Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/vej6z0EIsGz9-bBx-APb9QYFERU.roa
File: vej6z0EIsGz9-bBx-APb9QYFERU.roa (raw, json)
Hash identifier: jCk0+RbHS/1DLsU2O2i9irRdLOhXzGl9aP59vJysN3k=
Subject key identifier: BD:E8:FA:CF:41:08:B0:6C:FD:F9:B0:71:F8:03:DB:F5:06:05:11:15
Certificate issuer: /CN=a999cffa6e48fa2c4f8d09803396b457a630a33d
Certificate serial: 019A4A2EA901027E1AB315F385C1BB7D233D
Authority key identifier: A9:99:CF:FA:6E:48:FA:2C:4F:8D:09:80:33:96:B4:57:A6:30:A3:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/vej6z0EIsGz9-bBx-APb9QYFERU.roa
Signing time: Mon 03 Nov 2025 14:46:03 +0000
ROA not before: Mon 03 Nov 2025 14:46:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212655
IP address blocks: 45.92.44.0/22 maxlen: 24
83.217.160.0/20 maxlen: 20
87.192.96.0/19 maxlen: 24
185.8.92.0/24 maxlen: 24
185.8.94.0/23 maxlen: 24
185.8.94.0/24 maxlen: 24
185.26.240.0/22 maxlen: 22
185.43.128.0/22 maxlen: 22
185.154.144.0/22 maxlen: 22
193.28.90.0/24 maxlen: 24
2a0e:1d40::/29 maxlen: 41
2a0e:1d47:8080::/41 maxlen: 41
2a0e:1d47:da80::/41 maxlen: 41
2a10:6940::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.mft
rsync://rpki.ripe.net/repository/DEFAULT/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4a:2e:a9:01:02:7e:1a:b3:15:f3:85:c1:bb:7d:23:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a999cffa6e48fa2c4f8d09803396b457a630a33d
Validity
Not Before: Nov 3 14:46:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bde8facf4108b06cfdf9b071f803dbf506051115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:61:9c:49:a1:a8:a2:77:53:1c:77:a7:94:77:
a0:e8:20:d2:6e:7a:b4:1b:98:71:05:be:6d:95:af:
40:6e:0c:a3:ac:8c:90:24:a0:e4:d8:4a:54:c7:ab:
59:04:6e:d4:95:18:c7:dc:95:8e:83:18:61:53:92:
1c:9f:cd:0c:44:c5:6a:5e:fb:80:cb:e3:95:5a:0c:
5f:b5:c1:f6:1b:73:b8:f9:50:ae:13:4e:fe:2b:95:
d3:54:7b:a4:d6:f9:77:99:d1:c3:ba:73:8f:4f:8a:
ae:e8:9f:fe:cb:47:8f:53:77:e3:22:a9:5f:0f:c5:
1c:ce:e1:1a:e3:a8:95:b4:cc:d1:5e:f7:c6:b2:7c:
6a:9b:bf:41:17:59:b3:7d:4d:f2:0d:49:49:19:f1:
19:c8:92:9a:52:a0:af:bb:31:79:56:49:ae:ac:2e:
1d:cc:3a:aa:06:d7:d0:2d:c7:39:c7:82:0e:d7:1a:
69:76:dd:5b:b9:aa:a5:a1:72:7a:ae:d9:b5:0c:6b:
bf:8f:a7:60:f1:f0:34:dd:25:8b:77:19:23:e9:01:
ab:20:ab:5d:ec:59:e2:1d:61:51:fd:f3:e6:fb:d1:
e2:32:b0:99:a8:e0:cd:7b:b5:b3:86:d5:96:1c:14:
36:c9:65:51:d4:d2:ee:24:1f:b6:3e:95:f3:29:9e:
d3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:E8:FA:CF:41:08:B0:6C:FD:F9:B0:71:F8:03:DB:F5:06:05:11:15
X509v3 Authority Key Identifier:
keyid:A9:99:CF:FA:6E:48:FA:2C:4F:8D:09:80:33:96:B4:57:A6:30:A3:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/vej6z0EIsGz9-bBx-APb9QYFERU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/f143d0-aeb8-4b52-9c35-b3a50910c2a8/1/qZnP-m5I-ixPjQmAM5a0V6Ywoz0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.44.0/22
83.217.160.0/20
87.192.96.0/19
185.8.92.0/24
185.8.94.0/23
185.26.240.0/22
185.43.128.0/22
185.154.144.0/22
193.28.90.0/24
IPv6:
2a0e:1d40::/29
2a10:6940::/29
Signature Algorithm: sha256WithRSAEncryption
7c:3d:4f:30:5c:d8:a0:cc:f2:d7:20:45:5b:83:e0:69:36:16:
38:1f:32:31:68:01:20:7a:43:80:5b:1a:54:8b:00:b8:cc:a2:
74:f4:d0:dd:cb:49:b6:ef:38:e7:28:df:13:d8:2c:ff:f7:23:
51:48:4b:b5:44:3b:e5:d5:9e:9a:be:83:52:9c:5e:ae:37:4e:
4a:90:2c:9a:40:97:3f:d9:9c:e6:b8:88:29:d8:8d:8b:e0:bc:
e8:e1:7a:4d:34:e4:39:03:32:86:bb:e7:33:f3:58:cb:64:0c:
0b:41:ea:5a:df:e6:27:0f:6f:f1:67:6b:0c:9c:44:f1:84:f2:
47:54:0e:c0:2c:f4:05:57:e3:ac:9a:e2:0f:3a:fe:a5:91:ce:
b9:b7:ee:eb:a7:d3:a2:64:62:94:22:71:28:fa:b2:c4:71:49:
41:91:9d:db:14:fc:37:f2:24:c5:cd:71:3d:21:5d:59:fc:1c:
d8:57:1f:e6:f5:fe:5d:c7:52:06:d5:6c:da:dc:47:61:63:9c:
78:37:0b:4a:2b:72:14:ae:a1:0d:a6:7d:2c:0a:f4:0b:64:32:
50:26:81:43:c0:70:3a:a5:4a:45:61:8b:06:1e:27:72:69:79:
16:a7:c6:d2:1e:57:6e:6a:bc:84:9c:83:a9:3e:3d:34:c7:c3:
49:ec:7a:b2
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZpKLqkBAn4asxXzhcG7fSM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5OTljZmZhNmU0OGZhMmM0ZjhkMDk4MDMzOTZiNDU3YTYz
MGEzM2QwHhcNMjUxMTAzMTQ0NjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGU4ZmFjZjQxMDhiMDZjZmRmOWIwNzFmODAzZGJmNTA2MDUxMTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA62GcSaGoondTHHenlHeg6CDSbnq0
G5hxBb5tla9AbgyjrIyQJKDk2EpUx6tZBG7UlRjH3JWOgxhhU5Icn80MRMVqXvuA
y+OVWgxftcH2G3O4+VCuE07+K5XTVHuk1vl3mdHDunOPT4qu6J/+y0ePU3fjIqlf
D8UczuEa46iVtMzRXvfGsnxqm79BF1mzfU3yDUlJGfEZyJKaUqCvuzF5VkmurC4d
zDqqBtfQLcc5x4IO1xppdt1buaqloXJ6rtm1DGu/j6dg8fA03SWLdxkj6QGrIKtd
7FniHWFR/fPm+9HiMrCZqODNe7WzhtWWHBQ2yWVR1NLuJB+2PpXzKZ7TdQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFL3o+s9BCLBs/fmwcfgD2/UGBREVMB8GA1UdIwQY
MBaAFKmZz/puSPosT40JgDOWtFemMKM9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVpuUC1tNUktaXhQalFtQU01YTBWNll3b3owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9mMTQzZDAtYWViOC00YjUyLTljMzUt
YjNhNTA5MTBjMmE4LzEvdmVqNnowRUlzR3o5LWJCeC1BUGI5UVlGRVJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9mMTQzZDAtYWViOC00YjUyLTljMzUtYjNhNTA5MTBjMmE4
LzEvcVpuUC1tNUktaXhQalFtQU01YTBWNll3b3owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQCLVwsAwQE
U9mgAwQFV8BgAwQAuQhcAwQBuQheAwQCuRrwAwQCuSuAAwQCuZqQAwQAwRxaMBQE
AgACMA4DBQMqDh1AAwUDKhBpQDANBgkqhkiG9w0BAQsFAAOCAQEAfD1PMFzYoMzy
1yBFW4PgaTYWOB8yMWgBIHpDgFsaVIsAuMyidPTQ3ctJtu845yjfE9gs//cjUUhL
tUQ75dWemr6DUpxerjdOSpAsmkCXP9mc5riIKdiNi+C86OF6TTTkOQMyhrvnM/NY
y2QMC0HqWt/mJw9v8WdrDJxE8YTyR1QOwCz0BVfjrJriDzr+pZHOubfu66fTomRi
lCJxKPqyxHFJQZGd2xT8N/Ikxc1xPSFdWfwc2Fcf5vX+XcdSBtVs2txHYWOceDcL
SityFK6hDaZ9LAr0C2QyUCaBQ8BwOqVKRWGLBh4ncml5FqfG0h5Xbmq8hJyDqT49
NMfDSex6sg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 15:03:54 2025 by rpki-client