Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/VrAK-3V8CNeDpB5qVeCvMUDkHWY.roa
File: VrAK-3V8CNeDpB5qVeCvMUDkHWY.roa (raw, json)
Hash identifier: LENa2mgDZKaaSJWhIwKS7EyivXKjCiNw/jcO9yMBo6I=
Subject key identifier: 56:B0:0A:FB:75:7C:08:D7:83:A4:1E:6A:55:E0:AF:31:40:E4:1D:66
Certificate issuer: /CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Certificate serial: 0198A23DA1026A8DBEC1EB1F710E18A97B66
Authority key identifier: 03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/VrAK-3V8CNeDpB5qVeCvMUDkHWY.roa
Signing time: Wed 13 Aug 2025 07:03:24 +0000
ROA not before: Wed 13 Aug 2025 07:03:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34696
IP address blocks: 185.128.60.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a2:3d:a1:02:6a:8d:be:c1:eb:1f:71:0e:18:a9:7b:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03cbdb0595fc48902938a78f42c1eaf0a159bf46
Validity
Not Before: Aug 13 07:03:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56b00afb757c08d783a41e6a55e0af3140e41d66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:b3:09:5a:1e:bd:8a:e5:58:12:c2:b3:64:82:
fc:90:ea:61:fd:53:ee:57:8a:27:3d:05:15:1c:6d:
c6:69:af:3c:fe:0d:f4:9d:02:d1:3f:62:25:2c:3c:
36:3f:6d:e3:96:34:86:43:20:e2:c5:9f:a0:7a:51:
bf:8f:10:bf:08:56:7b:44:ee:8e:3c:18:bc:2a:93:
8d:10:7e:5c:5c:c0:b1:d0:59:24:b4:9c:7c:d7:f5:
e3:a9:a5:29:3d:62:e0:6d:ce:a3:fd:84:4f:04:02:
71:26:d5:4b:e3:0f:7e:2e:2a:38:1c:ca:d3:d3:c0:
b5:16:85:9d:0a:fe:64:e6:94:19:67:e1:c3:ea:1d:
01:f5:0a:2b:7a:51:c7:0d:8e:ce:e7:67:e1:b4:79:
92:3c:06:aa:7c:74:09:8d:41:94:cd:ef:f9:29:b6:
86:42:74:7a:29:e4:48:66:fb:15:3a:78:f6:0c:89:
f7:74:77:66:7a:72:2c:2b:23:e1:a3:f1:2d:d1:17:
b4:d8:b2:88:10:e8:64:38:de:a9:7d:86:0a:0f:45:
d8:d0:8a:75:ad:69:e2:a8:0e:5d:2e:ce:b1:2a:d2:
5b:50:71:7a:37:f8:e7:89:31:21:71:7a:27:85:94:
aa:0c:c3:1f:3d:9b:04:05:35:52:27:7b:26:99:87:
84:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B0:0A:FB:75:7C:08:D7:83:A4:1E:6A:55:E0:AF:31:40:E4:1D:66
X509v3 Authority Key Identifier:
keyid:03:CB:DB:05:95:FC:48:90:29:38:A7:8F:42:C1:EA:F0:A1:59:BF:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A8vbBZX8SJApOKePQsHq8KFZv0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/VrAK-3V8CNeDpB5qVeCvMUDkHWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4a7d7f-886d-4bdf-83d6-f66138066358/1/A8vbBZX8SJApOKePQsHq8KFZv0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.60.0/22
Signature Algorithm: sha256WithRSAEncryption
32:95:6b:5e:d5:f5:8b:7a:05:fd:a2:01:20:7f:94:6c:cb:24:
32:61:e9:a2:56:51:d8:ed:8a:a3:a6:8f:80:c8:cb:ee:37:db:
3c:db:54:18:34:85:60:a3:80:82:9b:8d:e2:f0:d2:bd:5f:d0:
c5:22:01:26:55:7b:10:17:0d:f8:4e:ff:c2:ae:e6:98:c2:6e:
a9:22:5f:2d:55:76:47:6a:d6:b8:ed:76:c9:ca:0c:85:05:4f:
c4:d9:29:20:c5:e1:b2:dd:74:f9:95:3f:40:9f:30:10:8e:67:
23:8d:b1:0c:75:c5:ca:7f:05:ce:4d:39:62:10:62:a8:b6:27:
5d:2b:10:ef:6f:e3:ac:8a:64:81:a1:bc:88:d2:4f:12:91:cc:
48:13:32:43:44:1a:1e:1d:b5:91:e4:b2:b2:33:21:6a:2e:e9:
3d:53:02:de:b4:cb:56:61:51:17:c8:05:77:30:33:08:34:ca:
76:6c:d9:49:14:4d:04:23:e5:12:c4:b7:2a:f4:2c:41:8c:01:
de:ee:71:95:30:97:b0:ed:e6:a5:89:03:68:8b:20:93:e4:bf:
20:7b:0b:37:0b:e5:39:9f:62:fa:80:2c:0a:ce:a6:59:0f:08:
06:a5:d9:28:e6:a5:62:9f:18:8f:01:71:f3:3d:8a:9c:01:5b:
06:11:16:4a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZiiPaECao2+wesfcQ4YqXtmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzY2JkYjA1OTVmYzQ4OTAyOTM4YTc4ZjQyYzFlYWYwYTE1
OWJmNDYwHhcNMjUwODEzMDcwMzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmIwMGFmYjc1N2MwOGQ3ODNhNDFlNmE1NWUwYWYzMTQwZTQxZDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurMJWh69iuVYEsKzZIL8kOph/VPu
V4onPQUVHG3Gaa88/g30nQLRP2IlLDw2P23jljSGQyDixZ+gelG/jxC/CFZ7RO6O
PBi8KpONEH5cXMCx0FkktJx81/XjqaUpPWLgbc6j/YRPBAJxJtVL4w9+Lio4HMrT
08C1FoWdCv5k5pQZZ+HD6h0B9QorelHHDY7O52fhtHmSPAaqfHQJjUGUze/5KbaG
QnR6KeRIZvsVOnj2DIn3dHdmenIsKyPho/Et0Re02LKIEOhkON6pfYYKD0XY0Ip1
rWniqA5dLs6xKtJbUHF6N/jniTEhcXonhZSqDMMfPZsEBTVSJ3smmYeEDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFawCvt1fAjXg6QealXgrzFA5B1mMB8GA1UdIwQY
MBaAFAPL2wWV/EiQKTinj0LB6vChWb9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYt
ZjY2MTM4MDY2MzU4LzEvVnJBSy0zVjhDTmVEcEI1cVZlQ3ZNVURrSFdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My80YTdkN2YtODg2ZC00YmRmLTgzZDYtZjY2MTM4MDY2MzU4
LzEvQTh2YkJaWDhTSkFwT0tlUFFzSHE4S0ZadjBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYA8MA0G
CSqGSIb3DQEBCwUAA4IBAQAylWte1fWLegX9ogEgf5RsyyQyYemiVlHY7Yqjpo+A
yMvuN9s821QYNIVgo4CCm43i8NK9X9DFIgEmVXsQFw34Tv/CruaYwm6pIl8tVXZH
ata47XbJygyFBU/E2SkgxeGy3XT5lT9AnzAQjmcjjbEMdcXKfwXOTTliEGKotidd
KxDvb+OsimSBobyI0k8SkcxIEzJDRBoeHbWR5LKyMyFqLuk9UwLetMtWYVEXyAV3
MDMINMp2bNlJFE0EI+USxLcq9CxBjAHe7nGVMJew7ealiQNoiyCT5L8gews3C+U5
n2L6gCwKzqZZDwgGpdko5qVinxiPAXHzPYqcAVsGERZK
-----END CERTIFICATE-----
Generated at Sat Aug 23 23:45:31 2025 by rpki-client