Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/vh_DJDY-L8u6LfMzEEsTJ7Obe9E.roa
File: vh_DJDY-L8u6LfMzEEsTJ7Obe9E.roa (raw, json)
Hash identifier: fBdoLnjwRlYi6aXD5j+6mXsFt23MDhTdU9kUpbt2wQ0=
Subject key identifier: BE:1F:C3:24:36:3E:2F:CB:BA:2D:F3:33:10:4B:13:27:B3:9B:7B:D1
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 0199A9875564857571EBE9ECAC803C17F7CC
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/vh_DJDY-L8u6LfMzEEsTJ7Obe9E.roa
Signing time: Fri 03 Oct 2025 10:04:02 +0000
ROA not before: Fri 03 Oct 2025 10:04:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43180
IP address blocks: 45.11.57.0/24 maxlen: 24
45.12.0.0/24 maxlen: 24
45.12.1.0/24 maxlen: 24
45.12.3.0/24 maxlen: 24
91.208.115.0/24 maxlen: 24
176.97.112.0/23 maxlen: 23
176.97.116.0/22 maxlen: 22
176.119.31.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
194.42.204.0/24 maxlen: 24
195.66.210.0/24 maxlen: 24
195.128.248.0/23 maxlen: 24
2a09:2dc2::/32 maxlen: 32
2a09:2dc3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.mft
rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a9:87:55:64:85:75:71:eb:e9:ec:ac:80:3c:17:f7:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Oct 3 10:04:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be1fc324363e2fcbba2df333104b1327b39b7bd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:b2:f1:07:22:d8:d6:16:ae:2a:9c:b2:24:27:
84:19:03:e5:ba:7e:10:04:e1:ee:49:35:4a:9d:1f:
67:71:2a:62:75:6a:64:46:2c:6f:2d:ca:46:01:e4:
49:f4:03:d4:70:d2:00:4b:69:0b:fd:09:ad:a2:49:
da:17:7c:e5:b3:b6:43:46:f0:b1:46:4e:1e:9e:2f:
b3:7c:28:59:e7:83:cf:64:4d:c7:f8:81:67:25:2f:
c6:55:a9:2e:9a:df:a6:1b:4f:62:b3:f7:30:c3:fb:
9c:59:7d:aa:80:31:c5:87:08:21:ec:2e:e4:df:9c:
7f:2b:a6:49:93:0e:02:d0:f1:9f:ca:0b:68:19:5b:
e4:24:fb:db:97:86:11:94:14:de:0e:06:12:b7:db:
07:27:81:65:64:71:9e:1f:49:ab:f2:91:7d:77:b9:
0f:bb:15:48:9d:19:bd:08:c0:c8:f0:dd:7c:a6:53:
f0:93:b8:2c:09:7e:1d:e6:d8:98:d8:e9:56:3d:eb:
d5:9a:59:c5:57:c2:d9:e9:6a:ed:22:33:1d:59:b2:
92:fb:ec:e1:f0:39:e0:de:58:c3:2e:b0:36:5f:1e:
c1:db:34:93:18:c9:fc:52:41:8e:f7:00:dc:53:a5:
7b:de:26:85:2d:b9:43:0e:a6:ce:31:1f:2b:f0:de:
78:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:1F:C3:24:36:3E:2F:CB:BA:2D:F3:33:10:4B:13:27:B3:9B:7B:D1
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/vh_DJDY-L8u6LfMzEEsTJ7Obe9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.57.0/24
45.12.0.0/23
45.12.3.0/24
91.208.115.0/24
176.97.112.0/23
176.97.116.0/22
176.119.31.0/24
185.254.199.0/24
194.42.204.0/24
195.66.210.0/24
195.128.248.0/23
IPv6:
2a09:2dc2::/31
Signature Algorithm: sha256WithRSAEncryption
30:c8:20:8f:9c:30:60:13:de:d1:1b:a0:aa:28:db:b3:d4:c5:
4f:c4:89:d8:2e:94:9f:ce:39:1f:f7:14:54:e7:48:61:30:19:
45:06:a7:c1:c1:29:09:7a:b6:09:c2:23:d7:64:cd:09:c1:23:
ff:93:d1:27:1b:0c:24:c6:3d:c0:6a:52:de:af:fb:28:20:d0:
8d:9d:a7:09:cd:e0:7d:0a:b1:dc:20:61:07:5b:81:11:5b:f8:
bd:bd:cb:fb:ba:c4:73:dc:71:dd:8b:d2:c6:20:38:cb:cd:e9:
b5:6e:15:57:f5:95:49:73:70:0b:1d:6c:16:1a:69:c1:46:75:
3a:79:4c:cc:bc:14:2c:bc:0f:f0:fb:10:9a:07:77:cf:06:7f:
db:39:a0:62:37:09:13:c7:8b:ae:a2:d8:0b:eb:4b:23:52:e2:
f0:e3:30:07:17:c9:f0:27:08:e1:5b:17:88:b0:4f:f5:63:d6:
a4:5c:93:0a:5f:5a:2f:ca:c1:52:8a:ff:69:b6:a5:31:23:a9:
e7:48:97:f6:24:b8:bd:71:fc:33:13:48:05:cb:7c:40:10:a9:
b9:4f:25:fc:c2:db:b7:c8:5b:fe:bc:46:a0:61:97:30:f6:31:
db:55:7a:a5:56:0d:52:2f:c0:9b:7b:80:c0:85:24:0a:63:18:
d5:ec:34:89
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZmph1VkhXVx6+nsrIA8F/fMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjUxMDAzMTAwNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTFmYzMyNDM2M2UyZmNiYmEyZGYzMzMxMDRiMTMyN2IzOWI3YmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8bLxByLY1hauKpyyJCeEGQPlun4Q
BOHuSTVKnR9ncSpidWpkRixvLcpGAeRJ9APUcNIAS2kL/QmtoknaF3zls7ZDRvCx
Rk4eni+zfChZ54PPZE3H+IFnJS/GVakumt+mG09is/cww/ucWX2qgDHFhwgh7C7k
35x/K6ZJkw4C0PGfygtoGVvkJPvbl4YRlBTeDgYSt9sHJ4FlZHGeH0mr8pF9d7kP
uxVInRm9CMDI8N18plPwk7gsCX4d5tiY2OlWPevVmlnFV8LZ6WrtIjMdWbKS++zh
8Dng3ljDLrA2Xx7B2zSTGMn8UkGO9wDcU6V73iaFLblDDqbOMR8r8N54sQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFL4fwyQ2Pi/Lui3zMxBLEyezm3vRMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvdmhfREpEWS1MOHU2TGZNekVFc1RKN09iZTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQALQs5AwQB
LQwAAwQALQwDAwQAW9BzAwQBsGFwAwQCsGF0AwQAsHcfAwQAuf7HAwQAwirMAwQA
w0LSAwQBw4D4MA0EAgACMAcDBQEqCS3CMA0GCSqGSIb3DQEBCwUAA4IBAQAwyCCP
nDBgE97RG6CqKNuz1MVPxInYLpSfzjkf9xRU50hhMBlFBqfBwSkJerYJwiPXZM0J
wSP/k9EnGwwkxj3AalLer/soINCNnacJzeB9CrHcIGEHW4ERW/i9vcv7usRz3HHd
i9LGIDjLzem1bhVX9ZVJc3ALHWwWGmnBRnU6eUzMvBQsvA/w+xCaB3fPBn/bOaBi
NwkTx4uuotgL60sjUuLw4zAHF8nwJwjhWxeIsE/1Y9akXJMKX1ovysFSiv9ptqUx
I6nnSJf2JLi9cfwzE0gFy3xAEKm5TyX8wtu3yFv+vEagYZcw9jHbVXqlVg1SL8Cb
e4DAhSQKYxjV7DSJ
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:46:06 2025 by rpki-client