Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/VlDA6Ug6cUL_yTYBt63ZARwd1mw.roa
File: VlDA6Ug6cUL_yTYBt63ZARwd1mw.roa (raw, json)
Hash identifier: kx60AZ5dZTQ/qqeCrvP99skkzaJh8HaHmSw61ZkqSCc=
Subject key identifier: 56:50:C0:E9:48:3A:71:42:FF:C9:36:01:B7:AD:D9:01:1C:1D:D6:6C
Certificate issuer: /CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76
Certificate serial: 0199381E58F11AE2077BC8836EC10FF91E4C
Authority key identifier: 46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/VlDA6Ug6cUL_yTYBt63ZARwd1mw.roa
Signing time: Thu 11 Sep 2025 09:32:16 +0000
ROA not before: Thu 11 Sep 2025 09:32:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201512
IP address blocks: 176.101.90.0/24 maxlen: 24
176.101.91.0/24 maxlen: 24
176.101.92.0/24 maxlen: 24
176.101.93.0/24 maxlen: 24
176.101.94.0/24 maxlen: 24
176.101.95.0/24 maxlen: 24
2a03:720:40::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Sep 2025 13:02:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:38:1e:58:f1:1a:e2:07:7b:c8:83:6e:c1:0f:f9:1e:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76
Validity
Not Before: Sep 11 09:32:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5650c0e9483a7142ffc93601b7add9011c1dd66c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:99:fd:7a:4e:58:76:70:2f:c6:95:39:f2:a9:
ae:98:45:78:44:fb:a8:e3:61:12:c3:03:c5:3d:8a:
ef:cd:cd:0a:4e:44:2c:69:6a:e2:3c:cb:38:98:de:
91:2c:ed:7f:f7:03:95:22:5f:70:b5:42:72:6d:9f:
57:00:39:da:cb:04:04:60:db:8c:d7:43:fc:a0:e9:
39:01:7e:50:1a:12:37:cb:0f:a0:21:e1:3c:3a:3f:
83:e4:39:af:9e:a2:2c:e1:d9:fb:f1:ea:a4:ea:a2:
a9:5f:7b:f1:4e:db:1c:31:f3:37:a7:40:05:cc:b3:
f7:ff:cb:b9:f2:94:c0:d1:54:cd:82:7e:88:c3:c8:
ee:0b:0f:ab:40:5d:ee:4d:5e:c3:73:39:fa:b6:a6:
a6:89:7d:67:fb:83:3d:19:b1:8f:ff:6a:c6:6f:22:
32:80:87:4e:7b:2d:93:d2:b5:e9:40:9e:39:e4:21:
4c:18:26:25:9b:9f:de:6c:46:c6:44:f7:88:44:f4:
b3:a7:1c:e3:8c:4b:cc:8f:0c:6b:e0:af:05:91:a4:
29:3f:20:89:c1:47:bc:84:a5:57:41:3f:6d:45:88:
8c:38:41:b7:40:d8:d4:0f:05:86:04:e4:a2:33:b3:
4c:42:5b:dd:b6:d6:66:3b:06:73:08:70:24:c6:20:
80:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:50:C0:E9:48:3A:71:42:FF:C9:36:01:B7:AD:D9:01:1C:1D:D6:6C
X509v3 Authority Key Identifier:
keyid:46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/VlDA6Ug6cUL_yTYBt63ZARwd1mw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.101.90.0-176.101.95.255
IPv6:
2a03:720:40::/48
Signature Algorithm: sha256WithRSAEncryption
36:7d:b7:10:67:60:13:c0:6b:9f:a3:7a:9e:4d:3c:2c:65:90:
0a:90:af:16:ae:b0:d9:6c:55:33:4a:4f:a7:c0:3a:a0:c3:c5:
c4:66:61:c5:9d:da:31:f8:06:46:61:10:30:8a:00:4e:45:3c:
1c:70:41:25:a0:91:3f:bb:8c:fb:cf:af:94:3c:f2:cd:45:d1:
a9:14:ea:6e:2f:2d:fc:ee:02:3e:ad:3e:0f:be:69:d7:d8:1b:
6e:39:df:a4:62:ec:4d:93:fa:0b:0a:d7:87:fb:4b:ee:f0:e1:
43:44:55:ae:48:23:fc:b5:47:63:ce:f5:d0:45:fe:fd:ef:45:
06:2c:39:72:29:88:fc:3c:a8:ff:fe:b2:cb:21:7a:54:05:26:
3e:3f:05:bb:c0:43:03:69:02:7a:de:94:2c:7c:36:31:ba:a8:
63:71:28:88:d7:53:b5:0d:47:48:7a:8f:57:10:57:e6:0f:22:
a9:e3:f2:0f:e5:9e:a6:f9:d6:c6:2b:a7:c5:68:99:17:65:72:
d2:c1:da:35:63:12:88:b5:14:e7:bc:b8:7c:62:b9:9d:3b:ac:
96:e9:2d:93:ff:94:bc:f4:a7:ff:f9:2b:65:0a:0d:58:92:b7:
12:48:37:15:e9:c1:89:fa:30:73:14:2d:a5:34:90:c3:84:ed:
fc:0a:ff:39
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZk4HljxGuIHe8iDbsEP+R5MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2YmEzZjgwMDM5YjllNzg0Y2ZiMjRiZjJjN2RkYjI0ZTE5
MDBhNzYwHhcNMjUwOTExMDkzMjE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjUwYzBlOTQ4M2E3MTQyZmZjOTM2MDFiN2FkZDkwMTFjMWRkNjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJn9ek5YdnAvxpU58qmumEV4RPuo
42ESwwPFPYrvzc0KTkQsaWriPMs4mN6RLO1/9wOVIl9wtUJybZ9XADnaywQEYNuM
10P8oOk5AX5QGhI3yw+gIeE8Oj+D5DmvnqIs4dn78eqk6qKpX3vxTtscMfM3p0AF
zLP3/8u58pTA0VTNgn6Iw8juCw+rQF3uTV7Dczn6tqamiX1n+4M9GbGP/2rGbyIy
gIdOey2T0rXpQJ455CFMGCYlm5/ebEbGRPeIRPSzpxzjjEvMjwxr4K8FkaQpPyCJ
wUe8hKVXQT9tRYiMOEG3QNjUDwWGBOSiM7NMQlvdttZmOwZzCHAkxiCANwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFFZQwOlIOnFC/8k2Abet2QEcHdZsMB8GA1UdIwQY
MBaAFEa6P4ADm554TPskvyx92yThkAp2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWIt
ODlhY2UzODIyMGZiLzEvVmxEQTZVZzZjVUxfeVRZQnQ2M1pBUndkMW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWItODlhY2UzODIyMGZi
LzEvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAGwZVoD
BAWwZUAwDwQCAAIwCQMHACoDByAAQDANBgkqhkiG9w0BAQsFAAOCAQEANn23EGdg
E8Brn6N6nk08LGWQCpCvFq6w2WxVM0pPp8A6oMPFxGZhxZ3aMfgGRmEQMIoATkU8
HHBBJaCRP7uM+8+vlDzyzUXRqRTqbi8t/O4CPq0+D75p19gbbjnfpGLsTZP6CwrX
h/tL7vDhQ0RVrkgj/LVHY8710EX+/e9FBiw5cimI/Dyo//6yyyF6VAUmPj8Fu8BD
A2kCet6ULHw2MbqoY3EoiNdTtQ1HSHqPVxBX5g8iqePyD+WepvnWxiunxWiZF2Vy
0sHaNWMSiLUU57y4fGK5nTusluktk/+UvPSn//krZQoNWJK3Ekg3FenBifowcxQt
pTSQw4Tt/Ar/OQ==
-----END CERTIFICATE-----
Generated at Tue Sep 16 18:00:00 2025 by rpki-client