Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/veX_dFU89jINYIvQN6OY0vDh-GM.roa
File: veX_dFU89jINYIvQN6OY0vDh-GM.roa (raw, json)
Hash identifier: T8CugC5z3ZOjWb18jXVzu/7NIoD/6iWzsqoKDxWnL6o=
Subject key identifier: BD:E5:FF:74:55:3C:F6:32:0D:60:8B:D0:37:A3:98:D2:F0:E1:F8:63
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01997A47B6B7C0D6FE77D5CAC3E3418BFC95
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/veX_dFU89jINYIvQN6OY0vDh-GM.roa
Signing time: Wed 24 Sep 2025 05:52:24 +0000
ROA not before: Wed 24 Sep 2025 05:52:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216127
IP address blocks: 45.95.0.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7a:47:b6:b7:c0:d6:fe:77:d5:ca:c3:e3:41:8b:fc:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 24 05:52:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bde5ff74553cf6320d608bd037a398d2f0e1f863
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:12:30:aa:dd:3d:e9:3c:f7:5f:a1:49:21:65:
cb:fe:7e:cd:61:f8:39:8f:f4:f3:3a:92:08:f4:0f:
f2:f3:09:e5:84:90:97:21:43:8c:fc:8d:7a:67:f7:
bd:53:36:8a:26:24:41:76:ac:68:21:fc:56:a2:72:
8d:47:41:ec:4c:0c:bb:da:d7:db:47:64:4a:6f:2a:
9f:cf:e4:33:e8:0c:4c:32:d8:28:d4:a1:19:79:a8:
fa:b4:56:3d:43:c1:37:9a:94:5b:c2:87:75:ec:5b:
30:42:aa:8e:a1:1b:d8:0d:d8:cd:b3:30:37:63:6e:
d2:dc:0c:8c:99:e2:d9:25:69:d8:d0:78:56:64:b2:
9c:49:ba:6d:4a:01:cc:21:2a:a5:fd:47:aa:b9:02:
a3:45:2f:44:b2:8a:29:21:b7:29:5e:91:70:e8:c6:
b6:2d:29:99:9e:80:3d:b6:6d:e7:cd:6c:94:82:af:
0f:eb:6e:bf:9c:f7:b3:31:1e:b4:b2:02:73:65:8f:
59:0c:ff:17:42:88:b9:e6:f0:06:2a:ce:2c:51:ab:
fb:90:46:01:dc:23:b7:a8:46:1d:91:00:53:d6:fa:
ee:34:9a:58:7c:25:de:82:68:20:59:00:b8:6c:2f:
17:df:84:17:13:87:83:78:9d:75:7f:01:0a:f8:45:
15:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:E5:FF:74:55:3C:F6:32:0D:60:8B:D0:37:A3:98:D2:F0:E1:F8:63
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/veX_dFU89jINYIvQN6OY0vDh-GM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.0.0/24
185.218.137.0/24
Signature Algorithm: sha256WithRSAEncryption
86:3e:67:fa:bb:94:1f:8f:67:e1:5d:ca:8c:78:83:1a:9d:77:
99:b5:9c:b7:c6:05:86:1d:40:68:00:f1:b7:8b:b8:ed:c3:ac:
83:0c:53:ec:28:fa:3c:9b:c6:cc:c8:b2:8c:4f:02:9b:53:b9:
1e:37:e4:e6:79:31:4d:75:e2:a6:5c:81:09:4d:ba:a6:a7:2b:
94:18:25:37:dd:af:d9:e1:2a:b7:64:a7:dc:c9:51:85:2a:f6:
2b:b7:81:80:45:23:1a:c9:a5:6d:d1:21:09:79:01:0f:93:d1:
73:6a:b9:13:1a:26:42:09:56:a1:1f:24:d9:2d:f9:bb:53:48:
11:6b:8b:7c:5d:fd:60:b8:de:63:90:58:48:89:be:b8:94:a2:
4e:91:01:07:c5:45:89:17:ba:37:e9:16:37:1c:11:29:65:72:
10:d2:d5:74:3e:4e:3f:82:c2:a7:b0:f6:b8:70:1b:30:39:b4:
16:2b:aa:44:03:88:c6:9f:2c:21:0f:fa:89:67:ae:5b:51:31:
b4:7e:61:dd:00:06:93:d2:f7:85:8a:d5:31:95:43:d3:65:13:
1b:80:41:4e:fb:1e:7c:a8:db:be:2f:26:61:3c:41:cc:4a:06:
91:d9:f8:68:2f:00:ef:ac:66:54:3e:2b:d3:84:5c:b6:70:0a:
d9:94:a7:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZl6R7a3wNb+d9XKw+NBi/yVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwOTI0MDU1MjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZGU1ZmY3NDU1M2NmNjMyMGQ2MDhiZDAzN2EzOThkMmYwZTFmODYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+RIwqt096Tz3X6FJIWXL/n7NYfg5
j/TzOpII9A/y8wnlhJCXIUOM/I16Z/e9UzaKJiRBdqxoIfxWonKNR0HsTAy72tfb
R2RKbyqfz+Qz6AxMMtgo1KEZeaj6tFY9Q8E3mpRbwod17FswQqqOoRvYDdjNszA3
Y27S3AyMmeLZJWnY0HhWZLKcSbptSgHMISql/UequQKjRS9EsoopIbcpXpFw6Ma2
LSmZnoA9tm3nzWyUgq8P626/nPezMR60sgJzZY9ZDP8XQoi55vAGKs4sUav7kEYB
3CO3qEYdkQBT1vruNJpYfCXegmggWQC4bC8X34QXE4eDeJ11fwEK+EUV5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL3l/3RVPPYyDWCL0DejmNLw4fhjMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdmVYX2RGVTg5aklOWUl2UU42T1kwdkRoLUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALV8AAwQA
udqJMA0GCSqGSIb3DQEBCwUAA4IBAQCGPmf6u5Qfj2fhXcqMeIManXeZtZy3xgWG
HUBoAPG3i7jtw6yDDFPsKPo8m8bMyLKMTwKbU7keN+TmeTFNdeKmXIEJTbqmpyuU
GCU33a/Z4Sq3ZKfcyVGFKvYrt4GARSMayaVt0SEJeQEPk9FzarkTGiZCCVahHyTZ
Lfm7U0gRa4t8Xf1guN5jkFhIib64lKJOkQEHxUWJF7o36RY3HBEpZXIQ0tV0Pk4/
gsKnsPa4cBswObQWK6pEA4jGnywhD/qJZ65bUTG0fmHdAAaT0veFitUxlUPTZRMb
gEFO+x58qNu+LyZhPEHMSgaR2fhoLwDvrGZUPivThFy2cArZlKeB
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:42 2025 by rpki-client