Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/0_VDRwikWTvRQIQsMp3aqjlVQuQ.roa
File: 0_VDRwikWTvRQIQsMp3aqjlVQuQ.roa (raw, json)
Hash identifier: X74/QCu3+W4NQQ4c/uIC5xYm7kaBm7r/kGt68bnJBmk=
Subject key identifier: D3:F5:43:47:08:A4:59:3B:D1:40:84:2C:32:9D:DA:AA:39:55:42:E4
Certificate issuer: /CN=dc94bb69453f139a60029e22db0fb3424a906cee
Certificate serial: 019CB96FF78609A3E567C081B89EAEECF383
Authority key identifier: DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/0_VDRwikWTvRQIQsMp3aqjlVQuQ.roa
Signing time: Wed 04 Mar 2026 15:20:48 +0000
ROA not before: Wed 04 Mar 2026 15:20:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6723
IP address blocks: 178.255.176.0/22 maxlen: 24
178.255.180.0/23 maxlen: 24
178.255.183.0/24 maxlen: 24
185.5.255.0/24 maxlen: 24
2a01:6d80:f000::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 21:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b9:6f:f7:86:09:a3:e5:67:c0:81:b8:9e:ae:ec:f3:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc94bb69453f139a60029e22db0fb3424a906cee
Validity
Not Before: Mar 4 15:20:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d3f5434708a4593bd140842c329ddaaa395542e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:48:89:fe:80:3a:b9:6a:98:95:4e:4d:ce:c8:
5e:2a:d8:ac:fe:0e:07:a4:e4:e6:cc:cd:82:0c:7e:
ee:d9:d2:4d:1c:4a:d5:63:a5:c0:03:c7:37:24:37:
98:dd:68:8a:f1:10:b7:9d:87:ae:b7:50:04:d1:2c:
87:8a:22:23:84:91:d9:48:5b:68:d1:82:b5:18:0f:
dd:53:fb:8b:c6:0c:dd:9e:41:35:f9:d3:2d:94:cf:
90:5d:ec:22:68:58:6b:fd:cc:5c:44:db:77:92:27:
a6:ec:da:33:ad:d0:40:69:c5:c2:d3:b1:d3:87:46:
d4:c9:70:44:36:c9:eb:fb:d8:7c:a2:0a:af:24:ee:
a3:ea:ea:97:6f:5c:96:16:d2:99:8d:ed:82:51:ce:
5c:4b:64:9d:86:4d:55:64:06:51:e0:5c:e7:43:49:
a8:b7:14:ab:1f:75:a4:2d:4e:85:27:2b:4d:bf:06:
b3:7e:a9:2a:4f:30:d8:01:b9:5c:30:32:84:d4:7e:
61:a2:30:75:92:d7:91:91:56:a0:8c:0a:9c:c5:8c:
91:da:89:35:48:28:2e:8e:3d:ec:e0:1c:79:76:cd:
b3:e9:d1:93:ae:70:11:83:38:ff:2f:45:e6:da:96:
c1:27:87:28:fc:59:6b:6a:b0:a5:69:03:d3:a4:c7:
57:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:F5:43:47:08:A4:59:3B:D1:40:84:2C:32:9D:DA:AA:39:55:42:E4
X509v3 Authority Key Identifier:
keyid:DC:94:BB:69:45:3F:13:9A:60:02:9E:22:DB:0F:B3:42:4A:90:6C:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JS7aUU_E5pgAp4i2w-zQkqQbO4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/0_VDRwikWTvRQIQsMp3aqjlVQuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/d045ca-c1f7-4ed9-afdb-090c46e9f2ed/1/3JS7aUU_E5pgAp4i2w-zQkqQbO4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.176.0-178.255.181.255
178.255.183.0/24
185.5.255.0/24
IPv6:
2a01:6d80:f000::/36
Signature Algorithm: sha256WithRSAEncryption
c4:7c:2e:02:ec:5f:76:aa:a6:36:f3:9f:be:29:d0:1e:e4:da:
22:26:5c:71:fb:bc:87:2d:a8:7e:b7:b4:df:6a:0c:ff:46:ed:
7a:d0:a1:03:c7:59:0c:d0:75:a2:b3:ea:9e:37:9c:01:1d:5b:
a0:30:4f:59:3f:c7:74:0a:81:a3:35:91:6a:c5:da:cd:54:4c:
bd:63:fe:28:6c:be:d1:1f:85:ff:7f:4d:c2:17:bb:7e:55:2a:
69:7b:ee:31:80:ca:92:97:6f:f7:85:99:2a:31:dd:96:c9:54:
8e:e5:bc:68:ac:08:b6:a5:61:06:e8:18:37:ca:7c:a6:4f:07:
28:fb:8d:98:06:01:00:af:98:38:c8:8c:16:2c:89:90:0f:55:
a4:58:38:92:65:bf:1d:54:39:d4:9d:d6:fc:1d:56:8f:ea:b6:
12:ba:3c:53:04:06:23:12:ec:ab:25:1e:ef:87:98:72:63:7d:
41:94:84:97:0c:1a:8c:2a:96:d1:b4:d0:1a:85:5f:44:d6:46:
73:80:9a:45:2c:1b:8a:56:ea:b2:a5:63:a9:9c:4c:d5:9f:23:
58:dd:1d:55:00:34:57:f0:dd:fe:3c:b8:64:d4:38:43:f5:06:
0f:9e:19:c8:43:8c:29:1f:b8:06:62:22:d7:23:fa:38:5a:3d:
50:1e:48:b9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZy5b/eGCaPlZ8CBuJ6u7PODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjOTRiYjY5NDUzZjEzOWE2MDAyOWUyMmRiMGZiMzQyNGE5
MDZjZWUwHhcNMjYwMzA0MTUyMDQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2Y1NDM0NzA4YTQ1OTNiZDE0MDg0MmMzMjlkZGFhYTM5NTU0MmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0iJ/oA6uWqYlU5NzsheKtis/g4H
pOTmzM2CDH7u2dJNHErVY6XAA8c3JDeY3WiK8RC3nYeut1AE0SyHiiIjhJHZSFto
0YK1GA/dU/uLxgzdnkE1+dMtlM+QXewiaFhr/cxcRNt3kiem7NozrdBAacXC07HT
h0bUyXBENsnr+9h8ogqvJO6j6uqXb1yWFtKZje2CUc5cS2Sdhk1VZAZR4FznQ0mo
txSrH3WkLU6FJytNvwazfqkqTzDYAblcMDKE1H5hojB1kteRkVagjAqcxYyR2ok1
SCgujj3s4Bx5ds2z6dGTrnARgzj/L0Xm2pbBJ4co/FlrarClaQPTpMdXwQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNP1Q0cIpFk70UCELDKd2qo5VULkMB8GA1UdIwQY
MBaAFNyUu2lFPxOaYAKeItsPs0JKkGzuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGIt
MDkwYzQ2ZTlmMmVkLzEvMF9WRFJ3aWtXVHZSUUlRc01wM2FxamxWUXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9kMDQ1Y2EtYzFmNy00ZWQ5LWFmZGItMDkwYzQ2ZTlmMmVk
LzEvM0pTN2FVVV9FNXBnQXA0aTJ3LXpRa3FRYk80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAgBAIAATAaMAwDBASy/7AD
BAGy/7QDBACy/7cDBAC5Bf8wDgQCAAIwCAMGBCoBbYDwMA0GCSqGSIb3DQEBCwUA
A4IBAQDEfC4C7F92qqY285++KdAe5NoiJlxx+7yHLah+t7Tfagz/Ru160KEDx1kM
0HWis+qeN5wBHVugME9ZP8d0CoGjNZFqxdrNVEy9Y/4obL7RH4X/f03CF7t+VSpp
e+4xgMqSl2/3hZkqMd2WyVSO5bxorAi2pWEG6Bg3ynymTwco+42YBgEAr5g4yIwW
LImQD1WkWDiSZb8dVDnUndb8HVaP6rYSujxTBAYjEuyrJR7vh5hyY31BlISXDBqM
KpbRtNAahV9E1kZzgJpFLBuKVuqypWOpnEzVnyNY3R1VADRX8N3+PLhk1DhD9QYP
nhnIQ4wpH7gGYiLXI/o4Wj1QHki5
-----END CERTIFICATE-----
Generated at Fri Mar 13 02:18:01 2026 by rpki-client