Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/6069c2-9625-4fff-b737-cc265b0461c2/1/VzTt_U2Xq4HtkF0N31czQeZ4QJ4.roa
File: VzTt_U2Xq4HtkF0N31czQeZ4QJ4.roa (raw, json)
Hash identifier: sGTjG5nzZ1Busaiz9AdE7PDlfqVXk+5CXP96twOrlCI=
Subject key identifier: 57:34:ED:FD:4D:97:AB:81:ED:90:5D:0D:DF:57:33:41:E6:78:40:9E
Certificate issuer: /CN=d7974f43746876558357f1fb91c3852a583a1453
Certificate serial: 019B7EA61F738D8E424FC834442BB856850C
Authority key identifier: D7:97:4F:43:74:68:76:55:83:57:F1:FB:91:C3:85:2A:58:3A:14:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15dPQ3RodlWDV_H7kcOFKlg6FFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/6069c2-9625-4fff-b737-cc265b0461c2/1/VzTt_U2Xq4HtkF0N31czQeZ4QJ4.roa
Signing time: Fri 02 Jan 2026 12:19:34 +0000
ROA not before: Fri 02 Jan 2026 12:19:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44418
IP address blocks: 81.161.59.0/24 maxlen: 24
91.199.104.0/24 maxlen: 24
91.220.75.0/24 maxlen: 24
195.189.155.0/24 maxlen: 24
195.210.4.0/23 maxlen: 23
2001:67c:eb4::/48 maxlen: 48
2001:67c:1438::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/6069c2-9625-4fff-b737-cc265b0461c2/1/15dPQ3RodlWDV_H7kcOFKlg6FFM.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/6069c2-9625-4fff-b737-cc265b0461c2/1/15dPQ3RodlWDV_H7kcOFKlg6FFM.mft
rsync://rpki.ripe.net/repository/DEFAULT/15dPQ3RodlWDV_H7kcOFKlg6FFM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7e:a6:1f:73:8d:8e:42:4f:c8:34:44:2b:b8:56:85:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7974f43746876558357f1fb91c3852a583a1453
Validity
Not Before: Jan 2 12:19:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5734edfd4d97ab81ed905d0ddf573341e678409e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:7e:db:c6:5a:4e:7b:bc:ac:56:c6:a4:ac:d5:
41:03:2e:ae:9e:dc:8e:6e:89:47:03:ff:b4:0a:51:
79:11:2f:58:57:e4:04:7c:c1:1e:5a:19:bf:97:3f:
1c:b3:f9:b3:ca:d3:4a:15:37:d2:18:b7:84:4c:99:
8d:e0:11:74:5a:c4:f6:8e:17:60:89:d5:7b:e4:23:
d5:35:f0:b7:d4:d6:42:55:f9:2b:81:6d:ee:77:68:
18:00:d6:fa:c0:65:4b:d4:60:8c:4f:ef:fc:1c:73:
6f:7c:e6:75:70:90:42:b4:36:8e:8d:d2:f5:ce:18:
09:05:f5:03:5e:3c:68:f7:3e:3e:fe:2b:17:5d:ae:
7c:9f:2b:82:91:d1:ea:a0:bc:0a:18:75:f6:5b:19:
5e:33:87:9a:e9:0f:c1:1a:e1:e0:0e:3a:43:99:99:
27:a2:31:1d:a0:e4:a5:24:4e:f4:56:69:83:59:10:
30:3c:1b:80:99:83:61:45:ec:bc:8d:eb:77:87:5d:
a0:8f:58:d4:8b:7c:6c:54:17:b2:ef:df:8b:84:95:
67:b8:9f:29:6c:e9:03:17:12:4b:73:b2:c2:f8:97:
54:be:dd:4b:65:5c:90:5f:27:81:19:6c:19:97:ae:
09:a7:8a:20:11:22:17:4a:2d:d6:5e:d7:75:13:f1:
71:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:34:ED:FD:4D:97:AB:81:ED:90:5D:0D:DF:57:33:41:E6:78:40:9E
X509v3 Authority Key Identifier:
keyid:D7:97:4F:43:74:68:76:55:83:57:F1:FB:91:C3:85:2A:58:3A:14:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15dPQ3RodlWDV_H7kcOFKlg6FFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/6069c2-9625-4fff-b737-cc265b0461c2/1/VzTt_U2Xq4HtkF0N31czQeZ4QJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/6069c2-9625-4fff-b737-cc265b0461c2/1/15dPQ3RodlWDV_H7kcOFKlg6FFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.59.0/24
91.199.104.0/24
91.220.75.0/24
195.189.155.0/24
195.210.4.0/23
IPv6:
2001:67c:eb4::/48
2001:67c:1438::/48
Signature Algorithm: sha256WithRSAEncryption
65:ac:80:c6:99:5a:83:9d:b4:ee:fb:82:b3:03:ad:89:54:9e:
24:54:69:65:34:6b:e6:99:5e:42:6b:0c:4d:1f:ac:f9:4d:30:
20:c6:41:f5:d5:19:f6:23:f0:ee:75:69:95:ac:4e:79:ae:56:
5e:ff:21:d5:8a:0f:63:82:4f:57:55:3a:9b:ad:a3:15:c9:23:
b5:b3:fe:c0:32:5c:9f:8e:e0:04:73:07:d9:13:1e:86:a3:9c:
08:9d:b0:73:92:cd:c7:09:62:eb:c2:b7:1e:60:20:89:ae:09:
e9:e6:38:2a:39:5a:4b:54:28:c9:99:8a:07:e0:a8:b8:8f:03:
4b:e9:81:54:ab:ed:dc:9c:21:0d:8c:1d:66:55:33:ca:83:02:
3f:b3:c6:58:45:77:e0:e2:49:a5:0b:08:c8:97:b0:89:f7:20:
91:51:02:1c:ed:7f:6c:59:1c:04:b4:d3:cf:d3:94:5a:e9:89:
84:3e:4d:c7:84:f8:1e:72:3f:c0:6a:97:71:00:1c:0e:7b:a0:
65:65:35:02:bc:31:cd:50:c9:17:0b:d3:a7:a5:dc:b8:ed:3e:
f9:81:8f:c9:c8:06:08:6c:e2:05:01:37:9e:e2:de:18:4f:9b:
cd:84:a8:c6:b2:20:63:8d:93:bf:69:08:82:89:fb:f0:f2:35:
da:cc:b4:38
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZt+ph9zjY5CT8g0RCu4VoUMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OTc0ZjQzNzQ2ODc2NTU4MzU3ZjFmYjkxYzM4NTJhNTgz
YTE0NTMwHhcNMjYwMTAyMTIxOTM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzM0ZWRmZDRkOTdhYjgxZWQ5MDVkMGRkZjU3MzM0MWU2Nzg0MDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2n7bxlpOe7ysVsakrNVBAy6untyO
bolHA/+0ClF5ES9YV+QEfMEeWhm/lz8cs/mzytNKFTfSGLeETJmN4BF0WsT2jhdg
idV75CPVNfC31NZCVfkrgW3ud2gYANb6wGVL1GCMT+/8HHNvfOZ1cJBCtDaOjdL1
zhgJBfUDXjxo9z4+/isXXa58nyuCkdHqoLwKGHX2WxleM4ea6Q/BGuHgDjpDmZkn
ojEdoOSlJE70VmmDWRAwPBuAmYNhRey8jet3h12gj1jUi3xsVBey79+LhJVnuJ8p
bOkDFxJLc7LC+JdUvt1LZVyQXyeBGWwZl64Jp4ogESIXSi3WXtd1E/FxDQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFFc07f1Nl6uB7ZBdDd9XM0HmeECeMB8GA1UdIwQY
MBaAFNeXT0N0aHZVg1fx+5HDhSpYOhRTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTVkUFEzUm9kbFdEVl9IN2tjT0ZLbGc2RkZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi82MDY5YzItOTYyNS00ZmZmLWI3Mzct
Y2MyNjViMDQ2MWMyLzEvVnpUdF9VMlhxNEh0a0YwTjMxY3pRZVo0UUo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi82MDY5YzItOTYyNS00ZmZmLWI3MzctY2MyNjViMDQ2MWMy
LzEvMTVkUFEzUm9kbFdEVl9IN2tjT0ZLbGc2RkZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAkBAIAATAeAwQAUaE7AwQA
W8doAwQAW9xLAwQAw72bAwQBw9IEMBgEAgACMBIDBwAgAQZ8DrQDBwAgAQZ8FDgw
DQYJKoZIhvcNAQELBQADggEBAGWsgMaZWoOdtO77grMDrYlUniRUaWU0a+aZXkJr
DE0frPlNMCDGQfXVGfYj8O51aZWsTnmuVl7/IdWKD2OCT1dVOputoxXJI7Wz/sAy
XJ+O4ARzB9kTHoajnAidsHOSzccJYuvCtx5gIImuCenmOCo5WktUKMmZigfgqLiP
A0vpgVSr7dycIQ2MHWZVM8qDAj+zxlhFd+DiSaULCMiXsIn3IJFRAhztf2xZHAS0
08/TlFrpiYQ+TceE+B5yP8Bql3EAHA57oGVlNQK8Mc1QyRcL06el3LjtPvmBj8nI
Bghs4gUBN57i3hhPm82EqMayIGONk79pCIKJ+/DyNdrMtDg=
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:03:04 2026 by rpki-client