Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/VAU_vdKlhkl8CUS9s9Wm8sLBogs.roa
File: VAU_vdKlhkl8CUS9s9Wm8sLBogs.roa (raw, json)
Hash identifier: UwJJFoUJY8rT/oVlOljbTVxf3+yOl7TGzgSQXvMMeMw=
Subject key identifier: 54:05:3F:BD:D2:A5:86:49:7C:09:44:BD:B3:D5:A6:F2:C2:C1:A2:0B
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019EFE254125E758AAB4BD0994F49A92D180
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/VAU_vdKlhkl8CUS9s9Wm8sLBogs.roa
Signing time: Thu 25 Jun 2026 09:38:34 +0000
ROA not before: Thu 25 Jun 2026 09:38:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 29
2a0c:a580::/29 maxlen: 32
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 27 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:fe:25:41:25:e7:58:aa:b4:bd:09:94:f4:9a:92:d1:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jun 25 09:38:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=54053fbdd2a586497c0944bdb3d5a6f2c2c1a20b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d7:c7:aa:58:80:9e:98:66:86:fb:cf:f9:0d:
ba:6a:ad:9e:8e:34:b6:cc:53:44:1c:78:ce:08:80:
88:c0:61:ac:31:3b:fa:7c:7a:cd:16:1c:a6:22:8b:
12:d9:de:00:54:81:4f:68:62:e3:26:cc:36:3f:74:
f9:15:f4:fc:69:77:b2:a3:b8:75:7c:c5:c4:0c:d5:
ef:6d:91:f8:c6:3a:fb:39:54:98:b0:87:66:9d:6c:
20:de:9d:3b:0e:b2:a3:4b:97:53:b2:91:e9:97:76:
d3:84:b2:37:0d:76:9e:40:0e:bf:2f:9b:44:2b:b6:
fe:82:8d:8e:b8:c0:c7:7d:31:2e:c1:36:16:cc:10:
fc:0c:70:3c:95:6f:f9:42:e3:85:53:10:20:68:1c:
57:74:d4:2c:4d:a9:cd:f1:e2:a0:f2:c0:7d:10:7a:
8c:70:d3:de:60:39:90:03:ef:a3:63:b0:83:78:ca:
66:2b:c2:ed:f5:05:41:91:d2:af:c1:14:47:bf:64:
fe:81:68:84:18:dc:47:09:41:29:88:8d:b0:fa:69:
59:38:88:4b:14:c3:59:9e:e4:17:c1:df:86:75:cd:
51:3f:56:3c:b0:92:5e:1a:fd:e5:82:54:fd:0f:b1:
10:d6:e6:34:d1:43:3f:c1:de:47:cd:2d:0e:b0:c4:
76:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:05:3F:BD:D2:A5:86:49:7C:09:44:BD:B3:D5:A6:F2:C2:C1:A2:0B
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/VAU_vdKlhkl8CUS9s9Wm8sLBogs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.94.171.0/24
45.132.182.0/23
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/22
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.92.0/24
195.177.94.0/23
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a11:2a80::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
99:7d:13:b3:7f:77:56:ae:c1:d3:f8:b8:3c:2f:7b:cc:18:95:
9d:e7:3e:94:e9:90:3e:8a:a6:02:d4:b1:f0:59:e2:fe:c3:c2:
7f:b4:82:e8:3b:ec:ed:90:b4:ca:78:20:2f:8c:ea:40:65:a0:
e7:b4:f9:54:2f:ad:e0:5b:04:f7:66:e1:2c:ee:38:d3:35:16:
5f:53:f8:5e:04:78:dd:39:dd:7a:61:2b:84:cc:36:97:41:b7:
88:4a:e8:d2:d5:df:90:0c:93:1f:72:88:d5:3f:4d:fd:fa:c4:
87:6e:83:29:25:c0:90:fa:36:00:5c:50:2a:c0:5a:44:b6:63:
b0:e0:1d:10:64:fe:28:c6:90:87:9e:d1:2e:0e:41:d9:3e:3d:
d4:e7:b5:ad:ea:83:41:91:90:53:05:a3:ea:99:83:33:3f:b4:
b8:1a:03:f9:6e:2a:9d:79:fd:96:e9:77:c0:20:ae:de:ca:30:
21:8c:59:b1:54:63:42:4b:bc:e5:66:c0:e4:39:1e:6b:24:b8:
8f:8e:fb:35:af:e4:54:49:5a:e3:cb:5f:56:86:92:6a:6c:17:
e5:8a:bc:91:27:56:41:c3:83:57:75:12:31:cf:d0:13:8e:51:
a7:66:72:74:c4:8c:96:a3:04:4c:b7:22:e6:bb:8b:83:26:ab:
a6:fb:e2:a1
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgISAZ7+JUEl51iqtL0JlPSaktGAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjYwNjI1MDkzODM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDA1M2ZiZGQyYTU4NjQ5N2MwOTQ0YmRiM2Q1YTZmMmMyYzFhMjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dfHqliAnphmhvvP+Q26aq2ejjS2
zFNEHHjOCICIwGGsMTv6fHrNFhymIosS2d4AVIFPaGLjJsw2P3T5FfT8aXeyo7h1
fMXEDNXvbZH4xjr7OVSYsIdmnWwg3p07DrKjS5dTspHpl3bThLI3DXaeQA6/L5tE
K7b+go2OuMDHfTEuwTYWzBD8DHA8lW/5QuOFUxAgaBxXdNQsTanN8eKg8sB9EHqM
cNPeYDmQA++jY7CDeMpmK8Lt9QVBkdKvwRRHv2T+gWiEGNxHCUEpiI2w+mlZOIhL
FMNZnuQXwd+Gdc1RP1Y8sJJeGv3lglT9D7EQ1uY00UM/wd5HzS0OsMR2lQIDAQAB
o4ICnzCCApswHQYDVR0OBBYEFFQFP73SpYZJfAlEvbPVpvLCwaILMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvVkFVX3ZkS2xoa2w4Q1VTOXM5V204c0xCb2dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG0BggrBgEFBQcBBwEB/wSBpDCBoTB0BAIAATBuAwQABbVU
AwQABbVXAwQALQkdMAwDBAAtDb0DBAAtDb4DBAAtXqsDBAEthLYDBACSE30DBAG5
K/gDBAC5K/sDBAG5yD4DBALBHvADBADBOSsDBADC8mADBAHC8mIDBADDsVwDBAHD
sV4DBALD07wwKQQCAAIwIwMFACoBcSADBQMqB5IAAwUDKgylgAMFACoRKoADBQAq
Ep8AMA0GCSqGSIb3DQEBCwUAA4IBAQCZfROzf3dWrsHT+Lg8L3vMGJWd5z6U6ZA+
iqYC1LHwWeL+w8J/tILoO+ztkLTKeCAvjOpAZaDntPlUL63gWwT3ZuEs7jjTNRZf
U/heBHjdOd16YSuEzDaXQbeISujS1d+QDJMfcojVP039+sSHboMpJcCQ+jYAXFAq
wFpEtmOw4B0QZP4oxpCHntEuDkHZPj3U57Wt6oNBkZBTBaPqmYMzP7S4GgP5biqd
ef2W6XfAIK7eyjAhjFmxVGNCS7zlZsDkOR5rJLiPjvs1r+RUSVrjy19WhpJqbBfl
iryRJ1ZBw4NXdRIxz9ATjlGnZnJ0xIyWowRMtyLmu4uDJqum++Kh
-----END CERTIFICATE-----
Generated at Fri Jun 26 09:01:36 2026 by rpki-client