Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/vzAlAUSwNS3X5rBrjY2dRR2yYFY.roa
File: vzAlAUSwNS3X5rBrjY2dRR2yYFY.roa (raw, json)
Hash identifier: vhu/EVMO2sN6smTky+NwoXUmakQYMYx8yvela2Fhzb8=
Subject key identifier: BF:30:25:01:44:B0:35:2D:D7:E6:B0:6B:8D:8D:9D:45:1D:B2:60:56
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019DF2D579A33B4DC5ADF2CE4AE114A2E419
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/vzAlAUSwNS3X5rBrjY2dRR2yYFY.roa
Signing time: Mon 04 May 2026 11:52:49 +0000
ROA not before: Mon 04 May 2026 11:52:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210976
IP address blocks: 45.91.236.0/24 maxlen: 24
45.91.237.0/24 maxlen: 24
91.240.254.0/24 maxlen: 24
185.201.28.0/24 maxlen: 24
186.246.24.0/24 maxlen: 24
186.246.25.0/24 maxlen: 24
186.246.26.0/24 maxlen: 24
186.246.27.0/24 maxlen: 24
186.246.28.0/24 maxlen: 24
186.246.29.0/24 maxlen: 24
186.246.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f2:d5:79:a3:3b:4d:c5:ad:f2:ce:4a:e1:14:a2:e4:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: May 4 11:52:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bf30250144b0352dd7e6b06b8d8d9d451db26056
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:45:62:17:2f:db:d5:cf:66:59:45:c9:71:68:
59:f0:8b:9d:d5:39:08:7b:7f:86:61:cf:91:f0:e8:
f9:00:54:0c:ef:99:f5:5a:e7:2c:91:1a:4e:6a:7d:
5b:f8:b0:56:d8:97:08:e3:a1:35:b9:b2:2a:28:b9:
7f:91:e5:91:73:8b:ae:5f:f1:d0:d3:a9:6f:17:4f:
7e:65:de:db:ad:38:c1:c7:aa:34:96:52:a5:a2:7c:
99:dd:b9:6e:c7:42:10:c4:e5:f5:66:c4:38:27:d0:
3e:cf:04:ee:12:30:c5:c3:5a:80:96:e1:b4:28:6b:
57:13:50:10:8f:e6:f6:36:90:e9:65:5b:4c:42:44:
66:8a:ae:2b:09:f3:e0:f2:d2:8e:3c:1a:1e:3b:01:
de:15:85:32:f7:50:fb:7b:e6:bd:44:a3:5d:3e:a9:
9b:50:a1:62:fc:c5:2d:52:da:c8:b2:ac:e4:1e:7d:
98:14:40:46:1a:9f:3d:46:2a:c4:f6:59:7b:61:c3:
d3:69:35:7c:56:a1:c3:8c:be:6f:75:d9:02:8a:0e:
67:ac:39:c4:f3:7d:93:d6:4a:c4:64:bc:0d:70:26:
c6:13:0b:fe:7b:75:22:0a:d2:15:58:2b:2d:57:5e:
dd:f9:a5:14:da:66:93:54:68:d8:51:61:46:e6:3a:
e0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:30:25:01:44:B0:35:2D:D7:E6:B0:6B:8D:8D:9D:45:1D:B2:60:56
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/vzAlAUSwNS3X5rBrjY2dRR2yYFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.236.0/23
91.240.254.0/24
185.201.28.0/24
186.246.24.0-186.246.30.255
Signature Algorithm: sha256WithRSAEncryption
29:e6:9d:9f:4e:9f:2c:c2:e5:d7:04:89:96:c8:fe:1f:f5:be:
9a:6a:cd:6c:b0:7f:eb:04:b4:44:07:f9:d8:b7:0c:2b:0c:fe:
91:3f:17:5e:bd:72:c2:e9:96:00:e6:4e:63:a1:cb:c7:7b:b8:
40:4a:ee:df:5d:34:75:8b:0a:dc:86:e3:30:d8:87:59:45:2f:
d1:d8:a2:ee:f7:24:86:10:b7:ce:64:ff:92:3f:d5:27:7a:7a:
47:44:29:e5:4a:51:b1:a1:db:c3:ca:b1:eb:16:9d:58:3f:ca:
50:47:45:b9:fb:64:36:59:96:0b:ae:ba:ff:b0:8f:2d:d7:58:
e4:9d:61:bd:b1:46:40:89:ad:60:f7:29:34:b3:d7:29:70:7a:
98:09:e1:09:81:85:e4:10:16:b6:b4:b6:1c:bc:71:7f:da:21:
b9:3b:dc:b5:4d:7d:f4:81:cc:a0:dd:d1:c3:79:4a:bc:7c:5e:
96:a2:ba:8e:a5:d4:c9:e2:c5:15:37:bb:4b:0f:a7:e4:d1:89:
d5:30:d5:31:a2:eb:5f:28:5d:1a:d4:52:62:97:1b:c2:bd:d7:
bf:a0:f9:40:92:87:65:b7:ef:4c:b8:83:97:d7:76:00:6b:d3:
e8:d9:e9:b4:52:ca:78:82:3d:e9:f2:87:1a:1d:f6:b0:b7:7c:
e9:4d:1e:a7
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ3y1XmjO03FrfLOSuEUouQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjYwNTA0MTE1MjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjMwMjUwMTQ0YjAzNTJkZDdlNmIwNmI4ZDhkOWQ0NTFkYjI2MDU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUViFy/b1c9mWUXJcWhZ8Iud1TkI
e3+GYc+R8Oj5AFQM75n1WucskRpOan1b+LBW2JcI46E1ubIqKLl/keWRc4uuX/HQ
06lvF09+Zd7brTjBx6o0llKlonyZ3blux0IQxOX1ZsQ4J9A+zwTuEjDFw1qAluG0
KGtXE1AQj+b2NpDpZVtMQkRmiq4rCfPg8tKOPBoeOwHeFYUy91D7e+a9RKNdPqmb
UKFi/MUtUtrIsqzkHn2YFEBGGp89RirE9ll7YcPTaTV8VqHDjL5vddkCig5nrDnE
832T1krEZLwNcCbGEwv+e3UiCtIVWCstV17d+aUU2maTVGjYUWFG5jrgYQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFL8wJQFEsDUt1+awa42NnUUdsmBWMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvdnpBbEFVU3dOUzNYNXJCcmpZMmRSUjJ5WUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBLVvsAwQA
W/D+AwQAuckcMAwDBAO69hgDBAC69h4wDQYJKoZIhvcNAQELBQADggEBACnmnZ9O
nyzC5dcEiZbI/h/1vppqzWywf+sEtEQH+di3DCsM/pE/F169csLplgDmTmOhy8d7
uEBK7t9dNHWLCtyG4zDYh1lFL9HYou73JIYQt85k/5I/1Sd6ekdEKeVKUbGh28PK
sesWnVg/ylBHRbn7ZDZZlguuuv+wjy3XWOSdYb2xRkCJrWD3KTSz1ylwepgJ4QmB
heQQFra0thy8cX/aIbk73LVNffSBzKDd0cN5Srx8Xpaiuo6l1MnixRU3u0sPp+TR
idUw1TGi618oXRrUUmKXG8K917+g+UCSh2W370y4g5fXdgBr0+jZ6bRSyniCPeny
hxod9rC3fOlNHqc=
-----END CERTIFICATE-----
Generated at Wed May 13 01:44:44 2026 by rpki-client