Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/VYt88J2micc3RjkOiAbgbsahES8.roa
File: VYt88J2micc3RjkOiAbgbsahES8.roa (raw, json)
Hash identifier: Zo8tOxRpop/qL57ADwlkJqC3DjP20BCdR/VwhP6MEb8=
Subject key identifier: 55:8B:7C:F0:9D:A6:89:C7:37:46:39:0E:88:06:E0:6E:C6:A1:11:2F
Certificate issuer: /CN=1778cfc09a363a73cc8dda362a2c9e8223d7dad6
Certificate serial: 019D01E3586543362028C94E60DDE9909C9F
Authority key identifier: 17:78:CF:C0:9A:36:3A:73:CC:8D:DA:36:2A:2C:9E:82:23:D7:DA:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3jPwJo2OnPMjdo2KiyegiPX2tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/VYt88J2micc3RjkOiAbgbsahES8.roa
Signing time: Wed 18 Mar 2026 16:59:29 +0000
ROA not before: Wed 18 Mar 2026 16:59:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 60664
IP address blocks: 145.14.130.0/24 maxlen: 24
147.75.144.0/20 maxlen: 24
153.92.64.0/24 maxlen: 24
153.92.65.0/24 maxlen: 24
153.92.66.0/24 maxlen: 24
153.92.67.0/24 maxlen: 24
153.92.68.0/24 maxlen: 24
153.92.69.0/24 maxlen: 24
153.92.70.0/24 maxlen: 24
153.92.71.0/24 maxlen: 24
153.92.124.0/24 maxlen: 24
153.92.160.0/24 maxlen: 24
153.92.161.0/24 maxlen: 24
153.92.162.0/24 maxlen: 24
153.92.163.0/24 maxlen: 24
153.92.164.0/24 maxlen: 24
153.92.165.0/24 maxlen: 24
153.92.166.0/24 maxlen: 24
153.92.167.0/24 maxlen: 24
153.92.168.0/24 maxlen: 24
153.92.169.0/24 maxlen: 24
153.92.170.0/24 maxlen: 24
153.92.171.0/24 maxlen: 24
153.92.172.0/24 maxlen: 24
153.92.173.0/24 maxlen: 24
153.92.174.0/24 maxlen: 24
153.92.175.0/24 maxlen: 24
157.97.76.0/23 maxlen: 23
157.97.78.0/23 maxlen: 23
157.180.192.0/24 maxlen: 24
157.180.193.0/24 maxlen: 24
157.180.194.0/24 maxlen: 24
157.180.195.0/24 maxlen: 24
157.180.196.0/23 maxlen: 23
157.180.196.0/24 maxlen: 24
157.180.197.0/24 maxlen: 24
157.180.198.0/23 maxlen: 23
157.180.198.0/24 maxlen: 24
157.180.199.0/24 maxlen: 24
158.220.64.0/21 maxlen: 24
185.27.180.0/23 maxlen: 23
185.27.180.0/24 maxlen: 24
185.27.181.0/24 maxlen: 24
185.27.182.0/23 maxlen: 23
185.27.182.0/24 maxlen: 24
185.27.183.0/24 maxlen: 24
185.74.64.0/23 maxlen: 23
185.74.64.0/24 maxlen: 24
185.74.65.0/24 maxlen: 24
185.74.66.0/23 maxlen: 23
185.74.66.0/24 maxlen: 24
185.74.67.0/24 maxlen: 24
2a04:3b40::/48 maxlen: 64
2a04:3b40:1::/48 maxlen: 64
2a04:3b40:2::/48 maxlen: 64
2a04:3b41::/48 maxlen: 64
2a04:3b41:2::/48 maxlen: 64
2a04:3b42::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/F3jPwJo2OnPMjdo2KiyegiPX2tY.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/F3jPwJo2OnPMjdo2KiyegiPX2tY.mft
rsync://rpki.ripe.net/repository/DEFAULT/F3jPwJo2OnPMjdo2KiyegiPX2tY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 13:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:01:e3:58:65:43:36:20:28:c9:4e:60:dd:e9:90:9c:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1778cfc09a363a73cc8dda362a2c9e8223d7dad6
Validity
Not Before: Mar 18 16:59:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=558b7cf09da689c73746390e8806e06ec6a1112f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d2:b4:be:10:e9:60:9a:f4:98:5a:1b:1b:85:
fe:66:c8:78:f3:29:1b:b1:38:5d:2c:be:ea:24:97:
ac:02:d8:15:65:f7:ef:81:1b:af:f9:b9:fe:e1:18:
d1:81:90:4b:68:90:0a:9a:61:98:07:94:34:22:65:
e8:91:92:2a:80:c0:11:40:6a:2f:db:43:d1:12:d6:
70:24:ca:2d:92:d3:3b:8d:22:82:1a:50:18:3b:20:
f2:ef:3d:a1:6c:8c:72:17:1b:17:9b:35:bf:ad:3b:
c0:b6:a2:8c:ca:b0:86:25:15:7a:fd:6f:64:e0:72:
00:c8:92:07:98:80:8e:a5:06:31:97:db:7a:99:eb:
0c:24:fe:28:01:63:6f:cd:ad:1b:9f:a1:c4:85:91:
0b:f0:ea:ff:9c:60:61:b3:a5:c1:d0:68:c9:10:e3:
dd:6b:33:84:16:1d:ea:02:37:42:47:6d:e7:5e:5e:
1a:5d:b9:00:1c:21:04:a3:93:69:a1:b7:67:97:fb:
e8:5b:47:1b:90:00:0c:29:b5:59:35:2f:85:a6:c7:
ea:83:eb:78:74:a4:54:1b:4d:64:b9:82:90:71:d0:
0f:63:fd:76:0b:aa:6c:3d:dd:cc:73:a2:4e:4d:1c:
cb:91:1f:4a:5f:68:64:f2:68:15:3c:9b:90:61:d7:
64:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:8B:7C:F0:9D:A6:89:C7:37:46:39:0E:88:06:E0:6E:C6:A1:11:2F
X509v3 Authority Key Identifier:
keyid:17:78:CF:C0:9A:36:3A:73:CC:8D:DA:36:2A:2C:9E:82:23:D7:DA:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3jPwJo2OnPMjdo2KiyegiPX2tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/VYt88J2micc3RjkOiAbgbsahES8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/09012f-b4f6-4df7-b562-010cf2dd40af/1/F3jPwJo2OnPMjdo2KiyegiPX2tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.14.130.0/24
147.75.144.0/20
153.92.64.0/21
153.92.124.0/24
153.92.160.0/20
157.97.76.0/22
157.180.192.0/21
158.220.64.0/21
185.27.180.0/22
185.74.64.0/22
IPv6:
2a04:3b40::-2a04:3b40:2:ffff:ffff:ffff:ffff:ffff
2a04:3b41::/48
2a04:3b41:2::/48
2a04:3b42::/56
Signature Algorithm: sha256WithRSAEncryption
52:8b:98:af:68:44:bd:b5:52:c3:24:a2:88:bf:6d:ea:fd:d7:
ea:ac:45:4e:86:be:73:d8:d4:e4:45:db:d3:87:13:3a:e4:14:
63:e9:5e:b0:8d:c2:f1:08:eb:28:3f:40:65:95:64:10:ef:f6:
b3:05:8c:3d:c0:1c:f4:af:24:59:d6:b2:5b:4d:f0:80:c7:37:
dd:f0:b5:7e:de:06:6b:44:1f:bd:a9:b3:9f:56:61:68:8b:65:
f4:48:76:93:d3:a4:a7:d0:ce:28:a8:f9:77:09:4a:9d:06:c7:
ea:d4:64:ff:db:52:db:46:cd:a9:a1:e5:26:11:9d:9e:58:48:
f6:f7:f8:50:a2:b2:cb:1d:23:53:3d:92:46:44:bd:47:e8:44:
51:c6:bb:60:11:b5:62:ac:33:d0:4a:30:64:60:43:48:1e:fe:
8e:d5:a2:bf:ac:8e:13:ca:0e:bf:77:20:13:0f:ca:32:2f:d4:
b5:70:06:ec:3e:31:a7:91:1d:20:2a:92:32:dd:1e:26:db:68:
4b:1e:30:c4:64:48:74:a0:0b:3b:f9:25:dc:62:70:0b:64:41:
a6:1f:d8:05:9d:ab:c2:dd:31:af:07:80:70:05:2a:01:e2:1f:
1f:66:6f:93:8f:d8:2b:33:17:6d:81:4b:c6:e5:f3:50:e6:57:
4e:f6:bc:80
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZ0B41hlQzYgKMlOYN3pkJyfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzhjZmMwOWEzNjNhNzNjYzhkZGEzNjJhMmM5ZTgyMjNk
N2RhZDYwHhcNMjYwMzE4MTY1OTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NThiN2NmMDlkYTY4OWM3Mzc0NjM5MGU4ODA2ZTA2ZWM2YTExMTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidK0vhDpYJr0mFobG4X+Zsh48ykb
sThdLL7qJJesAtgVZffvgRuv+bn+4RjRgZBLaJAKmmGYB5Q0ImXokZIqgMARQGov
20PREtZwJMotktM7jSKCGlAYOyDy7z2hbIxyFxsXmzW/rTvAtqKMyrCGJRV6/W9k
4HIAyJIHmICOpQYxl9t6mesMJP4oAWNvza0bn6HEhZEL8Or/nGBhs6XB0GjJEOPd
azOEFh3qAjdCR23nXl4aXbkAHCEEo5Npobdnl/voW0cbkAAMKbVZNS+Fpsfqg+t4
dKRUG01kuYKQcdAPY/12C6psPd3Mc6JOTRzLkR9KX2hk8mgVPJuQYddkGwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFFWLfPCdponHN0Y5DogG4G7GoREvMB8GA1UdIwQY
MBaAFBd4z8CaNjpzzI3aNiosnoIj19rWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNqUHdKbzJPblBNamRvMktpeWVnaVBYMnRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8wOTAxMmYtYjRmNi00ZGY3LWI1NjIt
MDEwY2YyZGQ0MGFmLzEvVll0ODhKMm1pY2MzUmprT2lBYmdic2FoRVM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8wOTAxMmYtYjRmNi00ZGY3LWI1NjItMDEwY2YyZGQ0MGFm
LzEvRjNqUHdKbzJPblBNamRvMktpeWVnaVBYMnRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowQgQCAAEwPAMEAJEOggME
BJNLkAMEA5lcQAMEAJlcfAMEBJlcoAMEAp1hTAMEA520wAMEA57cQAMEArkbtAME
ArlKQDA0BAIAAjAuMBADBQYqBDtAAwcAKgQ7QAACAwcAKgQ7QQAAAwcAKgQ7QQAC
AwgAKgQ7QgAAADANBgkqhkiG9w0BAQsFAAOCAQEAUouYr2hEvbVSwySiiL9t6v3X
6qxFToa+c9jU5EXb04cTOuQUY+lesI3C8QjrKD9AZZVkEO/2swWMPcAc9K8kWday
W03wgMc33fC1ft4Ga0Qfvamzn1ZhaItl9Eh2k9Okp9DOKKj5dwlKnQbH6tRk/9tS
20bNqaHlJhGdnlhI9vf4UKKyyx0jUz2SRkS9R+hEUca7YBG1Yqwz0EowZGBDSB7+
jtWiv6yOE8oOv3cgEw/KMi/UtXAG7D4xp5EdICqSMt0eJttoSx4wxGRIdKALO/kl
3GJwC2RBph/YBZ2rwt0xrweAcAUqAeIfH2Zvk4/YKzMXbYFLxuXzUOZXTva8gA==
-----END CERTIFICATE-----
Generated at Fri Mar 27 00:27:01 2026 by rpki-client