Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/VdLAyJeXclIMxBiggEFnpHwWgFs.roa
File: VdLAyJeXclIMxBiggEFnpHwWgFs.roa (raw, json)
Hash identifier: he6/jbqSABoIcHxr8a4kRuPSqsNo17G4EM/4VPGSZZw=
Subject key identifier: 55:D2:C0:C8:97:97:72:52:0C:C4:18:A0:80:41:67:A4:7C:16:80:5B
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 019D35A3C3A2E8BC6F21C622F900A461E6DD
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/VdLAyJeXclIMxBiggEFnpHwWgFs.roa
Signing time: Sat 28 Mar 2026 18:10:18 +0000
ROA not before: Sat 28 Mar 2026 18:10:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 398993
IP address blocks: 222.167.210.0/24 maxlen: 24
222.167.218.0/24 maxlen: 24
222.167.219.0/24 maxlen: 24
222.167.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:35:a3:c3:a2:e8:bc:6f:21:c6:22:f9:00:a4:61:e6:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Mar 28 18:10:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=55d2c0c8979772520cc418a0804167a47c16805b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:18:a5:9f:17:aa:14:d5:5c:5d:a2:46:34:5c:
39:e3:31:a8:da:f0:b2:8b:80:dc:0b:66:0d:eb:95:
d7:34:c9:af:ab:11:f7:37:41:32:27:08:d8:e6:e0:
c8:38:86:43:05:0c:e9:26:0d:3c:cb:0d:ba:f9:24:
63:21:ae:77:5f:df:1b:c2:3e:07:8d:e7:5b:e7:cd:
57:b7:81:5a:7d:94:10:95:b2:6b:92:c2:46:75:f3:
7f:1d:f2:8f:12:96:e6:63:77:0e:a4:2c:2b:a0:13:
47:2e:9a:5d:df:53:31:bd:25:f8:9e:94:f4:68:1f:
88:3c:d5:b0:64:dd:fe:f1:56:cb:5a:a9:8d:22:58:
8d:1b:15:cb:dd:54:a7:23:04:93:33:03:17:48:41:
00:c5:12:0f:5b:5a:a6:5c:0f:97:ac:d5:af:f3:73:
44:ff:de:bc:87:e4:7f:a3:2b:ec:3b:ce:75:4f:36:
f8:0e:94:19:16:37:a6:33:10:75:dc:c8:36:29:a3:
b7:28:4f:b0:82:e5:27:61:1c:97:fc:f0:58:a0:2e:
d3:9f:23:ee:be:fb:4d:b2:8e:17:c4:a5:4e:6d:2c:
f0:99:6b:43:8f:b8:cb:f7:98:bc:f2:88:45:1b:dd:
01:40:e2:33:e0:a1:16:6d:62:cf:d6:23:3b:04:be:
32:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:D2:C0:C8:97:97:72:52:0C:C4:18:A0:80:41:67:A4:7C:16:80:5B
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/VdLAyJeXclIMxBiggEFnpHwWgFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
222.167.210.0/24
222.167.218.0/23
222.167.221.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:65:16:8c:15:e7:ac:4e:8b:98:96:d6:99:46:e8:6a:0e:1f:
69:e2:db:35:be:99:2f:c2:bf:11:06:40:ab:40:0a:1a:10:1e:
41:92:10:49:cc:a9:69:74:af:26:e6:12:e5:ee:1a:6a:9a:67:
00:e7:9d:45:e7:a9:5f:b2:42:64:89:ee:e7:04:5a:14:78:8e:
79:32:01:eb:b5:7d:73:59:08:72:a2:4b:04:28:5c:6c:07:d9:
04:8c:fe:96:e9:cd:05:e4:54:c4:b4:6b:56:67:f4:70:3a:fa:
bc:17:fd:8c:69:92:19:22:90:3a:f8:d2:a7:63:46:fc:76:b1:
69:29:f4:eb:2d:ae:ab:0b:56:e9:21:d9:d9:b5:6d:de:05:63:
51:c4:52:34:82:dd:82:8a:e6:71:d0:96:01:06:22:54:5f:25:
ef:29:05:12:f0:1e:7f:cb:f8:a5:fc:a3:23:3b:5f:db:fd:ff:
b6:87:61:ec:21:07:73:c1:d8:16:16:ac:d4:50:90:df:d3:5c:
43:2b:b4:ea:78:f7:99:a1:1e:1d:c7:75:fb:40:cd:8c:43:a9:
c6:72:cf:c5:32:50:ba:2f:69:76:29:0a:ea:5b:f3:bf:ed:11:
be:45:21:eb:43:c7:cf:4f:fb:b6:51:61:b2:01:4e:37:95:28:
93:e3:47:1b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ01o8Oi6LxvIcYi+QCkYebdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjYwMzI4MTgxMDE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWQyYzBjODk3OTc3MjUyMGNjNDE4YTA4MDQxNjdhNDdjMTY4MDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwRilnxeqFNVcXaJGNFw54zGo2vCy
i4DcC2YN65XXNMmvqxH3N0EyJwjY5uDIOIZDBQzpJg08yw26+SRjIa53X98bwj4H
jedb581Xt4FafZQQlbJrksJGdfN/HfKPEpbmY3cOpCwroBNHLppd31MxvSX4npT0
aB+IPNWwZN3+8VbLWqmNIliNGxXL3VSnIwSTMwMXSEEAxRIPW1qmXA+XrNWv83NE
/968h+R/oyvsO851Tzb4DpQZFjemMxB13Mg2KaO3KE+wguUnYRyX/PBYoC7TnyPu
vvtNso4XxKVObSzwmWtDj7jL95i88ohFG90BQOIz4KEWbWLP1iM7BL4yYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFXSwMiXl3JSDMQYoIBBZ6R8FoBbMB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvVmRMQXlKZVhjbElNeEJpZ2dFRm5wSHdXZ0ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA3qfSAwQB
3qfaAwQA3qfdMA0GCSqGSIb3DQEBCwUAA4IBAQAuZRaMFeesTouYltaZRuhqDh9p
4ts1vpkvwr8RBkCrQAoaEB5BkhBJzKlpdK8m5hLl7hpqmmcA551F56lfskJkie7n
BFoUeI55MgHrtX1zWQhyoksEKFxsB9kEjP6W6c0F5FTEtGtWZ/RwOvq8F/2MaZIZ
IpA6+NKnY0b8drFpKfTrLa6rC1bpIdnZtW3eBWNRxFI0gt2CiuZx0JYBBiJUXyXv
KQUS8B5/y/il/KMjO1/b/f+2h2HsIQdzwdgWFqzUUJDf01xDK7TqePeZoR4dx3X7
QM2MQ6nGcs/FMlC6L2l2KQrqW/O/7RG+RSHrQ8fPT/u2UWGyAU43lSiT40cb
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:27:50 2026 by rpki-client