Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/Vsdmkmln10BiNEuLpWL8g2ijOQY.roa
File: Vsdmkmln10BiNEuLpWL8g2ijOQY.roa (raw, json)
Hash identifier: K20X211w556xHOeU3InnMg8U45i9ouCLxtCagR86/1M=
Subject key identifier: 56:C7:66:92:69:67:D7:40:62:34:4B:8B:A5:62:FC:83:68:A3:39:06
Certificate issuer: /CN=80ad8c520bb9677461ddc4ec09b76d733b7d8370
Certificate serial: 019D5E3DDDD5531AEDF0211902446DB43436
Authority key identifier: 80:AD:8C:52:0B:B9:67:74:61:DD:C4:EC:09:B7:6D:73:3B:7D:83:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/Vsdmkmln10BiNEuLpWL8g2ijOQY.roa
Signing time: Sun 05 Apr 2026 15:23:25 +0000
ROA not before: Sun 05 Apr 2026 15:23:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 202391
IP address blocks: 45.142.188.0/24 maxlen: 24
45.142.189.0/24 maxlen: 24
45.142.190.0/24 maxlen: 24
45.142.191.0/24 maxlen: 24
185.141.36.0/24 maxlen: 24
185.141.37.0/24 maxlen: 24
185.141.39.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 15:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:5e:3d:dd:d5:53:1a:ed:f0:21:19:02:44:6d:b4:34:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80ad8c520bb9677461ddc4ec09b76d733b7d8370
Validity
Not Before: Apr 5 15:23:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=56c766926967d74062344b8ba562fc8368a33906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:53:51:04:09:2e:d6:d8:08:d0:9b:cd:b9:74:
cd:47:9b:9d:22:98:d6:73:4e:43:99:6c:1c:13:95:
8a:57:2a:d2:7d:8e:73:71:0a:9f:18:4b:76:e7:64:
7e:d2:fb:1f:86:3a:79:de:8b:40:12:03:e3:1f:10:
7b:ec:37:b2:3e:c2:b5:2f:5a:eb:28:7a:1e:11:89:
5c:44:a9:96:ec:e4:c1:90:c7:03:b1:e3:7e:86:ff:
b4:27:0f:74:52:cf:dc:52:21:b5:cb:6f:62:0d:98:
27:c8:5d:3b:06:0c:1b:55:2d:69:69:29:ab:b2:22:
94:ac:6b:98:78:1c:fa:7f:eb:d6:3e:7e:ef:2c:e1:
81:52:ef:eb:57:d3:15:88:46:4e:10:1d:52:ca:6a:
41:6c:38:df:9a:33:11:aa:b0:15:f5:70:e1:a6:df:
85:66:7c:96:06:4d:d8:f6:db:f2:27:9a:8b:e5:ed:
a8:2b:92:cf:aa:e0:8d:67:14:0d:b5:cb:b6:8e:d9:
eb:aa:18:69:f8:e3:f0:a8:33:d4:1a:50:f2:eb:98:
5a:60:d0:ed:cf:f7:cb:c6:ff:76:85:2e:30:ae:8c:
d8:8b:5d:5d:f5:d4:44:cb:c2:16:d3:e3:68:3f:66:
b4:62:99:96:a3:da:85:0e:e6:5f:c6:17:5d:d7:0b:
ea:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:C7:66:92:69:67:D7:40:62:34:4B:8B:A5:62:FC:83:68:A3:39:06
X509v3 Authority Key Identifier:
keyid:80:AD:8C:52:0B:B9:67:74:61:DD:C4:EC:09:B7:6D:73:3B:7D:83:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/Vsdmkmln10BiNEuLpWL8g2ijOQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/225ec3-0387-4b5d-88c1-c61751c6b195/1/gK2MUgu5Z3Rh3cTsCbdtczt9g3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.188.0/22
185.141.36.0/23
185.141.39.0/24
Signature Algorithm: sha256WithRSAEncryption
16:57:e3:2d:f3:46:73:ba:72:e9:19:45:f8:3a:dc:1b:e4:e3:
05:a1:00:de:d8:f6:83:63:0a:53:c5:01:c8:39:f0:f9:73:e3:
41:c6:2c:56:54:22:79:66:1b:3b:20:7e:2a:83:db:e1:92:f6:
09:0e:a7:d2:24:ba:95:5b:21:58:3d:02:c4:8f:4d:77:64:00:
f9:1e:d6:aa:7e:8b:93:ed:6a:a1:cb:17:6b:0f:37:87:6e:e7:
d6:d4:c7:5b:e7:e4:8e:7f:e8:6e:23:14:7d:40:8a:52:ce:c2:
fe:b3:a0:e4:ee:69:4f:7b:5d:cb:b0:4f:f9:a0:c7:c2:45:c0:
d7:36:d8:c7:8a:18:b8:18:ae:bc:96:43:98:de:55:82:4d:3c:
55:0a:db:4f:e1:01:bb:aa:5f:5f:64:95:20:01:c4:80:d7:6c:
54:1a:2d:81:8a:ef:47:c1:2b:08:df:13:55:61:08:02:5b:bf:
01:21:f9:3d:fa:72:fe:da:78:c7:ed:54:e2:e2:77:1c:9b:04:
1c:a8:89:46:96:e0:f1:58:cc:1c:30:26:a7:63:06:38:ce:e0:
a1:6f:a7:cc:b8:1a:74:79:6e:69:16:8c:9b:d6:8c:19:db:25:
a9:c2:1b:90:93:99:8f:91:b9:e7:e3:9b:fa:c4:93:05:3c:7b:
37:76:fa:ed
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ1ePd3VUxrt8CEZAkRttDQ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwYWQ4YzUyMGJiOTY3NzQ2MWRkYzRlYzA5Yjc2ZDczM2I3
ZDgzNzAwHhcNMjYwNDA1MTUyMzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmM3NjY5MjY5NjdkNzQwNjIzNDRiOGJhNTYyZmM4MzY4YTMzOTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0FNRBAku1tgI0JvNuXTNR5udIpjW
c05DmWwcE5WKVyrSfY5zcQqfGEt252R+0vsfhjp53otAEgPjHxB77DeyPsK1L1rr
KHoeEYlcRKmW7OTBkMcDseN+hv+0Jw90Us/cUiG1y29iDZgnyF07BgwbVS1paSmr
siKUrGuYeBz6f+vWPn7vLOGBUu/rV9MViEZOEB1SympBbDjfmjMRqrAV9XDhpt+F
ZnyWBk3Y9tvyJ5qL5e2oK5LPquCNZxQNtcu2jtnrqhhp+OPwqDPUGlDy65haYNDt
z/fLxv92hS4wrozYi11d9dREy8IW0+NoP2a0YpmWo9qFDuZfxhdd1wvq+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFbHZpJpZ9dAYjRLi6Vi/INoozkGMB8GA1UdIwQY
MBaAFICtjFILuWd0Yd3E7Am3bXM7fYNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0syTVVndTVaM1JoM2NUc0NiZHRjenQ5ZzNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8yMjVlYzMtMDM4Ny00YjVkLTg4YzEt
YzYxNzUxYzZiMTk1LzEvVnNkbWttbG4xMEJpTkV1THBXTDhnMmlqT1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8yMjVlYzMtMDM4Ny00YjVkLTg4YzEtYzYxNzUxYzZiMTk1
LzEvZ0syTVVndTVaM1JoM2NUc0NiZHRjenQ5ZzNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLY68AwQB
uY0kAwQAuY0nMA0GCSqGSIb3DQEBCwUAA4IBAQAWV+Mt80ZzunLpGUX4Otwb5OMF
oQDe2PaDYwpTxQHIOfD5c+NBxixWVCJ5Zhs7IH4qg9vhkvYJDqfSJLqVWyFYPQLE
j013ZAD5HtaqfouT7WqhyxdrDzeHbufW1Mdb5+SOf+huIxR9QIpSzsL+s6Dk7mlP
e13LsE/5oMfCRcDXNtjHihi4GK68lkOY3lWCTTxVCttP4QG7ql9fZJUgAcSA12xU
Gi2Biu9HwSsI3xNVYQgCW78BIfk9+nL+2njH7VTi4nccmwQcqIlGluDxWMwcMCan
YwY4zuChb6fMuBp0eW5pFoyb1owZ2yWpwhuQk5mPkbnn45v6xJMFPHs3dvrt
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:42:48 2026 by rpki-client