Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/vS7Af9oIr8_TE8vST7hJpgUbQiA.roa
File: vS7Af9oIr8_TE8vST7hJpgUbQiA.roa (raw, json)
Hash identifier: l/38QxwCvvrMgly58So5QMOq8vU0cNnGu2QIK7hxaZg=
Subject key identifier: BD:2E:C0:7F:DA:08:AF:CF:D3:13:CB:D2:4F:B8:49:A6:05:1B:42:20
Certificate issuer: /CN=535825ce8bf544170282f720a2484141568b0e7d
Certificate serial: 019B7F14DE9A0692A2F6AAC259E74657BD1B
Authority key identifier: 53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/vS7Af9oIr8_TE8vST7hJpgUbQiA.roa
Signing time: Fri 02 Jan 2026 14:20:32 +0000
ROA not before: Fri 02 Jan 2026 14:20:32 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203802
IP address blocks: 185.123.80.0/22 maxlen: 22
185.123.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.mft
rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 05:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7f:14:de:9a:06:92:a2:f6:aa:c2:59:e7:46:57:bd:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535825ce8bf544170282f720a2484141568b0e7d
Validity
Not Before: Jan 2 14:20:32 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bd2ec07fda08afcfd313cbd24fb849a6051b4220
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:99:89:c9:cc:12:9e:ce:7c:8c:43:83:38:e0:
5c:8a:75:3f:7d:8a:c8:e3:7d:2d:20:a5:e0:42:35:
7c:7e:a4:a6:18:45:e4:40:4a:e6:38:5f:88:13:b3:
0b:3c:11:f7:a3:18:d3:a1:14:fa:80:68:4f:65:41:
cb:7e:f6:95:4b:27:3e:9e:32:0b:30:6c:34:ca:a5:
f4:9b:e1:da:3d:05:a7:fb:aa:83:4d:1c:66:ac:f7:
ff:5f:d6:2a:a2:95:74:69:a7:66:9c:a4:93:72:45:
db:ea:17:e4:54:dd:75:1b:41:95:aa:ac:05:2f:d9:
b1:5d:f3:e7:ae:8d:15:90:4d:b2:7d:9b:eb:67:81:
07:64:c9:27:7a:a3:76:b6:d1:63:af:48:6c:3a:6d:
bd:a4:f2:2c:dd:48:90:67:de:32:98:2d:02:87:38:
91:49:46:6a:3b:ba:0c:56:48:6c:9f:49:c6:91:5a:
5e:46:cb:05:23:5b:fb:34:0f:3b:84:97:5b:71:cc:
74:2a:cb:b2:15:ce:cf:2b:6f:d5:f4:e5:8b:af:b5:
2d:0d:b9:c0:c7:95:eb:cc:f8:ef:89:8f:fc:b1:f2:
9f:96:58:86:db:37:3b:c6:9b:fa:0b:01:12:41:04:
71:1d:36:37:7c:e9:26:3b:e0:ce:4c:09:f7:8b:9b:
7f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:2E:C0:7F:DA:08:AF:CF:D3:13:CB:D2:4F:B8:49:A6:05:1B:42:20
X509v3 Authority Key Identifier:
keyid:53:58:25:CE:8B:F5:44:17:02:82:F7:20:A2:48:41:41:56:8B:0E:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1glzov1RBcCgvcgokhBQVaLDn0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/vS7Af9oIr8_TE8vST7hJpgUbQiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/01f736-af83-456c-8b45-5146ab7ea015/1/U1glzov1RBcCgvcgokhBQVaLDn0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.80.0/22
Signature Algorithm: sha256WithRSAEncryption
17:82:cc:60:1d:19:76:cc:73:97:8c:b2:63:4a:7c:83:66:5f:
cd:35:50:d2:43:05:f6:c7:d4:f8:8d:e9:ca:87:5e:ab:90:b6:
a6:b8:28:fb:0e:33:9c:97:48:81:32:fa:21:aa:40:df:89:e4:
44:6f:49:ba:1a:0b:9a:9c:cb:70:c4:47:d8:b2:26:6f:f8:fb:
4e:25:a8:53:c6:37:ef:71:44:c7:7f:7e:e5:e0:77:4b:cc:9f:
54:e8:a9:c3:50:98:44:6c:11:3b:16:6a:25:e1:b4:a2:04:7a:
40:37:08:ee:8f:7e:62:f9:65:07:39:b4:13:5b:92:0c:c6:9b:
19:73:6c:d7:c0:db:3e:be:20:7c:d2:f8:88:87:91:6d:78:13:
3f:59:0b:63:47:e6:67:47:66:2d:34:57:f1:a9:87:a7:e6:10:
60:93:6f:ab:84:ad:fb:7b:32:4d:b2:ff:19:0e:ef:fe:24:cd:
fd:c1:95:ca:8c:1f:3a:a6:d2:7e:4c:19:88:e7:fc:b4:52:e9:
be:74:da:f7:e3:23:de:aa:2e:cf:e3:74:37:7f:69:2f:a5:7e:
9c:1a:03:f8:8e:ee:e6:76:5c:d7:c2:19:ab:2a:09:ca:b3:8a:
67:a3:1c:42:62:86:9f:31:d0:7e:d2:25:7c:e3:21:b6:db:f6:
a6:d3:48:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt/FN6aBpKi9qrCWedGV70bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTgyNWNlOGJmNTQ0MTcwMjgyZjcyMGEyNDg0MTQxNTY4
YjBlN2QwHhcNMjYwMTAyMTQyMDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDJlYzA3ZmRhMDhhZmNmZDMxM2NiZDI0ZmI4NDlhNjA1MWI0MjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJmJycwSns58jEODOOBcinU/fYrI
430tIKXgQjV8fqSmGEXkQErmOF+IE7MLPBH3oxjToRT6gGhPZUHLfvaVSyc+njIL
MGw0yqX0m+HaPQWn+6qDTRxmrPf/X9YqopV0aadmnKSTckXb6hfkVN11G0GVqqwF
L9mxXfPnro0VkE2yfZvrZ4EHZMkneqN2ttFjr0hsOm29pPIs3UiQZ94ymC0ChziR
SUZqO7oMVkhsn0nGkVpeRssFI1v7NA87hJdbccx0KsuyFc7PK2/V9OWLr7UtDbnA
x5XrzPjviY/8sfKflliG2zc7xpv6CwESQQRxHTY3fOkmO+DOTAn3i5t/GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL0uwH/aCK/P0xPL0k+4SaYFG0IgMB8GA1UdIwQY
MBaAFFNYJc6L9UQXAoL3IKJIQUFWiw59MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFnbHpvdjFSQmNDZ3ZjZ29raEJRVmFMRG4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS8wMWY3MzYtYWY4My00NTZjLThiNDUt
NTE0NmFiN2VhMDE1LzEvdlM3QWY5b0lyOF9URTh2U1Q3aEpwZ1ViUWlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS8wMWY3MzYtYWY4My00NTZjLThiNDUtNTE0NmFiN2VhMDE1
LzEvVTFnbHpvdjFSQmNDZ3ZjZ29raEJRVmFMRG4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXtQMA0G
CSqGSIb3DQEBCwUAA4IBAQAXgsxgHRl2zHOXjLJjSnyDZl/NNVDSQwX2x9T4jenK
h16rkLamuCj7DjOcl0iBMvohqkDfieREb0m6GguanMtwxEfYsiZv+PtOJahTxjfv
cUTHf37l4HdLzJ9U6KnDUJhEbBE7Fmol4bSiBHpANwjuj35i+WUHObQTW5IMxpsZ
c2zXwNs+viB80viIh5FteBM/WQtjR+ZnR2YtNFfxqYen5hBgk2+rhK37ezJNsv8Z
Du/+JM39wZXKjB86ptJ+TBmI5/y0Uum+dNr34yPeqi7P43Q3f2kvpX6cGgP4ju7m
dlzXwhmrKgnKs4pnoxxCYoafMdB+0iV84yG22/am00jm
-----END CERTIFICATE-----
Generated at Mon Mar 2 14:14:42 2026 by rpki-client