Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/vUBtInQXQnp6aIJZLEu8LFVUcuw.roa
File: vUBtInQXQnp6aIJZLEu8LFVUcuw.roa (raw, json)
Hash identifier: XecZfooeE59vNEPEzFn7DI60osYJ07EPCzVg5HN86l0=
Subject key identifier: BD:40:6D:22:74:17:42:7A:7A:68:82:59:2C:4B:BC:2C:55:54:72:EC
Certificate issuer: /CN=056006f2a1840900c753628121b3fb7ec5bd89e9
Certificate serial: 01990FC023FF9A4B970AE3553EA5F22D6604
Authority key identifier: 05:60:06:F2:A1:84:09:00:C7:53:62:81:21:B3:FB:7E:C5:BD:89:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWAG8qGECQDHU2KBIbP7fsW9iek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/vUBtInQXQnp6aIJZLEu8LFVUcuw.roa
Signing time: Wed 03 Sep 2025 13:24:34 +0000
ROA not before: Wed 03 Sep 2025 13:24:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62005
IP address blocks: 5.42.221.0/24 maxlen: 24
45.129.0.0/24 maxlen: 24
45.145.171.0/24 maxlen: 24
2a12:c740::/48 maxlen: 48
2a12:c740:1::/48 maxlen: 48
2a12:c740:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/BWAG8qGECQDHU2KBIbP7fsW9iek.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/BWAG8qGECQDHU2KBIbP7fsW9iek.mft
rsync://rpki.ripe.net/repository/DEFAULT/BWAG8qGECQDHU2KBIbP7fsW9iek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 17:17:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0f:c0:23:ff:9a:4b:97:0a:e3:55:3e:a5:f2:2d:66:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=056006f2a1840900c753628121b3fb7ec5bd89e9
Validity
Not Before: Sep 3 13:24:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd406d227417427a7a6882592c4bbc2c555472ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:cb:58:42:e3:72:c6:27:15:51:a0:f0:1d:f2:
83:1e:90:fd:31:56:ab:18:b2:4f:bf:13:46:b3:d8:
b3:74:8e:2e:62:cb:04:8a:53:bf:1b:d5:b0:e7:94:
63:cc:0d:3c:c9:e4:bd:30:bf:f7:fb:63:61:eb:d4:
5e:64:87:98:26:1d:05:29:3a:73:61:c4:42:6c:63:
62:74:a4:4c:42:4e:35:6c:2e:27:ac:26:80:d2:bd:
e2:de:97:56:17:41:4f:50:7b:85:d2:7a:ea:67:6c:
8b:6d:27:71:35:2b:c7:6a:90:f7:9a:8e:78:40:0a:
22:00:03:d0:d7:6a:11:5c:59:70:ce:4c:b8:ce:63:
1c:92:eb:d6:7f:d9:fe:3b:f3:1d:d8:1b:13:47:ac:
c4:0d:18:5d:47:b4:61:1d:c7:7e:fe:05:98:53:38:
21:88:5a:f6:98:a8:99:e2:e3:9a:4d:ac:61:5e:d2:
05:f0:b5:2b:7c:93:88:a4:c6:20:41:92:9e:4f:d2:
3d:76:e5:1e:82:ef:cb:60:5b:c4:de:0f:37:ea:bc:
a0:0c:14:f5:43:dd:6a:dc:8c:01:68:f8:d0:c5:ed:
df:a8:8b:bb:0a:61:5a:c8:b2:4b:cd:64:b4:d8:c4:
a3:20:33:50:18:9f:6b:45:db:40:c4:8a:7f:98:da:
15:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:40:6D:22:74:17:42:7A:7A:68:82:59:2C:4B:BC:2C:55:54:72:EC
X509v3 Authority Key Identifier:
keyid:05:60:06:F2:A1:84:09:00:C7:53:62:81:21:B3:FB:7E:C5:BD:89:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWAG8qGECQDHU2KBIbP7fsW9iek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/vUBtInQXQnp6aIJZLEu8LFVUcuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/5732d3-a53c-41f7-a623-55b3e6476a7b/1/BWAG8qGECQDHU2KBIbP7fsW9iek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.221.0/24
45.129.0.0/24
45.145.171.0/24
IPv6:
2a12:c740::-2a12:c740:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
94:fb:65:a6:ed:b6:b2:ca:1d:6e:f2:58:56:87:c9:20:ba:da:
f0:18:4d:49:f1:36:41:0d:ad:c4:68:57:9a:04:08:57:b3:11:
2d:15:e8:bc:40:cc:7f:1b:c7:53:2b:be:d9:24:16:62:e5:b4:
f5:a0:5e:04:e5:c6:76:a3:c0:2f:ff:ae:f8:52:7f:dd:b7:35:
6e:61:c0:f6:3a:1d:e9:33:90:f3:3b:96:e1:ae:3e:15:20:73:
76:cf:3e:c1:14:73:c5:4d:3c:32:c4:68:ce:48:d4:d2:9c:21:
c1:3f:1a:c9:64:1a:69:13:53:a5:04:77:a3:6f:b7:c1:dc:b5:
68:a5:d8:24:a8:bd:16:6b:36:92:55:f7:0d:fc:53:30:a3:89:
25:47:11:ed:9c:14:69:40:b7:b1:e1:5d:ac:47:fe:7a:e2:df:
e6:d0:39:fd:a9:f6:c8:03:71:81:ea:40:c3:86:97:42:7a:bf:
dc:2c:f5:d6:a2:85:81:6e:24:76:c5:65:d6:8d:99:b5:05:09:
67:d3:d2:49:bc:7f:a6:05:88:8a:15:92:7d:17:00:82:b1:75:
45:cf:28:10:08:09:e1:d9:2e:cc:60:01:ea:27:62:06:b0:dc:
b3:bd:57:cf:3d:d5:1c:c3:cb:79:dc:80:95:b7:9b:46:b8:0d:
76:20:22:ad
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZkPwCP/mkuXCuNVPqXyLWYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjAwNmYyYTE4NDA5MDBjNzUzNjI4MTIxYjNmYjdlYzVi
ZDg5ZTkwHhcNMjUwOTAzMTMyNDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDQwNmQyMjc0MTc0MjdhN2E2ODgyNTkyYzRiYmMyYzU1NTQ3MmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMtYQuNyxicVUaDwHfKDHpD9MVar
GLJPvxNGs9izdI4uYssEilO/G9Ww55RjzA08yeS9ML/3+2Nh69ReZIeYJh0FKTpz
YcRCbGNidKRMQk41bC4nrCaA0r3i3pdWF0FPUHuF0nrqZ2yLbSdxNSvHapD3mo54
QAoiAAPQ12oRXFlwzky4zmMckuvWf9n+O/Md2BsTR6zEDRhdR7RhHcd+/gWYUzgh
iFr2mKiZ4uOaTaxhXtIF8LUrfJOIpMYgQZKeT9I9duUegu/LYFvE3g836rygDBT1
Q91q3IwBaPjQxe3fqIu7CmFayLJLzWS02MSjIDNQGJ9rRdtAxIp/mNoV1QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFL1AbSJ0F0J6emiCWSxLvCxVVHLsMB8GA1UdIwQY
MBaAFAVgBvKhhAkAx1NigSGz+37FvYnpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldBRzhxR0VDUURIVTJLQkliUDdmc1c5aWVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC81NzMyZDMtYTUzYy00MWY3LWE2MjMt
NTViM2U2NDc2YTdiLzEvdlVCdEluUVhRbnA2YUlKWkxFdThMRlZVY3V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC81NzMyZDMtYTUzYy00MWY3LWE2MjMtNTViM2U2NDc2YTdi
LzEvQldBRzhxR0VDUURIVTJLQkliUDdmc1c5aWVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQABSrdAwQA
LYEAAwQALZGrMBgEAgACMBIwEAMFBioSx0ADBwAqEsdAAAIwDQYJKoZIhvcNAQEL
BQADggEBAJT7ZabttrLKHW7yWFaHySC62vAYTUnxNkENrcRoV5oECFezES0V6LxA
zH8bx1MrvtkkFmLltPWgXgTlxnajwC//rvhSf923NW5hwPY6HekzkPM7luGuPhUg
c3bPPsEUc8VNPDLEaM5I1NKcIcE/GslkGmkTU6UEd6Nvt8HctWil2CSovRZrNpJV
9w38UzCjiSVHEe2cFGlAt7HhXaxH/nri3+bQOf2p9sgDcYHqQMOGl0J6v9ws9dai
hYFuJHbFZdaNmbUFCWfT0km8f6YFiIoVkn0XAIKxdUXPKBAICeHZLsxgAeonYgaw
3LO9V8891RzDy3ncgJW3m0a4DXYgIq0=
-----END CERTIFICATE-----
Generated at Sat Sep 6 03:15:20 2025 by rpki-client