Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/vSQI8aeWI14r_sJ8b9o2QgEO_BI.roa
File: vSQI8aeWI14r_sJ8b9o2QgEO_BI.roa (raw, json)
Hash identifier: oiaQsMRtgp1rem+ZyltK5SLqiX97thYBgEBpvq3aaYc=
Subject key identifier: BD:24:08:F1:A7:96:23:5E:2B:FE:C2:7C:6F:DA:36:42:01:0E:FC:12
Certificate issuer: /CN=e9aab1446100a8fce03df19d755e06329ee24713
Certificate serial: 019DDE0E4209E6D8F0B9C9FFBBDEA68F382F
Authority key identifier: E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/vSQI8aeWI14r_sJ8b9o2QgEO_BI.roa
Signing time: Thu 30 Apr 2026 11:02:49 +0000
ROA not before: Thu 30 Apr 2026 11:02:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49282
IP address blocks: 85.194.204.0/22 maxlen: 22
95.175.96.0/19 maxlen: 19
164.215.32.0/21 maxlen: 21
185.18.76.0/22 maxlen: 22
185.162.156.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/6aqxRGEAqPzgPfGddV4GMp7iRxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/6aqxRGEAqPzgPfGddV4GMp7iRxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 05:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:de:0e:42:09:e6:d8:f0:b9:c9:ff:bb:de:a6:8f:38:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9aab1446100a8fce03df19d755e06329ee24713
Validity
Not Before: Apr 30 11:02:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bd2408f1a796235e2bfec27c6fda3642010efc12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:66:83:8a:4e:01:f6:9a:53:8a:0a:0f:c8:ca:
d3:83:37:35:8b:08:9d:4e:ca:cb:93:15:9e:3c:93:
98:9b:9d:cb:1c:6a:14:34:50:fb:77:97:1a:d5:e8:
cd:c6:02:66:78:d5:1e:01:45:65:d6:96:e1:48:9d:
2b:cb:9a:05:f6:cb:59:ce:7b:26:7d:dd:ab:9e:5d:
14:4f:99:d0:a5:ac:22:ed:7a:e3:de:89:30:bf:c4:
e6:61:bc:91:bb:24:fe:6f:26:08:56:a4:92:30:d1:
d1:6d:ba:97:e3:0e:7e:a6:a2:a0:be:43:2d:6f:15:
2e:9a:a9:42:4e:6e:14:c9:78:7c:16:f5:5e:05:4a:
10:0e:39:28:52:ce:c7:83:40:fd:51:6b:5d:49:52:
22:dc:01:a6:9f:b7:66:ed:e3:04:b8:65:cb:12:27:
3c:23:a4:f2:97:05:0b:6d:4a:bc:0f:ec:2e:cc:1d:
06:67:aa:17:8e:e6:c8:52:22:a9:af:ec:a1:0f:97:
81:ed:0c:3f:d0:df:99:90:fe:19:a1:dc:96:ce:e1:
0d:31:76:71:dc:86:e3:7b:3f:31:a7:0f:c3:b3:e0:
ba:bf:90:e6:b8:a9:f7:c4:2a:2f:1f:e6:ee:6c:3c:
77:94:4e:47:26:1c:fe:e4:b0:9f:63:00:75:2f:17:
ed:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:24:08:F1:A7:96:23:5E:2B:FE:C2:7C:6F:DA:36:42:01:0E:FC:12
X509v3 Authority Key Identifier:
keyid:E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/vSQI8aeWI14r_sJ8b9o2QgEO_BI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/6aqxRGEAqPzgPfGddV4GMp7iRxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.194.204.0/22
95.175.96.0/19
164.215.32.0/21
185.18.76.0/22
185.162.156.0/22
Signature Algorithm: sha256WithRSAEncryption
23:23:a0:eb:50:b8:1a:54:4e:cc:a5:b0:bc:f8:74:82:70:b9:
8a:ba:94:aa:d9:bc:33:53:4e:fc:5b:36:08:bf:b3:45:90:80:
67:16:7e:65:a5:90:d0:24:b5:42:56:67:f5:45:6f:b3:4d:50:
2d:03:ab:6d:bb:e0:54:c9:04:0a:99:3a:ee:d6:c5:19:79:5e:
61:fb:e5:c9:86:0c:97:53:b0:e0:07:30:af:8c:60:bb:c3:63:
65:4b:6b:70:b3:ae:d3:d5:4f:d9:57:d9:dc:2a:17:77:f9:2d:
dd:5c:ee:12:fa:0c:67:6c:ce:6d:cc:8f:5f:90:aa:d7:f8:5c:
8a:e8:c0:9a:14:3f:43:c7:54:7c:09:4a:b6:75:9e:4c:a8:ed:
28:05:0c:33:de:d4:7e:97:88:94:de:64:1b:31:f7:59:49:b9:
00:1f:93:09:8d:b8:a0:fe:c4:11:aa:d6:81:55:bb:a2:8b:41:
70:67:e5:b7:2f:bc:b4:4c:ac:2a:22:ee:9d:9b:f1:f7:22:c5:
14:46:d0:f8:0e:23:ca:f4:66:74:75:2f:af:3e:05:a7:c6:36:
72:04:85:07:ad:39:3e:b4:c2:28:34:06:be:a4:d7:30:f8:fe:
d6:73:59:f0:15:21:1f:c6:b4:d6:f9:3d:52:4a:ec:85:0a:9f:
f1:d6:8f:f8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ3eDkIJ5tjwucn/u96mjzgvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YWFiMTQ0NjEwMGE4ZmNlMDNkZjE5ZDc1NWUwNjMyOWVl
MjQ3MTMwHhcNMjYwNDMwMTEwMjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDI0MDhmMWE3OTYyMzVlMmJmZWMyN2M2ZmRhMzY0MjAxMGVmYzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2aDik4B9ppTigoPyMrTgzc1iwid
TsrLkxWePJOYm53LHGoUNFD7d5ca1ejNxgJmeNUeAUVl1pbhSJ0ry5oF9stZznsm
fd2rnl0UT5nQpawi7Xrj3okwv8TmYbyRuyT+byYIVqSSMNHRbbqX4w5+pqKgvkMt
bxUumqlCTm4UyXh8FvVeBUoQDjkoUs7Hg0D9UWtdSVIi3AGmn7dm7eMEuGXLEic8
I6TylwULbUq8D+wuzB0GZ6oXjubIUiKpr+yhD5eB7Qw/0N+ZkP4ZodyWzuENMXZx
3Ibjez8xpw/Ds+C6v5DmuKn3xCovH+bubDx3lE5HJhz+5LCfYwB1LxftPwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFL0kCPGnliNeK/7CfG/aNkIBDvwSMB8GA1UdIwQY
MBaAFOmqsURhAKj84D3xnXVeBjKe4kcTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmFxeFJHRUFxUHpnUGZHZGRWNEdNcDdpUnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83MWUwOWMtMjhmMy00ODI1LTgwNmYt
YTBkYzM1NGY0Y2EzLzEvdlNRSThhZVdJMTRyX3NKOGI5bzJRZ0VPX0JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS83MWUwOWMtMjhmMy00ODI1LTgwNmYtYTBkYzM1NGY0Y2Ez
LzEvNmFxeFJHRUFxUHpnUGZHZGRWNEdNcDdpUnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCVcLMAwQF
X69gAwQDpNcgAwQCuRJMAwQCuaKcMA0GCSqGSIb3DQEBCwUAA4IBAQAjI6DrULga
VE7MpbC8+HSCcLmKupSq2bwzU078WzYIv7NFkIBnFn5lpZDQJLVCVmf1RW+zTVAt
A6ttu+BUyQQKmTru1sUZeV5h++XJhgyXU7DgBzCvjGC7w2NlS2tws67T1U/ZV9nc
Khd3+S3dXO4S+gxnbM5tzI9fkKrX+FyK6MCaFD9Dx1R8CUq2dZ5MqO0oBQwz3tR+
l4iU3mQbMfdZSbkAH5MJjbig/sQRqtaBVbuii0FwZ+W3L7y0TKwqIu6dm/H3IsUU
RtD4DiPK9GZ0dS+vPgWnxjZyBIUHrTk+tMIoNAa+pNcw+P7Wc1nwFSEfxrTW+T1S
SuyFCp/x1o/4
-----END CERTIFICATE-----
Generated at Wed May 13 12:25:42 2026 by rpki-client