Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/400b4f-3688-497c-9785-234cbafac86a/1/VdIe0wje21xW6oNKzeMaUY1A5jg.roa
File: VdIe0wje21xW6oNKzeMaUY1A5jg.roa (raw, json)
Hash identifier: XUGNAPMZMK284DVHv5fL8vRSHePLM5U6Cz3a1v6M6hk=
Subject key identifier: 55:D2:1E:D3:08:DE:DB:5C:56:EA:83:4A:CD:E3:1A:51:8D:40:E6:38
Certificate issuer: /CN=de3d3687fe7df48c3be8398aad7bd20106545382
Certificate serial: 019A0CD3DF2EB59452EA647370D28D3F4300
Authority key identifier: DE:3D:36:87:FE:7D:F4:8C:3B:E8:39:8A:AD:7B:D2:01:06:54:53:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3j02h_599Iw76DmKrXvSAQZUU4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/400b4f-3688-497c-9785-234cbafac86a/1/VdIe0wje21xW6oNKzeMaUY1A5jg.roa
Signing time: Wed 22 Oct 2025 16:50:03 +0000
ROA not before: Wed 22 Oct 2025 16:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60662
IP address blocks: 185.27.168.0/22 maxlen: 22
185.106.180.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/400b4f-3688-497c-9785-234cbafac86a/1/3j02h_599Iw76DmKrXvSAQZUU4I.crl
rsync://rpki.ripe.net/repository/DEFAULT/6c/400b4f-3688-497c-9785-234cbafac86a/1/3j02h_599Iw76DmKrXvSAQZUU4I.mft
rsync://rpki.ripe.net/repository/DEFAULT/3j02h_599Iw76DmKrXvSAQZUU4I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 Oct 2025 08:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0c:d3:df:2e:b5:94:52:ea:64:73:70:d2:8d:3f:43:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de3d3687fe7df48c3be8398aad7bd20106545382
Validity
Not Before: Oct 22 16:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55d21ed308dedb5c56ea834acde31a518d40e638
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8d:89:68:03:94:b0:4e:3f:1a:05:5a:a9:f2:
82:10:7b:6f:d1:9e:6d:c3:5e:6e:c7:e8:a1:bf:0f:
f5:90:31:e8:f8:d5:60:fc:ac:ee:2e:cc:fe:30:e9:
7c:23:1d:71:ae:56:d3:e5:59:4e:50:af:49:f3:6d:
95:a8:18:af:9a:b8:8a:64:50:00:66:2d:dd:e7:bd:
65:f4:26:56:b4:68:a5:69:e6:f3:3a:aa:2a:7b:eb:
ba:ea:25:1f:e2:f5:cd:4b:78:3f:c9:78:c5:b2:28:
c2:40:aa:91:65:ef:a1:0b:11:a8:ab:bf:3c:5b:b1:
eb:c5:66:0c:4b:18:19:41:9d:fd:55:f7:5a:e5:d4:
23:8e:55:ac:47:b7:3a:a4:91:33:69:19:11:67:13:
b6:0e:cb:e1:82:f4:ce:9d:9c:35:a9:a7:75:a9:db:
92:71:10:0c:f8:4a:41:90:60:86:03:d9:bd:28:31:
25:05:c1:70:85:6f:a7:d7:cf:3f:3a:b7:b0:1d:fd:
e4:2a:7e:59:6d:3f:7d:a9:35:c8:10:36:74:18:c4:
13:2e:59:d8:0c:fa:63:5c:54:68:58:41:4c:7b:fd:
10:f9:cd:8d:b1:c0:3c:11:89:8e:0a:2a:66:b3:f7:
64:64:c8:35:3d:4d:33:c2:80:a8:84:bc:49:9c:19:
65:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:D2:1E:D3:08:DE:DB:5C:56:EA:83:4A:CD:E3:1A:51:8D:40:E6:38
X509v3 Authority Key Identifier:
keyid:DE:3D:36:87:FE:7D:F4:8C:3B:E8:39:8A:AD:7B:D2:01:06:54:53:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3j02h_599Iw76DmKrXvSAQZUU4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/400b4f-3688-497c-9785-234cbafac86a/1/VdIe0wje21xW6oNKzeMaUY1A5jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/400b4f-3688-497c-9785-234cbafac86a/1/3j02h_599Iw76DmKrXvSAQZUU4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.168.0/22
185.106.180.0/22
Signature Algorithm: sha256WithRSAEncryption
49:a0:d8:eb:b4:7e:5d:f2:1a:ea:50:72:cb:95:56:47:3f:3b:
85:e8:b3:f2:9e:81:24:bb:d1:11:ec:b8:ad:8e:a4:f5:a9:63:
e7:07:93:2b:40:5f:02:da:7c:a4:1c:a4:89:93:f8:04:4f:19:
4b:f4:52:0d:4d:d8:35:9b:c7:17:6c:ea:b2:7a:ac:b1:e5:32:
11:6c:89:8f:d8:81:e5:16:cb:98:91:b5:a3:d6:83:d2:1c:80:
95:90:c1:eb:3f:ef:b7:a8:b2:75:39:13:8d:8d:06:07:87:41:
ac:65:3a:b4:64:84:e2:ff:b9:91:4d:ce:69:c1:ad:8d:b9:d1:
72:1c:9a:d6:40:26:6a:98:f2:92:e9:fd:56:2b:02:5f:a9:cc:
74:57:c2:c2:70:f0:63:c6:28:6d:da:8d:0f:c1:49:ac:60:68:
61:3f:92:e1:0a:a5:a3:c1:af:dc:dc:42:b9:6c:1e:5d:64:83:
03:68:94:3b:a9:9a:9c:a9:00:97:a6:56:2b:30:d8:4c:de:42:
6d:10:c6:51:78:3c:2b:26:5a:ec:99:66:cf:5a:1b:03:7f:37:
36:b5:57:e2:6b:0a:8b:48:d8:ee:6d:81:54:34:cd:9d:cf:37:
d2:29:2b:8c:f4:28:0f:bf:27:c5:f7:06:1b:0a:86:12:f3:a4:
6a:8d:3c:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZoM098utZRS6mRzcNKNP0MAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlM2QzNjg3ZmU3ZGY0OGMzYmU4Mzk4YWFkN2JkMjAxMDY1
NDUzODIwHhcNMjUxMDIyMTY1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWQyMWVkMzA4ZGVkYjVjNTZlYTgzNGFjZGUzMWE1MThkNDBlNjM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlI2JaAOUsE4/GgVaqfKCEHtv0Z5t
w15ux+ihvw/1kDHo+NVg/KzuLsz+MOl8Ix1xrlbT5VlOUK9J822VqBivmriKZFAA
Zi3d571l9CZWtGilaebzOqoqe+u66iUf4vXNS3g/yXjFsijCQKqRZe+hCxGoq788
W7HrxWYMSxgZQZ39Vfda5dQjjlWsR7c6pJEzaRkRZxO2DsvhgvTOnZw1qad1qduS
cRAM+EpBkGCGA9m9KDElBcFwhW+n188/OrewHf3kKn5ZbT99qTXIEDZ0GMQTLlnY
DPpjXFRoWEFMe/0Q+c2NscA8EYmOCipms/dkZMg1PU0zwoCohLxJnBllWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFXSHtMI3ttcVuqDSs3jGlGNQOY4MB8GA1UdIwQY
MBaAFN49Nof+ffSMO+g5iq170gEGVFOCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2owMmhfNTk5SXc3NkRtS3JYdlNBUVpVVTRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy80MDBiNGYtMzY4OC00OTdjLTk3ODUt
MjM0Y2JhZmFjODZhLzEvVmRJZTB3amUyMXhXNm9OS3plTWFVWTFBNWpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy80MDBiNGYtMzY4OC00OTdjLTk3ODUtMjM0Y2JhZmFjODZh
LzEvM2owMmhfNTk5SXc3NkRtS3JYdlNBUVpVVTRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuRuoAwQC
uWq0MA0GCSqGSIb3DQEBCwUAA4IBAQBJoNjrtH5d8hrqUHLLlVZHPzuF6LPynoEk
u9ER7LitjqT1qWPnB5MrQF8C2nykHKSJk/gETxlL9FINTdg1m8cXbOqyeqyx5TIR
bImP2IHlFsuYkbWj1oPSHICVkMHrP++3qLJ1ORONjQYHh0GsZTq0ZITi/7mRTc5p
wa2NudFyHJrWQCZqmPKS6f1WKwJfqcx0V8LCcPBjxiht2o0PwUmsYGhhP5LhCqWj
wa/c3EK5bB5dZIMDaJQ7qZqcqQCXplYrMNhM3kJtEMZReDwrJlrsmWbPWhsDfzc2
tVfiawqLSNjubYFUNM2dzzfSKSuM9CgPvyfF9wYbCoYS86RqjTy2
-----END CERTIFICATE-----
Generated at Wed Oct 29 16:03:16 2025 by rpki-client