Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/VHGH1mjlVKHvXOWyM-EzBXtEmjs.roa
File: VHGH1mjlVKHvXOWyM-EzBXtEmjs.roa (raw, json)
Hash identifier: 3A2MAM39EnOIUbihWoQHY/ugzdD83ycM1Te5mtz2Mw4=
Subject key identifier: 54:71:87:D6:68:E5:54:A1:EF:5C:E5:B2:33:E1:33:05:7B:44:9A:3B
Certificate issuer: /CN=f88b443e992c665658942e6890d298d68cde6425
Certificate serial: 019D00BBA1425992963FA1C2858969664C4E
Authority key identifier: F8:8B:44:3E:99:2C:66:56:58:94:2E:68:90:D2:98:D6:8C:DE:64:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-ItEPpksZlZYlC5okNKY1ozeZCU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/VHGH1mjlVKHvXOWyM-EzBXtEmjs.roa
Signing time: Wed 18 Mar 2026 11:36:29 +0000
ROA not before: Wed 18 Mar 2026 11:36:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14618
IP address blocks: 80.248.142.0/24 maxlen: 24
2a12:fdc0:1::/48 maxlen: 48
2a12:fdc0:2::/48 maxlen: 48
2a12:fdc0:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-ItEPpksZlZYlC5okNKY1ozeZCU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 14:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:00:bb:a1:42:59:92:96:3f:a1:c2:85:89:69:66:4c:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f88b443e992c665658942e6890d298d68cde6425
Validity
Not Before: Mar 18 11:36:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=547187d668e554a1ef5ce5b233e133057b449a3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:55:51:36:a4:e4:02:dd:7d:f4:e4:b9:71:4f:
89:54:b8:62:18:7c:50:67:72:9e:5b:d9:f3:98:4c:
59:26:79:ff:ee:6d:7d:f5:ed:ee:47:3a:0c:c7:9c:
79:3d:6e:8c:41:bb:d8:31:b8:20:6c:94:b2:55:28:
9a:22:9c:94:95:79:b2:1f:94:46:0f:9e:aa:45:3d:
74:d1:36:0e:21:6a:1c:0c:c3:34:2a:b3:1b:70:79:
f2:5f:cb:7e:df:df:95:b7:a5:ff:14:86:b4:8a:35:
be:fe:7f:dd:e1:d1:8d:59:cf:81:84:29:7a:42:92:
d7:70:1c:4a:2e:38:f8:2b:a9:1d:c4:3b:ae:26:33:
79:49:3b:b0:51:ec:45:79:07:da:4a:c7:d8:d9:54:
52:49:a3:b4:f7:91:a6:b9:8c:99:92:5a:d8:4b:87:
e3:42:8d:36:ed:9a:16:e6:81:b9:98:ae:a3:9e:d7:
77:8d:f3:53:cf:37:c9:95:c2:c2:a6:de:8e:d6:4c:
67:c4:82:76:74:ab:da:e7:b1:59:74:42:1f:a5:15:
c2:9a:a9:ae:ea:69:bd:1a:1e:c8:e2:80:aa:36:2f:
76:91:4b:f1:ef:4d:f7:57:3a:38:31:f0:fe:ea:03:
ab:19:6f:7c:58:0f:14:e1:26:58:c5:18:e9:c4:bf:
55:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:71:87:D6:68:E5:54:A1:EF:5C:E5:B2:33:E1:33:05:7B:44:9A:3B
X509v3 Authority Key Identifier:
keyid:F8:8B:44:3E:99:2C:66:56:58:94:2E:68:90:D2:98:D6:8C:DE:64:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-ItEPpksZlZYlC5okNKY1ozeZCU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/VHGH1mjlVKHvXOWyM-EzBXtEmjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/bfb542-4f67-46c5-9710-694252f029f1/1/1-ItEPpksZlZYlC5okNKY1ozeZCU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.248.142.0/24
IPv6:
2a12:fdc0:1::-2a12:fdc0:3:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2b:09:81:98:5b:0d:25:a2:cd:fe:83:93:eb:06:d7:5c:60:01:
64:6a:e8:fa:25:0c:e7:b2:ed:86:ad:ac:7a:7d:6e:48:8b:02:
1f:e0:1a:ef:54:e1:2e:53:47:15:51:25:ff:8f:4a:52:c5:8c:
3a:6f:0e:22:34:8f:c4:a4:7b:f9:45:03:ab:65:64:37:43:1a:
00:22:1c:d6:b4:54:b7:10:c5:32:5b:48:6d:94:84:2a:d5:33:
8e:0b:00:fb:fa:f7:d1:e5:6a:7f:69:d5:ca:db:bc:5a:28:61:
ae:c3:f9:cf:0c:ec:c4:81:15:bc:21:9d:b5:60:84:a5:26:c9:
49:aa:11:3f:0d:55:27:bb:5f:94:5d:09:67:31:a3:4b:b3:e5:
01:8b:7a:7d:a0:ce:30:98:ef:0c:66:04:d2:c8:83:6e:26:0d:
8e:cf:cd:f9:56:45:e3:c1:e2:c2:b1:24:03:b3:bc:c6:ca:06:
31:5c:e3:aa:45:93:dc:1f:78:23:b2:e9:d8:0f:4c:9f:cc:72:
70:44:ee:99:31:cd:c4:0e:9c:e0:a5:c2:41:73:11:8e:10:1f:
ce:54:e4:c6:2c:b8:5e:0f:4d:48:48:03:3b:6c:df:8e:2a:9c:
b4:42:0a:a2:c4:60:83:8d:a6:f3:62:1f:33:34:67:4e:56:11:
2d:c7:5a:11
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ0Au6FCWZKWP6HChYlpZkxOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4OGI0NDNlOTkyYzY2NTY1ODk0MmU2ODkwZDI5OGQ2OGNk
ZTY0MjUwHhcNMjYwMzE4MTEzNjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDcxODdkNjY4ZTU1NGExZWY1Y2U1YjIzM2UxMzMwNTdiNDQ5YTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA11VRNqTkAt199OS5cU+JVLhiGHxQ
Z3KeW9nzmExZJnn/7m199e3uRzoMx5x5PW6MQbvYMbggbJSyVSiaIpyUlXmyH5RG
D56qRT100TYOIWocDMM0KrMbcHnyX8t+39+Vt6X/FIa0ijW+/n/d4dGNWc+BhCl6
QpLXcBxKLjj4K6kdxDuuJjN5STuwUexFeQfaSsfY2VRSSaO095GmuYyZklrYS4fj
Qo027ZoW5oG5mK6jntd3jfNTzzfJlcLCpt6O1kxnxIJ2dKva57FZdEIfpRXCmqmu
6mm9Gh7I4oCqNi92kUvx7033Vzo4MfD+6gOrGW98WA8U4SZYxRjpxL9VLQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFRxh9Zo5VSh71zlsjPhMwV7RJo7MB8GA1UdIwQY
MBaAFPiLRD6ZLGZWWJQuaJDSmNaM3mQlMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1JdEVQcGtzWmxaWWxDNW9rTktZMW96ZVpDVS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWIvYmZiNTQyLTRmNjctNDZjNS05NzEw
LTY5NDI1MmYwMjlmMS8xL1ZIR0gxbWpsVktIdlhPV3lNLUV6Qlh0RW1qcy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNWIvYmZiNTQyLTRmNjctNDZjNS05NzEwLTY5NDI1MmYwMjlm
MS8xLzEtSXRFUHBrc1psWllsQzVva05LWTFvemVaQ1UuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOwYIKwYBBQUHAQcBAf8ELDAqMAwEAgABMAYDBABQ+I4w
GgQCAAIwFDASAwcAKhL9wAABAwcCKhL9wAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAr
CYGYWw0los3+g5PrBtdcYAFkauj6JQznsu2Grax6fW5IiwIf4BrvVOEuU0cVUSX/
j0pSxYw6bw4iNI/EpHv5RQOrZWQ3QxoAIhzWtFS3EMUyW0htlIQq1TOOCwD7+vfR
5Wp/adXK27xaKGGuw/nPDOzEgRW8IZ21YISlJslJqhE/DVUnu1+UXQlnMaNLs+UB
i3p9oM4wmO8MZgTSyINuJg2Oz835VkXjweLCsSQDs7zGygYxXOOqRZPcH3gjsunY
D0yfzHJwRO6ZMc3EDpzgpcJBcxGOEB/OVOTGLLheD01ISAM7bN+OKpy0QgqixGCD
jabzYh8zNGdOVhEtx1oR
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:49:27 2026 by rpki-client