Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/7f7d8f-0dc8-45a2-bc16-80add9ea3e5c/1/vmS5BdN7qv6lm6TAxWJK3LZ33KQ.roa
File: vmS5BdN7qv6lm6TAxWJK3LZ33KQ.roa (raw, json)
Hash identifier: 15/dbHkyNejRc1b3Z2HNyUYHE9FyHjv1laHgorxIb9A=
Subject key identifier: BE:64:B9:05:D3:7B:AA:FE:A5:9B:A4:C0:C5:62:4A:DC:B6:77:DC:A4
Certificate issuer: /CN=e0c5bb3da53435bf41e17f7dec47d4484e7f3129
Certificate serial: 0198C326EA453948D9FE3C04D2AA0DB4ECD6
Authority key identifier: E0:C5:BB:3D:A5:34:35:BF:41:E1:7F:7D:EC:47:D4:48:4E:7F:31:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4MW7PaU0Nb9B4X997EfUSE5_MSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/7f7d8f-0dc8-45a2-bc16-80add9ea3e5c/1/vmS5BdN7qv6lm6TAxWJK3LZ33KQ.roa
Signing time: Tue 19 Aug 2025 16:26:04 +0000
ROA not before: Tue 19 Aug 2025 16:26:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210550
IP address blocks: 185.108.86.0/24 maxlen: 24
185.108.87.0/24 maxlen: 24
2a04:88c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/7f7d8f-0dc8-45a2-bc16-80add9ea3e5c/1/4MW7PaU0Nb9B4X997EfUSE5_MSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/7f7d8f-0dc8-45a2-bc16-80add9ea3e5c/1/4MW7PaU0Nb9B4X997EfUSE5_MSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/4MW7PaU0Nb9B4X997EfUSE5_MSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 23:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c3:26:ea:45:39:48:d9:fe:3c:04:d2:aa:0d:b4:ec:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0c5bb3da53435bf41e17f7dec47d4484e7f3129
Validity
Not Before: Aug 19 16:26:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be64b905d37baafea59ba4c0c5624adcb677dca4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:65:5f:88:f0:20:c7:46:b5:57:d7:d3:f8:ee:
3a:76:22:87:e6:4a:3f:93:74:08:ec:3d:0e:5c:7e:
2e:a4:a8:70:cb:f4:cc:99:6b:8b:e7:bd:c2:21:58:
dd:61:b9:58:0d:7c:23:b6:ab:7c:09:8a:65:33:1c:
33:46:dd:3d:34:8b:97:f3:f7:8b:e9:f8:48:56:cd:
70:c1:cc:ee:da:f5:19:10:17:9a:5e:65:0c:2c:aa:
f0:37:92:6e:be:1b:64:48:01:6b:19:e3:5a:4a:f5:
89:c5:d7:86:4a:06:f6:1a:bc:30:3e:42:de:d7:7b:
c6:27:43:5f:a9:05:84:c3:3e:30:95:ac:9b:cd:20:
95:93:9c:7b:d5:0b:9e:6f:78:2b:55:6a:bc:28:0b:
11:44:bf:66:17:9f:0b:4e:3a:57:e7:c5:86:b6:fb:
7c:04:08:76:be:0d:10:32:ab:da:45:d3:06:17:30:
bb:6e:03:a4:44:5e:67:2b:12:88:cd:2a:29:2b:ec:
2e:b2:0a:d8:81:35:05:91:e3:9f:20:a3:78:f2:6b:
c0:3b:d7:81:cc:2f:93:29:15:d3:e3:b7:d6:70:61:
39:8e:41:33:f5:d2:1b:af:f4:a7:8a:0f:ce:14:39:
19:85:c1:46:cb:ac:3d:f2:49:e9:8a:20:39:be:fa:
3f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:64:B9:05:D3:7B:AA:FE:A5:9B:A4:C0:C5:62:4A:DC:B6:77:DC:A4
X509v3 Authority Key Identifier:
keyid:E0:C5:BB:3D:A5:34:35:BF:41:E1:7F:7D:EC:47:D4:48:4E:7F:31:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MW7PaU0Nb9B4X997EfUSE5_MSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/7f7d8f-0dc8-45a2-bc16-80add9ea3e5c/1/vmS5BdN7qv6lm6TAxWJK3LZ33KQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/7f7d8f-0dc8-45a2-bc16-80add9ea3e5c/1/4MW7PaU0Nb9B4X997EfUSE5_MSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.86.0/23
IPv6:
2a04:88c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
60:d8:e3:61:de:e5:c8:70:3e:26:03:46:7b:dd:52:a0:34:75:
92:76:38:74:c8:2a:36:20:34:b0:92:76:60:04:76:f2:d7:82:
9a:10:61:17:b5:59:ce:8f:ec:99:8b:68:24:68:da:d4:0d:b0:
78:5f:72:c8:a7:04:e5:21:7e:e2:e7:03:a6:4c:5a:64:ec:8b:
d0:7f:6f:4a:55:c0:87:fe:5a:4b:7b:3d:7a:6f:16:12:a6:b2:
ea:c0:bd:0e:51:9c:63:76:34:85:ae:5c:2e:c1:48:e8:e2:28:
69:3c:2e:73:e1:65:a0:1d:1c:44:9a:89:b6:ac:f0:63:8e:55:
9b:a3:61:26:42:a3:86:ee:67:8f:e5:a3:41:6d:5a:ec:b1:92:
8e:09:40:cb:d5:42:04:ee:a7:5e:54:c7:0c:37:d6:39:8f:3d:
54:64:47:2a:96:6f:05:2a:46:87:0d:9a:1a:a0:75:68:41:6c:
65:bc:ca:81:b3:1d:4c:67:f4:2c:ea:cb:b7:2e:39:d2:05:01:
22:f7:ed:6c:b3:83:4b:ca:55:bb:e6:2d:a2:e6:8a:51:8a:44:
56:90:da:d3:d7:d7:3a:7a:ec:be:d0:5c:87:0f:2b:f9:a5:24:
0c:6a:f8:1e:2d:73:cd:9c:22:a2:1f:63:c2:40:1c:52:84:a7:
f5:5f:41:6d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZjDJupFOUjZ/jwE0qoNtOzWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYzViYjNkYTUzNDM1YmY0MWUxN2Y3ZGVjNDdkNDQ4NGU3
ZjMxMjkwHhcNMjUwODE5MTYyNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTY0YjkwNWQzN2JhYWZlYTU5YmE0YzBjNTYyNGFkY2I2NzdkY2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymVfiPAgx0a1V9fT+O46diKH5ko/
k3QI7D0OXH4upKhwy/TMmWuL573CIVjdYblYDXwjtqt8CYplMxwzRt09NIuX8/eL
6fhIVs1wwczu2vUZEBeaXmUMLKrwN5JuvhtkSAFrGeNaSvWJxdeGSgb2GrwwPkLe
13vGJ0NfqQWEwz4wlaybzSCVk5x71Queb3grVWq8KAsRRL9mF58LTjpX58WGtvt8
BAh2vg0QMqvaRdMGFzC7bgOkRF5nKxKIzSopK+wusgrYgTUFkeOfIKN48mvAO9eB
zC+TKRXT47fWcGE5jkEz9dIbr/Snig/OFDkZhcFGy6w98knpiiA5vvo/lQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFL5kuQXTe6r+pZukwMViSty2d9ykMB8GA1UdIwQY
MBaAFODFuz2lNDW/QeF/fexH1EhOfzEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE1XN1BhVTBOYjlCNFg5OTdFZlVTRTVfTVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS83ZjdkOGYtMGRjOC00NWEyLWJjMTYt
ODBhZGQ5ZWEzZTVjLzEvdm1TNUJkTjdxdjZsbTZUQXhXSkszTFozM0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS83ZjdkOGYtMGRjOC00NWEyLWJjMTYtODBhZGQ5ZWEzZTVj
LzEvNE1XN1BhVTBOYjlCNFg5OTdFZlVTRTVfTVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQBuWxWMA8E
AgACMAkDBwAqBIjAAAEwDQYJKoZIhvcNAQELBQADggEBAGDY42He5chwPiYDRnvd
UqA0dZJ2OHTIKjYgNLCSdmAEdvLXgpoQYRe1Wc6P7JmLaCRo2tQNsHhfcsinBOUh
fuLnA6ZMWmTsi9B/b0pVwIf+Wkt7PXpvFhKmsurAvQ5RnGN2NIWuXC7BSOjiKGk8
LnPhZaAdHESaibas8GOOVZujYSZCo4buZ4/lo0FtWuyxko4JQMvVQgTup15Uxww3
1jmPPVRkRyqWbwUqRocNmhqgdWhBbGW8yoGzHUxn9Czqy7cuOdIFASL37Wyzg0vK
VbvmLaLmilGKRFaQ2tPX1zp67L7QXIcPK/mlJAxq+B4tc82cIqIfY8JAHFKEp/Vf
QW0=
-----END CERTIFICATE-----
Generated at Thu Aug 21 08:19:36 2025 by rpki-client