Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/69409e-1ec4-489d-b61f-a19cc8a76d04/1/veMveYJNxemeQYyUW7xjOrh1luw.roa
File: veMveYJNxemeQYyUW7xjOrh1luw.roa (raw, json)
Hash identifier: +7WlX927FWJGIBo5RUAra2S4HvC0PxzyLU75LUSwlkA=
Subject key identifier: BD:E3:2F:79:82:4D:C5:E9:9E:41:8C:94:5B:BC:63:3A:B8:75:96:EC
Certificate issuer: /CN=b0b56d10ccad9d69c01856be0afaa17ec682acbf
Certificate serial: 019942F31E8FD78584EC79E8B744E71CCBC3
Authority key identifier: B0:B5:6D:10:CC:AD:9D:69:C0:18:56:BE:0A:FA:A1:7E:C6:82:AC:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sLVtEMytnWnAGFa-CvqhfsaCrL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/69409e-1ec4-489d-b61f-a19cc8a76d04/1/veMveYJNxemeQYyUW7xjOrh1luw.roa
Signing time: Sat 13 Sep 2025 12:00:53 +0000
ROA not before: Sat 13 Sep 2025 12:00:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216422
IP address blocks: 176.97.219.0/24 maxlen: 24
217.11.164.0/24 maxlen: 24
217.11.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/69409e-1ec4-489d-b61f-a19cc8a76d04/1/sLVtEMytnWnAGFa-CvqhfsaCrL8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/69409e-1ec4-489d-b61f-a19cc8a76d04/1/sLVtEMytnWnAGFa-CvqhfsaCrL8.mft
rsync://rpki.ripe.net/repository/DEFAULT/sLVtEMytnWnAGFa-CvqhfsaCrL8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 09:02:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:42:f3:1e:8f:d7:85:84:ec:79:e8:b7:44:e7:1c:cb:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0b56d10ccad9d69c01856be0afaa17ec682acbf
Validity
Not Before: Sep 13 12:00:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bde32f79824dc5e99e418c945bbc633ab87596ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:51:22:ba:b3:2e:b6:ea:2e:b3:12:86:97:9b:
b1:7d:62:27:d9:c1:a2:bc:53:15:9d:0e:50:06:0a:
f3:c1:e1:bc:3a:fd:a7:aa:8b:08:dd:25:9f:8d:89:
91:64:9b:50:cf:f8:3f:91:5c:ea:08:54:98:96:f7:
b9:9f:d6:2b:08:37:fd:37:8b:65:5e:e5:19:db:09:
b7:82:0e:85:b9:7e:15:65:32:d0:4b:10:b1:76:f8:
ce:34:91:c8:8d:23:7e:8d:e6:2a:92:5a:a7:e8:2c:
54:b1:b2:5c:f4:32:b3:31:2c:fa:44:29:1b:0b:cf:
f7:39:24:68:18:af:09:e5:60:7c:82:91:12:de:fa:
f6:e1:57:b7:4c:26:35:28:a2:d8:72:69:13:0c:3d:
73:bc:f7:c2:5f:75:96:a1:de:c1:b5:9c:d1:d4:4f:
c1:14:bf:07:2f:3e:ac:1f:54:b2:a7:28:eb:5d:b2:
9c:e6:c7:f4:1c:ac:9e:78:d7:a1:ef:45:25:86:c1:
72:03:42:6f:b2:46:7d:27:24:4c:44:59:e5:45:04:
9f:04:f1:60:81:ea:67:f5:d8:20:a8:7e:3e:6a:68:
27:d9:76:5b:46:05:e7:68:9a:7e:54:bd:68:63:cc:
7f:8a:34:07:88:4d:64:a0:16:19:1c:f8:e7:9a:ec:
7a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:E3:2F:79:82:4D:C5:E9:9E:41:8C:94:5B:BC:63:3A:B8:75:96:EC
X509v3 Authority Key Identifier:
keyid:B0:B5:6D:10:CC:AD:9D:69:C0:18:56:BE:0A:FA:A1:7E:C6:82:AC:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sLVtEMytnWnAGFa-CvqhfsaCrL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/69409e-1ec4-489d-b61f-a19cc8a76d04/1/veMveYJNxemeQYyUW7xjOrh1luw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/69409e-1ec4-489d-b61f-a19cc8a76d04/1/sLVtEMytnWnAGFa-CvqhfsaCrL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.97.219.0/24
217.11.164.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:98:9c:22:b5:1b:0f:47:91:d0:95:18:78:8b:23:e3:40:9c:
7d:3a:96:01:66:51:9b:3b:16:e1:09:8f:2b:cd:28:49:b8:18:
ce:db:30:ef:24:1c:35:4f:c0:df:6b:58:ec:e2:e6:12:15:05:
77:d4:ba:61:0a:be:83:3b:c7:e2:4f:3a:a5:3b:24:68:e7:8d:
54:c5:e6:25:8e:e3:02:7a:7e:55:b9:06:29:47:92:42:fc:c2:
23:a4:56:ec:6e:3b:29:71:4c:b9:30:45:ae:a6:f5:dc:12:06:
54:1d:3e:58:54:67:3f:03:37:34:7b:91:42:6b:b0:73:49:36:
13:05:45:cd:01:b5:c1:e9:40:42:50:46:98:8d:16:36:49:37:
1e:1b:ee:58:18:43:77:a4:0f:03:fe:30:44:3f:4b:80:05:6d:
b4:1d:54:c6:27:dc:71:78:18:cc:21:0b:7c:26:f9:e7:21:72:
23:f5:24:6e:87:07:4b:ca:f7:00:a2:d5:a3:b2:51:59:25:72:
87:1f:91:96:27:4a:48:ef:e6:58:59:8e:de:c1:b8:ef:23:c3:
64:23:1e:d2:89:e2:28:c6:11:56:29:59:b9:38:48:e4:df:16:
cc:0b:6c:20:3a:73:95:8b:02:fa:ef:36:d6:e3:e9:f2:82:d2:
25:1a:1f:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZlC8x6P14WE7Hnot0TnHMvDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYjU2ZDEwY2NhZDlkNjljMDE4NTZiZTBhZmFhMTdlYzY4
MmFjYmYwHhcNMjUwOTEzMTIwMDUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGUzMmY3OTgyNGRjNWU5OWU0MThjOTQ1YmJjNjMzYWI4NzU5NmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2VEiurMutuousxKGl5uxfWIn2cGi
vFMVnQ5QBgrzweG8Ov2nqosI3SWfjYmRZJtQz/g/kVzqCFSYlve5n9YrCDf9N4tl
XuUZ2wm3gg6FuX4VZTLQSxCxdvjONJHIjSN+jeYqklqn6CxUsbJc9DKzMSz6RCkb
C8/3OSRoGK8J5WB8gpES3vr24Ve3TCY1KKLYcmkTDD1zvPfCX3WWod7BtZzR1E/B
FL8HLz6sH1SypyjrXbKc5sf0HKyeeNeh70UlhsFyA0JvskZ9JyRMRFnlRQSfBPFg
gepn9dggqH4+amgn2XZbRgXnaJp+VL1oY8x/ijQHiE1koBYZHPjnmux65wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL3jL3mCTcXpnkGMlFu8Yzq4dZbsMB8GA1UdIwQY
MBaAFLC1bRDMrZ1pwBhWvgr6oX7Ggqy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0xWdEVNeXRuV25BR0ZhLUN2cWhmc2FDckw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC82OTQwOWUtMWVjNC00ODlkLWI2MWYt
YTE5Y2M4YTc2ZDA0LzEvdmVNdmVZSk54ZW1lUVl5VVc3eGpPcmgxbHV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC82OTQwOWUtMWVjNC00ODlkLWI2MWYtYTE5Y2M4YTc2ZDA0
LzEvc0xWdEVNeXRuV25BR0ZhLUN2cWhmc2FDckw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsGHbAwQB
2QukMA0GCSqGSIb3DQEBCwUAA4IBAQCdmJwitRsPR5HQlRh4iyPjQJx9OpYBZlGb
OxbhCY8rzShJuBjO2zDvJBw1T8Dfa1js4uYSFQV31LphCr6DO8fiTzqlOyRo541U
xeYljuMCen5VuQYpR5JC/MIjpFbsbjspcUy5MEWupvXcEgZUHT5YVGc/Azc0e5FC
a7BzSTYTBUXNAbXB6UBCUEaYjRY2STceG+5YGEN3pA8D/jBEP0uABW20HVTGJ9xx
eBjMIQt8JvnnIXIj9SRuhwdLyvcAotWjslFZJXKHH5GWJ0pI7+ZYWY7ewbjvI8Nk
Ix7SieIoxhFWKVm5OEjk3xbMC2wgOnOViwL67zbW4+nygtIlGh/u
-----END CERTIFICATE-----
Generated at Mon Sep 15 15:22:13 2025 by rpki-client