Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/vKriE8D7CoWGOAuEJjdCDHiphnM.roa
File: vKriE8D7CoWGOAuEJjdCDHiphnM.roa (raw, json)
Hash identifier: m79nN+UrU8j16v9mI0XjJNr91VUB5btmVcolsvCKAMQ=
Subject key identifier: BC:AA:E2:13:C0:FB:0A:85:86:38:0B:84:26:37:42:0C:78:A9:86:73
Certificate issuer: /CN=3bde2cd5215e93bfa0ca6df8b2c1f5ed2c94af74
Certificate serial: 0198C74C03FC9A10FF97FC3D378207046267
Authority key identifier: 3B:DE:2C:D5:21:5E:93:BF:A0:CA:6D:F8:B2:C1:F5:ED:2C:94:AF:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O94s1SFek7-gym34ssH17SyUr3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/vKriE8D7CoWGOAuEJjdCDHiphnM.roa
Signing time: Wed 20 Aug 2025 11:45:04 +0000
ROA not before: Wed 20 Aug 2025 11:45:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 91.195.160.0/23 maxlen: 23
91.198.151.0/24 maxlen: 24
91.236.83.0/24 maxlen: 24
194.0.250.0/24 maxlen: 24
194.30.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/O94s1SFek7-gym34ssH17SyUr3Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/O94s1SFek7-gym34ssH17SyUr3Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/O94s1SFek7-gym34ssH17SyUr3Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c7:4c:03:fc:9a:10:ff:97:fc:3d:37:82:07:04:62:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bde2cd5215e93bfa0ca6df8b2c1f5ed2c94af74
Validity
Not Before: Aug 20 11:45:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bcaae213c0fb0a8586380b842637420c78a98673
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ac:c8:eb:14:94:ae:7c:6b:54:e9:0b:b2:dd:
2d:f6:6f:ad:b0:e6:0f:8d:22:eb:bc:d8:0a:09:73:
81:18:4f:a4:30:b0:78:86:91:78:b2:82:bb:5f:f6:
7a:23:c4:f9:42:e9:3d:a3:88:77:e7:26:84:9d:40:
e6:80:d9:d9:39:4e:40:07:7d:0c:10:1f:47:ed:b4:
0e:fd:6b:eb:67:b0:73:08:5a:44:47:8a:d5:41:06:
63:b9:f2:b7:7d:d2:a7:d1:34:d3:c3:a0:04:25:47:
e4:75:ff:f6:b0:18:fd:57:ec:38:64:c9:53:3a:5c:
3c:29:8b:39:10:09:69:e1:11:e8:01:24:31:ef:0c:
fd:0d:c8:e0:b2:76:59:cd:00:3d:d7:e4:90:75:34:
06:d3:78:8f:9a:d8:cb:ec:04:f4:ee:87:71:5e:d9:
55:9e:bc:45:b9:f1:c1:17:75:bd:43:42:db:69:7c:
6a:a0:56:d3:21:b8:71:f8:76:c5:31:9e:ae:d1:08:
ee:cc:e0:8e:fc:f2:21:de:59:58:5d:e2:a0:8b:11:
2a:1e:aa:c4:a6:f3:25:51:75:06:b5:06:0f:11:6a:
ae:aa:32:6c:ba:3d:61:d7:58:71:3b:56:7e:26:6b:
73:11:a0:2d:03:66:ce:91:ad:82:cf:b6:51:cb:35:
5b:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:AA:E2:13:C0:FB:0A:85:86:38:0B:84:26:37:42:0C:78:A9:86:73
X509v3 Authority Key Identifier:
keyid:3B:DE:2C:D5:21:5E:93:BF:A0:CA:6D:F8:B2:C1:F5:ED:2C:94:AF:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O94s1SFek7-gym34ssH17SyUr3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/vKriE8D7CoWGOAuEJjdCDHiphnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/c53a3e-f90d-4742-84fb-db319a31bdf7/1/O94s1SFek7-gym34ssH17SyUr3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.160.0/23
91.198.151.0/24
91.236.83.0/24
194.0.250.0/24
194.30.188.0/24
Signature Algorithm: sha256WithRSAEncryption
40:ee:29:f9:6b:63:c7:38:87:76:0b:fa:c7:a1:36:af:7a:fc:
ad:86:50:77:19:d1:a3:98:d2:35:1d:f2:ce:a2:e7:e3:c4:5d:
ac:49:25:4a:4b:2a:34:3a:42:3b:13:24:e3:bc:0d:92:b8:d7:
3a:00:92:59:ed:20:32:1a:14:1c:c6:b7:1a:98:f7:30:9c:78:
87:4d:6c:54:ec:0c:8f:89:40:84:6a:5d:37:2f:54:9b:03:db:
a7:74:59:f6:b2:dd:f9:7c:99:20:6c:f7:b7:82:58:03:92:98:
0d:dc:6a:bc:4b:6e:32:79:77:22:f9:1a:94:5c:8c:4c:4e:5a:
cf:33:b8:49:0e:d9:e1:d3:61:7f:59:d1:8f:d8:a0:e3:35:bc:
6e:d5:03:77:6e:7f:ae:9b:30:23:5e:a7:fd:b4:4d:d4:68:9d:
af:48:e5:f1:3d:03:da:14:e6:96:0f:da:63:a7:05:31:c6:b2:
c3:8c:fc:37:b1:d5:6f:30:35:b6:2f:fd:c2:e6:ba:15:d3:a6:
e4:3b:2b:aa:c0:5e:4c:4c:3a:ab:6e:94:0b:71:d0:91:16:82:
f6:a7:af:8d:b6:13:9e:e0:05:7d:f9:3d:9d:4a:2f:57:e8:1b:
b5:b7:9c:b0:8a:55:29:55:04:36:5e:3c:aa:ed:c6:eb:f3:58:
13:34:eb:18
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZjHTAP8mhD/l/w9N4IHBGJnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZGUyY2Q1MjE1ZTkzYmZhMGNhNmRmOGIyYzFmNWVkMmM5
NGFmNzQwHhcNMjUwODIwMTE0NTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2FhZTIxM2MwZmIwYTg1ODYzODBiODQyNjM3NDIwYzc4YTk4NjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA66zI6xSUrnxrVOkLst0t9m+tsOYP
jSLrvNgKCXOBGE+kMLB4hpF4soK7X/Z6I8T5Quk9o4h35yaEnUDmgNnZOU5AB30M
EB9H7bQO/WvrZ7BzCFpER4rVQQZjufK3fdKn0TTTw6AEJUfkdf/2sBj9V+w4ZMlT
Olw8KYs5EAlp4RHoASQx7wz9DcjgsnZZzQA91+SQdTQG03iPmtjL7AT07odxXtlV
nrxFufHBF3W9Q0LbaXxqoFbTIbhx+HbFMZ6u0QjuzOCO/PIh3llYXeKgixEqHqrE
pvMlUXUGtQYPEWquqjJsuj1h11hxO1Z+JmtzEaAtA2bOka2Cz7ZRyzVbfQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLyq4hPA+wqFhjgLhCY3Qgx4qYZzMB8GA1UdIwQY
MBaAFDveLNUhXpO/oMpt+LLB9e0slK90MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzk0czFTRmVrNy1neW0zNHNzSDE3U3lVcjNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jNTNhM2UtZjkwZC00NzQyLTg0ZmIt
ZGIzMTlhMzFiZGY3LzEvdktyaUU4RDdDb1dHT0F1RUpqZENESGlwaG5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9jNTNhM2UtZjkwZC00NzQyLTg0ZmItZGIzMTlhMzFiZGY3
LzEvTzk0czFTRmVrNy1neW0zNHNzSDE3U3lVcjNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBW8OgAwQA
W8aXAwQAW+xTAwQAwgD6AwQAwh68MA0GCSqGSIb3DQEBCwUAA4IBAQBA7in5a2PH
OId2C/rHoTavevythlB3GdGjmNI1HfLOoufjxF2sSSVKSyo0OkI7EyTjvA2SuNc6
AJJZ7SAyGhQcxrcamPcwnHiHTWxU7AyPiUCEal03L1SbA9undFn2st35fJkgbPe3
glgDkpgN3Gq8S24yeXci+RqUXIxMTlrPM7hJDtnh02F/WdGP2KDjNbxu1QN3bn+u
mzAjXqf9tE3UaJ2vSOXxPQPaFOaWD9pjpwUxxrLDjPw3sdVvMDW2L/3C5roV06bk
OyuqwF5MTDqrbpQLcdCRFoL2p6+NthOe4AV9+T2dSi9X6Bu1t5ywilUpVQQ2Xjyq
7cbr81gTNOsY
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:10:40 2025 by rpki-client