDyZEkJS4lCyXCxSvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YjBiZWM4ZjU4ZGIwY2U1YjkxZjM0NTA1Mjc3ZTQwYmZk
M2FlMTEwHhcNMjUxMDMxMTgyODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTVhY2Y2ZjYwNDQ3NDMwODViYjhmNDhmODA1YjMyMThkYmFiOGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpTdhgSJsKAW+8et2WlnqMjlLlSU
UcQVO7SxlhnO/tpcwUA9FkuBL2zaRFnM+AuzIumVLPfjOgDG3pfJBCtGO1sL2t5m
lVXwQasGPM0k8PpHuTVQThE1wACj+O6+zf0T1eIlhBDJb7oklrCDAX7bQ8SjOKqx
jsuDj9i4ChWKCoEwdrbBqX7mxgw7Szl9rn/7+1rIo4DknvKDoR2peStTQDj1iiBK
AiyEJSJKtwD8Lzm8xom4yw7VBbmfDjYgJjhCiH2yTm94eZpj+3rV6RCTpRJvY0ke
5BvifpgImn/QoNX6SrfwphUu9drqe4jbwk5nwkBDNRA9vmLlYAKjpx9FnwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDlaz29gRHQwhbuPSPgFsyGNurjuMB8GA1UdIwQY
MBaAFFSwvsj1jbDOW5HzRQUnfkC/064RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkxDLXlQV05zTTVia2ZORkJTZC1RTF9UcmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8yYWQzNGUtYjFlNS00ZDhjLTk0OGUt
MGY0ZGJiODkwYmQwLzEvT1ZyUGIyQkVkRENGdTQ5SS1BV3pJWTI2dU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8yYWQzNGUtYjFlNS00ZDhjLTk0OGUtMGY0ZGJiODkwYmQw
LzEvVkxDLXlQV05zTTVia2ZORkJTZC1RTF9UcmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAVfVeAD
BAFfVeQwDQYJKoZIhvcNAQELBQADggEBALQeoc1CC823bhcUIEiVE4e6cZD78qf3
WAcsaNi+AXLGgjAT8OZmnXfb7t+sWYlsBz9qdbqh6OIL0VoLZVhVQLCWJBG5kxmL
akdweswBK8HL+rpPXdpKN9xEXFVhVNCCuKWUoxjd42MVYkGswuxUwtMiDEhnHaGs
Xdj3DI5NK7pBLLFUp7iub/pytayc5bfzfk0uYidZyHiCXVTpXiwl1zXeg+TAPbXH
TvR9rpqdUA8f8F2cJS8L/zkX3t5ZXCkUZBp5oNHeDi4ATN+Fmd3geDUkyr9sd8+3
2vcp31UZ1vTZtjnjd+FkyS1J37U36Q0aWCPlunlNFkwNsOgWNr9ca0k=
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:29:51 2025 by rpki-client