Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/vvDskG6NPhk2jVgSz0JaaiFFAiU.roa
File: vvDskG6NPhk2jVgSz0JaaiFFAiU.roa (raw, json)
Hash identifier: p7+QVzBg9ouedrz2JVe4cqQw0az4ujXX3E6fG1bUKzo=
Subject key identifier: BE:F0:EC:90:6E:8D:3E:19:36:8D:58:12:CF:42:5A:6A:21:45:02:25
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 019D67FD985DECCFC3B1D81E737FE468627A
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/vvDskG6NPhk2jVgSz0JaaiFFAiU.roa
Signing time: Tue 07 Apr 2026 12:49:26 +0000
ROA not before: Tue 07 Apr 2026 12:49:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3170
IP address blocks: 185.133.73.0/24 maxlen: 32
194.156.159.0/24 maxlen: 32
2a06:7a03::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:67:fd:98:5d:ec:cf:c3:b1:d8:1e:73:7f:e4:68:62:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 7 12:49:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bef0ec906e8d3e19368d5812cf425a6a21450225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:7c:b4:5c:9d:c4:d2:08:8a:34:2a:47:dc:bb:
5b:77:a0:9b:a8:68:4b:97:a9:9d:54:0e:99:9f:84:
e4:0d:35:4f:bd:1e:a0:83:04:ed:5f:a5:c1:c4:a2:
bf:13:25:76:83:8c:a1:77:f8:9d:f4:89:93:80:fa:
ef:b3:c2:85:7a:84:f6:e7:86:99:0e:d7:ce:b9:18:
04:42:d2:eb:4f:0c:59:b8:23:00:e6:b9:e0:55:34:
ad:23:f9:94:96:4c:c1:96:f2:6d:9e:8a:a6:b5:8e:
f9:9b:b7:08:ff:73:0e:4f:af:6f:9b:c0:2b:2f:88:
e0:a0:2a:3f:c8:3d:b1:d1:6e:3c:2d:ca:e9:56:a8:
ac:c8:27:21:ab:46:5e:de:d3:0b:d4:53:54:d2:0f:
7e:f9:00:95:2e:7c:37:e9:22:99:41:4c:68:d8:9e:
12:d2:77:d3:fa:d6:de:79:c6:03:d7:1e:52:dc:27:
5b:76:38:d4:68:ef:87:7e:40:81:aa:d1:5b:ce:1e:
bd:10:13:d0:66:1c:38:3e:90:b4:8f:29:a7:db:26:
d9:9c:a7:8a:4d:8e:3a:d8:de:14:5c:83:52:4a:0d:
27:bf:5e:3e:66:7c:97:e5:09:8e:02:2e:49:00:88:
55:82:c4:fc:ab:8d:22:f8:ab:6e:93:22:3c:20:94:
c8:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:F0:EC:90:6E:8D:3E:19:36:8D:58:12:CF:42:5A:6A:21:45:02:25
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/vvDskG6NPhk2jVgSz0JaaiFFAiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.73.0/24
194.156.159.0/24
IPv6:
2a06:7a03::/48
Signature Algorithm: sha256WithRSAEncryption
85:5f:bc:f2:72:a9:d6:6b:6c:f9:f8:88:25:6a:9b:a0:a1:52:
f4:97:2e:b9:85:6e:3e:3d:f4:9b:fd:2e:d3:9e:2a:b8:0a:04:
2c:56:f3:60:fb:9a:a7:10:09:1c:eb:1a:66:0b:b4:7e:d4:c2:
af:ad:66:b4:aa:4d:15:a4:78:5f:ba:19:b3:a3:22:20:4f:e0:
94:59:bb:1c:b9:03:17:06:76:aa:43:ee:30:04:c5:2a:da:95:
40:14:df:2d:e6:c9:9b:4f:68:b3:eb:a5:5e:73:ed:c9:c1:d6:
c3:d1:72:37:de:39:6a:c0:93:a6:41:bf:73:a0:1e:d1:50:8b:
47:3d:6f:4e:93:2a:4d:81:08:09:88:bf:95:53:03:18:ae:2b:
8e:c1:f7:b2:83:2a:c1:06:3b:1c:91:bb:38:bf:ac:77:33:01:
1b:46:7a:bd:06:61:73:71:a7:92:49:08:d4:80:69:08:f0:ad:
db:96:c0:74:59:4a:af:c7:1d:ca:ce:5b:6b:ae:b3:10:b6:f6:
02:d8:c7:13:6d:ee:9a:a2:9a:08:e6:29:f9:5a:84:2a:2d:eb:
f3:e4:d6:b7:4b:a6:30:4b:da:c0:b7:9e:b7:00:10:9a:f3:59:
35:32:af:bc:80:24:cb:b6:6d:23:72:af:0a:66:78:bb:ad:ac:
6a:4f:ca:70
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZ1n/Zhd7M/Dsdgec3/kaGJ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjYwNDA3MTI0OTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWYwZWM5MDZlOGQzZTE5MzY4ZDU4MTJjZjQyNWE2YTIxNDUwMjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnny0XJ3E0giKNCpH3Ltbd6CbqGhL
l6mdVA6Zn4TkDTVPvR6ggwTtX6XBxKK/EyV2g4yhd/id9ImTgPrvs8KFeoT254aZ
DtfOuRgEQtLrTwxZuCMA5rngVTStI/mUlkzBlvJtnoqmtY75m7cI/3MOT69vm8Ar
L4jgoCo/yD2x0W48LcrpVqisyCchq0Ze3tML1FNU0g9++QCVLnw36SKZQUxo2J4S
0nfT+tbeecYD1x5S3CdbdjjUaO+HfkCBqtFbzh69EBPQZhw4PpC0jymn2ybZnKeK
TY462N4UXINSSg0nv14+ZnyX5QmOAi5JAIhVgsT8q40i+KtukyI8IJTIsQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFL7w7JBujT4ZNo1YEs9CWmohRQIlMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvdnZEc2tHNk5QaGsyalZnU3owSmFhaUZGQWlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuYVJAwQA
wpyfMA8EAgACMAkDBwAqBnoDAAAwDQYJKoZIhvcNAQELBQADggEBAIVfvPJyqdZr
bPn4iCVqm6ChUvSXLrmFbj499Jv9LtOeKrgKBCxW82D7mqcQCRzrGmYLtH7Uwq+t
ZrSqTRWkeF+6GbOjIiBP4JRZuxy5AxcGdqpD7jAExSralUAU3y3myZtPaLPrpV5z
7cnB1sPRcjfeOWrAk6ZBv3OgHtFQi0c9b06TKk2BCAmIv5VTAxiuK47B97KDKsEG
OxyRuzi/rHczARtGer0GYXNxp5JJCNSAaQjwrduWwHRZSq/HHcrOW2uusxC29gLY
xxNt7pqimgjmKflahCot6/Pk1rdLpjBL2sC3nrcAEJrzWTUyr7yAJMu2bSNyrwpm
eLutrGpPynA=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:51:41 2026 by rpki-client