Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/VWVo0mk7ZB8ir7PlTTaqz09CwrI.roa
File: VWVo0mk7ZB8ir7PlTTaqz09CwrI.roa (raw, json)
Hash identifier: MuQfnqog33QW35mi7fhwEmJ/XtuTuWzyQFdiCPaNhDo=
Subject key identifier: 55:65:68:D2:69:3B:64:1F:22:AF:B3:E5:4D:36:AA:CF:4F:42:C2:B2
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 019A0C032197F57360A35DB2E8EF2B578524
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/VWVo0mk7ZB8ir7PlTTaqz09CwrI.roa
Signing time: Wed 22 Oct 2025 13:02:03 +0000
ROA not before: Wed 22 Oct 2025 13:02:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204610
IP address blocks: 170.168.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0c:03:21:97:f5:73:60:a3:5d:b2:e8:ef:2b:57:85:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Oct 22 13:02:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=556568d2693b641f22afb3e54d36aacf4f42c2b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:bc:07:4d:9a:30:6c:8a:1c:19:62:41:1a:3e:
f3:ee:67:54:e5:0e:c2:d0:f9:a5:bb:a3:9b:b7:49:
9b:d2:05:32:1f:9e:6f:8e:d0:78:48:f9:09:af:a4:
69:45:8f:5d:7e:8a:25:df:64:01:af:8b:cf:2e:3c:
ac:59:ac:91:52:e1:e6:bc:c5:36:42:4c:3d:64:4e:
53:51:f4:75:53:2a:12:f9:d6:a2:b3:d8:d8:c9:c2:
6d:82:e1:de:0e:35:f3:1d:57:fa:38:65:e8:92:73:
8f:bd:ed:67:c7:20:b3:65:d1:b7:aa:f4:75:ff:dc:
f6:7b:62:e8:88:b6:c5:f2:fe:e1:7b:2c:d4:44:ec:
13:57:b5:c3:9f:f7:7a:cd:a4:1d:ac:af:c0:77:6e:
ad:83:a5:a0:72:b0:e7:54:ea:29:33:98:21:fd:1a:
ed:48:30:a1:ae:63:d0:0a:da:02:31:4c:56:46:55:
3c:1f:63:db:5c:dd:51:f3:c5:3a:16:2b:f6:97:29:
ca:bd:6d:6f:c7:96:97:a5:eb:7a:bd:2f:ca:9a:a1:
31:dc:da:a8:15:d4:ea:9e:56:2a:e6:20:0f:36:bd:
8d:f8:37:e6:3b:aa:d7:f2:e0:c3:8d:af:60:91:88:
fc:f6:0f:50:cb:6c:16:9f:34:50:ce:f1:6e:c4:67:
62:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:65:68:D2:69:3B:64:1F:22:AF:B3:E5:4D:36:AA:CF:4F:42:C2:B2
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/VWVo0mk7ZB8ir7PlTTaqz09CwrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.168.88.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:e5:72:29:71:de:2a:87:92:6b:de:ca:9f:af:d1:31:30:1e:
b4:b0:c6:9c:8f:d5:e5:e4:b9:aa:08:1e:7e:22:53:37:89:4f:
94:c5:fc:af:c5:d2:77:65:6d:8f:48:d5:7f:d6:33:bc:e5:64:
e1:6c:45:69:c1:81:7d:a0:88:61:aa:c2:b1:70:6c:6c:c2:03:
64:88:d9:87:97:ad:ec:54:a5:14:6f:ae:84:4a:de:ff:69:d0:
83:1b:c1:eb:62:a5:e5:04:b8:7f:fd:e9:77:ff:e0:63:3e:d3:
89:59:58:d9:fb:ee:ea:74:16:35:bc:9e:d4:d0:78:bf:53:b0:
b0:25:5a:b6:51:e6:19:c0:e0:27:54:6d:b6:e7:c5:0e:7d:26:
33:36:14:a3:e0:13:09:fd:eb:01:de:f2:a4:c8:cb:e6:d6:52:
63:4a:f5:78:07:0d:29:2d:ed:52:8e:91:3c:d1:e3:7b:a0:de:
36:df:c6:aa:bb:5b:e7:4b:84:fa:1e:9f:30:b0:c3:dc:38:c3:
0c:ec:fd:3b:fc:33:78:83:68:aa:71:63:81:74:d7:aa:a8:4e:
45:23:9c:f9:94:a8:ae:52:3c:02:b1:d3:10:7d:29:0b:cb:33:
94:fa:c2:64:ff:dd:a9:c1:fe:77:ca:c5:41:30:6e:dd:46:54:
0b:99:0a:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZoMAyGX9XNgo12y6O8rV4UkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjUxMDIyMTMwMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTY1NjhkMjY5M2I2NDFmMjJhZmIzZTU0ZDM2YWFjZjRmNDJjMmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7wHTZowbIocGWJBGj7z7mdU5Q7C
0Pmlu6Obt0mb0gUyH55vjtB4SPkJr6RpRY9dfool32QBr4vPLjysWayRUuHmvMU2
Qkw9ZE5TUfR1UyoS+dais9jYycJtguHeDjXzHVf6OGXoknOPve1nxyCzZdG3qvR1
/9z2e2LoiLbF8v7heyzUROwTV7XDn/d6zaQdrK/Ad26tg6WgcrDnVOopM5gh/Rrt
SDChrmPQCtoCMUxWRlU8H2PbXN1R88U6Fiv2lynKvW1vx5aXpet6vS/KmqEx3Nqo
FdTqnlYq5iAPNr2N+DfmO6rX8uDDja9gkYj89g9Qy2wWnzRQzvFuxGdiowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFVlaNJpO2QfIq+z5U02qs9PQsKyMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvVldWbzBtazdaQjhpcjdQbFRUYXF6MDlDd3JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqqhYMA0G
CSqGSIb3DQEBCwUAA4IBAQAO5XIpcd4qh5Jr3sqfr9ExMB60sMacj9Xl5LmqCB5+
IlM3iU+UxfyvxdJ3ZW2PSNV/1jO85WThbEVpwYF9oIhhqsKxcGxswgNkiNmHl63s
VKUUb66ESt7/adCDG8HrYqXlBLh//el3/+BjPtOJWVjZ++7qdBY1vJ7U0Hi/U7Cw
JVq2UeYZwOAnVG2258UOfSYzNhSj4BMJ/esB3vKkyMvm1lJjSvV4Bw0pLe1SjpE8
0eN7oN4238aqu1vnS4T6Hp8wsMPcOMMM7P07/DN4g2iqcWOBdNeqqE5FI5z5lKiu
UjwCsdMQfSkLyzOU+sJk/92pwf53ysVBMG7dRlQLmQqv
-----END CERTIFICATE-----
Generated at Sat Oct 25 09:40:02 2025 by rpki-client