Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/VCw4N4Zs1DGjtZzf3wBgxZrel_k.roa
File: VCw4N4Zs1DGjtZzf3wBgxZrel_k.roa (raw, json)
Hash identifier: 5kAoOyOQgv/RLB12MJcY8aU26UzS1uKwmDAxZLgrp74=
Subject key identifier: 54:2C:38:37:86:6C:D4:31:A3:B5:9C:DF:DF:00:60:C5:9A:DE:97:F9
Certificate issuer: /CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Certificate serial: 019D7C84A27715C7672BE5747DB1EBD810A0
Authority key identifier: D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/VCw4N4Zs1DGjtZzf3wBgxZrel_k.roa
Signing time: Sat 11 Apr 2026 12:29:20 +0000
ROA not before: Sat 11 Apr 2026 12:29:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216300
IP address blocks: 132.243.202.0/24 maxlen: 24
132.243.206.0/24 maxlen: 24
132.243.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:7c:84:a2:77:15:c7:67:2b:e5:74:7d:b1:eb:d8:10:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Validity
Not Before: Apr 11 12:29:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=542c3837866cd431a3b59cdfdf0060c59ade97f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f5:d2:66:ef:87:16:2f:48:0e:fd:10:44:dc:
c7:4f:78:97:e3:2f:7c:b7:08:37:f7:c7:69:3e:7c:
31:b1:9c:78:32:1c:a5:1e:5f:5b:6d:b1:6f:10:8c:
e3:0d:9c:9e:34:14:c8:83:ec:5e:13:67:40:64:f4:
24:f7:ba:28:40:bd:52:28:13:a4:0d:44:6d:d0:cc:
61:cf:2b:11:02:7f:4e:41:23:78:79:1a:84:a7:e8:
41:e8:17:9d:4e:a1:7f:3e:62:8b:3f:1e:15:33:1a:
01:46:4b:49:87:38:f9:88:ff:b4:2c:15:bf:0b:17:
21:ca:fa:87:0d:68:75:f1:f2:c6:ca:ad:74:50:a8:
e3:43:6f:3e:9b:f1:cb:47:5b:88:86:3c:4d:70:2d:
2f:b6:f1:d8:9a:08:c7:c5:68:72:58:c3:48:99:b1:
63:a0:68:55:ba:5b:b3:9a:f9:f5:b4:a6:92:a7:c2:
5f:8b:06:bf:52:ff:af:70:15:db:6d:e6:23:08:a7:
cf:a4:2e:3a:2a:ac:21:7e:5e:d0:e1:20:fe:48:8f:
d4:d0:ce:fb:b2:43:8f:7b:21:09:31:b7:2a:2e:01:
d2:20:59:e5:f3:84:56:22:f0:43:00:af:fb:f1:2e:
ca:41:67:03:76:15:95:49:b5:57:6d:3c:e0:02:24:
d3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:2C:38:37:86:6C:D4:31:A3:B5:9C:DF:DF:00:60:C5:9A:DE:97:F9
X509v3 Authority Key Identifier:
keyid:D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/VCw4N4Zs1DGjtZzf3wBgxZrel_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.243.202.0/24
132.243.206.0/24
132.243.226.0/24
Signature Algorithm: sha256WithRSAEncryption
be:5f:11:cd:f2:ab:1e:63:ab:49:31:34:df:fb:6b:5f:22:99:
9b:6a:b3:3c:5b:cc:3a:ec:55:bd:84:8d:e6:7e:eb:da:10:10:
e2:4b:da:62:5f:7d:62:85:57:58:c2:03:7d:f3:40:c4:49:a1:
8f:6f:6f:9b:80:3a:1c:72:67:88:de:43:e6:31:eb:96:ee:e8:
bc:7c:48:30:9e:aa:c6:ed:b7:02:f4:3a:9c:29:2f:0f:d8:7f:
e1:02:b0:ec:ff:5a:6e:e1:23:1c:39:6b:11:1d:1d:f1:ee:61:
f7:cd:25:e2:f4:4e:c4:73:6f:6b:4a:1b:b1:74:ad:02:dc:e8:
c0:3f:de:3f:c6:51:b5:cb:65:87:8b:41:a7:c3:25:ad:13:e4:
86:0b:77:74:a5:39:2b:f9:ff:6c:03:48:92:03:71:ef:f7:a0:
eb:18:24:23:de:e2:5f:38:15:16:9a:9f:79:1c:58:a4:6b:83:
65:68:ed:3e:e9:41:d5:09:4a:f9:6d:2f:87:42:c9:61:e8:cf:
1e:4d:7c:dd:b0:99:bc:e8:95:d6:96:0b:35:a4:8f:4f:8c:dd:
c8:f0:9c:65:55:3f:9c:9e:a7:96:ac:be:4b:15:a3:90:10:8b:
8c:a6:64:9a:fb:02:0b:91:d0:ea:6b:79:31:60:c5:80:89:d1:
9c:66:e8:09
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ18hKJ3FcdnK+V0fbHr2BCgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Yjk1MzMwNzM0YzlhYWY2NmQxMWJjZDJiZWRkMzgwZjQx
MGY5M2YwHhcNMjYwNDExMTIyOTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDJjMzgzNzg2NmNkNDMxYTNiNTljZGZkZjAwNjBjNTlhZGU5N2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvXSZu+HFi9IDv0QRNzHT3iX4y98
twg398dpPnwxsZx4MhylHl9bbbFvEIzjDZyeNBTIg+xeE2dAZPQk97ooQL1SKBOk
DURt0MxhzysRAn9OQSN4eRqEp+hB6BedTqF/PmKLPx4VMxoBRktJhzj5iP+0LBW/
CxchyvqHDWh18fLGyq10UKjjQ28+m/HLR1uIhjxNcC0vtvHYmgjHxWhyWMNImbFj
oGhVuluzmvn1tKaSp8Jfiwa/Uv+vcBXbbeYjCKfPpC46Kqwhfl7Q4SD+SI/U0M77
skOPeyEJMbcqLgHSIFnl84RWIvBDAK/78S7KQWcDdhWVSbVXbTzgAiTTBQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFQsODeGbNQxo7Wc398AYMWa3pf5MB8GA1UdIwQY
MBaAFNS5UzBzTJqvZtEbzSvt04D0EPk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYt
NDMwMTNiMjhkOWQ2LzEvVkN3NE40WnMxREdqdFp6ZjN3Qmd4WnJlbF9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYtNDMwMTNiMjhkOWQ2
LzEvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAhPPKAwQA
hPPOAwQAhPPiMA0GCSqGSIb3DQEBCwUAA4IBAQC+XxHN8qseY6tJMTTf+2tfIpmb
arM8W8w67FW9hI3mfuvaEBDiS9piX31ihVdYwgN980DESaGPb2+bgDoccmeI3kPm
MeuW7ui8fEgwnqrG7bcC9DqcKS8P2H/hArDs/1pu4SMcOWsRHR3x7mH3zSXi9E7E
c29rShuxdK0C3OjAP94/xlG1y2WHi0GnwyWtE+SGC3d0pTkr+f9sA0iSA3Hv96Dr
GCQj3uJfOBUWmp95HFika4NlaO0+6UHVCUr5bS+HQslh6M8eTXzdsJm86JXWlgs1
pI9PjN3I8JxlVT+cnqeWrL5LFaOQEIuMpmSa+wILkdDqa3kxYMWAidGcZugJ
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:12:36 2026 by rpki-client