Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/vBHybgSk9XyYuYVEw0sA6GQ_4MI.roa
File: vBHybgSk9XyYuYVEw0sA6GQ_4MI.roa (raw, json)
Hash identifier: M5r4bh+l9wxE0z5JZySaZplhkfEIZBBXpG5eKvAudHA=
Subject key identifier: BC:11:F2:6E:04:A4:F5:7C:98:B9:85:44:C3:4B:00:E8:64:3F:E0:C2
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 019E87406E290C1B5E948F713E641B148814
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/vBHybgSk9XyYuYVEw0sA6GQ_4MI.roa
Signing time: Tue 02 Jun 2026 07:33:27 +0000
ROA not before: Tue 02 Jun 2026 07:33:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 174
IP address blocks: 2a0c:9e06::/32 maxlen: 32
2a0e:a944::/32 maxlen: 32
2a0e:a945::/32 maxlen: 32
2a0e:a946::/32 maxlen: 32
2a0e:a947::/32 maxlen: 32
2a0f:3b80::/32 maxlen: 32
2a0f:3b81::/32 maxlen: 32
2a0f:3b82::/32 maxlen: 32
2a0f:3b83::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:87:40:6e:29:0c:1b:5e:94:8f:71:3e:64:1b:14:88:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jun 2 07:33:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bc11f26e04a4f57c98b98544c34b00e8643fe0c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:2b:0b:d7:e4:50:1e:11:7f:97:ae:e5:35:c8:
20:4f:90:02:14:2a:20:bf:bf:78:68:b3:85:09:f0:
88:f0:01:69:84:61:88:5a:f0:e3:8e:35:c1:4a:85:
62:bf:6b:30:97:da:b8:b8:ab:57:bc:fe:f6:12:eb:
71:a7:e3:a9:59:cf:d8:db:2a:aa:c7:05:d3:5a:9a:
fe:48:65:b7:28:0b:26:cf:17:f9:72:01:aa:6a:79:
c3:de:51:e8:2c:56:88:fe:11:3d:d4:a8:44:d1:b0:
95:97:a7:c0:1d:15:6a:bf:df:81:0c:43:d9:0f:8c:
2c:45:3f:9b:d4:f0:be:ef:08:04:44:dd:04:7d:fc:
04:4d:1a:82:bc:8e:7c:d5:27:19:e5:1e:ef:0a:66:
34:07:86:80:0e:72:e8:c4:55:d7:23:f8:50:c6:e5:
25:25:55:70:b7:72:c3:50:31:6d:6d:8b:72:a2:9a:
58:b6:cf:57:2c:aa:29:61:a8:b7:9a:06:b4:70:c3:
10:6d:81:4f:9a:7b:ab:85:f6:c8:08:25:28:b1:54:
13:e3:77:6a:d9:a9:2b:4a:6c:b7:85:30:86:2c:83:
09:01:7b:19:70:26:68:20:c0:e8:4a:68:c1:a3:ce:
a2:f1:79:13:24:04:42:a1:75:de:28:0c:48:a6:95:
76:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:11:F2:6E:04:A4:F5:7C:98:B9:85:44:C3:4B:00:E8:64:3F:E0:C2
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/vBHybgSk9XyYuYVEw0sA6GQ_4MI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9e06::/32
2a0e:a944::/30
2a0f:3b80::/30
Signature Algorithm: sha256WithRSAEncryption
8b:a4:fa:15:3c:23:b2:07:5b:ad:44:8c:79:81:57:c5:12:05:
e8:84:8a:d5:e0:38:ab:e6:20:98:1e:03:f1:f4:5b:a6:d6:ad:
05:9f:61:4d:00:dc:78:c0:16:28:88:a0:54:9d:3f:dc:21:c8:
5e:71:60:b8:da:52:88:91:4a:34:0f:f8:37:55:e9:c8:ad:5d:
ba:29:54:7c:ae:1c:1f:0e:85:60:cc:39:a4:bc:d2:0f:3e:e4:
9e:fc:5b:b3:5b:b3:a7:84:2e:44:c7:ab:6f:b5:0c:1b:23:4b:
7e:ef:50:ed:d3:4e:ed:0c:de:43:4b:b9:a9:5e:cc:e0:b1:2b:
93:16:4c:f6:bb:9a:11:ce:43:50:1a:65:f6:89:53:81:99:33:
ba:96:6a:81:d3:c0:49:4f:c4:3b:01:15:34:b7:fd:36:dc:22:
f1:00:db:69:d5:1b:18:ea:90:15:66:99:6d:7c:d7:9e:10:54:
6d:b7:4c:9c:35:e7:29:4b:7a:f8:f4:3f:13:39:ec:c4:9a:74:
f1:38:3e:9d:f9:78:bb:61:c5:88:77:3a:af:2e:34:bc:01:89:
29:8b:a0:53:dc:4d:62:4c:d8:97:71:ed:d8:c9:5e:6a:41:2f:
8b:8c:d2:76:c9:dd:99:d6:8d:c6:c7:e8:02:e8:89:d6:44:c6:
55:66:5e:95
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ6HQG4pDBtelI9xPmQbFIgUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjYwNjAyMDczMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzExZjI2ZTA0YTRmNTdjOThiOTg1NDRjMzRiMDBlODY0M2ZlMGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkisL1+RQHhF/l67lNcggT5ACFCog
v794aLOFCfCI8AFphGGIWvDjjjXBSoViv2swl9q4uKtXvP72Eutxp+OpWc/Y2yqq
xwXTWpr+SGW3KAsmzxf5cgGqannD3lHoLFaI/hE91KhE0bCVl6fAHRVqv9+BDEPZ
D4wsRT+b1PC+7wgERN0EffwETRqCvI581ScZ5R7vCmY0B4aADnLoxFXXI/hQxuUl
JVVwt3LDUDFtbYtyoppYts9XLKopYai3mga0cMMQbYFPmnurhfbICCUosVQT43dq
2akrSmy3hTCGLIMJAXsZcCZoIMDoSmjBo86i8XkTJARCoXXeKAxIppV26QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLwR8m4EpPV8mLmFRMNLAOhkP+DCMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvdkJIeWJnU2s5WHlZdVlWRXcwc0E2R1FfNE1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgyeBgMF
AioOqUQDBQIqDzuAMA0GCSqGSIb3DQEBCwUAA4IBAQCLpPoVPCOyB1utRIx5gVfF
EgXohIrV4Dir5iCYHgPx9Fum1q0Fn2FNANx4wBYoiKBUnT/cIchecWC42lKIkUo0
D/g3VenIrV26KVR8rhwfDoVgzDmkvNIPPuSe/FuzW7OnhC5Ex6tvtQwbI0t+71Dt
007tDN5DS7mpXszgsSuTFkz2u5oRzkNQGmX2iVOBmTO6lmqB08BJT8Q7ARU0t/02
3CLxANtp1RsY6pAVZpltfNeeEFRtt0ycNecpS3r49D8TOezEmnTxOD6d+Xi7YcWI
dzqvLjS8AYkpi6BT3E1iTNiXce3YyV5qQS+LjNJ2yd2Z1o3Gx+gC6InWRMZVZl6V
-----END CERTIFICATE-----
Generated at Sat Jun 6 08:03:45 2026 by rpki-client