Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/VtXVQS5WrSYwugMzss8I3ogvEbk.roa
File: VtXVQS5WrSYwugMzss8I3ogvEbk.roa (raw, json)
Hash identifier: +tl5Kay+cEBtEPKR/STJIU+xXIm0HBy+GnmOc2exJB4=
Subject key identifier: 56:D5:D5:41:2E:56:AD:26:30:BA:03:33:B2:CF:08:DE:88:2F:11:B9
Certificate issuer: /CN=cfcead390625edba1408108df57cea47160d70e5
Certificate serial: 019937321F78F20AE3E6741FDCF638C4A796
Authority key identifier: CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/VtXVQS5WrSYwugMzss8I3ogvEbk.roa
Signing time: Thu 11 Sep 2025 05:14:15 +0000
ROA not before: Thu 11 Sep 2025 05:14:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 2a0f:7802:e000::/40 maxlen: 48
2a0f:7802:e100::/40 maxlen: 48
2a0f:7802:e200::/40 maxlen: 48
2a0f:7803:f4f0::/44 maxlen: 48
2a0f:7803:fb40::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.mft
rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:37:32:1f:78:f2:0a:e3:e6:74:1f:dc:f6:38:c4:a7:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcead390625edba1408108df57cea47160d70e5
Validity
Not Before: Sep 11 05:14:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56d5d5412e56ad2630ba0333b2cf08de882f11b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2f:b9:d0:43:f1:2c:b7:02:13:af:f8:db:8f:
14:69:b9:44:43:a0:18:fe:38:cb:17:fc:fe:fe:67:
c2:ad:ba:8b:2a:23:70:96:62:d2:65:be:bc:b6:ca:
f4:0d:6f:70:59:dd:27:69:8d:81:7c:18:35:9c:e3:
5a:7e:b9:8e:18:b5:5d:a7:f5:3c:97:90:1f:09:d0:
18:b8:28:c0:19:64:fb:9b:ba:98:c0:5e:d7:85:e8:
20:0f:c1:ce:5d:d5:f8:e4:ac:50:e5:86:2e:72:a4:
67:a8:bf:93:1b:87:13:ba:c8:97:b0:40:6d:40:33:
92:5a:bf:e4:99:41:5d:49:fb:56:f0:7e:92:69:d3:
d1:47:8b:2f:a5:26:aa:20:eb:82:af:62:ea:81:3c:
91:cf:7a:e5:e9:b1:c5:b9:2e:07:28:74:c2:21:48:
c0:94:12:d3:be:eb:1b:da:72:0d:52:4f:1b:2c:33:
1c:3e:f3:f1:91:82:b8:9c:76:c9:1c:2f:bd:1e:60:
ad:1b:66:a8:e4:dc:e2:d7:b4:07:a7:d7:6a:e9:04:
c2:a3:fe:10:c2:ea:ed:87:af:5e:c7:5c:08:b3:5d:
b4:78:75:5e:da:72:ff:e3:cd:38:13:61:8c:c3:c7:
46:43:1e:89:d1:bf:b9:c1:da:b6:31:5e:a7:1c:1a:
89:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:D5:D5:41:2E:56:AD:26:30:BA:03:33:B2:CF:08:DE:88:2F:11:B9
X509v3 Authority Key Identifier:
keyid:CF:CE:AD:39:06:25:ED:BA:14:08:10:8D:F5:7C:EA:47:16:0D:70:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z86tOQYl7boUCBCN9XzqRxYNcOU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/VtXVQS5WrSYwugMzss8I3ogvEbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/c4647a-6042-4fe8-a276-f5b6a718f4b5/1/z86tOQYl7boUCBCN9XzqRxYNcOU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:7802:e000::-2a0f:7802:e2ff:ffff:ffff:ffff:ffff:ffff
2a0f:7803:f4f0::/44
2a0f:7803:fb40::/44
Signature Algorithm: sha256WithRSAEncryption
b5:ac:e2:a4:54:c0:81:7f:90:79:53:c9:a8:b9:0e:cd:53:3b:
43:99:08:7f:32:af:83:71:5c:79:86:47:82:76:da:9d:f1:34:
20:6b:69:17:75:bc:6c:79:af:27:c1:b6:40:27:a8:fe:30:21:
41:e6:ed:79:ad:3c:4f:c6:f2:c3:b2:87:82:77:b9:18:40:c3:
3c:2d:a2:f3:3e:22:2b:06:ad:80:11:43:0c:90:80:f5:5c:7d:
ac:28:ea:42:71:be:1a:a4:6f:6a:fe:fa:1d:c2:14:61:2b:fc:
09:a2:de:11:b2:3d:5b:85:d3:a0:60:78:17:9e:5d:2c:8a:69:
90:4e:bf:ad:08:f8:1e:a8:ca:68:69:55:2b:2e:18:41:72:04:
c5:62:9f:a9:10:9e:00:fb:7d:53:5a:b1:02:a9:59:17:ad:82:
5d:6a:29:23:6c:5a:65:08:9f:a4:20:3b:a2:de:d2:e2:60:8a:
ad:c4:74:c5:0f:7c:fc:27:fa:ff:be:a4:e6:ae:41:dd:12:1c:
be:26:94:2e:cf:38:0e:53:ca:13:9a:d3:f1:b8:7d:33:52:ba:
4d:e6:2f:31:2d:f3:35:ac:54:24:5a:f3:10:b8:e6:fd:4d:e6:
6b:37:3f:6b:1e:3f:a0:bf:b8:c4:a8:f3:ab:dc:6d:09:50:25:
48:bc:23:80
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZk3Mh948grj5nQf3PY4xKeWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2VhZDM5MDYyNWVkYmExNDA4MTA4ZGY1N2NlYTQ3MTYw
ZDcwZTUwHhcNMjUwOTExMDUxNDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmQ1ZDU0MTJlNTZhZDI2MzBiYTAzMzNiMmNmMDhkZTg4MmYxMWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqi+50EPxLLcCE6/4248UablEQ6AY
/jjLF/z+/mfCrbqLKiNwlmLSZb68tsr0DW9wWd0naY2BfBg1nONafrmOGLVdp/U8
l5AfCdAYuCjAGWT7m7qYwF7XheggD8HOXdX45KxQ5YYucqRnqL+TG4cTusiXsEBt
QDOSWr/kmUFdSftW8H6SadPRR4svpSaqIOuCr2LqgTyRz3rl6bHFuS4HKHTCIUjA
lBLTvusb2nINUk8bLDMcPvPxkYK4nHbJHC+9HmCtG2ao5Nzi17QHp9dq6QTCo/4Q
wurth69ex1wIs120eHVe2nL/4804E2GMw8dGQx6J0b+5wdq2MV6nHBqJ2QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFbV1UEuVq0mMLoDM7LPCN6ILxG5MB8GA1UdIwQY
MBaAFM/OrTkGJe26FAgQjfV86kcWDXDlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYt
ZjViNmE3MThmNGI1LzEvVnRYVlFTNVdyU1l3dWdNenNzOEkzb2d2RWJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9jNDY0N2EtNjA0Mi00ZmU4LWEyNzYtZjViNmE3MThmNGI1
LzEvejg2dE9RWWw3Ym9VQ0JDTjlYenFSeFlOY09VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkMBADBgUqD3gC
4AMGACoPeALiAwcEKg94A/TwAwcEKg94A/tAMA0GCSqGSIb3DQEBCwUAA4IBAQC1
rOKkVMCBf5B5U8mouQ7NUztDmQh/Mq+DcVx5hkeCdtqd8TQga2kXdbxsea8nwbZA
J6j+MCFB5u15rTxPxvLDsoeCd7kYQMM8LaLzPiIrBq2AEUMMkID1XH2sKOpCcb4a
pG9q/vodwhRhK/wJot4Rsj1bhdOgYHgXnl0simmQTr+tCPgeqMpoaVUrLhhBcgTF
Yp+pEJ4A+31TWrECqVkXrYJdaikjbFplCJ+kIDui3tLiYIqtxHTFD3z8J/r/vqTm
rkHdEhy+JpQuzzgOU8oTmtPxuH0zUrpN5i8xLfM1rFQkWvMQuOb9TeZrNz9rHj+g
v7jEqPOr3G0JUCVIvCOA
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:43:35 2025 by rpki-client