Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/33e200-886b-427f-b9ed-ad9cffcebf1b/1/vLHvO7nk703n1iEe79-rWj-ouAg.roa
File: vLHvO7nk703n1iEe79-rWj-ouAg.roa (raw, json)
Hash identifier: z05JBWptG6UDe/d2SgY5u2FZkYfNtJGPDBRKDKb40nc=
Subject key identifier: BC:B1:EF:3B:B9:E4:EF:4D:E7:D6:21:1E:EF:DF:AB:5A:3F:A8:B8:08
Certificate issuer: /CN=63c35c89ed4ae9a3d641b11cbe6ad0fcbe932655
Certificate serial: 019B77595F99AC67F1F7B23C3FC1A65670BC
Authority key identifier: 63:C3:5C:89:ED:4A:E9:A3:D6:41:B1:1C:BE:6A:D0:FC:BE:93:26:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y8Ncie1K6aPWQbEcvmrQ_L6TJlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/33e200-886b-427f-b9ed-ad9cffcebf1b/1/vLHvO7nk703n1iEe79-rWj-ouAg.roa
Signing time: Thu 01 Jan 2026 02:18:24 +0000
ROA not before: Thu 01 Jan 2026 02:18:24 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199061
IP address blocks: 176.122.212.0/22 maxlen: 24
176.122.224.0/20 maxlen: 24
176.122.225.0/24 maxlen: 32
2001:67c:618::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/33e200-886b-427f-b9ed-ad9cffcebf1b/1/Y8Ncie1K6aPWQbEcvmrQ_L6TJlU.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/33e200-886b-427f-b9ed-ad9cffcebf1b/1/Y8Ncie1K6aPWQbEcvmrQ_L6TJlU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y8Ncie1K6aPWQbEcvmrQ_L6TJlU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:77:59:5f:99:ac:67:f1:f7:b2:3c:3f:c1:a6:56:70:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63c35c89ed4ae9a3d641b11cbe6ad0fcbe932655
Validity
Not Before: Jan 1 02:18:24 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bcb1ef3bb9e4ef4de7d6211eefdfab5a3fa8b808
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:e4:1a:10:41:0c:1b:e5:35:b5:98:31:c7:f1:
f4:59:eb:78:0a:7a:d9:b9:8b:a2:b4:59:0a:cb:1c:
d2:9e:27:4e:38:76:7d:ad:77:07:fb:5b:6c:fc:36:
05:1d:0b:32:37:6a:fc:9d:73:0c:cb:fc:c3:39:52:
40:eb:d2:61:a7:cf:2b:11:cb:30:bb:23:94:bc:dc:
0e:51:17:93:05:72:a2:fd:44:66:af:e0:2b:d3:73:
7d:78:95:9e:fd:b2:18:22:6e:78:9e:40:73:b6:f5:
ad:df:dd:aa:a2:c2:5a:b8:af:19:27:38:5a:0c:a1:
e9:e9:de:6b:d0:bf:41:7b:cb:74:92:68:9e:08:c8:
41:0c:fb:87:c2:e3:0b:89:f9:14:6a:a9:fe:10:90:
9f:ce:4e:67:e0:8e:2d:dc:a1:80:4f:12:50:60:e3:
68:97:c6:e6:79:34:64:1d:0a:79:b5:d3:ad:f0:e3:
19:cf:fb:66:20:cf:d2:0e:1e:af:60:10:db:8a:fa:
51:6f:5a:8f:9f:37:fc:54:de:8a:74:85:6d:a8:bc:
77:14:af:90:38:33:2b:25:d4:24:c6:85:89:5a:74:
30:51:c9:1e:4c:b7:81:43:7e:2e:2a:78:c0:5a:87:
ec:ba:5f:c8:6e:e0:9c:f2:e1:8b:79:b1:2e:27:26:
84:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:B1:EF:3B:B9:E4:EF:4D:E7:D6:21:1E:EF:DF:AB:5A:3F:A8:B8:08
X509v3 Authority Key Identifier:
keyid:63:C3:5C:89:ED:4A:E9:A3:D6:41:B1:1C:BE:6A:D0:FC:BE:93:26:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y8Ncie1K6aPWQbEcvmrQ_L6TJlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/33e200-886b-427f-b9ed-ad9cffcebf1b/1/vLHvO7nk703n1iEe79-rWj-ouAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/33e200-886b-427f-b9ed-ad9cffcebf1b/1/Y8Ncie1K6aPWQbEcvmrQ_L6TJlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.122.212.0/22
176.122.224.0/20
IPv6:
2001:67c:618::/48
Signature Algorithm: sha256WithRSAEncryption
22:9a:df:2a:d4:3a:1e:9f:b9:8e:d6:2c:bf:d9:60:42:36:e5:
4a:cc:f4:b8:bb:fd:4e:3f:2f:37:04:9d:b2:10:52:a0:0d:20:
dc:7d:c8:92:61:e3:bf:ad:d4:88:e4:8e:01:2e:52:26:69:9e:
c4:a8:6b:2e:d5:eb:f7:e1:5c:b3:9e:dd:33:74:e0:98:65:09:
af:aa:3c:a4:41:b7:be:9b:71:80:bf:3c:dd:a1:79:0a:cb:0b:
1a:4b:32:46:50:38:eb:16:71:25:15:9e:6f:75:80:96:f2:69:
b7:77:bf:90:03:57:8e:54:7c:d1:a0:95:73:50:48:eb:44:f1:
5e:54:a9:2e:64:62:f3:c4:50:bf:be:cb:65:50:62:52:8b:3d:
bc:fa:8c:65:55:0e:41:3e:35:fb:b4:0c:ab:aa:1c:02:08:ae:
6a:ee:97:f5:30:d7:fe:57:b3:ab:ef:c3:d5:ca:8d:8a:a2:8c:
f2:4b:c3:d9:d4:df:22:05:70:41:6c:16:74:41:00:0b:ab:1b:
42:e5:b8:bd:58:70:ac:ca:01:ce:aa:85:45:0f:1c:bc:10:10:
51:03:ef:37:6f:fe:f8:4e:2c:86:b3:6b:4c:42:fe:a3:ef:4f:
78:5c:8d:78:fc:90:03:a9:a8:bd:03:64:bf:a7:08:91:76:24:
80:ea:a2:1f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZt3WV+ZrGfx97I8P8GmVnC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYzM1Yzg5ZWQ0YWU5YTNkNjQxYjExY2JlNmFkMGZjYmU5
MzI2NTUwHhcNMjYwMTAxMDIxODI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2IxZWYzYmI5ZTRlZjRkZTdkNjIxMWVlZmRmYWI1YTNmYThiODA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7+QaEEEMG+U1tZgxx/H0Wet4CnrZ
uYuitFkKyxzSnidOOHZ9rXcH+1ts/DYFHQsyN2r8nXMMy/zDOVJA69Jhp88rEcsw
uyOUvNwOUReTBXKi/URmr+Ar03N9eJWe/bIYIm54nkBztvWt392qosJauK8ZJzha
DKHp6d5r0L9Be8t0kmieCMhBDPuHwuMLifkUaqn+EJCfzk5n4I4t3KGATxJQYONo
l8bmeTRkHQp5tdOt8OMZz/tmIM/SDh6vYBDbivpRb1qPnzf8VN6KdIVtqLx3FK+Q
ODMrJdQkxoWJWnQwUckeTLeBQ34uKnjAWofsul/IbuCc8uGLebEuJyaEdwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLyx7zu55O9N59YhHu/fq1o/qLgIMB8GA1UdIwQY
MBaAFGPDXIntSumj1kGxHL5q0Py+kyZVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWThOY2llMUs2YVBXUWJFY3ZtclFfTDZUSmxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8zM2UyMDAtODg2Yi00MjdmLWI5ZWQt
YWQ5Y2ZmY2ViZjFiLzEvdkxIdk83bms3MDNuMWlFZTc5LXJXai1vdUFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8zM2UyMDAtODg2Yi00MjdmLWI5ZWQtYWQ5Y2ZmY2ViZjFi
LzEvWThOY2llMUs2YVBXUWJFY3ZtclFfTDZUSmxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCsHrUAwQE
sHrgMA8EAgACMAkDBwAgAQZ8BhgwDQYJKoZIhvcNAQELBQADggEBACKa3yrUOh6f
uY7WLL/ZYEI25UrM9Li7/U4/LzcEnbIQUqANINx9yJJh47+t1IjkjgEuUiZpnsSo
ay7V6/fhXLOe3TN04JhlCa+qPKRBt76bcYC/PN2heQrLCxpLMkZQOOsWcSUVnm91
gJbyabd3v5ADV45UfNGglXNQSOtE8V5UqS5kYvPEUL++y2VQYlKLPbz6jGVVDkE+
Nfu0DKuqHAIIrmrul/Uw1/5Xs6vvw9XKjYqijPJLw9nU3yIFcEFsFnRBAAurG0Ll
uL1YcKzKAc6qhUUPHLwQEFED7zdv/vhOLIaza0xC/qPvT3hcjXj8kAOpqL0DZL+n
CJF2JIDqoh8=
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:34:16 2026 by rpki-client