Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Vzx7BvPUrX9-jimCY1uGmyHlLts.roa
File: Vzx7BvPUrX9-jimCY1uGmyHlLts.roa (raw, json)
Hash identifier: EhwDO2X0z17HP7YXMkKS+y6NAKEw7W10RTlTPCyoT5w=
Subject key identifier: 57:3C:7B:06:F3:D4:AD:7F:7E:8E:29:82:63:5B:86:9B:21:E5:2E:DB
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019DE2C316FBC53012A377093F9C1B3DB510
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Vzx7BvPUrX9-jimCY1uGmyHlLts.roa
Signing time: Fri 01 May 2026 08:58:49 +0000
ROA not before: Fri 01 May 2026 08:58:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6079
IP address blocks: 5.182.114.0/24 maxlen: 24
83.137.154.0/24 maxlen: 24
88.209.194.0/24 maxlen: 24
88.209.229.0/24 maxlen: 24
88.209.232.0/24 maxlen: 24
88.209.233.0/24 maxlen: 24
88.209.234.0/24 maxlen: 24
88.209.235.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e2:c3:16:fb:c5:30:12:a3:77:09:3f:9c:1b:3d:b5:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 1 08:58:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=573c7b06f3d4ad7f7e8e2982635b869b21e52edb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:36:36:4e:57:3f:75:9b:91:40:e9:98:30:21:
cb:c7:18:0d:db:00:7f:2b:b8:7c:75:fa:89:71:5b:
a3:bc:7b:4d:c5:8c:71:05:e4:ca:49:28:73:e2:40:
4b:c0:0f:99:95:10:0d:18:8d:a6:bf:71:9f:fd:9c:
ac:68:49:6b:ce:e5:38:3d:35:45:ec:c4:e9:bd:0f:
55:ba:c9:0f:e0:04:58:4a:41:a7:f9:dc:b3:2c:49:
41:72:41:aa:58:b8:7f:04:35:eb:58:56:af:38:ad:
7f:36:2b:46:eb:19:c4:05:06:c5:c9:8f:20:ee:8c:
59:eb:a3:c8:31:70:b0:23:e7:a3:cc:2d:ae:0f:11:
0d:ac:09:11:b3:27:35:43:a7:d8:2c:26:5c:d5:2d:
5f:ed:93:12:a0:fc:fb:ef:23:6e:91:ef:d8:2c:14:
bd:60:17:de:fe:69:c3:ce:44:6e:c6:6f:5e:6b:1a:
eb:85:ba:89:6e:c3:74:41:7b:a0:0e:29:55:e2:c5:
8a:b1:da:f2:1c:cc:fb:7f:43:13:fb:e9:9c:02:39:
fe:32:84:23:d6:ec:da:e0:87:50:ee:3a:60:14:23:
2a:52:84:d0:0d:22:bc:fd:bb:03:67:29:02:6e:43:
c3:e4:cd:10:dc:37:20:b1:85:63:68:f1:74:f7:05:
12:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:3C:7B:06:F3:D4:AD:7F:7E:8E:29:82:63:5B:86:9B:21:E5:2E:DB
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Vzx7BvPUrX9-jimCY1uGmyHlLts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.114.0/24
83.137.154.0/24
88.209.194.0/24
88.209.229.0/24
88.209.232.0/22
92.52.219.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:9d:0f:28:2c:f0:d4:3b:cd:35:2f:46:06:d3:d0:e7:15:79:
a2:f2:6a:d4:72:a5:40:99:4c:0b:72:13:f4:b4:cc:f1:63:90:
78:c0:22:00:80:91:71:6d:3a:83:23:3b:38:e1:1f:f5:92:55:
58:d1:89:7e:dc:93:29:f0:44:be:f3:1c:18:ed:77:d8:3a:e5:
c7:d8:54:55:c5:d8:62:d1:c0:27:a9:61:70:70:a6:82:5c:5b:
63:fa:58:c7:e4:c4:d9:a4:56:71:03:50:86:7e:d6:d8:b6:f8:
d0:fa:a6:af:5a:30:ad:2f:63:4a:1b:f6:1b:66:10:4c:86:4a:
2f:3f:00:ff:d4:af:70:2e:bc:9a:b1:50:66:d9:86:9d:bf:e8:
f0:b5:f3:b0:8d:69:d3:57:69:33:47:32:65:b9:32:53:02:81:
66:de:b0:8c:da:5f:5f:98:8a:5a:92:89:8d:60:90:0b:fa:87:
2f:66:53:52:c2:90:78:54:5e:58:18:cb:52:8d:df:c1:c9:35:
c4:36:cd:c6:6e:46:a3:2d:a6:8d:66:1f:d5:70:fa:ec:9a:95:
4c:34:b7:55:74:5e:5b:07:25:d0:46:3c:ea:15:64:dc:f4:02:
8f:64:d8:76:3b:cd:83:dd:22:b7:61:38:12:f8:ee:8b:a1:03:
55:36:e4:bf
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ3iwxb7xTASo3cJP5wbPbUQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjYwNTAxMDg1ODQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzNjN2IwNmYzZDRhZDdmN2U4ZTI5ODI2MzViODY5YjIxZTUyZWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDY2Tlc/dZuRQOmYMCHLxxgN2wB/
K7h8dfqJcVujvHtNxYxxBeTKSShz4kBLwA+ZlRANGI2mv3Gf/ZysaElrzuU4PTVF
7MTpvQ9VuskP4ARYSkGn+dyzLElBckGqWLh/BDXrWFavOK1/NitG6xnEBQbFyY8g
7oxZ66PIMXCwI+ejzC2uDxENrAkRsyc1Q6fYLCZc1S1f7ZMSoPz77yNuke/YLBS9
YBfe/mnDzkRuxm9eaxrrhbqJbsN0QXugDilV4sWKsdryHMz7f0MT++mcAjn+MoQj
1uza4IdQ7jpgFCMqUoTQDSK8/bsDZykCbkPD5M0Q3DcgsYVjaPF09wUS2wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFc8ewbz1K1/fo4pgmNbhpsh5S7bMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVnp4N0J2UFVyWDktamltQ1kxdUdteUhsTHRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABbZyAwQA
U4maAwQAWNHCAwQAWNHlAwQCWNHoAwQAXDTbMA0GCSqGSIb3DQEBCwUAA4IBAQBq
nQ8oLPDUO801L0YG09DnFXmi8mrUcqVAmUwLchP0tMzxY5B4wCIAgJFxbTqDIzs4
4R/1klVY0Yl+3JMp8ES+8xwY7XfYOuXH2FRVxdhi0cAnqWFwcKaCXFtj+ljH5MTZ
pFZxA1CGftbYtvjQ+qavWjCtL2NKG/YbZhBMhkovPwD/1K9wLryasVBm2Yadv+jw
tfOwjWnTV2kzRzJluTJTAoFm3rCM2l9fmIpakomNYJAL+ocvZlNSwpB4VF5YGMtS
jd/ByTXENs3GbkajLaaNZh/VcPrsmpVMNLdVdF5bByXQRjzqFWTc9AKPZNh2O82D
3SK3YTgS+O6LoQNVNuS/
-----END CERTIFICATE-----
Generated at Wed May 13 14:58:10 2026 by rpki-client