Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/vh_kkVtUbuAM8qjGAYgFUPK4MAA.roa
File: vh_kkVtUbuAM8qjGAYgFUPK4MAA.roa (raw, json)
Hash identifier: 2hBrNDRmjNiyS60EVU87oWGp9JKvtnac/EE3qt7mJpM=
Subject key identifier: BE:1F:E4:91:5B:54:6E:E0:0C:F2:A8:C6:01:88:05:50:F2:B8:30:00
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0199BFBE373C6F5C13BBE0F05F52236068B7
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/vh_kkVtUbuAM8qjGAYgFUPK4MAA.roa
Signing time: Tue 07 Oct 2025 17:35:38 +0000
ROA not before: Tue 07 Oct 2025 17:35:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 45.155.68.0/24 maxlen: 24
2a06:35c1::/32 maxlen: 32
2a0e:1a84::/32 maxlen: 32
2a0f:1e84:20::/48 maxlen: 48
2a0f:7d00:1::/48 maxlen: 48
2a0f:bc00:a1c4::/48 maxlen: 48
2a12:ecc0:22::/48 maxlen: 48
2a13:2b40::/29 maxlen: 32
2a13:8c81::/32 maxlen: 32
2a13:e103::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 Oct 2025 14:36:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:bf:be:37:3c:6f:5c:13:bb:e0:f0:5f:52:23:60:68:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 7 17:35:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be1fe4915b546ee00cf2a8c601880550f2b83000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5d:25:b8:39:74:d8:20:85:40:4a:3f:8b:3b:
ce:4a:eb:22:07:5e:79:f5:3a:1c:31:eb:9c:96:3b:
90:5a:9a:f9:f5:9a:ee:ce:32:3a:9e:ef:60:43:34:
13:7e:fb:83:a1:91:7e:9c:46:4f:40:cd:a4:0d:73:
30:50:a3:56:d5:b2:a8:92:b3:29:ab:96:25:b5:c6:
1a:b5:2a:89:da:fc:ba:c4:b5:08:ac:85:1a:22:84:
38:25:4b:5f:6c:b3:bd:c1:21:dc:de:aa:09:4d:97:
73:d2:c1:93:13:1d:ab:08:07:92:6c:2d:79:b4:63:
f8:34:10:3e:bf:e7:b1:8e:f8:2b:35:c4:c2:d0:d3:
65:2d:65:f4:d6:81:81:da:39:4c:94:69:46:da:da:
d1:d7:02:f2:c7:a6:6f:a6:73:44:05:63:67:f1:73:
98:fc:39:a0:20:27:ae:06:d2:f2:b4:72:6d:0c:85:
82:f2:8d:a8:2b:f1:33:b9:89:34:59:cf:44:18:ce:
e7:59:55:b4:4f:f7:7d:1a:9b:10:31:e2:63:1a:fa:
0c:54:52:ea:15:04:0b:fc:8f:48:68:fa:b1:5f:e9:
82:f8:a4:81:b0:17:25:b0:83:a0:7a:12:99:d9:5f:
31:f3:0a:39:6d:e1:55:08:17:c2:29:c6:e3:c2:89:
55:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:1F:E4:91:5B:54:6E:E0:0C:F2:A8:C6:01:88:05:50:F2:B8:30:00
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/vh_kkVtUbuAM8qjGAYgFUPK4MAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.68.0/24
IPv6:
2a06:35c1::/32
2a0e:1a84::/32
2a0f:1e84:20::/48
2a0f:7d00:1::/48
2a0f:bc00:a1c4::/48
2a12:ecc0:22::/48
2a13:2b40::/29
2a13:8c81::/32
2a13:e103::/32
Signature Algorithm: sha256WithRSAEncryption
b5:d4:94:55:b3:8a:d1:d4:f7:ec:00:bf:cf:60:d1:14:db:01:
ab:37:5a:15:6e:d5:c9:8a:7a:eb:0e:6b:42:cb:11:a6:41:d3:
e9:78:f6:9e:9c:24:d5:10:cc:ba:92:0e:9e:9d:4d:6e:b4:c0:
47:eb:18:11:82:01:2c:0e:91:3c:6c:d5:b1:f6:f1:b9:54:81:
20:8a:b1:96:83:ff:04:80:f5:e4:c2:5b:b5:43:38:97:4d:30:
07:0e:86:fb:93:ec:4b:27:d2:b6:69:61:75:fa:5c:02:1d:5a:
c7:7c:ea:79:b6:6c:02:0b:0e:a2:8a:8c:01:29:73:bf:c1:d3:
1b:7e:b0:4a:e9:54:6a:1e:06:ac:81:96:2a:e8:71:66:30:a2:
ce:ac:48:a8:94:62:bf:05:a1:f3:1a:9b:35:0b:eb:e2:79:79:
83:9e:27:db:b9:db:eb:e8:01:81:61:a3:bf:9f:96:7c:01:fd:
fa:6d:1d:82:dd:e3:cb:43:d6:f4:80:94:1f:56:f8:65:dc:94:
5b:71:d7:46:78:98:e4:9a:40:02:48:4c:d6:32:27:7d:a1:2b:
7a:c4:33:3a:9b:5b:cd:12:26:e7:65:e2:74:07:b7:52:8c:58:
81:75:a3:b6:6c:ae:c9:7c:ce:77:db:b9:f2:61:c7:24:76:b0:
6e:d1:db:c8
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZm/vjc8b1wTu+DwX1IjYGi3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUxMDA3MTczNTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFmZTQ5MTViNTQ2ZWUwMGNmMmE4YzYwMTg4MDU1MGYyYjgzMDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArF0luDl02CCFQEo/izvOSusiB155
9TocMeucljuQWpr59ZruzjI6nu9gQzQTfvuDoZF+nEZPQM2kDXMwUKNW1bKokrMp
q5YltcYatSqJ2vy6xLUIrIUaIoQ4JUtfbLO9wSHc3qoJTZdz0sGTEx2rCAeSbC15
tGP4NBA+v+exjvgrNcTC0NNlLWX01oGB2jlMlGlG2trR1wLyx6ZvpnNEBWNn8XOY
/DmgICeuBtLytHJtDIWC8o2oK/EzuYk0Wc9EGM7nWVW0T/d9GpsQMeJjGvoMVFLq
FQQL/I9IaPqxX+mC+KSBsBclsIOgehKZ2V8x8wo5beFVCBfCKcbjwolVWwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFL4f5JFbVG7gDPKoxgGIBVDyuDAAMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdmhfa2tWdFVidUFNOHFqR0FZZ0ZVUEs0TUFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTAMBAIAATAGAwQALZtEME0E
AgACMEcDBQAqBjXBAwUAKg4ahAMHACoPHoQAIAMHACoPfQAAAQMHACoPvAChxAMH
ACoS7MAAIgMFAyoTK0ADBQAqE4yBAwUAKhPhAzANBgkqhkiG9w0BAQsFAAOCAQEA
tdSUVbOK0dT37AC/z2DRFNsBqzdaFW7VyYp66w5rQssRpkHT6Xj2npwk1RDMupIO
np1NbrTAR+sYEYIBLA6RPGzVsfbxuVSBIIqxloP/BID15MJbtUM4l00wBw6G+5Ps
SyfStmlhdfpcAh1ax3zqebZsAgsOooqMASlzv8HTG36wSulUah4GrIGWKuhxZjCi
zqxIqJRivwWh8xqbNQvr4nl5g54n27nb6+gBgWGjv5+WfAH9+m0dgt3jy0PW9ICU
H1b4ZdyUW3HXRniY5JpAAkhM1jInfaEresQzOptbzRIm52XidAe3UoxYgXWjtmyu
yXzOd9u58mHHJHawbtHbyA==
-----END CERTIFICATE-----
Generated at Mon Oct 13 22:06:11 2025 by rpki-client