Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/vvun3eikZcpW6UjAhYfVCVsm-AI.roa
File: vvun3eikZcpW6UjAhYfVCVsm-AI.roa (raw, json)
Hash identifier: U39ycL4LLB92O8NzJ38ORyHzqu/08gaa/sDm7/jkQGw=
Subject key identifier: BE:FB:A7:DD:E8:A4:65:CA:56:E9:48:C0:85:87:D5:09:5B:26:F8:02
Certificate issuer: /CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Certificate serial: 019DEE73F33BE2DE66A1BD5B6963E8AE4082
Authority key identifier: 52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/vvun3eikZcpW6UjAhYfVCVsm-AI.roa
Signing time: Sun 03 May 2026 15:27:49 +0000
ROA not before: Sun 03 May 2026 15:27:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6206
IP address blocks: 37.46.192.0/21 maxlen: 24
69.161.192.0/21 maxlen: 24
91.199.50.0/24 maxlen: 24
94.185.80.0/21 maxlen: 24
94.228.208.0/20 maxlen: 24
107.182.112.0/20 maxlen: 24
109.235.48.0/21 maxlen: 24
194.110.67.0/24 maxlen: 24
2a00:dd0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 18:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ee:73:f3:3b:e2:de:66:a1:bd:5b:69:63:e8:ae:40:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Validity
Not Before: May 3 15:27:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=befba7dde8a465ca56e948c08587d5095b26f802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:6e:01:9a:58:fa:f7:66:ab:04:01:66:25:bd:
d1:c7:8f:01:5a:2a:26:e6:43:87:1f:e0:55:ab:66:
62:81:6f:7a:d9:26:0c:99:d9:0a:99:2a:66:88:96:
60:2f:75:4e:ef:c3:0b:f4:3a:53:2b:9f:ab:af:94:
47:00:9b:6d:2a:60:d3:ab:46:3f:8d:a3:2e:47:b0:
81:fa:0f:39:d8:8a:82:38:1d:cd:d6:48:2e:15:70:
d2:b7:ea:af:e4:80:25:30:df:2a:82:12:32:db:72:
dc:8a:c5:40:11:62:01:cb:4b:cc:9f:fd:16:fd:3d:
e8:6a:56:49:a0:46:1e:9c:33:bf:04:5f:d5:be:00:
2e:fc:49:3e:16:b7:d4:e4:93:9c:f9:a6:3f:f1:67:
66:3b:67:22:77:77:9c:07:27:32:2c:16:94:cc:d4:
47:8f:14:02:09:5c:26:10:f2:45:13:cc:8b:66:de:
20:31:f6:5b:21:42:81:94:d6:25:16:34:90:8d:a0:
a7:4c:1f:c2:0f:c5:06:d0:5e:28:0e:45:8d:53:59:
1e:09:25:15:45:bd:58:1a:ee:0b:2a:c4:c7:7a:89:
5a:68:53:c4:c5:a9:99:c2:34:43:44:48:a9:eb:db:
e5:50:49:d0:73:65:83:79:90:32:3a:d2:11:b8:08:
0d:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:FB:A7:DD:E8:A4:65:CA:56:E9:48:C0:85:87:D5:09:5B:26:F8:02
X509v3 Authority Key Identifier:
keyid:52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/vvun3eikZcpW6UjAhYfVCVsm-AI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.192.0/21
69.161.192.0/21
91.199.50.0/24
94.185.80.0/21
94.228.208.0/20
107.182.112.0/20
109.235.48.0/21
194.110.67.0/24
IPv6:
2a00:dd0::/32
Signature Algorithm: sha256WithRSAEncryption
2f:f6:cc:d0:71:9f:2d:56:3c:dc:50:88:ec:f2:f9:29:04:05:
78:4d:23:30:d4:14:38:50:bb:66:12:81:68:bb:e0:13:d0:0c:
a7:72:62:fe:04:6e:bd:5b:2c:45:d3:3f:56:c1:3c:75:c9:f2:
6a:ff:36:36:f6:d3:11:a4:31:80:39:24:02:cc:54:f3:7f:ef:
8a:7f:6e:ae:a5:cc:af:15:f0:18:6a:ea:cc:4d:82:6e:ab:f6:
d8:0e:3b:95:a6:6c:a5:ba:5e:3f:92:ea:cb:dd:0e:ab:67:3e:
6f:d0:68:e6:00:31:ef:26:2a:b9:45:4a:6b:53:9d:1d:ea:5b:
4f:74:f5:73:12:b1:5a:4a:c5:5c:b6:8c:58:f2:17:f0:02:45:
b2:23:ff:69:c3:8f:59:a3:4d:0b:c6:64:19:04:79:62:a1:ea:
d0:b1:96:68:64:96:2d:04:ff:74:02:74:6c:46:20:56:54:4b:
38:6a:de:de:45:f3:27:e3:6d:80:b5:37:4f:36:47:c9:42:e0:
4c:ed:38:01:83:1a:5d:c5:7e:32:20:ea:80:c7:06:2d:c5:d9:
11:78:dd:27:47:52:aa:af:1e:32:95:ce:b6:26:54:29:00:8c:
c7:2e:6a:ae:70:d8:42:72:ce:4c:36:6d:8d:fc:ec:ef:50:0b:
b7:9e:e4:66
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZ3uc/M74t5mob1baWPorkCCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZGM5YzIxOGI1MTBjMDdiYzY2NTliMDlmYmQzMmFmZTY4
YWJmZDIwHhcNMjYwNTAzMTUyNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWZiYTdkZGU4YTQ2NWNhNTZlOTQ4YzA4NTg3ZDUwOTViMjZmODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtW4Bmlj692arBAFmJb3Rx48BWiom
5kOHH+BVq2ZigW962SYMmdkKmSpmiJZgL3VO78ML9DpTK5+rr5RHAJttKmDTq0Y/
jaMuR7CB+g852IqCOB3N1kguFXDSt+qv5IAlMN8qghIy23LcisVAEWIBy0vMn/0W
/T3oalZJoEYenDO/BF/VvgAu/Ek+FrfU5JOc+aY/8WdmO2cid3ecBycyLBaUzNRH
jxQCCVwmEPJFE8yLZt4gMfZbIUKBlNYlFjSQjaCnTB/CD8UG0F4oDkWNU1keCSUV
Rb1YGu4LKsTHeolaaFPExamZwjRDREip69vlUEnQc2WDeZAyOtIRuAgNKwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFL77p93opGXKVulIwIWH1QlbJvgCMB8GA1UdIwQY
MBaAFFLcnCGLUQwHvGZZsJ+9Mq/mir/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYt
NTJmOTdiMjc3ZDFmLzEvdnZ1bjNlaWtaY3BXNlVqQWhZZlZDVnNtLUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYtNTJmOTdiMjc3ZDFm
LzEvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDJS7AAwQD
RaHAAwQAW8cyAwQDXrlQAwQEXuTQAwQEa7ZwAwQDbeswAwQAwm5DMA0EAgACMAcD
BQAqAA3QMA0GCSqGSIb3DQEBCwUAA4IBAQAv9szQcZ8tVjzcUIjs8vkpBAV4TSMw
1BQ4ULtmEoFou+AT0AyncmL+BG69WyxF0z9WwTx1yfJq/zY29tMRpDGAOSQCzFTz
f++Kf26upcyvFfAYaurMTYJuq/bYDjuVpmylul4/kurL3Q6rZz5v0GjmADHvJiq5
RUprU50d6ltPdPVzErFaSsVctoxY8hfwAkWyI/9pw49Zo00LxmQZBHlioerQsZZo
ZJYtBP90AnRsRiBWVEs4at7eRfMn422AtTdPNkfJQuBM7TgBgxpdxX4yIOqAxwYt
xdkReN0nR1Kqrx4ylc62JlQpAIzHLmqucNhCcs5MNm2N/OzvUAu3nuRm
-----END CERTIFICATE-----
Generated at Wed May 6 01:11:42 2026 by rpki-client