Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/590e6a-c4fb-4e4d-9ff4-717cf7d73587/1/vKrZtrLO-kjlGhWVhFRrqWF3pgc.roa
File: vKrZtrLO-kjlGhWVhFRrqWF3pgc.roa (raw, json)
Hash identifier: ve87rPmSXe7qg0yy2QR3CBV1SiCheNHcBB4z1Clsc6c=
Subject key identifier: BC:AA:D9:B6:B2:CE:FA:48:E5:1A:15:95:84:54:6B:A9:61:77:A6:07
Certificate issuer: /CN=c15f0608297e9f94371a72d93ad7b11f79c1f83f
Certificate serial: 019A16BBFF75FF3A2111901EDC601A35A05A
Authority key identifier: C1:5F:06:08:29:7E:9F:94:37:1A:72:D9:3A:D7:B1:1F:79:C1:F8:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wV8GCCl-n5Q3GnLZOtexH3nB-D8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/590e6a-c4fb-4e4d-9ff4-717cf7d73587/1/vKrZtrLO-kjlGhWVhFRrqWF3pgc.roa
Signing time: Fri 24 Oct 2025 15:00:10 +0000
ROA not before: Fri 24 Oct 2025 15:00:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47536
IP address blocks: 185.93.174.0/24 maxlen: 24
193.105.29.0/24 maxlen: 24
2a12:79c0::/29 maxlen: 29
2a12:79c0::/32 maxlen: 44
2a12:79c1::/32 maxlen: 44
2a12:79c2::/32 maxlen: 44
2a12:79c3::/32 maxlen: 44
2a12:79c4::/32 maxlen: 44
2a12:79c5::/32 maxlen: 44
2a12:79c6::/32 maxlen: 44
2a12:79c7::/32 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/590e6a-c4fb-4e4d-9ff4-717cf7d73587/1/wV8GCCl-n5Q3GnLZOtexH3nB-D8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/590e6a-c4fb-4e4d-9ff4-717cf7d73587/1/wV8GCCl-n5Q3GnLZOtexH3nB-D8.mft
rsync://rpki.ripe.net/repository/DEFAULT/wV8GCCl-n5Q3GnLZOtexH3nB-D8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 Oct 2025 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:16:bb:ff:75:ff:3a:21:11:90:1e:dc:60:1a:35:a0:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c15f0608297e9f94371a72d93ad7b11f79c1f83f
Validity
Not Before: Oct 24 15:00:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bcaad9b6b2cefa48e51a159584546ba96177a607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1f:3f:4f:35:9d:03:c9:cc:c4:b8:bf:87:59:
90:d2:82:53:8d:0a:36:02:b7:99:05:4b:ff:4f:ac:
e6:3d:b6:f1:d5:09:46:e9:6a:c7:25:21:2d:f5:1d:
bb:17:49:d2:3e:38:72:55:f2:79:ea:03:70:3b:91:
50:06:86:d7:d1:b6:a6:88:ba:0b:5a:dd:a2:26:ff:
c4:71:bf:bc:16:3a:d5:eb:49:fb:e0:8e:fb:20:9e:
03:d3:6b:ed:48:bc:9b:22:24:aa:32:69:2c:3c:41:
3a:8f:81:01:a2:62:1c:da:cf:c2:86:4a:a6:d6:11:
2e:84:90:d5:30:26:af:8c:6a:41:f4:f6:21:28:b0:
8d:05:54:c4:fb:8d:5b:16:f7:6c:39:fb:95:8c:eb:
45:18:3a:86:42:8b:2c:0c:64:58:89:a5:12:cf:23:
83:05:ae:c9:ef:17:bd:0d:20:49:49:05:2a:57:04:
8b:5a:24:f4:b2:0a:dd:e1:54:d6:8a:8f:7c:34:40:
81:7d:23:ad:fe:83:a6:c6:bf:d8:31:e5:9c:c2:04:
3d:a5:1e:50:10:ee:67:e9:78:37:74:5f:3e:09:f0:
b6:40:30:b8:f6:99:ee:5a:ed:04:2d:90:45:da:fe:
60:1b:fd:35:70:5c:70:88:53:71:6a:dc:37:a5:d1:
f2:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:AA:D9:B6:B2:CE:FA:48:E5:1A:15:95:84:54:6B:A9:61:77:A6:07
X509v3 Authority Key Identifier:
keyid:C1:5F:06:08:29:7E:9F:94:37:1A:72:D9:3A:D7:B1:1F:79:C1:F8:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wV8GCCl-n5Q3GnLZOtexH3nB-D8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/590e6a-c4fb-4e4d-9ff4-717cf7d73587/1/vKrZtrLO-kjlGhWVhFRrqWF3pgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/590e6a-c4fb-4e4d-9ff4-717cf7d73587/1/wV8GCCl-n5Q3GnLZOtexH3nB-D8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.174.0/24
193.105.29.0/24
IPv6:
2a12:79c0::/29
Signature Algorithm: sha256WithRSAEncryption
85:2e:e4:de:96:29:79:e2:23:ac:4b:02:08:e0:f4:91:73:05:
52:f0:26:c7:d5:d0:f1:62:2a:a7:db:da:c9:fc:bb:36:da:9e:
ab:ec:fb:08:99:7c:97:98:dd:9f:11:51:20:d3:07:a2:b8:47:
c2:d6:b6:e9:78:96:2f:35:cc:d7:1f:ea:0e:56:22:47:af:5b:
68:cf:91:93:fc:de:a8:0e:18:39:30:14:7c:9f:7f:bf:22:fd:
f8:7f:c2:28:cd:2f:91:ee:a0:e7:f2:54:8f:3b:11:98:73:7e:
2c:e3:af:16:85:4a:31:f0:3b:dd:d2:32:81:06:a3:ff:3e:79:
f0:5c:e2:fa:e7:22:3e:87:ef:ea:76:05:04:fe:ef:c7:fb:c3:
7b:45:d5:f8:10:b0:e7:17:50:4e:68:a7:b8:c8:b8:23:3f:96:
1d:34:53:c4:5b:8b:54:f7:83:86:72:5c:39:61:71:21:95:50:
55:82:50:9b:87:6b:4a:f1:4d:e9:26:6a:11:3b:31:65:6a:69:
76:e5:5e:d2:2f:05:b8:0f:36:d1:da:01:3e:e8:0d:40:6e:47:
e1:bd:69:ed:84:9d:84:69:54:03:ab:8b:0a:27:3a:b9:56:61:
67:32:fc:e4:20:75:b0:10:56:64:5e:4a:8c:41:06:c1:16:ca:
2f:45:d8:63
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZoWu/91/zohEZAe3GAaNaBaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxNWYwNjA4Mjk3ZTlmOTQzNzFhNzJkOTNhZDdiMTFmNzlj
MWY4M2YwHhcNMjUxMDI0MTUwMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2FhZDliNmIyY2VmYTQ4ZTUxYTE1OTU4NDU0NmJhOTYxNzdhNjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoB8/TzWdA8nMxLi/h1mQ0oJTjQo2
AreZBUv/T6zmPbbx1QlG6WrHJSEt9R27F0nSPjhyVfJ56gNwO5FQBobX0bamiLoL
Wt2iJv/Ecb+8FjrV60n74I77IJ4D02vtSLybIiSqMmksPEE6j4EBomIc2s/Chkqm
1hEuhJDVMCavjGpB9PYhKLCNBVTE+41bFvdsOfuVjOtFGDqGQossDGRYiaUSzyOD
Ba7J7xe9DSBJSQUqVwSLWiT0sgrd4VTWio98NECBfSOt/oOmxr/YMeWcwgQ9pR5Q
EO5n6Xg3dF8+CfC2QDC49pnuWu0ELZBF2v5gG/01cFxwiFNxatw3pdHyKwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLyq2bayzvpI5RoVlYRUa6lhd6YHMB8GA1UdIwQY
MBaAFMFfBggpfp+UNxpy2TrXsR95wfg/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1Y4R0NDbC1uNVEzR25MWk90ZXhIM25CLUQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC81OTBlNmEtYzRmYi00ZTRkLTlmZjQt
NzE3Y2Y3ZDczNTg3LzEvdktyWnRyTE8ta2psR2hXVmhGUnJxV0YzcGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC81OTBlNmEtYzRmYi00ZTRkLTlmZjQtNzE3Y2Y3ZDczNTg3
LzEvd1Y4R0NDbC1uNVEzR25MWk90ZXhIM25CLUQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuV2uAwQA
wWkdMA0EAgACMAcDBQMqEnnAMA0GCSqGSIb3DQEBCwUAA4IBAQCFLuTelil54iOs
SwII4PSRcwVS8CbH1dDxYiqn29rJ/Ls22p6r7PsImXyXmN2fEVEg0weiuEfC1rbp
eJYvNczXH+oOViJHr1toz5GT/N6oDhg5MBR8n3+/Iv34f8IozS+R7qDn8lSPOxGY
c34s468WhUox8Dvd0jKBBqP/PnnwXOL65yI+h+/qdgUE/u/H+8N7RdX4ELDnF1BO
aKe4yLgjP5YdNFPEW4tU94OGclw5YXEhlVBVglCbh2tK8U3pJmoROzFlaml25V7S
LwW4DzbR2gE+6A1AbkfhvWnthJ2EaVQDq4sKJzq5VmFnMvzkIHWwEFZkXkqMQQbB
FsovRdhj
-----END CERTIFICATE-----
Generated at Mon Oct 27 04:59:23 2025 by rpki-client