Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/vKd8NlEx5qop4iqu250zXE8t3lE.roa
File: vKd8NlEx5qop4iqu250zXE8t3lE.roa (raw, json)
Hash identifier: FN1Ryr/mI8CQAU+QgnXcKT4FTQKee0OFCoQuRyraQ08=
Subject key identifier: BC:A7:7C:36:51:31:E6:AA:29:E2:2A:AE:DB:9D:33:5C:4F:2D:DE:51
Certificate issuer: /CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Certificate serial: 0198CC78C86AC0B76AF6617FCC2431E951AE
Authority key identifier: C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/vKd8NlEx5qop4iqu250zXE8t3lE.roa
Signing time: Thu 21 Aug 2025 11:52:04 +0000
ROA not before: Thu 21 Aug 2025 11:52:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208909
IP address blocks: 2.57.128.0/22 maxlen: 22
2.57.128.0/24 maxlen: 24
2.57.129.0/24 maxlen: 24
2.57.130.0/24 maxlen: 24
2.57.131.0/24 maxlen: 24
5.183.220.0/22 maxlen: 22
45.15.136.0/24 maxlen: 24
45.15.137.0/24 maxlen: 24
45.15.138.0/24 maxlen: 24
45.15.139.0/24 maxlen: 24
91.204.124.0/22 maxlen: 22
162.213.64.0/24 maxlen: 24
162.213.65.0/24 maxlen: 24
162.213.66.0/24 maxlen: 24
162.213.67.0/24 maxlen: 24
185.38.128.0/22 maxlen: 22
185.41.96.0/24 maxlen: 24
185.41.97.0/24 maxlen: 24
185.41.98.0/24 maxlen: 24
185.41.99.0/24 maxlen: 24
185.87.188.0/22 maxlen: 22
185.132.90.0/24 maxlen: 24
185.219.136.0/22 maxlen: 22
195.211.168.0/22 maxlen: 22
2a00:fde0::/32 maxlen: 32
2a01:57a0::/32 maxlen: 32
2a09:d940::/29 maxlen: 29
2a0e:3c80::/29 maxlen: 29
2a0e:3c80::/31 maxlen: 31
2a0e:3c82::/31 maxlen: 31
2a0e:3c84::/31 maxlen: 31
2a0e:3c86::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.mft
rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 17:02:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cc:78:c8:6a:c0:b7:6a:f6:61:7f:cc:24:31:e9:51:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Validity
Not Before: Aug 21 11:52:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bca77c365131e6aa29e22aaedb9d335c4f2dde51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:19:ff:01:fb:9f:23:58:50:55:e5:21:2d:4f:
7c:dd:57:40:68:c1:ec:f4:24:45:25:4c:f6:ef:63:
55:c2:85:a9:a4:dc:ba:d6:6d:e4:f1:4a:e2:e6:38:
50:b8:16:44:3e:23:d2:80:04:9c:8c:26:ba:c3:44:
3f:37:c4:a4:6c:6e:0a:81:91:f9:7a:21:bb:32:6c:
9b:14:3c:44:f7:44:ae:31:fb:1f:b7:51:8b:27:91:
73:b6:38:7b:14:3e:ed:a8:b9:80:f6:fa:fb:5d:75:
70:ae:6d:6e:12:3d:96:5c:e4:83:be:e8:eb:4f:01:
ff:bb:ba:d5:93:74:00:64:70:3d:d4:5e:3d:96:d3:
f1:7c:6b:23:9e:56:72:86:31:9b:de:dc:71:10:e0:
08:5d:d0:35:56:8d:cd:64:3e:fb:7d:bd:4b:ea:65:
cc:4a:ef:ca:80:b9:04:0e:30:b4:b5:60:31:fe:d4:
44:96:5e:88:9b:03:63:6f:62:4f:ee:8d:e3:f5:3b:
6b:dd:08:2e:87:71:e6:11:da:4d:31:80:39:2b:e7:
27:a8:e2:ec:41:b5:9b:b8:bb:00:a0:07:f9:30:0b:
f4:f9:8e:98:57:39:0a:f8:81:48:44:7f:79:03:c2:
08:ea:ac:0c:09:da:44:22:24:12:6e:d1:90:fe:39:
e6:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A7:7C:36:51:31:E6:AA:29:E2:2A:AE:DB:9D:33:5C:4F:2D:DE:51
X509v3 Authority Key Identifier:
keyid:C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/vKd8NlEx5qop4iqu250zXE8t3lE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.128.0/22
5.183.220.0/22
45.15.136.0/22
91.204.124.0/22
162.213.64.0/22
185.38.128.0/22
185.41.96.0/22
185.87.188.0/22
185.132.90.0/24
185.219.136.0/22
195.211.168.0/22
IPv6:
2a00:fde0::/32
2a01:57a0::/32
2a09:d940::/29
2a0e:3c80::/29
Signature Algorithm: sha256WithRSAEncryption
74:48:fb:d0:54:0a:96:41:20:74:15:6a:84:14:ec:1b:74:3a:
6b:82:ee:9a:8d:3d:36:5f:ea:98:5e:23:9e:a6:84:dd:fb:54:
ed:c9:c9:ce:57:cb:c3:c6:1b:6b:8e:6e:b0:e8:18:1a:36:0e:
e8:93:61:97:c0:3f:00:cd:0d:cc:ed:a3:22:ae:01:09:f8:c6:
05:01:cb:9a:da:ff:9d:68:62:c7:dc:14:8d:d7:25:24:61:86:
5b:b5:96:dc:d5:f6:a9:68:ba:3d:a7:f2:9c:11:e7:c1:e6:c7:
f6:3e:f9:13:b7:37:8a:5d:82:34:4d:76:78:98:0c:d6:5b:f0:
d0:e3:1c:15:0d:51:89:51:63:f4:28:4b:1f:f5:ec:e4:f4:f8:
94:0a:1b:00:80:36:ce:cc:55:91:c6:ac:b6:59:c0:a3:81:6e:
f5:4d:af:9e:36:77:a2:98:bb:e6:0c:80:ea:40:3e:c0:de:e7:
3f:24:36:69:de:df:85:e8:88:bf:e8:0a:1e:0d:2d:24:7e:95:
13:f5:c6:ef:ca:3f:82:41:6e:8c:98:55:de:e3:08:65:e3:50:
e9:cc:c4:d7:22:ae:3d:67:06:49:4a:d5:60:23:6d:da:13:c1:
33:8c:0a:6d:b4:8c:4f:93:8d:3a:9b:dc:c7:75:04:f3:bd:70:
79:de:15:d5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZjMeMhqwLdq9mF/zCQx6VGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZThlNTZiMThkNDVjNjQ2ZjAzY2I2ZjkwNjlkYTBjOGIz
Yzc0YWQwHhcNMjUwODIxMTE1MjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2E3N2MzNjUxMzFlNmFhMjllMjJhYWVkYjlkMzM1YzRmMmRkZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBn/AfufI1hQVeUhLU983VdAaMHs
9CRFJUz272NVwoWppNy61m3k8Uri5jhQuBZEPiPSgAScjCa6w0Q/N8SkbG4KgZH5
eiG7MmybFDxE90SuMfsft1GLJ5Fztjh7FD7tqLmA9vr7XXVwrm1uEj2WXOSDvujr
TwH/u7rVk3QAZHA91F49ltPxfGsjnlZyhjGb3txxEOAIXdA1Vo3NZD77fb1L6mXM
Su/KgLkEDjC0tWAx/tREll6ImwNjb2JP7o3j9Ttr3Qguh3HmEdpNMYA5K+cnqOLs
QbWbuLsAoAf5MAv0+Y6YVzkK+IFIRH95A8II6qwMCdpEIiQSbtGQ/jnmxQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFLynfDZRMeaqKeIqrtudM1xPLd5RMB8GA1UdIwQY
MBaAFMDo5WsY1FxkbwPLb5Bp2gyLPHStMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd09qbGF4alVYR1J2QTh0dmtHbmFESXM4ZEswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8yYWJlYTItMzBkMC00NjU0LWE4MzQt
NzQ1YmNlMzA2MGM5LzEvdktkOE5sRXg1cW9wNGlxdTI1MHpYRTh0M2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8yYWJlYTItMzBkMC00NjU0LWE4MzQtNzQ1YmNlMzA2MGM5
LzEvd09qbGF4alVYR1J2QTh0dmtHbmFESXM4ZEswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBIBAIAATBCAwQCAjmAAwQC
BbfcAwQCLQ+IAwQCW8x8AwQCotVAAwQCuSaAAwQCuSlgAwQCuVe8AwQAuYRaAwQC
uduIAwQCw9OoMCIEAgACMBwDBQAqAP3gAwUAKgFXoAMFAyoJ2UADBQMqDjyAMA0G
CSqGSIb3DQEBCwUAA4IBAQB0SPvQVAqWQSB0FWqEFOwbdDprgu6ajT02X+qYXiOe
poTd+1TtycnOV8vDxhtrjm6w6BgaNg7ok2GXwD8AzQ3M7aMirgEJ+MYFAcua2v+d
aGLH3BSN1yUkYYZbtZbc1fapaLo9p/KcEefB5sf2PvkTtzeKXYI0TXZ4mAzWW/DQ
4xwVDVGJUWP0KEsf9ezk9PiUChsAgDbOzFWRxqy2WcCjgW71Ta+eNneimLvmDIDq
QD7A3uc/JDZp3t+F6Ii/6AoeDS0kfpUT9cbvyj+CQW6MmFXe4whl41DpzMTXIq49
ZwZJStVgI23aE8EzjApttIxPk406m9zHdQTzvXB53hXV
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:13:15 2025 by rpki-client