Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vUYeQPwNeH1qebGArpLV7LEOPb8.roa
File: vUYeQPwNeH1qebGArpLV7LEOPb8.roa (raw, json)
Hash identifier: zQ/QcyoUs5bfQQ/hkk+6OHgnPcxXSHKmBl0AsCVV0+g=
Subject key identifier: BD:46:1E:40:FC:0D:78:7D:6A:79:B1:80:AE:92:D5:EC:B1:0E:3D:BF
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019A6CED0F86087395644453A3E88883F15C
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vUYeQPwNeH1qebGArpLV7LEOPb8.roa
Signing time: Mon 10 Nov 2025 08:41:06 +0000
ROA not before: Mon 10 Nov 2025 08:41:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210876
IP address blocks: 45.134.84.0/22 maxlen: 24
45.134.84.0/23 maxlen: 23
45.147.116.0/22 maxlen: 24
45.159.76.0/22 maxlen: 24
93.189.123.0/24 maxlen: 24
109.107.149.0/24 maxlen: 24
185.216.30.0/24 maxlen: 24
185.216.31.0/24 maxlen: 24
185.226.8.0/24 maxlen: 24
185.247.6.0/24 maxlen: 24
194.35.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 15:37:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:6c:ed:0f:86:08:73:95:64:44:53:a3:e8:88:83:f1:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 10 08:41:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd461e40fc0d787d6a79b180ae92d5ecb10e3dbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fe:92:2c:95:91:2d:18:98:1b:9e:3a:cd:c6:
c3:98:4e:d9:91:2d:36:cc:32:e9:0f:09:29:ce:de:
23:23:c1:86:1b:f5:c1:52:71:b4:00:fc:88:00:47:
db:1d:33:85:48:f3:84:64:a3:17:01:b5:bc:bf:1f:
d9:49:f7:1c:9c:98:e7:9b:a5:b4:97:b9:36:46:b1:
b6:66:b7:d0:39:ff:47:35:3a:01:be:d8:54:e1:d6:
2b:e6:85:c8:17:98:da:1a:6f:92:e4:e6:73:17:d6:
55:49:08:8a:48:f5:e9:f2:1e:aa:2b:66:e3:db:39:
80:40:64:2c:fb:22:83:7d:6b:5e:32:16:6a:a4:9a:
ff:e8:b5:45:89:7c:f9:7e:fa:02:54:89:a5:c4:d1:
96:99:01:59:6b:a7:49:66:f2:e8:29:86:19:85:89:
30:a8:1d:33:9f:b9:e5:42:43:f5:92:95:a3:3d:0e:
7a:23:30:40:6a:04:0b:3c:44:46:e3:f2:2c:b6:1c:
e7:7d:59:8f:3d:76:57:8b:9a:b9:f6:29:4d:ac:23:
4c:4b:49:81:ac:18:a7:bf:1b:98:0d:65:72:1d:70:
17:24:0e:04:ee:68:ce:bd:cc:eb:5f:d9:80:fd:86:
f0:7b:69:32:ee:9b:aa:e4:f4:e0:55:dc:c8:60:28:
99:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:46:1E:40:FC:0D:78:7D:6A:79:B1:80:AE:92:D5:EC:B1:0E:3D:BF
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/vUYeQPwNeH1qebGArpLV7LEOPb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.84.0/22
45.147.116.0/22
45.159.76.0/22
93.189.123.0/24
109.107.149.0/24
185.216.30.0/23
185.226.8.0/24
185.247.6.0/24
194.35.40.0/24
Signature Algorithm: sha256WithRSAEncryption
38:9c:74:22:a5:9b:74:d6:3c:df:e2:59:29:73:a3:60:32:83:
40:a0:63:01:c2:c6:e4:4e:cf:42:ef:42:f6:c7:dc:6e:01:8f:
41:c6:b4:a9:8a:8b:64:f5:6a:b3:ad:1a:14:04:01:1b:4c:3c:
84:dd:18:22:17:1b:28:89:4a:58:1e:c8:b5:42:04:85:22:b5:
31:f7:70:9e:c4:d8:a2:3b:e1:61:c2:7f:4e:23:bd:cf:78:9a:
e3:a1:d0:d4:8f:9a:ef:97:ab:e7:82:83:a2:0d:59:75:81:25:
95:e9:73:33:5a:d1:f7:fa:bd:a2:03:7e:17:76:bd:97:61:1c:
7a:47:54:95:45:12:a5:c0:07:0a:39:63:e0:96:ab:5e:6a:20:
bc:05:b1:a2:da:12:1b:12:60:82:5f:d1:1b:00:9f:34:f8:98:
8d:ac:04:b5:c2:18:f5:fe:31:1c:2f:f9:4b:de:bb:fc:a2:de:
a5:c9:85:32:fa:83:a3:ab:25:f8:56:18:45:cf:96:be:ce:40:
6e:36:66:0a:98:f0:49:8c:8c:ed:d3:75:cb:ce:af:9a:51:32:
31:c6:09:a1:ed:24:c6:d3:41:f6:76:b7:89:e1:80:8a:04:19:
e0:bf:07:3c:25:72:7a:5c:de:02:a3:9a:0e:79:04:a4:c1:f9:
24:27:2d:f5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZps7Q+GCHOVZERTo+iIg/FcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUxMTEwMDg0MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDQ2MWU0MGZjMGQ3ODdkNmE3OWIxODBhZTkyZDVlY2IxMGUzZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzf6SLJWRLRiYG546zcbDmE7ZkS02
zDLpDwkpzt4jI8GGG/XBUnG0APyIAEfbHTOFSPOEZKMXAbW8vx/ZSfccnJjnm6W0
l7k2RrG2ZrfQOf9HNToBvthU4dYr5oXIF5jaGm+S5OZzF9ZVSQiKSPXp8h6qK2bj
2zmAQGQs+yKDfWteMhZqpJr/6LVFiXz5fvoCVImlxNGWmQFZa6dJZvLoKYYZhYkw
qB0zn7nlQkP1kpWjPQ56IzBAagQLPERG4/IsthznfVmPPXZXi5q59ilNrCNMS0mB
rBinvxuYDWVyHXAXJA4E7mjOvczrX9mA/Ybwe2ky7puq5PTgVdzIYCiZ5wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFL1GHkD8DXh9anmxgK6S1eyxDj2/MB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvdlVZZVFQd05lSDFxZWJHQXJwTFY3TEVPUGI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCLYZUAwQC
LZN0AwQCLZ9MAwQAXb17AwQAbWuVAwQBudgeAwQAueIIAwQAufcGAwQAwiMoMA0G
CSqGSIb3DQEBCwUAA4IBAQA4nHQipZt01jzf4lkpc6NgMoNAoGMBwsbkTs9C70L2
x9xuAY9BxrSpiotk9WqzrRoUBAEbTDyE3RgiFxsoiUpYHsi1QgSFIrUx93CexNii
O+Fhwn9OI73PeJrjodDUj5rvl6vngoOiDVl1gSWV6XMzWtH3+r2iA34Xdr2XYRx6
R1SVRRKlwAcKOWPglqteaiC8BbGi2hIbEmCCX9EbAJ80+JiNrAS1whj1/jEcL/lL
3rv8ot6lyYUy+oOjqyX4VhhFz5a+zkBuNmYKmPBJjIzt03XLzq+aUTIxxgmh7STG
00H2dreJ4YCKBBngvwc8JXJ6XN4Co5oOeQSkwfkkJy31
-----END CERTIFICATE-----
Generated at Sat Nov 15 23:02:12 2025 by rpki-client