Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/d056d6-8850-4fc2-b6af-ed2d2d7e9783/1/vNoG3KSWV7wGoa9wKk-BMEQRnt8.roa
File: vNoG3KSWV7wGoa9wKk-BMEQRnt8.roa (raw, json)
Hash identifier: CVwkZgV+ntF5YtTWRMmyYN4rMBg+5/al5zkk8FyBxYw=
Subject key identifier: BC:DA:06:DC:A4:96:57:BC:06:A1:AF:70:2A:4F:81:30:44:11:9E:DF
Certificate issuer: /CN=5707223a62887967974d74df4e58e28d5e437d86
Certificate serial: 019A3A082356247E659DDBD88C1E16B5CDD4
Authority key identifier: 57:07:22:3A:62:88:79:67:97:4D:74:DF:4E:58:E2:8D:5E:43:7D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VwciOmKIeWeXTXTfTljijV5DfYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/d056d6-8850-4fc2-b6af-ed2d2d7e9783/1/vNoG3KSWV7wGoa9wKk-BMEQRnt8.roa
Signing time: Fri 31 Oct 2025 11:30:03 +0000
ROA not before: Fri 31 Oct 2025 11:30:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21476
IP address blocks: 45.83.156.0/22 maxlen: 22
45.83.156.0/24 maxlen: 24
45.83.157.0/24 maxlen: 24
45.83.158.0/24 maxlen: 24
45.83.159.0/24 maxlen: 24
80.254.128.0/20 maxlen: 20
80.254.128.0/24 maxlen: 24
80.254.129.0/24 maxlen: 24
80.254.130.0/24 maxlen: 24
80.254.131.0/24 maxlen: 24
80.254.132.0/24 maxlen: 24
80.254.133.0/24 maxlen: 24
80.254.134.0/24 maxlen: 24
80.254.135.0/24 maxlen: 24
80.254.136.0/24 maxlen: 24
80.254.137.0/24 maxlen: 24
80.254.138.0/24 maxlen: 24
80.254.139.0/24 maxlen: 24
80.254.140.0/24 maxlen: 24
80.254.141.0/24 maxlen: 24
80.254.142.0/24 maxlen: 24
80.254.143.0/24 maxlen: 24
2a00:cba0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/d056d6-8850-4fc2-b6af-ed2d2d7e9783/1/VwciOmKIeWeXTXTfTljijV5DfYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/d056d6-8850-4fc2-b6af-ed2d2d7e9783/1/VwciOmKIeWeXTXTfTljijV5DfYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/VwciOmKIeWeXTXTfTljijV5DfYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3a:08:23:56:24:7e:65:9d:db:d8:8c:1e:16:b5:cd:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5707223a62887967974d74df4e58e28d5e437d86
Validity
Not Before: Oct 31 11:30:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bcda06dca49657bc06a1af702a4f813044119edf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:41:ce:6d:ca:b6:77:70:30:25:17:cb:97:6e:
10:d6:d7:e7:ca:77:c3:ca:e1:82:1e:4d:8c:c6:e2:
62:9a:c7:f1:9e:30:34:b5:e2:13:31:32:11:66:fc:
8a:2f:49:fd:d6:f6:1b:07:62:b6:d9:1a:ee:e5:38:
55:db:0d:89:a6:f7:15:1e:21:c1:d2:a1:79:02:d1:
20:ce:f3:a2:e2:9b:ed:80:1c:82:d6:31:c0:31:3c:
ce:27:93:aa:d6:b8:cf:e7:57:44:78:73:30:1f:c1:
61:ab:80:78:e7:f4:e3:76:4a:f7:08:c3:22:b2:6e:
ae:28:73:07:1c:dc:88:dc:df:40:20:92:2f:bb:40:
b7:80:bd:e1:dd:55:7d:66:a7:3d:a4:78:9a:00:74:
8c:11:69:23:9b:f0:a8:41:e3:ab:5f:4f:e0:50:54:
48:9e:d6:7f:50:e2:11:f3:e1:c2:24:d0:5b:4b:b9:
68:1b:a4:c2:f9:35:e5:aa:dc:56:ba:f2:4a:e3:63:
93:f6:6a:a7:56:9a:15:b1:7e:67:1a:4b:91:88:20:
6f:d8:f0:f1:34:7c:6d:01:03:cc:ed:9a:6e:e5:28:
e2:51:ef:67:9a:64:fb:1d:01:bc:b1:07:fe:16:0c:
55:24:13:ad:ea:f3:e8:ee:68:de:86:48:f9:f4:74:
a9:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:DA:06:DC:A4:96:57:BC:06:A1:AF:70:2A:4F:81:30:44:11:9E:DF
X509v3 Authority Key Identifier:
keyid:57:07:22:3A:62:88:79:67:97:4D:74:DF:4E:58:E2:8D:5E:43:7D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VwciOmKIeWeXTXTfTljijV5DfYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d056d6-8850-4fc2-b6af-ed2d2d7e9783/1/vNoG3KSWV7wGoa9wKk-BMEQRnt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/d056d6-8850-4fc2-b6af-ed2d2d7e9783/1/VwciOmKIeWeXTXTfTljijV5DfYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.156.0/22
80.254.128.0/20
IPv6:
2a00:cba0::/32
Signature Algorithm: sha256WithRSAEncryption
a3:98:68:23:8c:2d:9e:86:50:c4:ea:f0:7d:ed:d4:3a:c6:26:
65:6c:26:7a:9f:65:23:c7:a1:4c:70:a5:ab:2e:7a:85:b3:36:
5c:23:69:cb:0d:1f:49:b6:7d:ff:7a:63:ba:58:d6:30:8f:cf:
8f:e9:c1:59:55:3e:d5:08:20:92:68:6a:5d:0b:9a:14:cd:4e:
72:6a:a4:d2:cb:d5:03:df:1c:39:81:67:2d:d9:67:7a:2c:55:
15:c0:b5:f5:e8:5f:7a:50:e4:82:47:0b:39:52:6c:ec:c7:8e:
03:66:10:7c:a1:8c:ac:f2:62:22:f6:cc:db:1c:ec:08:f9:e9:
5a:57:2d:81:a4:60:f4:f9:bc:f9:a5:4d:ee:43:3d:ed:d9:29:
27:c3:56:b1:31:e2:30:0c:18:d8:e0:14:fb:08:72:6e:fa:7d:
f3:13:a4:3a:ac:f4:70:a1:2b:cf:b2:7d:90:e3:2d:82:a4:4d:
54:96:7d:98:c8:48:90:f6:84:3c:83:6b:09:02:a8:33:83:ad:
69:c8:5d:d1:ee:a8:9b:14:3a:89:1e:49:a5:8d:16:d8:a3:6a:
2b:01:8c:16:7a:76:b7:36:7f:47:55:e3:33:66:ed:bf:b5:86:
5a:5f:83:4a:71:51:5b:9f:3b:6b:7e:f1:e2:f5:b6:1b:c7:ae:
45:35:df:88
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZo6CCNWJH5lndvYjB4Wtc3UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MDcyMjNhNjI4ODc5Njc5NzRkNzRkZjRlNThlMjhkNWU0
MzdkODYwHhcNMjUxMDMxMTEzMDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2RhMDZkY2E0OTY1N2JjMDZhMWFmNzAyYTRmODEzMDQ0MTE5ZWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUHObcq2d3AwJRfLl24Q1tfnynfD
yuGCHk2MxuJimsfxnjA0teITMTIRZvyKL0n91vYbB2K22Rru5ThV2w2JpvcVHiHB
0qF5AtEgzvOi4pvtgByC1jHAMTzOJ5Oq1rjP51dEeHMwH8Fhq4B45/Tjdkr3CMMi
sm6uKHMHHNyI3N9AIJIvu0C3gL3h3VV9Zqc9pHiaAHSMEWkjm/CoQeOrX0/gUFRI
ntZ/UOIR8+HCJNBbS7loG6TC+TXlqtxWuvJK42OT9mqnVpoVsX5nGkuRiCBv2PDx
NHxtAQPM7Zpu5SjiUe9nmmT7HQG8sQf+FgxVJBOt6vPo7mjehkj59HSpmQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLzaBtyklle8BqGvcCpPgTBEEZ7fMB8GA1UdIwQY
MBaAFFcHIjpiiHlnl010305Y4o1eQ32GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVndjaU9tS0llV2VYVFhUZlRsamlqVjVEZllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9kMDU2ZDYtODg1MC00ZmMyLWI2YWYt
ZWQyZDJkN2U5NzgzLzEvdk5vRzNLU1dWN3dHb2E5d0trLUJNRVFSbnQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9kMDU2ZDYtODg1MC00ZmMyLWI2YWYtZWQyZDJkN2U5Nzgz
LzEvVndjaU9tS0llV2VYVFhUZlRsamlqVjVEZllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVOcAwQE
UP6AMA0EAgACMAcDBQAqAMugMA0GCSqGSIb3DQEBCwUAA4IBAQCjmGgjjC2ehlDE
6vB97dQ6xiZlbCZ6n2Ujx6FMcKWrLnqFszZcI2nLDR9Jtn3/emO6WNYwj8+P6cFZ
VT7VCCCSaGpdC5oUzU5yaqTSy9UD3xw5gWct2Wd6LFUVwLX16F96UOSCRws5Umzs
x44DZhB8oYys8mIi9szbHOwI+elaVy2BpGD0+bz5pU3uQz3t2Sknw1axMeIwDBjY
4BT7CHJu+n3zE6Q6rPRwoSvPsn2Q4y2CpE1Uln2YyEiQ9oQ8g2sJAqgzg61pyF3R
7qibFDqJHkmljRbYo2orAYwWena3Nn9HVeMzZu2/tYZaX4NKcVFbnztrfvHi9bYb
x65FNd+I
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:56:45 2025 by rpki-client