
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vyDPsQ1FXw7OXoebjCdEso67fJc.roa
File: vyDPsQ1FXw7OXoebjCdEso67fJc.roa (raw, json)
Hash identifier: 40KxbJ4OGjtphO16wDERCKtpdBirvp5LYlDflcERj1A=
Subject key identifier: BF:20:CF:B1:0D:45:5F:0E:CE:5E:87:9B:8C:27:44:B2:8E:BB:7C:97
Certificate issuer: /CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Certificate serial: 0199F23DC8D40481C1C17BEED5BE89C87329
Authority key identifier: BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vyDPsQ1FXw7OXoebjCdEso67fJc.roa
Signing time: Fri 17 Oct 2025 12:55:59 +0000
ROA not before: Fri 17 Oct 2025 12:55:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 212.81.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.mft
rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f2:3d:c8:d4:04:81:c1:c1:7b:ee:d5:be:89:c8:73:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd3668628f0df79d047eca0d9adcfc0b6693e309
Validity
Not Before: Oct 17 12:55:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf20cfb10d455f0ece5e879b8c2744b28ebb7c97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:07:cf:15:d1:d4:c4:a1:1d:a7:4f:22:bb:d5:
84:62:1a:64:68:31:b3:86:f5:51:97:34:73:52:d6:
f5:94:10:bf:e8:be:19:96:2f:34:6e:b0:56:98:7c:
b9:16:a2:25:98:79:33:c1:5d:22:1f:11:7e:19:3e:
3a:db:08:a3:e8:a0:f0:35:5b:a3:d3:5e:bc:14:62:
7c:00:28:25:88:c5:1f:4b:96:62:f0:50:be:49:bc:
b4:a3:60:0a:e3:00:cb:42:5b:32:32:00:ea:09:aa:
6d:25:f9:68:1c:84:56:e6:48:eb:e4:2e:62:29:62:
92:73:8c:b4:53:b7:75:bb:90:11:3d:93:42:27:6a:
ed:22:c6:59:aa:78:4e:fb:ce:87:94:fb:1b:f3:07:
91:73:f2:f4:fb:32:c0:f3:5c:2b:94:68:4f:5d:76:
f0:5f:a9:85:4d:0d:ac:e7:e9:bc:1c:01:50:0e:34:
26:6d:92:80:e5:ab:ab:3c:8a:fb:08:f0:bb:e2:8f:
03:77:5a:5b:17:09:da:bf:47:f8:b0:5e:ce:c6:71:
d8:f5:56:8a:b8:02:39:bb:0f:7d:02:79:f7:0a:3a:
1a:73:4f:d1:46:ab:5e:23:8e:66:79:cb:2c:f2:7f:
d2:0b:59:35:18:c6:0c:87:b6:b8:36:95:4e:92:d6:
39:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:20:CF:B1:0D:45:5F:0E:CE:5E:87:9B:8C:27:44:B2:8E:BB:7C:97
X509v3 Authority Key Identifier:
keyid:BD:36:68:62:8F:0D:F7:9D:04:7E:CA:0D:9A:DC:FC:0B:66:93:E3:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vTZoYo8N950EfsoNmtz8C2aT4wk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vyDPsQ1FXw7OXoebjCdEso67fJc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/1b5722-1dda-4df3-a45c-e6bf316c94a1/1/vTZoYo8N950EfsoNmtz8C2aT4wk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.81.46.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:aa:78:49:e4:46:57:a2:08:90:8a:b7:e3:f2:a3:0c:dc:ba:
0b:79:28:e9:11:f5:48:9d:77:c1:b7:64:04:7b:d7:88:3b:ff:
8c:4c:64:25:0f:b1:6a:43:47:58:25:b0:e7:65:db:3d:79:c0:
6e:17:8d:24:4d:c1:5b:af:2e:b2:8b:fb:ea:81:1c:69:1f:2b:
22:1e:6c:67:b1:33:b9:a8:70:28:39:0f:4d:c6:c5:84:f6:c4:
30:e8:89:e6:17:64:c4:70:68:87:94:b4:fd:f0:f3:79:46:8a:
64:7f:78:61:13:49:5c:ba:28:cc:30:56:33:b3:a3:c2:35:a4:
ca:b6:6a:75:5d:22:1d:ce:00:84:42:e7:8d:0d:b7:91:6d:20:
bf:a7:e4:0a:65:9c:b5:7a:be:0c:a5:c7:c6:9b:c0:e8:25:a5:
8d:01:9f:8e:c8:ab:e5:80:16:f0:9c:d0:31:60:38:2d:54:a9:
5e:f7:93:44:c7:b2:28:d1:7f:da:c0:83:5b:ca:c3:18:60:74:
a6:40:57:69:c6:c8:77:02:eb:04:0f:be:e4:3f:82:9b:36:7b:
b5:13:40:87:89:35:20:98:71:66:a1:23:79:84:13:21:16:10:
eb:43:ff:29:95:8f:c8:8a:44:5f:e1:b5:5b:24:9a:e7:01:92:
cc:d0:80:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZnyPcjUBIHBwXvu1b6JyHMpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMzY2ODYyOGYwZGY3OWQwNDdlY2EwZDlhZGNmYzBiNjY5
M2UzMDkwHhcNMjUxMDE3MTI1NTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjIwY2ZiMTBkNDU1ZjBlY2U1ZTg3OWI4YzI3NDRiMjhlYmI3Yzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwfPFdHUxKEdp08iu9WEYhpkaDGz
hvVRlzRzUtb1lBC/6L4Zli80brBWmHy5FqIlmHkzwV0iHxF+GT462wij6KDwNVuj
0168FGJ8ACgliMUfS5Zi8FC+Sby0o2AK4wDLQlsyMgDqCaptJfloHIRW5kjr5C5i
KWKSc4y0U7d1u5ARPZNCJ2rtIsZZqnhO+86HlPsb8weRc/L0+zLA81wrlGhPXXbw
X6mFTQ2s5+m8HAFQDjQmbZKA5aurPIr7CPC74o8Dd1pbFwnav0f4sF7OxnHY9VaK
uAI5uw99Ann3Cjoac0/RRqteI45mecss8n/SC1k1GMYMh7a4NpVOktY5WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFL8gz7ENRV8Ozl6Hm4wnRLKOu3yXMB8GA1UdIwQY
MBaAFL02aGKPDfedBH7KDZrc/Atmk+MJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMt
ZTZiZjMxNmM5NGExLzEvdnlEUHNRMUZYdzdPWG9lYmpDZEVzbzY3ZkpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8xYjU3MjItMWRkYS00ZGYzLWE0NWMtZTZiZjMxNmM5NGEx
LzEvdlRab1lvOE45NTBFZnNvTm10ejhDMmFUNHdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1FEuMA0G
CSqGSIb3DQEBCwUAA4IBAQBeqnhJ5EZXogiQirfj8qMM3LoLeSjpEfVInXfBt2QE
e9eIO/+MTGQlD7FqQ0dYJbDnZds9ecBuF40kTcFbry6yi/vqgRxpHysiHmxnsTO5
qHAoOQ9NxsWE9sQw6InmF2TEcGiHlLT98PN5Ropkf3hhE0lcuijMMFYzs6PCNaTK
tmp1XSIdzgCEQueNDbeRbSC/p+QKZZy1er4MpcfGm8DoJaWNAZ+OyKvlgBbwnNAx
YDgtVKle95NEx7Io0X/awINbysMYYHSmQFdpxsh3AusED77kP4KbNnu1E0CHiTUg
mHFmoSN5hBMhFhDrQ/8plY/IikRf4bVbJJrnAZLM0IDq
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:52:57 2025 by rpki-client