Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/Vhh-HEWHbYSTjQgTrRsDTKlOjO0.roa
File: Vhh-HEWHbYSTjQgTrRsDTKlOjO0.roa (raw, json)
Hash identifier: nZHSxicdSyoslUfdZCmnypTUsy3rNzow8v41t9pPW+0=
Subject key identifier: 56:18:7E:1C:45:87:6D:84:93:8D:08:13:AD:1B:03:4C:A9:4E:8C:ED
Certificate issuer: /CN=ee370985f83f41330111c350cd6b1e1eead526aa
Certificate serial: 019980DB0A1B3AB283CB86E91D7A633202FE
Authority key identifier: EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/Vhh-HEWHbYSTjQgTrRsDTKlOjO0.roa
Signing time: Thu 25 Sep 2025 12:31:02 +0000
ROA not before: Thu 25 Sep 2025 12:31:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57152
IP address blocks: 31.7.32.0/24 maxlen: 24
31.7.33.0/24 maxlen: 24
31.7.34.0/24 maxlen: 24
31.7.35.0/24 maxlen: 24
31.7.36.0/24 maxlen: 24
31.7.37.0/24 maxlen: 24
31.7.38.0/24 maxlen: 24
31.7.39.0/24 maxlen: 24
185.140.124.0/24 maxlen: 24
185.140.125.0/24 maxlen: 24
185.140.126.0/24 maxlen: 24
185.140.127.0/24 maxlen: 24
2a0a:9f40::/29 maxlen: 48
2a0a:9f40:babe::/48 maxlen: 48
2a0a:9f40:beef::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:80:db:0a:1b:3a:b2:83:cb:86:e9:1d:7a:63:32:02:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee370985f83f41330111c350cd6b1e1eead526aa
Validity
Not Before: Sep 25 12:31:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56187e1c45876d84938d0813ad1b034ca94e8ced
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:15:d2:8b:6a:6e:02:4b:70:13:5b:39:fa:ad:
61:6c:37:c6:b7:b6:bf:82:d1:7c:70:6f:f0:81:a3:
32:aa:05:7e:b5:19:08:dd:4d:75:94:a5:c6:ae:89:
a6:f2:a9:a8:17:17:aa:7f:e1:8a:3f:6c:91:28:56:
f6:d3:de:1e:c3:48:e9:42:b2:4e:05:af:15:e4:6f:
35:4c:f4:44:2a:cf:21:a6:96:aa:9e:fd:3c:85:5a:
bc:9b:55:64:92:2b:d5:54:ce:08:a3:f2:1a:27:0a:
5e:bd:7f:0e:58:88:2d:a9:8a:ce:ff:d4:ac:8e:af:
24:ea:77:53:ea:c1:f0:12:c5:e6:78:47:73:15:78:
fa:33:7f:0c:b4:51:59:2b:b9:1d:7a:ec:24:5a:0f:
a1:7f:73:2e:7f:04:a1:76:8c:5e:e5:63:cc:50:5b:
27:3e:31:33:a8:57:d0:65:90:fd:63:92:60:c2:af:
2f:6d:9f:e8:7d:18:1e:aa:9c:48:ae:0f:2c:4c:b8:
ed:17:dd:f5:05:b0:98:88:ed:87:3e:5f:66:73:24:
82:c9:bd:1c:db:20:0d:fe:2c:88:cc:23:fd:cf:ad:
15:3d:be:4e:87:85:49:f3:92:c7:8b:ef:4c:b6:d7:
3a:3e:76:54:e7:14:9a:82:e3:f8:37:a0:43:8d:b0:
26:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:18:7E:1C:45:87:6D:84:93:8D:08:13:AD:1B:03:4C:A9:4E:8C:ED
X509v3 Authority Key Identifier:
keyid:EE:37:09:85:F8:3F:41:33:01:11:C3:50:CD:6B:1E:1E:EA:D5:26:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7jcJhfg_QTMBEcNQzWseHurVJqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/Vhh-HEWHbYSTjQgTrRsDTKlOjO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/2744d0-41a0-4434-b690-3244546f8cbf/1/7jcJhfg_QTMBEcNQzWseHurVJqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.32.0/21
185.140.124.0/22
IPv6:
2a0a:9f40::/29
Signature Algorithm: sha256WithRSAEncryption
4b:56:ab:88:95:80:ea:a3:9a:29:9c:b8:25:57:f9:71:af:1e:
3c:a0:f7:51:49:b9:1d:15:58:95:0d:3c:49:e3:ce:96:f5:4a:
9c:bf:c7:ab:89:e9:af:05:e2:ec:a8:4f:03:6e:2a:c1:04:16:
f8:56:bf:5d:b0:3d:68:93:1e:8d:c6:07:4f:81:fe:23:a2:83:
d9:24:cc:b7:26:87:83:cb:71:ff:ca:12:13:31:b6:96:e6:72:
7f:b4:af:b7:a0:96:92:4d:5e:7b:05:58:b9:6c:42:1a:8e:12:
61:67:bc:2d:cd:80:58:2f:75:45:69:3f:46:cd:96:46:da:b7:
9d:7f:84:c5:16:2f:0d:44:68:9b:48:79:f7:d6:9c:f6:1f:48:
3d:95:12:31:c2:98:1f:02:22:02:a2:20:69:f3:7c:d3:9b:fb:
97:96:d8:ce:a5:33:9a:77:de:28:c9:70:e6:39:29:17:b2:92:
a6:fd:00:f5:c5:7b:74:2c:6a:fd:15:6f:e2:1a:0f:40:78:8d:
82:67:c6:86:d3:f8:a4:3b:d1:83:ce:2a:e1:2f:e2:ff:0d:6a:
ca:81:eb:97:b2:76:cc:71:96:c6:95:89:64:26:25:f2:ac:9e:
b4:42:e1:58:4b:05:08:60:dd:1c:21:24:87:bb:5a:02:fa:63:
1e:1f:8a:c0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZmA2wobOrKDy4bpHXpjMgL+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMzcwOTg1ZjgzZjQxMzMwMTExYzM1MGNkNmIxZTFlZWFk
NTI2YWEwHhcNMjUwOTI1MTIzMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjE4N2UxYzQ1ODc2ZDg0OTM4ZDA4MTNhZDFiMDM0Y2E5NGU4Y2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBXSi2puAktwE1s5+q1hbDfGt7a/
gtF8cG/wgaMyqgV+tRkI3U11lKXGromm8qmoFxeqf+GKP2yRKFb2094ew0jpQrJO
Ba8V5G81TPREKs8hppaqnv08hVq8m1VkkivVVM4Io/IaJwpevX8OWIgtqYrO/9Ss
jq8k6ndT6sHwEsXmeEdzFXj6M38MtFFZK7kdeuwkWg+hf3MufwShdoxe5WPMUFsn
PjEzqFfQZZD9Y5Jgwq8vbZ/ofRgeqpxIrg8sTLjtF931BbCYiO2HPl9mcySCyb0c
2yAN/iyIzCP9z60VPb5Oh4VJ85LHi+9Mttc6PnZU5xSaguP4N6BDjbAm1wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFYYfhxFh22Ek40IE60bA0ypToztMB8GA1UdIwQY
MBaAFO43CYX4P0EzARHDUM1rHh7q1SaqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAt
MzI0NDU0NmY4Y2JmLzEvVmhoLUhFV0hiWVNUalFnVHJSc0RUS2xPak8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC8yNzQ0ZDAtNDFhMC00NDM0LWI2OTAtMzI0NDU0NmY4Y2Jm
LzEvN2pjSmhmZ19RVE1CRWNOUXpXc2VIdXJWSnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDHwcgAwQC
uYx8MA0EAgACMAcDBQMqCp9AMA0GCSqGSIb3DQEBCwUAA4IBAQBLVquIlYDqo5op
nLglV/lxrx48oPdRSbkdFViVDTxJ486W9Uqcv8eriemvBeLsqE8DbirBBBb4Vr9d
sD1okx6NxgdPgf4jooPZJMy3JoeDy3H/yhITMbaW5nJ/tK+3oJaSTV57BVi5bEIa
jhJhZ7wtzYBYL3VFaT9GzZZG2redf4TFFi8NRGibSHn31pz2H0g9lRIxwpgfAiIC
oiBp83zTm/uXltjOpTOad94oyXDmOSkXspKm/QD1xXt0LGr9FW/iGg9AeI2CZ8aG
0/ikO9GDzirhL+L/DWrKgeuXsnbMcZbGlYlkJiXyrJ60QuFYSwUIYN0cISSHu1oC
+mMeH4rA
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:34:03 2025 by rpki-client