Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/VMrvml797-r4iVwO1s4mJlHBEXU.roa
File: VMrvml797-r4iVwO1s4mJlHBEXU.roa (raw, json)
Hash identifier: kYXE+hUdvUwlCBTqrG6DLLjZqgPpJuSlxt94PbLAVgc=
Subject key identifier: 54:CA:EF:9A:5E:FD:EF:EA:F8:89:5C:0E:D6:CE:26:26:51:C1:11:75
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019EE0B79A0723901CA98F54181B9C001C40
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/VMrvml797-r4iVwO1s4mJlHBEXU.roa
Signing time: Fri 19 Jun 2026 16:29:49 +0000
ROA not before: Fri 19 Jun 2026 16:29:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 2.26.170.0/24 maxlen: 24
2.26.175.0/24 maxlen: 24
2.27.115.0/24 maxlen: 24
31.77.242.0/24 maxlen: 24
144.31.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.mft
rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Jun 2026 19:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:e0:b7:9a:07:23:90:1c:a9:8f:54:18:1b:9c:00:1c:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jun 19 16:29:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=54caef9a5efdefeaf8895c0ed6ce262651c11175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9e:89:9d:07:d1:4f:d6:7c:b2:95:b5:f2:c1:
23:c6:34:52:cd:8e:2c:f3:c6:7a:28:09:bf:65:d9:
47:ab:8b:ef:57:c1:eb:64:91:9f:f8:d5:02:31:a9:
23:9d:c7:12:83:03:62:31:50:b7:1c:fa:18:62:e9:
43:55:0d:4f:48:de:c1:4d:91:b5:ae:00:50:80:42:
45:b7:05:76:f6:b6:cc:fd:ce:b9:1e:ed:e0:8c:c9:
3e:44:73:60:9c:e1:d6:f8:7b:db:1c:54:e9:77:7d:
9f:55:7a:98:30:eb:25:85:40:67:1c:7e:b1:dd:6c:
f2:dc:08:9a:b0:1f:ef:02:0d:32:03:5e:30:f4:db:
7e:a4:27:af:c6:a0:e3:f4:07:b2:19:11:44:34:fe:
c7:f3:04:53:d6:f1:b4:3c:49:7f:eb:31:8b:82:84:
14:01:5e:ab:dd:65:54:ce:8a:0e:01:9f:95:5c:71:
45:40:ed:72:92:06:3d:77:ff:d9:d3:45:f8:c8:44:
e2:5a:99:78:3a:c7:f8:2c:28:a1:b8:55:83:1e:cb:
17:9a:18:85:4d:e6:a6:59:36:1b:40:53:5c:03:e0:
cb:d1:23:77:7a:a7:20:f1:fa:56:e5:34:c2:5e:b2:
b2:f1:93:cf:6a:e4:a3:4d:b7:55:53:71:0c:4c:1f:
70:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:CA:EF:9A:5E:FD:EF:EA:F8:89:5C:0E:D6:CE:26:26:51:C1:11:75
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/VMrvml797-r4iVwO1s4mJlHBEXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.26.170.0/24
2.26.175.0/24
2.27.115.0/24
31.77.242.0/24
144.31.145.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:6c:d5:8e:1c:99:16:86:8a:bd:89:81:ff:ff:42:90:24:ea:
68:b8:97:68:f5:43:8c:e0:8b:05:d6:28:b8:19:f1:38:85:86:
c9:12:b6:60:b9:f2:9d:6b:d1:70:06:70:8b:0d:6c:b1:fe:3b:
86:03:25:3f:0e:ad:85:da:75:a2:5b:18:25:8c:be:99:41:8a:
fc:24:62:2c:ad:e8:96:0c:d6:92:ff:6a:1a:82:a4:1a:93:13:
dc:61:0f:7b:b4:56:8b:87:37:69:40:af:a5:4f:a3:64:90:d0:
f0:2c:8d:aa:29:53:5b:56:14:50:9d:57:94:1a:d9:38:b3:ad:
51:a6:85:55:fc:ca:9c:a8:6d:58:63:a3:85:b7:b8:e1:69:d6:
bb:c9:2e:1a:bd:23:b8:11:5b:8f:12:6e:3d:44:06:d8:a4:cd:
19:94:41:c5:4e:49:9a:c6:5e:49:6e:4c:58:8d:52:80:a5:6a:
8f:47:f9:60:2a:6a:a7:e7:80:77:2c:71:3a:8f:5d:87:d5:17:
cd:a1:3b:50:78:6c:6f:b0:71:d1:4a:32:be:ad:7d:c4:21:3d:
42:62:a9:ec:7e:f0:ad:08:21:94:ac:89:19:f9:5f:23:e6:c0:
f4:3f:d0:a8:48:6c:4b:32:7d:e4:42:16:54:6f:97:68:76:b9:
c4:23:88:90
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ7gt5oHI5AcqY9UGBucABxAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjYwNjE5MTYyOTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGNhZWY5YTVlZmRlZmVhZjg4OTVjMGVkNmNlMjYyNjUxYzExMTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJ6JnQfRT9Z8spW18sEjxjRSzY4s
88Z6KAm/ZdlHq4vvV8HrZJGf+NUCMakjnccSgwNiMVC3HPoYYulDVQ1PSN7BTZG1
rgBQgEJFtwV29rbM/c65Hu3gjMk+RHNgnOHW+HvbHFTpd32fVXqYMOslhUBnHH6x
3Wzy3AiasB/vAg0yA14w9Nt+pCevxqDj9AeyGRFENP7H8wRT1vG0PEl/6zGLgoQU
AV6r3WVUzooOAZ+VXHFFQO1ykgY9d//Z00X4yETiWpl4Osf4LCihuFWDHssXmhiF
TeamWTYbQFNcA+DL0SN3eqcg8fpW5TTCXrKy8ZPPauSjTbdVU3EMTB9wmQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFTK75pe/e/q+IlcDtbOJiZRwRF1MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvVk1ydm1sNzk3LXI0aVZ3TzFzNG1KbEhCRVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAhqqAwQA
AhqvAwQAAhtzAwQAH03yAwQAkB+RMA0GCSqGSIb3DQEBCwUAA4IBAQCzbNWOHJkW
hoq9iYH//0KQJOpouJdo9UOM4IsF1ii4GfE4hYbJErZgufKda9FwBnCLDWyx/juG
AyU/Dq2F2nWiWxgljL6ZQYr8JGIsreiWDNaS/2oagqQakxPcYQ97tFaLhzdpQK+l
T6NkkNDwLI2qKVNbVhRQnVeUGtk4s61RpoVV/MqcqG1YY6OFt7jhada7yS4avSO4
EVuPEm49RAbYpM0ZlEHFTkmaxl5JbkxYjVKApWqPR/lgKmqn54B3LHE6j12H1RfN
oTtQeGxvsHHRSjK+rX3EIT1CYqnsfvCtCCGUrIkZ+V8j5sD0P9CoSGxLMn3kQhZU
b5dodrnEI4iQ
-----END CERTIFICATE-----
Generated at Sat Jun 20 04:06:02 2026 by rpki-client