Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/vjs4SJ2sBkeFTzkFFUzhQ69w0XU.roa
File: vjs4SJ2sBkeFTzkFFUzhQ69w0XU.roa (raw, json)
Hash identifier: POgZ6BcdFl2VWn+PBlY2p8Kf1YWJoO7uTq5oeM+i2KI=
Subject key identifier: BE:3B:38:48:9D:AC:06:47:85:4F:39:05:15:4C:E1:43:AF:70:D1:75
Certificate issuer: /CN=6161470d39be4ba2dd5df8fa47b16396278e670a
Certificate serial: 019DF421CD12888116F1FBA91164566F76BF
Authority key identifier: 61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/vjs4SJ2sBkeFTzkFFUzhQ69w0XU.roa
Signing time: Mon 04 May 2026 17:55:49 +0000
ROA not before: Mon 04 May 2026 17:55:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213922
IP address blocks: 62.164.156.0/22 maxlen: 24
89.126.232.0/24 maxlen: 24
91.188.250.0/23 maxlen: 24
91.202.245.0/24 maxlen: 24
91.202.246.0/23 maxlen: 24
185.109.28.0/22 maxlen: 24
2a0c:6ec0:a01::/48 maxlen: 48
2a0c:6ec0:b00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.mft
rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 20:10:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f4:21:cd:12:88:81:16:f1:fb:a9:11:64:56:6f:76:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6161470d39be4ba2dd5df8fa47b16396278e670a
Validity
Not Before: May 4 17:55:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=be3b38489dac0647854f3905154ce143af70d175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:11:fb:1a:13:59:26:f4:ab:12:e6:cf:01:16:
c9:dc:8b:4e:c2:cf:64:7e:b0:cd:f5:4e:27:0d:2c:
54:f7:5c:78:85:a1:6e:56:18:80:65:08:d1:cb:5f:
0f:ba:6f:c7:2e:1c:9d:0e:f1:20:cc:03:cd:ab:79:
9a:62:e0:77:a8:e0:30:49:00:e2:b2:7d:7c:02:2a:
77:88:50:50:07:d7:b1:5a:c5:24:52:3e:03:a7:f5:
9a:f7:65:6a:b6:ea:62:d3:25:05:a5:71:bc:9d:86:
4a:d5:13:72:42:31:cd:1a:ef:2c:d9:4a:ae:7d:32:
63:56:8f:da:b7:0d:f9:ef:a3:4c:bd:54:5d:59:5a:
e6:cf:d8:e8:79:e0:83:87:bb:a5:51:da:74:aa:9f:
c5:ef:aa:1c:1e:6c:47:c6:fa:fe:45:d6:64:73:f9:
da:cb:50:76:22:44:2c:f0:e2:c2:2e:7a:0d:d3:e5:
c9:2e:82:ef:c0:6c:7c:07:cf:eb:00:2b:d4:96:14:
c9:3c:7f:5c:44:6d:44:13:4f:fa:50:69:fb:50:1d:
ad:a8:e1:c2:28:39:dc:6c:48:6c:44:3f:dc:65:99:
80:04:21:45:bf:ce:da:2b:1a:78:89:90:44:a6:ad:
2b:6c:fe:0b:9c:6b:f5:03:9d:8e:15:9d:4a:57:78:
e0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:3B:38:48:9D:AC:06:47:85:4F:39:05:15:4C:E1:43:AF:70:D1:75
X509v3 Authority Key Identifier:
keyid:61:61:47:0D:39:BE:4B:A2:DD:5D:F8:FA:47:B1:63:96:27:8E:67:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YWFHDTm-S6LdXfj6R7FjlieOZwo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/vjs4SJ2sBkeFTzkFFUzhQ69w0XU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/e51856-e52e-4b24-8c99-c240bfc9cbc1/1/YWFHDTm-S6LdXfj6R7FjlieOZwo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.156.0/22
89.126.232.0/24
91.188.250.0/23
91.202.245.0-91.202.247.255
185.109.28.0/22
IPv6:
2a0c:6ec0:a01::/48
2a0c:6ec0:b00::/40
Signature Algorithm: sha256WithRSAEncryption
b1:55:70:77:b9:d2:52:3b:29:db:6c:48:66:49:2d:21:ab:50:
8c:62:ba:bd:57:78:94:f2:cb:3a:5c:52:80:22:c7:d8:1b:27:
22:30:fe:b0:60:9f:96:2a:89:f9:d3:49:a5:95:c0:50:b0:6e:
6b:b6:8a:b7:aa:cc:0a:76:0e:5d:c6:e2:e9:76:6b:b6:c4:75:
31:e7:b8:5b:2c:56:47:f3:57:11:bb:f5:2b:70:7c:76:2d:28:
d5:24:23:9e:fa:be:7b:3e:70:6f:fd:ba:e0:25:c0:2c:be:68:
09:00:ac:da:e5:01:89:4c:4d:76:31:ae:ed:8e:0c:74:49:91:
b8:93:28:a4:89:d7:75:ce:d6:5e:5c:cd:ed:65:63:88:ad:d4:
9a:63:0f:59:5f:f7:53:e9:c7:fa:d9:83:45:df:94:c0:dc:1c:
b4:3d:7e:11:ea:fb:44:38:30:bc:41:20:7c:35:cb:b9:89:f4:
56:03:9b:6d:26:e2:83:59:8e:7a:29:0e:3c:ef:85:ba:eb:e0:
3e:dd:78:a9:91:29:a8:96:81:d7:13:c6:73:5f:31:ec:d1:69:
4c:55:de:22:af:d6:cf:cd:70:89:80:fb:df:fb:6e:ce:28:66:
8a:ea:b9:2b:75:56:30:a1:24:8c:99:2b:92:55:1c:46:0b:95:
0d:f0:c7:9f
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZ30Ic0SiIEW8fupEWRWb3a/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxNjE0NzBkMzliZTRiYTJkZDVkZjhmYTQ3YjE2Mzk2Mjc4
ZTY3MGEwHhcNMjYwNTA0MTc1NTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTNiMzg0ODlkYWMwNjQ3ODU0ZjM5MDUxNTRjZTE0M2FmNzBkMTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1RH7GhNZJvSrEubPARbJ3ItOws9k
frDN9U4nDSxU91x4haFuVhiAZQjRy18Pum/HLhydDvEgzAPNq3maYuB3qOAwSQDi
sn18Aip3iFBQB9exWsUkUj4Dp/Wa92Vqtupi0yUFpXG8nYZK1RNyQjHNGu8s2Uqu
fTJjVo/atw3576NMvVRdWVrmz9joeeCDh7ulUdp0qp/F76ocHmxHxvr+RdZkc/na
y1B2IkQs8OLCLnoN0+XJLoLvwGx8B8/rACvUlhTJPH9cRG1EE0/6UGn7UB2tqOHC
KDncbEhsRD/cZZmABCFFv87aKxp4iZBEpq0rbP4LnGv1A52OFZ1KV3jgvQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFL47OEidrAZHhU85BRVM4UOvcNF1MB8GA1UdIwQY
MBaAFGFhRw05vkui3V34+kexY5YnjmcKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVdGSERUbS1TNkxkWGZqNlI3RmpsaWVPWndvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9lNTE4NTYtZTUyZS00YjI0LThjOTkt
YzI0MGJmYzljYmMxLzEvdmpzNFNKMnNCa2VGVHprRkZVemhRNjl3MFhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9lNTE4NTYtZTUyZS00YjI0LThjOTktYzI0MGJmYzljYmMx
LzEvWVdGSERUbS1TNkxkWGZqNlI3RmpsaWVPWndvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzAsBAIAATAmAwQCPqScAwQA
WX7oAwQBW7z6MAwDBABbyvUDBANbyvADBAK5bRwwFwQCAAIwEQMHACoMbsAKAQMG
ACoMbsALMA0GCSqGSIb3DQEBCwUAA4IBAQCxVXB3udJSOynbbEhmSS0hq1CMYrq9
V3iU8ss6XFKAIsfYGyciMP6wYJ+WKon500mllcBQsG5rtoq3qswKdg5dxuLpdmu2
xHUx57hbLFZH81cRu/UrcHx2LSjVJCOe+r57PnBv/brgJcAsvmgJAKza5QGJTE12
Ma7tjgx0SZG4kyikidd1ztZeXM3tZWOIrdSaYw9ZX/dT6cf62YNF35TA3By0PX4R
6vtEODC8QSB8Ncu5ifRWA5ttJuKDWY56KQ4874W66+A+3XipkSmoloHXE8ZzXzHs
0WlMVd4ir9bPzXCJgPvf+27OKGaK6rkrdVYwoSSMmSuSVRxGC5UN8Mef
-----END CERTIFICATE-----
Generated at Wed May 13 03:16:32 2026 by rpki-client