Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/f55332-bacc-4b0f-b16f-03da7e74dcad/1/vjYGFy1isyLdonhpe5p4F46gtR0.roa
File: vjYGFy1isyLdonhpe5p4F46gtR0.roa (raw, json)
Hash identifier: he0H61rOgpvqD9ri+nFvwbo2IXzPMJETWzt6RKAi4dI=
Subject key identifier: BE:36:06:17:2D:62:B3:22:DD:A2:78:69:7B:9A:78:17:8E:A0:B5:1D
Certificate issuer: /CN=c55a1e4051f68fe8b720e83ddad33b7651cb7ef9
Certificate serial: 019B79ED3934BE5C7CB18509F2D2184923AD
Authority key identifier: C5:5A:1E:40:51:F6:8F:E8:B7:20:E8:3D:DA:D3:3B:76:51:CB:7E:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xVoeQFH2j-i3IOg92tM7dlHLfvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/f55332-bacc-4b0f-b16f-03da7e74dcad/1/vjYGFy1isyLdonhpe5p4F46gtR0.roa
Signing time: Thu 01 Jan 2026 14:19:08 +0000
ROA not before: Thu 01 Jan 2026 14:19:08 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44656
IP address blocks: 89.58.64.0/19 maxlen: 19
89.58.96.0/21 maxlen: 21
185.232.40.0/24 maxlen: 24
2a11:fb80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/f55332-bacc-4b0f-b16f-03da7e74dcad/1/xVoeQFH2j-i3IOg92tM7dlHLfvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/f55332-bacc-4b0f-b16f-03da7e74dcad/1/xVoeQFH2j-i3IOg92tM7dlHLfvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/xVoeQFH2j-i3IOg92tM7dlHLfvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 21:16:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:79:ed:39:34:be:5c:7c:b1:85:09:f2:d2:18:49:23:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c55a1e4051f68fe8b720e83ddad33b7651cb7ef9
Validity
Not Before: Jan 1 14:19:08 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=be3606172d62b322dda278697b9a78178ea0b51d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:ad:fa:ff:d4:32:39:15:7f:dd:bb:28:f5:3a:
4b:a4:a3:cd:d5:22:30:e3:ef:5d:24:d4:66:e4:b7:
0a:87:a5:5f:e9:ab:97:02:87:8b:d1:9b:31:de:54:
83:a5:8a:91:40:61:f8:06:31:69:20:fe:65:e9:8c:
0e:80:11:4f:fa:44:6e:e7:c4:88:27:26:6b:ed:29:
1e:bd:a0:36:24:c1:43:cb:85:cb:5b:8b:cc:34:89:
64:fa:a6:87:55:19:f0:ee:28:dc:fa:1d:ab:39:51:
dc:ee:e3:dc:84:b2:f6:b6:9c:9b:3d:fd:41:49:b6:
d3:94:c7:be:35:93:2a:71:04:bc:84:ee:e4:cc:4f:
67:47:f0:e7:27:dd:fe:5f:b5:30:94:e3:7e:b3:a3:
0e:f7:36:a9:5d:5e:08:bb:ec:17:37:7f:45:73:3d:
01:16:3a:d5:09:d4:81:5e:5d:b7:8f:71:d9:13:01:
28:37:28:a4:1e:83:bf:f7:66:fa:7b:2c:d2:38:96:
3d:2f:c9:d5:c0:cb:cb:cb:94:07:eb:26:bb:aa:cf:
ab:48:44:65:29:6c:3e:d3:7a:b1:0c:0b:c3:63:86:
01:4a:5a:1d:fc:3a:8d:30:2d:e3:76:54:7c:bc:2a:
cf:68:0b:77:c1:00:68:6e:41:e4:d1:7f:e7:5a:9c:
d0:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:36:06:17:2D:62:B3:22:DD:A2:78:69:7B:9A:78:17:8E:A0:B5:1D
X509v3 Authority Key Identifier:
keyid:C5:5A:1E:40:51:F6:8F:E8:B7:20:E8:3D:DA:D3:3B:76:51:CB:7E:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xVoeQFH2j-i3IOg92tM7dlHLfvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f55332-bacc-4b0f-b16f-03da7e74dcad/1/vjYGFy1isyLdonhpe5p4F46gtR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f55332-bacc-4b0f-b16f-03da7e74dcad/1/xVoeQFH2j-i3IOg92tM7dlHLfvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.58.64.0-89.58.103.255
185.232.40.0/24
IPv6:
2a11:fb80::/29
Signature Algorithm: sha256WithRSAEncryption
9d:96:55:82:fd:a7:31:a6:ea:62:0c:a2:48:50:d2:7e:dc:b2:
62:74:28:29:5d:f1:3d:47:43:04:88:a6:cf:ad:e7:f1:a3:50:
e4:de:73:ea:3e:a3:65:4f:71:1c:3b:d7:e6:01:d7:c3:9b:bd:
a7:c9:82:00:43:23:5e:fe:dc:39:7c:62:d3:14:01:ef:50:a1:
b4:6f:d4:0f:bd:ed:d3:6d:55:2a:03:8e:ef:1f:4c:91:c4:14:
fa:0b:ba:ed:67:e3:6b:74:48:86:05:8e:d8:a0:e8:e9:b6:08:
71:0a:d8:ca:05:2a:24:17:3e:e1:2b:4c:6b:bc:3b:77:1c:d7:
58:68:e5:33:99:80:20:37:1e:d3:60:66:51:d6:61:76:e1:5e:
5d:74:33:bb:e5:ec:c4:f2:2c:f6:1c:3b:d5:2c:72:16:af:73:
ff:ef:25:f9:6e:fd:d2:73:c7:5b:cf:66:2d:32:37:ee:d2:ee:
2e:48:04:e2:43:be:e2:5e:37:1a:5d:6b:f5:a4:8b:b6:49:74:
8c:35:d1:28:4c:5c:e3:27:71:1a:ef:bc:b3:b3:4c:1f:2a:6d:
6a:b0:5a:68:d4:8f:8f:0a:fb:18:4a:e2:19:a4:64:91:70:9c:
8c:08:f4:36:76:a2:e6:7a:4a:44:8a:92:3d:5d:60:0a:81:00:
b5:77:00:e8
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZt57Tk0vlx8sYUJ8tIYSSOtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1NWExZTQwNTFmNjhmZThiNzIwZTgzZGRhZDMzYjc2NTFj
YjdlZjkwHhcNMjYwMTAxMTQxOTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTM2MDYxNzJkNjJiMzIyZGRhMjc4Njk3YjlhNzgxNzhlYTBiNTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5q36/9QyORV/3bso9TpLpKPN1SIw
4+9dJNRm5LcKh6Vf6auXAoeL0Zsx3lSDpYqRQGH4BjFpIP5l6YwOgBFP+kRu58SI
JyZr7SkevaA2JMFDy4XLW4vMNIlk+qaHVRnw7ijc+h2rOVHc7uPchLL2tpybPf1B
SbbTlMe+NZMqcQS8hO7kzE9nR/DnJ93+X7UwlON+s6MO9zapXV4Iu+wXN39Fcz0B
FjrVCdSBXl23j3HZEwEoNyikHoO/92b6eyzSOJY9L8nVwMvLy5QH6ya7qs+rSERl
KWw+03qxDAvDY4YBSlod/DqNMC3jdlR8vCrPaAt3wQBobkHk0X/nWpzQ9QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFL42BhctYrMi3aJ4aXuaeBeOoLUdMB8GA1UdIwQY
MBaAFMVaHkBR9o/otyDoPdrTO3ZRy375MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFZvZVFGSDJqLWkzSU9nOTJ0TTdkbEhMZnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9mNTUzMzItYmFjYy00YjBmLWIxNmYt
MDNkYTdlNzRkY2FkLzEvdmpZR0Z5MWlzeUxkb25ocGU1cDRGNDZndFIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9mNTUzMzItYmFjYy00YjBmLWIxNmYtMDNkYTdlNzRkY2Fk
LzEveFZvZVFGSDJqLWkzSU9nOTJ0TTdkbEhMZnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAZZOkAD
BANZOmADBAC56CgwDQQCAAIwBwMFAyoR+4AwDQYJKoZIhvcNAQELBQADggEBAJ2W
VYL9pzGm6mIMokhQ0n7csmJ0KCld8T1HQwSIps+t5/GjUOTec+o+o2VPcRw71+YB
18ObvafJggBDI17+3Dl8YtMUAe9QobRv1A+97dNtVSoDju8fTJHEFPoLuu1n42t0
SIYFjtig6Om2CHEK2MoFKiQXPuErTGu8O3cc11ho5TOZgCA3HtNgZlHWYXbhXl10
M7vl7MTyLPYcO9Uschavc//vJflu/dJzx1vPZi0yN+7S7i5IBOJDvuJeNxpda/Wk
i7ZJdIw10ShMXOMncRrvvLOzTB8qbWqwWmjUj48K+xhK4hmkZJFwnIwI9DZ2ouZ6
SkSKkj1dYAqBALV3AOg=
-----END CERTIFICATE-----
Generated at Tue Mar 3 01:57:55 2026 by rpki-client