Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/vkrMhuf_Nwa-DHFTVc7CunyiQxI.roa
File: vkrMhuf_Nwa-DHFTVc7CunyiQxI.roa (raw, json)
Hash identifier: K2VF0naJWK7Qtyx/C6l0KfqLVoX8m+LdPWumnPHJSTU=
Subject key identifier: BE:4A:CC:86:E7:FF:37:06:BE:0C:71:53:55:CE:C2:BA:7C:A2:43:12
Certificate issuer: /CN=a5841cc732ac738dc1e3fe67c12e5104bef863ba
Certificate serial: 0198A8F76D26BC5C327D2ED1D06313A7FA73
Authority key identifier: A5:84:1C:C7:32:AC:73:8D:C1:E3:FE:67:C1:2E:51:04:BE:F8:63:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pYQcxzKsc43B4_5nwS5RBL74Y7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/vkrMhuf_Nwa-DHFTVc7CunyiQxI.roa
Signing time: Thu 14 Aug 2025 14:24:04 +0000
ROA not before: Thu 14 Aug 2025 14:24:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206880
IP address blocks: 109.104.113.0/24 maxlen: 24
193.164.147.0/24 maxlen: 24
2a12:6ac0:5121::/48 maxlen: 48
2a12:6ac0:dc10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/pYQcxzKsc43B4_5nwS5RBL74Y7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/pYQcxzKsc43B4_5nwS5RBL74Y7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/pYQcxzKsc43B4_5nwS5RBL74Y7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a8:f7:6d:26:bc:5c:32:7d:2e:d1:d0:63:13:a7:fa:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5841cc732ac738dc1e3fe67c12e5104bef863ba
Validity
Not Before: Aug 14 14:24:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be4acc86e7ff3706be0c715355cec2ba7ca24312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:da:75:4f:46:49:69:b2:56:dd:32:76:fa:2c:
af:18:64:2e:ce:bc:b1:a1:c6:bc:f7:b1:51:0c:33:
67:1b:2e:ba:43:69:d5:c9:29:07:8b:78:83:71:95:
5a:05:ce:06:2e:b6:9a:a9:ee:d4:7e:4e:ed:c2:25:
02:53:28:27:00:80:dc:9b:ed:49:a9:29:a9:c1:91:
a0:f0:25:71:fb:a2:be:50:54:25:96:1c:54:32:6b:
58:c1:ee:53:c0:2c:74:21:00:c4:e0:0f:22:bd:bc:
b8:c4:46:73:64:a4:d2:56:b3:85:e4:3f:6e:09:67:
58:d6:7d:45:e0:2f:4f:e1:70:4f:a8:00:5f:21:3a:
79:ce:a1:ce:02:9d:f5:09:fe:d4:38:91:13:53:17:
49:b1:23:38:34:ad:1a:86:cd:af:bc:cb:1a:86:3e:
af:b3:c4:8c:6d:41:9b:99:42:8f:0c:ff:88:25:f7:
5a:90:b3:06:81:f2:ac:7a:6e:39:b2:ba:ad:c6:df:
22:3d:c7:8d:4c:22:10:6b:81:0e:e8:a3:6f:7f:91:
76:0d:6b:16:06:89:0c:89:42:50:6c:b4:27:07:56:
10:5a:2a:60:66:52:d3:ff:37:fc:af:47:eb:87:65:
7f:3c:c1:d9:e0:45:e4:a3:f1:bd:d9:c1:32:22:a0:
2a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:4A:CC:86:E7:FF:37:06:BE:0C:71:53:55:CE:C2:BA:7C:A2:43:12
X509v3 Authority Key Identifier:
keyid:A5:84:1C:C7:32:AC:73:8D:C1:E3:FE:67:C1:2E:51:04:BE:F8:63:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pYQcxzKsc43B4_5nwS5RBL74Y7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/vkrMhuf_Nwa-DHFTVc7CunyiQxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/141a2a-194b-402b-92dd-66660b222fb0/1/pYQcxzKsc43B4_5nwS5RBL74Y7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.113.0/24
193.164.147.0/24
IPv6:
2a12:6ac0:5121::/48
2a12:6ac0:dc10::/48
Signature Algorithm: sha256WithRSAEncryption
1f:8a:26:19:cc:7f:6b:5d:03:a4:e7:00:eb:d7:4e:47:84:b4:
d8:2a:1f:01:80:92:1d:bd:18:55:f0:a1:3a:8f:a6:21:e3:0d:
51:c1:e7:29:1e:a7:8f:67:c5:84:b6:0d:83:0b:18:90:2b:cd:
bd:fd:da:86:d9:da:57:d3:11:d7:d7:aa:9e:55:ad:aa:3f:fa:
c5:16:b1:c9:db:71:9d:83:40:56:7e:5f:b3:a7:7b:79:a9:9b:
43:25:80:80:6a:2b:98:26:0d:0e:d8:f3:6c:df:96:7e:54:6c:
c6:fe:c2:ed:77:ba:c3:44:fc:80:e7:60:fd:d1:25:ee:7c:c1:
60:23:9c:0e:85:6b:6d:6e:17:00:99:82:dc:4d:7a:71:69:8c:
fe:46:03:3d:09:9f:3e:df:38:5f:a9:4a:cd:d5:5a:ae:90:9d:
30:68:7a:ef:15:20:1c:a1:3c:f1:59:98:8e:45:55:5c:77:72:
38:6e:fc:ee:58:02:b0:9e:4f:d8:b6:b4:0c:5f:7f:50:32:f1:
78:dc:6e:c7:bf:50:e4:d9:af:00:f6:43:6b:84:44:40:7b:06:
b8:de:38:7a:9a:59:e5:ed:62:10:82:e2:24:98:48:2a:af:83:
18:06:0c:07:c0:ab:5c:5c:36:24:35:da:27:c6:b3:a0:8d:9b:
d0:96:f1:b3
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZio920mvFwyfS7R0GMTp/pzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ODQxY2M3MzJhYzczOGRjMWUzZmU2N2MxMmU1MTA0YmVm
ODYzYmEwHhcNMjUwODE0MTQyNDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTRhY2M4NmU3ZmYzNzA2YmUwYzcxNTM1NWNlYzJiYTdjYTI0MzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNp1T0ZJabJW3TJ2+iyvGGQuzryx
oca897FRDDNnGy66Q2nVySkHi3iDcZVaBc4GLraaqe7Ufk7twiUCUygnAIDcm+1J
qSmpwZGg8CVx+6K+UFQllhxUMmtYwe5TwCx0IQDE4A8ivby4xEZzZKTSVrOF5D9u
CWdY1n1F4C9P4XBPqABfITp5zqHOAp31Cf7UOJETUxdJsSM4NK0ahs2vvMsahj6v
s8SMbUGbmUKPDP+IJfdakLMGgfKsem45srqtxt8iPceNTCIQa4EO6KNvf5F2DWsW
BokMiUJQbLQnB1YQWipgZlLT/zf8r0frh2V/PMHZ4EXko/G92cEyIqAqbQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFL5KzIbn/zcGvgxxU1XOwrp8okMSMB8GA1UdIwQY
MBaAFKWEHMcyrHONweP+Z8EuUQS++GO6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFlRY3h6S3NjNDNCNF81bndTNVJCTDc0WTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8xNDFhMmEtMTk0Yi00MDJiLTkyZGQt
NjY2NjBiMjIyZmIwLzEvdmtyTWh1Zl9Od2EtREhGVFZjN0N1bnlpUXhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8xNDFhMmEtMTk0Yi00MDJiLTkyZGQtNjY2NjBiMjIyZmIw
LzEvcFlRY3h6S3NjNDNCNF81bndTNVJCTDc0WTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAbWhxAwQA
waSTMBgEAgACMBIDBwAqEmrAUSEDBwAqEmrA3BAwDQYJKoZIhvcNAQELBQADggEB
AB+KJhnMf2tdA6TnAOvXTkeEtNgqHwGAkh29GFXwoTqPpiHjDVHB5ykep49nxYS2
DYMLGJArzb392obZ2lfTEdfXqp5Vrao/+sUWscnbcZ2DQFZ+X7One3mpm0MlgIBq
K5gmDQ7Y82zfln5UbMb+wu13usNE/IDnYP3RJe58wWAjnA6Fa21uFwCZgtxNenFp
jP5GAz0Jnz7fOF+pSs3VWq6QnTBoeu8VIByhPPFZmI5FVVx3cjhu/O5YArCeT9i2
tAxff1Ay8Xjcbse/UOTZrwD2Q2uEREB7BrjeOHqaWeXtYhCC4iSYSCqvgxgGDAfA
q1xcNiQ12ifGs6CNm9CW8bM=
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:10:39 2025 by rpki-client