Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/vc0PhqXmgMFPNuHjQmrOwGtzym8.roa
File: vc0PhqXmgMFPNuHjQmrOwGtzym8.roa (raw, json)
Hash identifier: hyZ19U18gB5WuqYXdgBqpv0AJcd85R1RLE3EfscgBdg=
Subject key identifier: BD:CD:0F:86:A5:E6:80:C1:4F:36:E1:E3:42:6A:CE:C0:6B:73:CA:6F
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 01997FFDCD4B3C782BF4C3546AAE6FB42A86
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/vc0PhqXmgMFPNuHjQmrOwGtzym8.roa
Signing time: Thu 25 Sep 2025 08:29:23 +0000
ROA not before: Thu 25 Sep 2025 08:29:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 185.81.174.0/24 maxlen: 24
185.81.184.0/24 maxlen: 24
185.81.187.0/24 maxlen: 24
185.89.104.0/23 maxlen: 24
185.89.108.0/22 maxlen: 24
185.95.101.0/24 maxlen: 24
185.95.102.0/23 maxlen: 24
185.96.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 Oct 2025 14:36:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7f:fd:cd:4b:3c:78:2b:f4:c3:54:6a:ae:6f:b4:2a:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Sep 25 08:29:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bdcd0f86a5e680c14f36e1e3426acec06b73ca6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:86:cd:57:5a:a6:71:9c:c5:f2:64:15:25:a1:
9d:26:f1:6f:52:46:06:b0:b2:3d:3a:af:a5:41:a8:
8c:24:5f:d1:c3:98:23:66:5a:96:45:1b:38:67:4f:
b0:b8:8c:dc:b4:17:37:8e:0e:06:3f:7a:25:3c:95:
e1:a1:f2:2d:d3:f7:dd:b1:41:90:27:05:35:7d:f4:
8c:23:c4:27:1a:5e:eb:90:a8:bb:c3:02:e6:f1:d0:
5a:82:de:d8:1b:87:66:3b:39:79:b0:16:99:df:b8:
ef:b4:74:05:60:6f:ec:c0:89:15:f9:85:cd:80:7e:
96:3b:94:6e:96:bf:9d:12:9f:c5:98:ff:d4:bb:d9:
5a:e5:f5:c6:48:73:23:08:f7:0b:81:3b:f7:5e:a5:
70:bf:dd:cd:12:88:76:d7:fe:3a:5a:a4:68:8a:84:
77:33:4e:38:d3:ae:9e:2f:b5:ca:89:bd:0c:23:a0:
49:6c:ad:0e:24:ad:6b:f7:58:d8:11:3a:33:1e:2f:
da:7b:47:11:36:01:b2:92:17:6e:78:30:75:02:af:
11:69:7a:86:83:94:33:e2:da:45:be:a4:b0:31:18:
a3:34:8b:a6:a3:40:43:a2:1e:6f:56:65:7c:1f:53:
ff:11:de:69:dd:16:8c:69:8d:b6:4a:c0:41:67:16:
09:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:CD:0F:86:A5:E6:80:C1:4F:36:E1:E3:42:6A:CE:C0:6B:73:CA:6F
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/vc0PhqXmgMFPNuHjQmrOwGtzym8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.174.0/24
185.81.184.0/24
185.81.187.0/24
185.89.104.0/23
185.89.108.0/22
185.95.101.0-185.95.103.255
185.96.38.0/24
Signature Algorithm: sha256WithRSAEncryption
65:88:cb:1c:1d:71:3f:1c:35:5e:06:5c:31:f1:b2:44:99:c1:
90:ee:cd:f6:74:00:b1:92:3b:07:fb:9a:53:f2:42:4f:b8:b6:
91:ed:dd:4c:aa:d1:91:28:0d:55:1d:ab:d1:a0:41:b4:af:06:
a2:bb:5b:da:05:3a:ed:ed:57:d4:3c:51:f6:e8:1f:3e:08:8b:
c3:94:36:59:e6:93:74:2e:b7:2c:e0:25:34:3a:23:a5:55:23:
7f:93:df:73:2e:a6:a6:98:7b:a3:ad:b6:98:cd:7d:48:40:92:
0e:ec:00:a4:26:ab:a5:d4:ba:b4:c7:32:f5:00:2f:66:8d:eb:
cb:71:05:89:be:10:bd:ce:12:ad:eb:c7:f2:d5:4b:42:f0:26:
63:ec:84:63:2b:a0:11:00:96:54:dd:3d:0c:b7:f5:c4:4d:72:
d1:d9:f9:ce:71:29:52:bf:e5:d9:c5:bc:f9:bf:70:6b:ff:32:
5c:2c:bf:fa:12:75:f8:be:f7:47:c5:8a:2b:d8:c0:a8:06:95:
e9:e7:63:e0:9e:69:06:a6:93:74:21:4b:00:f0:b9:de:1b:b5:
24:e7:c0:f7:85:7e:55:b2:db:83:da:55:89:ea:de:2b:a1:7e:
3c:4e:4a:fe:32:b8:d8:43:ed:70:7d:56:e9:0f:16:f8:8d:90:
b5:61:ce:c6
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZl//c1LPHgr9MNUaq5vtCqGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwOTI1MDgyOTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGNkMGY4NmE1ZTY4MGMxNGYzNmUxZTM0MjZhY2VjMDZiNzNjYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4bNV1qmcZzF8mQVJaGdJvFvUkYG
sLI9Oq+lQaiMJF/Rw5gjZlqWRRs4Z0+wuIzctBc3jg4GP3olPJXhofIt0/fdsUGQ
JwU1ffSMI8QnGl7rkKi7wwLm8dBagt7YG4dmOzl5sBaZ37jvtHQFYG/swIkV+YXN
gH6WO5Rulr+dEp/FmP/Uu9la5fXGSHMjCPcLgTv3XqVwv93NEoh21/46WqRoioR3
M044066eL7XKib0MI6BJbK0OJK1r91jYETozHi/ae0cRNgGykhdueDB1Aq8RaXqG
g5Qz4tpFvqSwMRijNIumo0BDoh5vVmV8H1P/Ed5p3RaMaY22SsBBZxYJJQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFL3ND4al5oDBTzbh40JqzsBrc8pvMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvdmMwUGhxWG1nTUZQTnVIalFtck93R3R6eW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAuVGuAwQA
uVG4AwQAuVG7AwQBuVloAwQCuVlsMAwDBAC5X2UDBAO5X2ADBAC5YCYwDQYJKoZI
hvcNAQELBQADggEBAGWIyxwdcT8cNV4GXDHxskSZwZDuzfZ0ALGSOwf7mlPyQk+4
tpHt3Uyq0ZEoDVUdq9GgQbSvBqK7W9oFOu3tV9Q8UfboHz4Ii8OUNlnmk3Qutyzg
JTQ6I6VVI3+T33MupqaYe6OttpjNfUhAkg7sAKQmq6XUurTHMvUAL2aN68txBYm+
EL3OEq3rx/LVS0LwJmPshGMroBEAllTdPQy39cRNctHZ+c5xKVK/5dnFvPm/cGv/
Mlwsv/oSdfi+90fFiivYwKgGlennY+CeaQamk3QhSwDwud4btSTnwPeFflWy24Pa
VYnq3iuhfjxOSv4yuNhD7XB9VukPFviNkLVhzsY=
-----END CERTIFICATE-----
Generated at Mon Oct 13 22:06:16 2025 by rpki-client