Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/a9e57e-2479-4576-b275-87433157a25b/1/vkkRAkl-IwQNmrBge38zIHM1u4s.roa
File: vkkRAkl-IwQNmrBge38zIHM1u4s.roa (raw, json)
Hash identifier: ww7yIGrhLBt5cEWEEdI9G55jx6vHqfpMgzLOawUYyek=
Subject key identifier: BE:49:11:02:49:7E:23:04:0D:9A:B0:60:7B:7F:33:20:73:35:BB:8B
Certificate issuer: /CN=4df92658601094ed64985c64c6952be3416301ce
Certificate serial: 019D25109C4ED6AFA656AAD73A7E66607D05
Authority key identifier: 4D:F9:26:58:60:10:94:ED:64:98:5C:64:C6:95:2B:E3:41:63:01:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TfkmWGAQlO1kmFxkxpUr40FjAc4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/a9e57e-2479-4576-b275-87433157a25b/1/vkkRAkl-IwQNmrBge38zIHM1u4s.roa
Signing time: Wed 25 Mar 2026 12:55:38 +0000
ROA not before: Wed 25 Mar 2026 12:55:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211519
IP address blocks: 185.139.183.0/24 maxlen: 24
217.26.223.0/24 maxlen: 24
2a13:5440::/29 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/a9e57e-2479-4576-b275-87433157a25b/1/TfkmWGAQlO1kmFxkxpUr40FjAc4.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/a9e57e-2479-4576-b275-87433157a25b/1/TfkmWGAQlO1kmFxkxpUr40FjAc4.mft
rsync://rpki.ripe.net/repository/DEFAULT/TfkmWGAQlO1kmFxkxpUr40FjAc4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:25:10:9c:4e:d6:af:a6:56:aa:d7:3a:7e:66:60:7d:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4df92658601094ed64985c64c6952be3416301ce
Validity
Not Before: Mar 25 12:55:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=be491102497e23040d9ab0607b7f33207335bb8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5b:80:e1:f2:18:32:cc:de:21:c8:f2:ba:31:
b9:97:ed:a3:49:ac:f4:33:29:d1:af:a0:a0:07:98:
6f:e9:40:3f:e5:47:5e:95:8b:32:50:89:50:bc:03:
c5:55:ef:4c:13:ea:fb:63:46:c6:df:f4:c8:53:d8:
c8:44:9f:2c:20:a3:6d:d6:9a:fd:54:ed:d5:5b:55:
b5:82:af:de:7b:3d:10:22:86:ef:c1:7f:9d:9d:ee:
6f:dd:9e:40:80:9e:b8:21:7f:fd:57:3e:cc:34:93:
07:1f:b4:19:f5:64:d5:4d:cf:88:f9:c6:98:2f:0f:
b0:31:7e:31:e7:61:c3:81:e2:14:a0:58:da:6d:8a:
f7:ed:76:48:1e:45:d2:30:aa:9d:3a:50:42:57:91:
6e:c6:92:c9:56:5c:aa:45:71:83:d6:82:4f:b5:6f:
7d:eb:46:7a:aa:77:29:ce:19:cb:8d:1f:91:44:24:
ff:82:8c:88:d9:95:0e:2a:28:f5:45:51:e8:36:8c:
9f:c2:80:99:b3:13:f2:49:ff:04:39:79:0f:ab:ba:
42:19:c5:da:ca:eb:17:8a:61:d3:8a:dd:c1:1b:ec:
8d:d8:e1:f6:4a:aa:fd:a4:f6:76:36:34:f8:4a:9f:
f0:e2:ca:6b:78:20:54:20:77:1f:6a:95:36:03:1d:
1c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:49:11:02:49:7E:23:04:0D:9A:B0:60:7B:7F:33:20:73:35:BB:8B
X509v3 Authority Key Identifier:
keyid:4D:F9:26:58:60:10:94:ED:64:98:5C:64:C6:95:2B:E3:41:63:01:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TfkmWGAQlO1kmFxkxpUr40FjAc4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/a9e57e-2479-4576-b275-87433157a25b/1/vkkRAkl-IwQNmrBge38zIHM1u4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/a9e57e-2479-4576-b275-87433157a25b/1/TfkmWGAQlO1kmFxkxpUr40FjAc4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.183.0/24
217.26.223.0/24
IPv6:
2a13:5440::/29
Signature Algorithm: sha256WithRSAEncryption
09:8c:c1:dd:8a:4a:32:2b:b6:ab:45:71:12:9f:e5:dd:69:b2:
0a:05:4d:32:18:8c:93:3e:86:4f:6e:c9:94:29:d1:fe:35:ec:
04:8a:90:c4:b5:26:59:80:b8:12:e5:1d:29:cf:7c:74:4c:be:
b0:70:5b:cd:c9:7e:8f:0c:ec:46:d5:63:0d:1f:f2:f4:d6:96:
88:01:8f:22:9c:d8:f0:19:5d:79:f5:d7:00:35:cd:5b:27:8d:
07:9a:7e:18:ce:60:61:cb:70:be:ac:02:97:f2:26:db:ea:bc:
56:c4:42:4f:69:1d:ef:10:64:80:bb:43:83:a3:3b:e6:10:a8:
28:55:f2:a4:ec:1f:05:25:97:1f:fb:37:65:72:e4:4d:f7:c3:
94:fc:f3:31:e3:7d:8c:ea:76:e6:56:bc:b2:11:b8:5e:c8:d1:
32:65:ee:ef:71:6c:71:a4:82:28:38:8c:8f:7e:a8:3b:b3:07:
a7:4f:b2:11:76:ae:90:64:15:78:79:2f:7a:26:91:82:0b:f4:
67:6c:44:f7:be:ae:33:40:a1:97:a4:a9:18:f7:0a:0f:94:9b:
2b:3e:a1:a9:ac:df:c0:d3:35:04:fa:74:d8:46:f2:01:d7:ca:
9f:b9:45:44:8d:50:4d:8d:53:0b:d6:a1:b9:60:dc:24:58:e8:
8f:b3:3f:3e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ0lEJxO1q+mVqrXOn5mYH0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZjkyNjU4NjAxMDk0ZWQ2NDk4NWM2NGM2OTUyYmUzNDE2
MzAxY2UwHhcNMjYwMzI1MTI1NTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTQ5MTEwMjQ5N2UyMzA0MGQ5YWIwNjA3YjdmMzMyMDczMzViYjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsluA4fIYMszeIcjyujG5l+2jSaz0
MynRr6CgB5hv6UA/5UdelYsyUIlQvAPFVe9ME+r7Y0bG3/TIU9jIRJ8sIKNt1pr9
VO3VW1W1gq/eez0QIobvwX+dne5v3Z5AgJ64IX/9Vz7MNJMHH7QZ9WTVTc+I+caY
Lw+wMX4x52HDgeIUoFjabYr37XZIHkXSMKqdOlBCV5FuxpLJVlyqRXGD1oJPtW99
60Z6qncpzhnLjR+RRCT/goyI2ZUOKij1RVHoNoyfwoCZsxPySf8EOXkPq7pCGcXa
yusXimHTit3BG+yN2OH2Sqr9pPZ2NjT4Sp/w4spreCBUIHcfapU2Ax0ctQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFL5JEQJJfiMEDZqwYHt/MyBzNbuLMB8GA1UdIwQY
MBaAFE35JlhgEJTtZJhcZMaVK+NBYwHOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGZrbVdHQVFsTzFrbUZ4a3hwVXI0MEZqQWM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9hOWU1N2UtMjQ3OS00NTc2LWIyNzUt
ODc0MzMxNTdhMjViLzEvdmtrUkFrbC1Jd1FObXJCZ2UzOHpJSE0xdTRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9hOWU1N2UtMjQ3OS00NTc2LWIyNzUtODc0MzMxNTdhMjVi
LzEvVGZrbVdHQVFsTzFrbUZ4a3hwVXI0MEZqQWM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuYu3AwQA
2RrfMA0EAgACMAcDBQMqE1RAMA0GCSqGSIb3DQEBCwUAA4IBAQAJjMHdikoyK7ar
RXESn+XdabIKBU0yGIyTPoZPbsmUKdH+NewEipDEtSZZgLgS5R0pz3x0TL6wcFvN
yX6PDOxG1WMNH/L01paIAY8inNjwGV159dcANc1bJ40Hmn4YzmBhy3C+rAKX8ibb
6rxWxEJPaR3vEGSAu0ODozvmEKgoVfKk7B8FJZcf+zdlcuRN98OU/PMx432M6nbm
VryyEbheyNEyZe7vcWxxpIIoOIyPfqg7swenT7IRdq6QZBV4eS96JpGCC/RnbET3
vq4zQKGXpKkY9woPlJsrPqGprN/A0zUE+nTYRvIB18qfuUVEjVBNjVML1qG5YNwk
WOiPsz8+
-----END CERTIFICATE-----
Generated at Thu Mar 26 00:49:07 2026 by rpki-client