Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/vnaSuYqevyYX0jC0-a-c741qDGY.roa
File: vnaSuYqevyYX0jC0-a-c741qDGY.roa (raw, json)
Hash identifier: ouDVM8iN649mQg6JJDDBfAW8iLgGBCXHlMPjyI9VGpw=
Subject key identifier: BE:76:92:B9:8A:9E:BF:26:17:D2:30:B4:F9:AF:9C:EF:8D:6A:0C:66
Certificate issuer: /CN=3188fae3ebbb3d74feeddcf507f83e67db8850a2
Certificate serial: 019A0ADF1548939DA9940EE27000E95AFB36
Authority key identifier: 31:88:FA:E3:EB:BB:3D:74:FE:ED:DC:F5:07:F8:3E:67:DB:88:50:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYj64-u7PXT-7dz1B_g-Z9uIUKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/vnaSuYqevyYX0jC0-a-c741qDGY.roa
Signing time: Wed 22 Oct 2025 07:43:03 +0000
ROA not before: Wed 22 Oct 2025 07:43:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62313
IP address blocks: 185.63.128.0/22 maxlen: 22
185.141.200.0/22 maxlen: 24
185.168.0.0/22 maxlen: 22
185.188.204.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/MYj64-u7PXT-7dz1B_g-Z9uIUKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/MYj64-u7PXT-7dz1B_g-Z9uIUKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYj64-u7PXT-7dz1B_g-Z9uIUKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 19:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0a:df:15:48:93:9d:a9:94:0e:e2:70:00:e9:5a:fb:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3188fae3ebbb3d74feeddcf507f83e67db8850a2
Validity
Not Before: Oct 22 07:43:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be7692b98a9ebf2617d230b4f9af9cef8d6a0c66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:75:42:0b:0a:26:1f:62:4f:db:90:c5:5f:bb:
58:1c:3c:f5:e4:5d:93:88:aa:22:e7:cc:2b:7f:c9:
11:d1:54:af:d5:66:85:0a:40:86:72:9f:f8:83:a5:
ab:f0:4a:9b:24:ac:2f:55:3a:49:79:8c:b2:2d:ea:
58:d6:cf:74:82:b3:4f:31:10:18:7b:12:b8:6e:ad:
6c:df:4e:3a:b5:60:ea:77:74:e5:09:43:42:b3:4e:
6c:d6:03:0f:ed:50:90:72:41:b4:c6:2e:3f:c4:23:
fb:9b:56:11:4e:29:d8:23:d7:2c:6e:ca:1b:66:32:
02:41:8e:98:14:b4:71:63:b5:c4:a1:30:b6:15:46:
2d:5c:15:68:e4:98:13:36:1d:cc:2e:b1:42:8f:ac:
c0:70:14:a9:72:df:60:17:52:64:90:64:a7:b8:04:
74:fd:df:22:7a:14:b3:c2:72:78:c1:ab:a4:4c:c8:
36:ef:f3:04:96:3c:96:71:cb:87:d7:9c:fb:3f:f7:
ee:e8:d0:e3:4d:c7:8a:25:61:76:f0:eb:81:e8:3f:
78:36:e1:88:da:83:61:3e:d7:a8:9f:ad:3f:63:8c:
5d:52:41:fc:b8:eb:a7:53:c9:60:b2:25:ae:70:75:
f2:11:fb:f1:13:7e:9c:cc:06:cc:35:a3:f4:dc:78:
cb:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:76:92:B9:8A:9E:BF:26:17:D2:30:B4:F9:AF:9C:EF:8D:6A:0C:66
X509v3 Authority Key Identifier:
keyid:31:88:FA:E3:EB:BB:3D:74:FE:ED:DC:F5:07:F8:3E:67:DB:88:50:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYj64-u7PXT-7dz1B_g-Z9uIUKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/vnaSuYqevyYX0jC0-a-c741qDGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/MYj64-u7PXT-7dz1B_g-Z9uIUKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.128.0/22
185.141.200.0/22
185.168.0.0/22
185.188.204.0/22
Signature Algorithm: sha256WithRSAEncryption
85:13:1c:27:75:ff:ef:ef:5f:dc:55:27:df:38:1b:80:c8:0c:
73:a3:82:91:5a:ef:ac:5a:62:8a:ca:7a:4d:c9:1c:28:9e:a3:
f8:7e:fe:a1:13:86:79:23:7c:67:a9:b7:82:46:44:04:eb:df:
65:ef:b6:47:5f:93:e5:8f:3f:08:c3:27:21:81:97:05:36:f0:
fe:04:25:7c:f8:02:1e:68:01:3e:f2:b1:6a:4a:01:8e:4c:e5:
ec:2a:d5:02:2f:f4:b9:e4:75:6b:f5:a5:c2:c4:51:ac:46:9e:
e9:4a:96:de:17:b7:23:94:ae:ff:4c:9c:5e:fe:ed:e3:e2:53:
d7:34:3e:e1:58:74:2e:90:9e:00:39:c7:bf:22:ec:4c:0a:c7:
9a:e9:1d:56:ca:43:87:92:a1:79:f4:92:2b:08:0c:a0:42:7f:
48:27:e8:75:4f:6b:df:88:0c:02:19:18:6b:b5:68:22:a0:52:
21:48:10:6f:09:09:ad:93:ca:22:1b:04:11:a1:f7:3a:e2:fd:
3d:0e:c9:70:14:6b:dd:8e:e9:05:76:81:24:3e:29:41:b0:ea:
fd:5e:f3:1a:46:25:b3:95:6d:cf:ae:60:a8:27:6e:dc:cc:c7:
93:4f:4e:dc:89:fb:62:2e:5e:39:db:d7:4a:15:94:6c:b7:93:
cd:97:89:07
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZoK3xVIk52plA7icADpWvs2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODhmYWUzZWJiYjNkNzRmZWVkZGNmNTA3ZjgzZTY3ZGI4
ODUwYTIwHhcNMjUxMDIyMDc0MzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTc2OTJiOThhOWViZjI2MTdkMjMwYjRmOWFmOWNlZjhkNmEwYzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHVCCwomH2JP25DFX7tYHDz15F2T
iKoi58wrf8kR0VSv1WaFCkCGcp/4g6Wr8EqbJKwvVTpJeYyyLepY1s90grNPMRAY
exK4bq1s3046tWDqd3TlCUNCs05s1gMP7VCQckG0xi4/xCP7m1YRTinYI9csbsob
ZjICQY6YFLRxY7XEoTC2FUYtXBVo5JgTNh3MLrFCj6zAcBSpct9gF1JkkGSnuAR0
/d8iehSzwnJ4waukTMg27/MEljyWccuH15z7P/fu6NDjTceKJWF28OuB6D94NuGI
2oNhPteon60/Y4xdUkH8uOunU8lgsiWucHXyEfvxE36czAbMNaP03HjLuQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFL52krmKnr8mF9IwtPmvnO+NagxmMB8GA1UdIwQY
MBaAFDGI+uPruz10/u3c9Qf4PmfbiFCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlqNjQtdTdQWFQtN2R6MUJfZy1aOXVJVUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9lYTI5ZjItYzM0MC00ZDYxLWI1YmIt
Yjg1M2RmZjg3NjVjLzEvdm5hU3VZcWV2eVlYMGpDMC1hLWM3NDFxREdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9lYTI5ZjItYzM0MC00ZDYxLWI1YmItYjg1M2RmZjg3NjVj
LzEvTVlqNjQtdTdQWFQtN2R6MUJfZy1aOXVJVUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuT+AAwQC
uY3IAwQCuagAAwQCubzMMA0GCSqGSIb3DQEBCwUAA4IBAQCFExwndf/v71/cVSff
OBuAyAxzo4KRWu+sWmKKynpNyRwonqP4fv6hE4Z5I3xnqbeCRkQE699l77ZHX5Pl
jz8IwychgZcFNvD+BCV8+AIeaAE+8rFqSgGOTOXsKtUCL/S55HVr9aXCxFGsRp7p
SpbeF7cjlK7/TJxe/u3j4lPXND7hWHQukJ4AOce/IuxMCsea6R1WykOHkqF59JIr
CAygQn9IJ+h1T2vfiAwCGRhrtWgioFIhSBBvCQmtk8oiGwQRofc64v09DslwFGvd
jukFdoEkPilBsOr9XvMaRiWzlW3PrmCoJ27czMeTT07ciftiLl4529dKFZRst5PN
l4kH
-----END CERTIFICATE-----
Generated at Mon Oct 27 04:33:54 2025 by rpki-client