Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/vlp3GURZLMSqHZj8Wczzco6OhlM.roa
File: vlp3GURZLMSqHZj8Wczzco6OhlM.roa (raw, json)
Hash identifier: Ij5GDS5A64No5muGkdmAbAJEygPPU04xdK6LicaUL0U=
Subject key identifier: BE:5A:77:19:44:59:2C:C4:AA:1D:98:FC:59:CC:F3:72:8E:8E:86:53
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 019E87D09A382346E6CC4E11E3866986C1E9
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/vlp3GURZLMSqHZj8Wczzco6OhlM.roa
Signing time: Tue 02 Jun 2026 10:10:55 +0000
ROA not before: Tue 02 Jun 2026 10:10:55 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29119
IP address blocks: 45.6.44.0/22 maxlen: 22
45.120.220.0/22 maxlen: 22
62.106.67.0/24 maxlen: 24
80.174.2.0/23 maxlen: 23
80.174.4.0/22 maxlen: 22
80.174.128.0/17 maxlen: 17
80.174.144.0/22 maxlen: 22
80.174.148.0/22 maxlen: 22
80.174.152.0/21 maxlen: 21
80.174.160.0/22 maxlen: 22
80.174.164.0/22 maxlen: 22
80.174.168.0/21 maxlen: 21
80.174.176.0/20 maxlen: 20
80.174.200.0/21 maxlen: 21
80.174.246.0/24 maxlen: 24
83.143.168.0/21 maxlen: 21
83.143.171.0/24 maxlen: 24
128.0.40.0/24 maxlen: 24
202.58.108.0/22 maxlen: 22
212.86.98.0/24 maxlen: 24
212.118.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:87:d0:9a:38:23:46:e6:cc:4e:11:e3:86:69:86:c1:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: Jun 2 10:10:55 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=be5a771944592cc4aa1d98fc59ccf3728e8e8653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:04:97:aa:82:b9:89:3d:f9:cf:a3:6f:8c:c9:
59:dd:95:20:ad:d0:4c:71:83:8d:2e:0a:86:18:1b:
ec:e3:01:ea:79:bf:49:63:be:b9:b7:2f:4c:2b:32:
be:32:03:5d:30:82:26:9b:7d:2c:e5:fe:7b:15:95:
f5:a1:ba:30:d6:9d:09:11:55:4f:90:b1:b4:7b:17:
ff:3d:5a:8c:f1:7b:b5:17:b2:cd:28:34:ba:ad:49:
b6:f6:fb:92:87:2d:8f:79:02:dd:00:27:89:5d:32:
08:f6:b4:ad:d1:b5:91:8e:99:67:8f:79:75:69:11:
62:14:25:33:fd:76:c4:cf:8e:65:95:3e:92:9e:b0:
5b:6d:ec:1f:a1:6b:26:7a:9e:c7:ec:41:45:82:0c:
7d:7b:01:c2:0b:e6:a7:67:a8:8b:c2:3c:c8:a8:81:
32:a0:e6:40:81:6f:43:e8:60:b8:c0:02:92:af:0d:
1c:0c:5c:ad:c4:8b:6c:57:72:14:64:68:d8:1f:0f:
30:7c:ad:cc:1c:4f:b7:fa:27:56:19:04:9c:b0:fb:
da:fb:5d:98:5d:d0:62:8e:d2:26:89:88:8d:a1:08:
a1:35:7d:36:52:a1:5e:7d:8d:6c:4d:8e:60:40:b6:
c8:5d:ac:d7:36:d2:ee:52:dd:28:be:ef:f8:97:e8:
13:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:5A:77:19:44:59:2C:C4:AA:1D:98:FC:59:CC:F3:72:8E:8E:86:53
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/vlp3GURZLMSqHZj8Wczzco6OhlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.6.44.0/22
45.120.220.0/22
62.106.67.0/24
80.174.2.0-80.174.7.255
80.174.128.0/17
83.143.168.0/21
128.0.40.0/24
202.58.108.0/22
212.86.98.0/24
212.118.61.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:95:63:31:e1:dd:83:53:f7:99:5f:70:b7:4e:83:3c:33:a2:
b7:49:94:29:ab:67:2a:6d:18:05:20:e2:9a:a4:fe:94:94:72:
ee:20:9f:28:b1:e6:6d:70:49:f3:5f:c1:b2:1b:88:c5:d8:97:
09:57:a6:b4:92:cf:16:ec:8e:cf:d1:59:80:ea:48:b7:bb:8f:
db:6a:d3:d6:74:26:8b:cf:0a:18:8c:d1:17:17:83:e0:bc:a4:
4f:81:14:c1:10:6e:90:ec:da:3b:d7:39:9c:06:25:42:a8:16:
c1:25:e3:77:07:60:33:50:76:2c:97:eb:0b:19:c6:8b:2a:28:
e4:d5:7a:2d:d7:f9:f0:e5:17:0b:dc:fc:ba:d6:44:7b:85:9a:
42:52:fb:c4:06:c9:ce:6b:29:36:66:97:52:37:5e:d6:2f:93:
00:72:8c:4b:63:30:e6:ed:7b:ab:ca:05:64:bf:7c:66:ee:0d:
63:f4:fe:24:7b:13:01:bb:54:40:6a:77:2f:64:65:86:ce:50:
8c:39:93:2c:71:6b:45:35:d2:a4:bf:92:c4:30:33:a9:55:3a:
b1:65:b7:e4:d7:2f:09:00:1e:63:85:7b:fe:d7:a1:d4:9b:06:
d0:b0:dd:62:da:54:34:27:1c:f5:2f:88:56:cb:1d:c6:e5:4b:
eb:92:ba:fa
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZ6H0Jo4I0bmzE4R44ZphsHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjYwNjAyMTAxMDU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTVhNzcxOTQ0NTkyY2M0YWExZDk4ZmM1OWNjZjM3MjhlOGU4NjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ASXqoK5iT35z6NvjMlZ3ZUgrdBM
cYONLgqGGBvs4wHqeb9JY765ty9MKzK+MgNdMIImm30s5f57FZX1obow1p0JEVVP
kLG0exf/PVqM8Xu1F7LNKDS6rUm29vuShy2PeQLdACeJXTII9rSt0bWRjplnj3l1
aRFiFCUz/XbEz45llT6SnrBbbewfoWsmep7H7EFFggx9ewHCC+anZ6iLwjzIqIEy
oOZAgW9D6GC4wAKSrw0cDFytxItsV3IUZGjYHw8wfK3MHE+3+idWGQScsPva+12Y
XdBijtImiYiNoQihNX02UqFefY1sTY5gQLbIXazXNtLuUt0ovu/4l+gTkQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFL5adxlEWSzEqh2Y/FnM83KOjoZTMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvdmxwM0dVUlpMTVNxSFpqOFdjenpjbzZPaGxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCLQYsAwQC
LXjcAwQAPmpDMAwDBAFQrgIDBANQrgADBAdQroADBANTj6gDBACAACgDBALKOmwD
BADUVmIDBADUdj0wDQYJKoZIhvcNAQELBQADggEBAMaVYzHh3YNT95lfcLdOgzwz
ordJlCmrZyptGAUg4pqk/pSUcu4gnyix5m1wSfNfwbIbiMXYlwlXprSSzxbsjs/R
WYDqSLe7j9tq09Z0JovPChiM0RcXg+C8pE+BFMEQbpDs2jvXOZwGJUKoFsEl43cH
YDNQdiyX6wsZxosqKOTVei3X+fDlFwvc/LrWRHuFmkJS+8QGyc5rKTZml1I3XtYv
kwByjEtjMObte6vKBWS/fGbuDWP0/iR7EwG7VEBqdy9kZYbOUIw5kyxxa0U10qS/
ksQwM6lVOrFlt+TXLwkAHmOFe/7XodSbBtCw3WLaVDQnHPUviFbLHcblS+uSuvo=
-----END CERTIFICATE-----
Generated at Thu Jun 11 11:55:07 2026 by rpki-client