Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/afY42rg0dmaIKoGaY7MpaAxIO70.roa
File: afY42rg0dmaIKoGaY7MpaAxIO70.roa (raw, json)
Hash identifier: TkVUlz1LgAGnS8xuYApkYlLbMunWfqMDpHxol3l/ngQ=
Subject key identifier: 69:F6:38:DA:B8:34:76:66:88:2A:81:9A:63:B3:29:68:0C:48:3B:BD
Certificate issuer: /CN=54b0bec8f58db0ce5b91f34505277e40bfd3ae11
Certificate serial: 019CB0969F6FD6942A46A24724B48B661D74
Authority key identifier: 54:B0:BE:C8:F5:8D:B0:CE:5B:91:F3:45:05:27:7E:40:BF:D3:AE:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VLC-yPWNsM5bkfNFBSd-QL_TrhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/afY42rg0dmaIKoGaY7MpaAxIO70.roa
Signing time: Mon 02 Mar 2026 22:06:27 +0000
ROA not before: Mon 02 Mar 2026 22:06:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205775
IP address blocks: 95.85.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/VLC-yPWNsM5bkfNFBSd-QL_TrhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/VLC-yPWNsM5bkfNFBSd-QL_TrhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VLC-yPWNsM5bkfNFBSd-QL_TrhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Mar 2026 20:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b0:96:9f:6f:d6:94:2a:46:a2:47:24:b4:8b:66:1d:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54b0bec8f58db0ce5b91f34505277e40bfd3ae11
Validity
Not Before: Mar 2 22:06:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=69f638dab8347666882a819a63b329680c483bbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f8:9e:e6:63:13:08:5c:40:cb:a8:b8:ae:78:
41:fd:e4:f0:6d:d0:aa:d5:d2:ed:ab:5e:4c:3f:58:
d2:77:d1:64:23:c3:92:f6:46:64:ef:f9:3a:07:fa:
4c:1e:57:e9:40:08:62:26:42:49:0d:76:ea:9d:4e:
ad:4b:63:72:ed:4e:ff:26:3d:38:89:4c:63:fa:f7:
b1:f1:d3:26:b6:98:0c:f8:2c:e6:a1:ff:f2:0e:e1:
16:67:ad:d9:85:ba:e1:c6:b7:5c:a0:8d:59:00:ce:
f5:d1:b4:ba:69:0c:35:20:69:34:7e:bd:91:c6:f6:
a8:31:22:31:a0:ce:61:51:69:f1:90:01:0f:a0:b8:
05:a9:e3:6c:a9:28:b7:ce:41:89:23:ea:ff:bc:57:
a3:b8:db:02:d8:47:ac:71:06:38:07:82:d5:39:5e:
e8:f5:91:0e:2f:ce:e0:cc:37:ad:08:92:7d:c2:73:
50:96:27:b1:a3:54:e8:1c:ad:b3:70:ba:68:1b:5d:
61:10:da:0d:18:a0:a0:65:3b:ba:11:4f:84:b8:d0:
b0:bf:e9:0d:32:f9:1a:43:01:28:cc:5d:b9:a0:01:
fc:56:55:ff:56:91:c6:79:6d:1a:0f:ab:08:82:a4:
d5:1b:81:2a:b2:96:22:3a:3d:1f:7a:ac:bc:9d:23:
f5:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:F6:38:DA:B8:34:76:66:88:2A:81:9A:63:B3:29:68:0C:48:3B:BD
X509v3 Authority Key Identifier:
keyid:54:B0:BE:C8:F5:8D:B0:CE:5B:91:F3:45:05:27:7E:40:BF:D3:AE:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VLC-yPWNsM5bkfNFBSd-QL_TrhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/afY42rg0dmaIKoGaY7MpaAxIO70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/2ad34e-b1e5-4d8c-948e-0f4dbb890bd0/1/VLC-yPWNsM5bkfNFBSd-QL_TrhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.85.238.0/24
Signature Algorithm: sha256WithRSAEncryption
19:74:80:fe:54:7c:44:b6:e9:74:f4:75:a8:7c:82:ec:7c:0e:
99:0c:16:f4:6c:aa:bc:19:ad:84:83:20:63:21:14:7b:d2:6b:
9d:13:c2:cb:91:0a:6e:c2:4e:11:d6:dd:01:a4:45:cc:ff:1e:
a2:f3:bc:77:89:a3:18:97:bc:0f:59:e4:30:53:e2:07:ab:86:
d9:bf:5d:71:3f:08:fa:84:6b:dc:c0:d1:a1:a8:62:fc:28:ab:
9d:39:c1:85:9d:bd:9f:d6:28:b9:c2:b4:f1:c7:04:66:55:f7:
e6:a8:aa:04:a8:18:9d:7a:9e:4a:9a:88:f5:e9:5c:e1:81:ec:
cd:8c:2f:c3:91:ba:0c:10:fc:5d:0d:e0:96:48:c3:4f:6f:09:
0a:c6:da:34:e7:78:cc:66:34:f0:8d:85:24:d0:5e:27:a2:e6:
41:92:9f:df:22:33:78:52:69:6b:5c:d7:0e:74:3c:2b:84:33:
d1:51:23:4e:af:35:e8:26:f8:31:02:57:cb:39:3b:1a:cd:57:
55:4d:9d:18:31:81:0d:63:cb:51:60:9f:09:c4:c6:d5:e1:77:
7c:cb:89:f4:fe:6b:b2:0e:93:ef:6e:48:58:c8:8d:34:48:7b:
77:59:02:e7:b0:60:e0:8d:0b:3b:3c:44:2b:38:4d:7d:72:c9:
d0:7d:67:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZywlp9v1pQqRqJHJLSLZh10MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YjBiZWM4ZjU4ZGIwY2U1YjkxZjM0NTA1Mjc3ZTQwYmZk
M2FlMTEwHhcNMjYwMzAyMjIwNjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWY2MzhkYWI4MzQ3NjY2ODgyYTgxOWE2M2IzMjk2ODBjNDgzYmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vie5mMTCFxAy6i4rnhB/eTwbdCq
1dLtq15MP1jSd9FkI8OS9kZk7/k6B/pMHlfpQAhiJkJJDXbqnU6tS2Ny7U7/Jj04
iUxj+vex8dMmtpgM+Czmof/yDuEWZ63ZhbrhxrdcoI1ZAM710bS6aQw1IGk0fr2R
xvaoMSIxoM5hUWnxkAEPoLgFqeNsqSi3zkGJI+r/vFejuNsC2EescQY4B4LVOV7o
9ZEOL87gzDetCJJ9wnNQliexo1ToHK2zcLpoG11hENoNGKCgZTu6EU+EuNCwv+kN
MvkaQwEozF25oAH8VlX/VpHGeW0aD6sIgqTVG4EqspYiOj0feqy8nSP1TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGn2ONq4NHZmiCqBmmOzKWgMSDu9MB8GA1UdIwQY
MBaAFFSwvsj1jbDOW5HzRQUnfkC/064RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkxDLXlQV05zTTVia2ZORkJTZC1RTF9UcmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8yYWQzNGUtYjFlNS00ZDhjLTk0OGUt
MGY0ZGJiODkwYmQwLzEvYWZZNDJyZzBkbWFJS29HYVk3TXBhQXhJTzcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni8yYWQzNGUtYjFlNS00ZDhjLTk0OGUtMGY0ZGJiODkwYmQw
LzEvVkxDLXlQV05zTTVia2ZORkJTZC1RTF9UcmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX1XuMA0G
CSqGSIb3DQEBCwUAA4IBAQAZdID+VHxEtul09HWofILsfA6ZDBb0bKq8Ga2EgyBj
IRR70mudE8LLkQpuwk4R1t0BpEXM/x6i87x3iaMYl7wPWeQwU+IHq4bZv11xPwj6
hGvcwNGhqGL8KKudOcGFnb2f1ii5wrTxxwRmVffmqKoEqBidep5Kmoj16VzhgezN
jC/DkboMEPxdDeCWSMNPbwkKxto053jMZjTwjYUk0F4nouZBkp/fIjN4UmlrXNcO
dDwrhDPRUSNOrzXoJvgxAlfLOTsazVdVTZ0YMYENY8tRYJ8JxMbV4Xd8y4n0/muy
DpPvbkhYyI00SHt3WQLnsGDgjQs7PEQrOE19csnQfWfW
-----END CERTIFICATE-----
Generated at Mon Mar 16 03:52:57 2026 by rpki-client