Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/VEkeEoPiMQtW2m8-DYIUOdpgpSE.roa
File: VEkeEoPiMQtW2m8-DYIUOdpgpSE.roa (raw, json)
Hash identifier: h/YUbDC+yvqYooltHFj7ibJfFvR/hNnsekbeRGRckDg=
Subject key identifier: 54:49:1E:12:83:E2:31:0B:56:DA:6F:3E:0D:82:14:39:DA:60:A5:21
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019934D4F563F20613CAA96AEED56C4B4FE7
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/VEkeEoPiMQtW2m8-DYIUOdpgpSE.roa
Signing time: Wed 10 Sep 2025 18:13:15 +0000
ROA not before: Wed 10 Sep 2025 18:13:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12844
IP address blocks: 45.84.215.0/24 maxlen: 24
45.128.197.0/24 maxlen: 24
45.154.137.0/24 maxlen: 24
194.34.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:34:d4:f5:63:f2:06:13:ca:a9:6a:ee:d5:6c:4b:4f:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Sep 10 18:13:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=54491e1283e2310b56da6f3e0d821439da60a521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:80:27:ff:2e:d8:ed:9f:99:18:5d:fd:00:c9:
e1:ef:f1:0a:d3:5c:f5:28:54:7f:db:f1:1f:b5:d7:
fa:85:57:40:2b:f6:5b:7b:cb:0f:a4:05:ae:d1:bb:
d0:04:78:5e:19:3f:5c:24:a4:db:c4:1d:a4:43:9f:
8a:11:fa:bf:01:89:1f:f6:53:1e:21:67:4e:20:c1:
41:bd:6f:ca:43:98:61:e7:91:e1:18:a8:f6:35:cf:
c2:ea:2d:c1:5f:fe:b5:ea:25:8b:3b:f7:0c:0b:9a:
92:1d:02:ca:83:22:e4:60:c7:94:62:c9:c4:0d:cc:
31:62:39:2b:5a:31:e9:da:c1:27:33:78:76:f3:1b:
37:e2:5f:24:43:4b:65:74:b3:ee:7e:df:8c:31:e6:
50:69:5b:cf:8c:91:2d:33:83:02:e1:fd:a8:e4:85:
b8:2e:dc:e1:5a:04:8f:1d:fe:fd:f3:b9:d2:a3:c2:
05:05:30:d5:7b:4e:cd:bf:42:1a:9b:63:9b:91:dc:
27:de:ab:c1:de:15:b8:65:0c:ea:a1:90:d6:d8:61:
a5:d4:f2:5c:b8:1f:b9:5f:64:f6:90:5a:39:13:3c:
aa:aa:1a:6c:df:1d:a7:5c:da:c9:f6:a7:5d:46:fc:
cf:32:f1:e4:73:3d:0f:51:b3:12:d1:8a:a7:a9:7d:
cc:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:49:1E:12:83:E2:31:0B:56:DA:6F:3E:0D:82:14:39:DA:60:A5:21
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/VEkeEoPiMQtW2m8-DYIUOdpgpSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.215.0/24
45.128.197.0/24
45.154.137.0/24
194.34.173.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:a5:c6:a4:de:b6:4a:53:c1:df:eb:3c:89:7b:db:53:d1:d6:
44:44:d4:86:ec:0c:51:9c:c0:6e:d9:54:2c:1f:1a:06:8b:f7:
c7:29:37:19:8f:de:87:68:23:2f:ef:f4:bb:22:25:a4:75:5e:
5a:4b:27:b0:56:1c:40:22:ad:92:a4:22:d5:67:b3:c3:59:48:
42:00:b8:da:84:87:1e:76:19:16:d6:ea:08:b3:24:1d:a0:e2:
fc:c8:40:e2:e6:47:81:ef:4f:81:2b:0d:a8:c1:f6:fd:fe:aa:
8f:63:65:f7:71:ed:7a:40:51:33:c9:3f:56:33:e9:83:2b:3b:
ec:f9:5f:69:d7:e2:21:95:c8:0b:0f:76:cc:d5:01:e9:a0:9c:
11:fa:04:99:67:46:fd:fc:a6:83:44:d6:00:6a:da:05:20:2e:
9f:ec:d7:9b:01:e0:f2:a7:45:f6:c9:da:ca:cb:2b:fe:4b:13:
b7:c1:fb:7c:0e:0c:3b:3d:94:62:26:ba:07:ab:0e:b3:5a:f5:
8a:5f:c1:9f:c6:66:35:00:67:c5:19:93:57:f5:86:1b:11:b5:
70:de:f3:b7:39:31:a4:e8:2e:85:59:f2:52:f4:c7:59:45:d2:
d6:01:ca:28:a0:74:b5:0c:81:32:6f:a2:d6:86:a2:a4:cb:35:
4b:2f:f7:e0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZk01PVj8gYTyqlq7tVsS0/nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwOTEwMTgxMzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDQ5MWUxMjgzZTIzMTBiNTZkYTZmM2UwZDgyMTQzOWRhNjBhNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YAn/y7Y7Z+ZGF39AMnh7/EK01z1
KFR/2/Eftdf6hVdAK/Zbe8sPpAWu0bvQBHheGT9cJKTbxB2kQ5+KEfq/AYkf9lMe
IWdOIMFBvW/KQ5hh55HhGKj2Nc/C6i3BX/616iWLO/cMC5qSHQLKgyLkYMeUYsnE
DcwxYjkrWjHp2sEnM3h28xs34l8kQ0tldLPuft+MMeZQaVvPjJEtM4MC4f2o5IW4
LtzhWgSPHf7987nSo8IFBTDVe07Nv0Iam2Obkdwn3qvB3hW4ZQzqoZDW2GGl1PJc
uB+5X2T2kFo5Ezyqqhps3x2nXNrJ9qddRvzPMvHkcz0PUbMS0YqnqX3MOwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFRJHhKD4jELVtpvPg2CFDnaYKUhMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvVkVrZUVvUGlNUXRXMm04LURZSVVPZHBncFNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVTXAwQA
LYDFAwQALZqJAwQAwiKtMA0GCSqGSIb3DQEBCwUAA4IBAQDBpcak3rZKU8Hf6zyJ
e9tT0dZERNSG7AxRnMBu2VQsHxoGi/fHKTcZj96HaCMv7/S7IiWkdV5aSyewVhxA
Iq2SpCLVZ7PDWUhCALjahIcedhkW1uoIsyQdoOL8yEDi5keB70+BKw2owfb9/qqP
Y2X3ce16QFEzyT9WM+mDKzvs+V9p1+IhlcgLD3bM1QHpoJwR+gSZZ0b9/KaDRNYA
atoFIC6f7NebAeDyp0X2ydrKyyv+SxO3wft8Dgw7PZRiJroHqw6zWvWKX8GfxmY1
AGfFGZNX9YYbEbVw3vO3OTGk6C6FWfJS9MdZRdLWAcoooHS1DIEyb6LWhqKkyzVL
L/fg
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:43:26 2025 by rpki-client