Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/VNWZz5w67dWdq-1tiXTZUwje9aI.roa
File: VNWZz5w67dWdq-1tiXTZUwje9aI.roa (raw, json)
Hash identifier: CCl3JeV4fnIeVXFy/sDyCJUN2cZ+asTf5jw5AL/GHMo=
Subject key identifier: 54:D5:99:CF:9C:3A:ED:D5:9D:AB:ED:6D:89:74:D9:53:08:DE:F5:A2
Certificate issuer: /CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Certificate serial: 019DCF0C5B3F1A4B7FEF8B072CA4D8E48DF4
Authority key identifier: F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/VNWZz5w67dWdq-1tiXTZUwje9aI.roa
Signing time: Mon 27 Apr 2026 13:06:26 +0000
ROA not before: Mon 27 Apr 2026 13:06:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210016
IP address blocks: 46.21.251.0/24 maxlen: 24
131.117.232.0/24 maxlen: 24
131.117.233.0/24 maxlen: 24
212.126.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 03 May 2026 17:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:0c:5b:3f:1a:4b:7f:ef:8b:07:2c:a4:d8:e4:8d:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f98a02d20c6b7de357125f38b1735ca1b91f87b3
Validity
Not Before: Apr 27 13:06:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=54d599cf9c3aedd59dabed6d8974d95308def5a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:16:6b:6e:2f:95:8c:51:4a:1f:f9:6a:61:e5:
58:18:01:bf:98:68:00:c7:98:83:0f:c8:85:a2:0d:
23:9c:9c:f0:4a:36:d5:05:7d:81:80:fa:1f:92:ec:
8b:b9:ef:98:61:34:8b:a6:75:87:53:17:1d:35:a1:
82:38:b7:32:f0:d0:d5:b6:a8:bf:24:ed:1f:77:96:
d6:54:5b:20:e0:8b:af:3a:1a:a6:71:b0:66:2f:3e:
d4:04:a4:57:8d:0b:2b:d4:77:7d:7f:87:7a:94:38:
de:28:3b:e2:18:eb:65:af:45:83:a2:6e:03:2a:a7:
1a:31:92:4b:83:96:db:38:21:b9:76:91:75:79:c6:
57:6d:7c:01:91:2f:24:98:44:f3:e6:e9:16:41:21:
61:e2:bc:f7:42:18:1c:d8:f9:4b:17:78:19:d6:c6:
99:4f:b3:db:b7:31:cd:20:2e:6d:d4:d1:18:ab:91:
5e:60:66:11:f4:56:c5:cb:1b:f0:ba:8f:98:1d:8f:
73:ea:71:92:cd:84:09:14:61:91:8e:50:95:51:3b:
d8:2e:ec:d7:bd:8e:69:3d:6f:07:22:67:61:4d:88:
7e:b2:4d:41:10:5f:1e:29:17:32:52:1b:8f:df:cd:
9e:fd:fd:53:90:18:ab:cb:1a:7f:c2:67:1b:ca:66:
23:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:D5:99:CF:9C:3A:ED:D5:9D:AB:ED:6D:89:74:D9:53:08:DE:F5:A2
X509v3 Authority Key Identifier:
keyid:F9:8A:02:D2:0C:6B:7D:E3:57:12:5F:38:B1:73:5C:A1:B9:1F:87:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-YoC0gxrfeNXEl84sXNcobkfh7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/VNWZz5w67dWdq-1tiXTZUwje9aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a9206e-c1e1-4c15-9533-ace3d675d3cd/1/1-YoC0gxrfeNXEl84sXNcobkfh7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.251.0/24
131.117.232.0/23
212.126.116.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:a7:34:e5:f6:68:30:5e:ba:c1:5a:31:3a:41:1e:a5:2c:5d:
49:eb:40:a4:2c:53:f9:ac:73:07:4d:35:0a:3a:9f:82:03:58:
96:95:bd:26:df:1d:12:3c:10:00:33:b2:f4:63:3e:e6:77:58:
77:de:2e:fe:86:0d:92:39:2a:5d:a3:68:9e:cf:c5:00:8e:1c:
47:88:35:b7:be:24:4f:15:75:f4:66:09:e7:cb:cb:f3:9a:5c:
88:0f:3e:f9:7e:00:b4:97:f3:77:4b:07:38:63:3d:ea:ad:28:
5c:e0:9b:7c:25:81:1e:89:f6:9b:a3:e9:3c:2b:42:93:68:58:
1d:2c:a3:5b:ad:88:75:c7:61:eb:ce:79:fe:2c:65:d8:9f:ec:
77:ef:1d:95:49:d0:8e:ec:2a:87:86:66:fb:a6:3a:e1:c1:dc:
e0:ef:52:2d:a6:dc:d6:94:ae:8d:c0:16:2f:ac:89:f8:83:85:
fd:a9:6d:6a:ff:82:10:f5:3b:67:97:0d:ca:32:ee:bb:74:4e:
80:a6:73:a2:78:0d:83:25:8e:76:d4:21:70:40:88:6b:d5:94:
43:d3:0f:0e:14:79:03:c3:6a:2a:5d:c8:d1:48:f8:6c:53:9c:
e2:46:8d:d3:a9:c3:d3:73:07:10:7f:5e:ee:f1:65:72:a8:ee:
f9:99:06:50
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ3PDFs/Gkt/74sHLKTY5I30MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5OGEwMmQyMGM2YjdkZTM1NzEyNWYzOGIxNzM1Y2ExYjkx
Zjg3YjMwHhcNMjYwNDI3MTMwNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGQ1OTljZjljM2FlZGQ1OWRhYmVkNmQ4OTc0ZDk1MzA4ZGVmNWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRZrbi+VjFFKH/lqYeVYGAG/mGgA
x5iDD8iFog0jnJzwSjbVBX2BgPofkuyLue+YYTSLpnWHUxcdNaGCOLcy8NDVtqi/
JO0fd5bWVFsg4IuvOhqmcbBmLz7UBKRXjQsr1Hd9f4d6lDjeKDviGOtlr0WDom4D
KqcaMZJLg5bbOCG5dpF1ecZXbXwBkS8kmETz5ukWQSFh4rz3Qhgc2PlLF3gZ1saZ
T7PbtzHNIC5t1NEYq5FeYGYR9FbFyxvwuo+YHY9z6nGSzYQJFGGRjlCVUTvYLuzX
vY5pPW8HImdhTYh+sk1BEF8eKRcyUhuP382e/f1TkBiryxp/wmcbymYjQQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFTVmc+cOu3VnavtbYl02VMI3vWiMB8GA1UdIwQY
MBaAFPmKAtIMa33jVxJfOLFzXKG5H4ezMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Zb0MwZ3hyZmVOWEVsODRzWE5jb2JrZmg3TS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMz
LWFjZTNkNjc1ZDNjZC8xL1ZOV1p6NXc2N2RXZHEtMXRpWFRaVXdqZTlhSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvYTkyMDZlLWMxZTEtNGMxNS05NTMzLWFjZTNkNjc1ZDNj
ZC8xLzEtWW9DMGd4cmZlTlhFbDg0c1hOY29ia2ZoN00uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAAuFfsD
BAGDdegDBADUfnQwDQYJKoZIhvcNAQELBQADggEBAGunNOX2aDBeusFaMTpBHqUs
XUnrQKQsU/mscwdNNQo6n4IDWJaVvSbfHRI8EAAzsvRjPuZ3WHfeLv6GDZI5Kl2j
aJ7PxQCOHEeINbe+JE8VdfRmCefLy/OaXIgPPvl+ALSX83dLBzhjPeqtKFzgm3wl
gR6J9puj6TwrQpNoWB0so1utiHXHYevOef4sZdif7HfvHZVJ0I7sKoeGZvumOuHB
3ODvUi2m3NaUro3AFi+sifiDhf2pbWr/ghD1O2eXDcoy7rt0ToCmc6J4DYMljnbU
IXBAiGvVlEPTDw4UeQPDaipdyNFI+GxTnOJGjdOpw9NzBxB/Xu7xZXKo7vmZBlA=
-----END CERTIFICATE-----
Generated at Sun May 3 02:50:41 2026 by rpki-client