Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/0749c0-dec3-4f01-9bd7-3448a889ce75/1/VWtjnNvXw2oFvoIAgaW9MGZHKMY.roa
File: VWtjnNvXw2oFvoIAgaW9MGZHKMY.roa (raw, json)
Hash identifier: 4V1zNjbwx1AfunPBNqK+Id57z1b1okSXeFi8Sx8pi/M=
Subject key identifier: 55:6B:63:9C:DB:D7:C3:6A:05:BE:82:00:81:A5:BD:30:66:47:28:C6
Certificate issuer: /CN=c0f8dbb214a6149f3d4d42a0c4132d5725992752
Certificate serial: 019B7E37C95FDA140CF4A9641572CA3BAD20
Authority key identifier: C0:F8:DB:B2:14:A6:14:9F:3D:4D:42:A0:C4:13:2D:57:25:99:27:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wPjbshSmFJ89TUKgxBMtVyWZJ1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/0749c0-dec3-4f01-9bd7-3448a889ce75/1/VWtjnNvXw2oFvoIAgaW9MGZHKMY.roa
Signing time: Fri 02 Jan 2026 10:19:03 +0000
ROA not before: Fri 02 Jan 2026 10:19:03 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213368
IP address blocks: 2001:67c:e44::/48 maxlen: 48
2001:67c:ea0::/48 maxlen: 48
2001:67c:ea4::/48 maxlen: 48
2001:67c:2754::/48 maxlen: 48
2001:67c:2bbc::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/0749c0-dec3-4f01-9bd7-3448a889ce75/1/wPjbshSmFJ89TUKgxBMtVyWZJ1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/0749c0-dec3-4f01-9bd7-3448a889ce75/1/wPjbshSmFJ89TUKgxBMtVyWZJ1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/wPjbshSmFJ89TUKgxBMtVyWZJ1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 21:16:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:37:c9:5f:da:14:0c:f4:a9:64:15:72:ca:3b:ad:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0f8dbb214a6149f3d4d42a0c4132d5725992752
Validity
Not Before: Jan 2 10:19:03 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=556b639cdbd7c36a05be820081a5bd30664728c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:45:6c:9e:be:82:29:e2:34:fa:1d:4e:19:d7:
f1:01:c2:54:4c:88:18:43:ba:99:1a:fb:51:0e:46:
e5:f5:56:29:a3:e9:3a:ca:9f:7f:cd:f3:fa:26:81:
9d:79:75:27:9d:cf:6a:80:33:c5:f4:22:f7:06:d9:
40:33:38:89:e2:4b:b9:32:1c:30:34:2a:e6:b7:af:
1f:73:91:53:f6:3e:aa:15:25:35:81:bf:c0:f0:46:
e4:50:4d:59:4f:01:a1:35:67:51:8a:ea:8c:64:c1:
2c:de:2f:37:51:b2:5a:64:c2:ce:5f:68:f9:ea:ae:
44:9d:8a:89:63:d4:e8:22:d0:5a:6b:51:26:9e:21:
c7:f4:63:1d:a1:21:08:0d:ff:06:c8:7d:69:d1:ea:
4b:b7:79:15:e1:8d:cb:db:99:00:af:5f:45:71:a2:
59:a4:e2:ca:09:2d:74:e7:3e:f7:b7:21:8e:a6:a2:
61:d2:69:55:98:ad:b5:a8:aa:23:86:20:14:62:a7:
43:dd:17:66:bf:5a:00:31:9b:ec:d9:c5:7f:e6:6c:
03:d0:7c:34:7c:42:02:bb:d4:5b:a0:ee:54:6f:08:
a3:09:28:22:fd:99:31:a5:1e:50:a4:d3:c5:43:93:
4d:76:f6:8d:e6:cd:35:d2:fa:de:57:2c:1c:1b:80:
e3:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:6B:63:9C:DB:D7:C3:6A:05:BE:82:00:81:A5:BD:30:66:47:28:C6
X509v3 Authority Key Identifier:
keyid:C0:F8:DB:B2:14:A6:14:9F:3D:4D:42:A0:C4:13:2D:57:25:99:27:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wPjbshSmFJ89TUKgxBMtVyWZJ1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/0749c0-dec3-4f01-9bd7-3448a889ce75/1/VWtjnNvXw2oFvoIAgaW9MGZHKMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/0749c0-dec3-4f01-9bd7-3448a889ce75/1/wPjbshSmFJ89TUKgxBMtVyWZJ1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:e44::/48
2001:67c:ea0::/48
2001:67c:ea4::/48
2001:67c:2754::/48
2001:67c:2bbc::/48
Signature Algorithm: sha256WithRSAEncryption
3d:c9:cd:9a:40:19:0e:2a:bb:46:69:21:db:b9:d9:78:b0:17:
c9:69:cd:d4:1e:b4:83:2f:91:a8:dc:79:69:ca:9a:a5:9f:3f:
1f:18:21:d6:3c:b5:7a:a3:47:32:7a:4e:7e:a0:38:57:bf:04:
9a:fb:04:dc:04:76:27:ea:01:6b:82:88:e5:b3:8a:59:f5:cc:
b9:40:62:5e:ee:00:4e:bc:3e:01:4b:27:1f:b7:47:c0:52:4e:
b4:4a:5e:a3:21:1d:a0:13:2b:3a:bb:78:ac:85:d4:69:cc:52:
9e:de:a4:43:60:39:9d:0b:db:01:5a:20:d8:0c:23:3f:d8:ac:
81:6e:89:05:c5:6f:2d:f1:6a:a5:e8:9f:b9:8a:b6:33:e6:5b:
f8:fa:b0:e7:95:71:f9:b2:e1:bd:4b:7b:76:c5:fd:c9:94:55:
ce:35:fb:f2:d0:0a:b1:d0:7e:43:df:3b:e2:9f:f9:cb:dc:b8:
e5:7b:9d:e7:53:fd:09:db:bf:c5:00:87:de:bd:59:aa:2a:47:
68:e2:ef:c0:40:4c:c5:f8:da:d0:22:72:14:9c:60:83:73:f0:
ab:7d:ef:fe:86:25:37:f6:fd:fd:19:a3:65:9d:b3:46:e8:44:
44:3b:ca:05:18:16:07:b1:35:db:82:3f:65:ec:5b:a8:60:93:
35:72:83:1e
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZt+N8lf2hQM9KlkFXLKO60gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZjhkYmIyMTRhNjE0OWYzZDRkNDJhMGM0MTMyZDU3MjU5
OTI3NTIwHhcNMjYwMTAyMTAxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTZiNjM5Y2RiZDdjMzZhMDViZTgyMDA4MWE1YmQzMDY2NDcyOGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkVsnr6CKeI0+h1OGdfxAcJUTIgY
Q7qZGvtRDkbl9VYpo+k6yp9/zfP6JoGdeXUnnc9qgDPF9CL3BtlAMziJ4ku5Mhww
NCrmt68fc5FT9j6qFSU1gb/A8EbkUE1ZTwGhNWdRiuqMZMEs3i83UbJaZMLOX2j5
6q5EnYqJY9ToItBaa1EmniHH9GMdoSEIDf8GyH1p0epLt3kV4Y3L25kAr19FcaJZ
pOLKCS105z73tyGOpqJh0mlVmK21qKojhiAUYqdD3Rdmv1oAMZvs2cV/5mwD0Hw0
fEICu9RboO5UbwijCSgi/ZkxpR5QpNPFQ5NNdvaN5s010vreVywcG4DjawIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFVrY5zb18NqBb6CAIGlvTBmRyjGMB8GA1UdIwQY
MBaAFMD427IUphSfPU1CoMQTLVclmSdSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1BqYnNoU21GSjg5VFVLZ3hCTXRWeVdaSjFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8wNzQ5YzAtZGVjMy00ZjAxLTliZDct
MzQ0OGE4ODljZTc1LzEvVld0am5Odlh3Mm9Gdm9JQWdhVzlNR1pIS01ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8wNzQ5YzAtZGVjMy00ZjAxLTliZDctMzQ0OGE4ODljZTc1
LzEvd1BqYnNoU21GSjg5VFVLZ3hCTXRWeVdaSjFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAAjAtAwcAIAEGfA5E
AwcAIAEGfA6gAwcAIAEGfA6kAwcAIAEGfCdUAwcAIAEGfCu8MA0GCSqGSIb3DQEB
CwUAA4IBAQA9yc2aQBkOKrtGaSHbudl4sBfJac3UHrSDL5Go3Hlpypqlnz8fGCHW
PLV6o0cyek5+oDhXvwSa+wTcBHYn6gFrgojls4pZ9cy5QGJe7gBOvD4BSycft0fA
Uk60Sl6jIR2gEys6u3ishdRpzFKe3qRDYDmdC9sBWiDYDCM/2KyBbokFxW8t8Wql
6J+5irYz5lv4+rDnlXH5suG9S3t2xf3JlFXONfvy0Aqx0H5D3zvin/nL3Ljle53n
U/0J27/FAIfevVmqKkdo4u/AQEzF+NrQInIUnGCDc/Crfe/+hiU39v39GaNlnbNG
6EREO8oFGBYHsTXbgj9l7FuoYJM1coMe
-----END CERTIFICATE-----
Generated at Tue Mar 3 05:38:27 2026 by rpki-client