Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vhKzDsJmK3VvH-GBl_kIzwbqSPI.roa
File: vhKzDsJmK3VvH-GBl_kIzwbqSPI.roa (raw, json)
Hash identifier: 00tEDQGE8xPIm3m5EZHXnxIXRyR9c2lWBnOwyFU8i5M=
Subject key identifier: BE:12:B3:0E:C2:66:2B:75:6F:1F:E1:81:97:F9:08:CF:06:EA:48:F2
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01992E994D80A2F37FDE0F64C8B15D843392
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vhKzDsJmK3VvH-GBl_kIzwbqSPI.roa
Signing time: Tue 09 Sep 2025 13:10:22 +0000
ROA not before: Tue 09 Sep 2025 13:10:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60777
IP address blocks: 93.170.0.0/24 maxlen: 24
93.170.25.0/24 maxlen: 24
95.46.108.0/24 maxlen: 24
95.46.124.0/24 maxlen: 24
95.47.136.0/24 maxlen: 24
2a02:128:4200::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2e:99:4d:80:a2:f3:7f:de:0f:64:c8:b1:5d:84:33:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Sep 9 13:10:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be12b30ec2662b756f1fe18197f908cf06ea48f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:66:b7:36:80:2e:39:80:1a:eb:c3:d8:32:2f:
9a:21:fa:60:6d:29:67:14:f6:f8:ab:22:bf:73:53:
5a:43:8f:f3:68:fd:8d:4f:79:97:27:f3:8f:ac:0f:
17:f2:51:96:bb:5d:e9:61:70:cf:e3:bf:fc:b0:7e:
27:02:15:51:ef:38:70:f7:2d:84:78:6b:a1:7d:92:
ab:40:4e:b4:4d:a7:bd:16:1e:c5:04:74:73:48:91:
11:52:9f:05:57:11:71:e0:cc:4c:43:18:30:5c:de:
49:8a:70:fb:96:18:1a:63:24:11:0c:33:fc:df:f5:
71:c3:5a:4d:01:43:83:24:e5:4d:f9:1c:22:42:92:
df:63:f7:35:2a:10:26:b8:fe:73:9c:71:be:86:75:
0d:c9:51:a3:6b:ca:28:96:3a:08:29:00:36:36:a9:
03:3d:8e:8b:0a:fd:51:96:7e:5e:d5:16:92:60:96:
95:a1:30:2d:c6:7d:6c:e4:8b:b8:ff:34:a1:0e:9f:
da:48:cb:86:6f:43:df:87:eb:ee:31:23:00:1a:33:
5f:89:b8:88:0a:46:bf:20:8c:cd:13:15:db:4c:2b:
df:6d:d6:16:3b:f8:6c:ce:d9:3f:db:b9:74:18:25:
7f:23:f3:8f:ce:6c:a1:b9:de:af:a3:72:ab:67:b0:
7b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:12:B3:0E:C2:66:2B:75:6F:1F:E1:81:97:F9:08:CF:06:EA:48:F2
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/vhKzDsJmK3VvH-GBl_kIzwbqSPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.0.0/24
93.170.25.0/24
95.46.108.0/24
95.46.124.0/24
95.47.136.0/24
IPv6:
2a02:128:4200::/44
Signature Algorithm: sha256WithRSAEncryption
68:86:d8:06:65:7a:9a:dd:2a:66:94:c2:b9:c4:04:19:77:a3:
06:6b:ae:07:49:37:5f:8e:df:39:10:77:44:31:69:fe:3e:0e:
c2:8d:a8:ac:04:1d:49:3e:11:d3:95:55:75:65:ec:fd:e6:95:
2d:e2:27:96:5d:1c:f6:64:49:b1:ee:19:c0:bb:b6:8d:5a:80:
27:94:98:21:a2:37:36:c7:98:67:2e:27:c0:3b:97:f5:f8:61:
47:e7:fa:04:7a:3d:bd:c8:c3:43:76:3d:61:da:3a:e2:b4:5a:
ea:f3:a6:fe:1e:9a:cf:b7:23:b8:36:a1:a0:40:4f:ac:66:79:
15:f0:b6:29:c6:5a:d6:ee:4c:0e:82:7d:cd:80:0e:8f:e1:b6:
ec:36:eb:5e:06:19:e2:b6:cb:69:f5:93:3b:e0:32:bf:52:1f:
d6:17:96:70:44:92:58:a5:b9:f6:54:1c:14:b5:80:19:31:29:
2e:dc:8c:d0:b9:38:1c:b9:2d:8e:58:4e:54:de:3e:15:47:b2:
3f:5d:99:59:ce:41:64:d7:d8:75:cf:15:65:a4:a1:e6:9e:19:
77:b8:3c:95:83:ae:9e:3e:67:2e:c7:2f:01:0c:87:cf:fb:a4:
88:ba:d6:36:40:bb:5c:09:2c:0a:97:cb:b2:dd:e7:14:c6:2c:
07:46:38:ea
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZkumU2AovN/3g9kyLFdhDOSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwOTA5MTMxMDIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTEyYjMwZWMyNjYyYjc1NmYxZmUxODE5N2Y5MDhjZjA2ZWE0OGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGa3NoAuOYAa68PYMi+aIfpgbSln
FPb4qyK/c1NaQ4/zaP2NT3mXJ/OPrA8X8lGWu13pYXDP47/8sH4nAhVR7zhw9y2E
eGuhfZKrQE60Tae9Fh7FBHRzSJERUp8FVxFx4MxMQxgwXN5JinD7lhgaYyQRDDP8
3/Vxw1pNAUODJOVN+RwiQpLfY/c1KhAmuP5znHG+hnUNyVGja8ooljoIKQA2NqkD
PY6LCv1Rln5e1RaSYJaVoTAtxn1s5Iu4/zShDp/aSMuGb0Pfh+vuMSMAGjNfibiI
Cka/IIzNExXbTCvfbdYWO/hsztk/27l0GCV/I/OPzmyhud6vo3KrZ7B7/QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFL4Ssw7CZit1bx/hgZf5CM8G6kjyMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvdmhLekRzSm1LM1Z2SC1HQmxfa0l6d2JxU1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAXaoAAwQA
XaoZAwQAXy5sAwQAXy58AwQAXy+IMA8EAgACMAkDBwQqAgEoQgAwDQYJKoZIhvcN
AQELBQADggEBAGiG2AZleprdKmaUwrnEBBl3owZrrgdJN1+O3zkQd0Qxaf4+DsKN
qKwEHUk+EdOVVXVl7P3mlS3iJ5ZdHPZkSbHuGcC7to1agCeUmCGiNzbHmGcuJ8A7
l/X4YUfn+gR6Pb3Iw0N2PWHaOuK0Wurzpv4ems+3I7g2oaBAT6xmeRXwtinGWtbu
TA6Cfc2ADo/htuw2614GGeK2y2n1kzvgMr9SH9YXlnBEklilufZUHBS1gBkxKS7c
jNC5OBy5LY5YTlTePhVHsj9dmVnOQWTX2HXPFWWkoeaeGXe4PJWDrp4+Zy7HLwEM
h8/7pIi61jZAu1wJLAqXy7Ld5xTGLAdGOOo=
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:30:36 2025 by rpki-client