Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/vDwD98yktnvAwmcDkgoxzIt5lCc.roa
File: vDwD98yktnvAwmcDkgoxzIt5lCc.roa (raw, json)
Hash identifier: 47O3EM7Fv1PyIlfL1Ust6IBoybNxBv0++K0mVFDHqdc=
Subject key identifier: BC:3C:03:F7:CC:A4:B6:7B:C0:C2:67:03:92:0A:31:CC:8B:79:94:27
Certificate issuer: /CN=6991c56f11a7171c6153239769f557beba10182d
Certificate serial: 019DBB06522638764868B4460A8A528E195D
Authority key identifier: 69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/vDwD98yktnvAwmcDkgoxzIt5lCc.roa
Signing time: Thu 23 Apr 2026 15:47:26 +0000
ROA not before: Thu 23 Apr 2026 15:47:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3257
IP address blocks: 95.164.70.0/24 maxlen: 24
95.164.168.0/23 maxlen: 23
95.164.192.0/22 maxlen: 22
95.164.200.0/21 maxlen: 21
95.164.240.0/21 maxlen: 21
95.164.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:bb:06:52:26:38:76:48:68:b4:46:0a:8a:52:8e:19:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6991c56f11a7171c6153239769f557beba10182d
Validity
Not Before: Apr 23 15:47:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bc3c03f7cca4b67bc0c26703920a31cc8b799427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0c:5c:c0:94:b1:06:7c:cc:94:14:ec:41:91:
99:f2:49:e1:18:25:d7:a6:bb:d7:75:9f:1d:e4:23:
05:af:2e:a7:86:17:a4:7a:a1:45:d3:ec:cb:d8:31:
1d:1f:0c:df:c4:08:44:23:76:df:a9:4b:30:73:ad:
29:6c:5f:89:24:17:5d:70:06:0e:79:cb:75:d0:ad:
10:45:f2:40:42:1c:f5:dd:a7:8f:b3:b3:50:14:d7:
cb:91:f6:e0:ca:b7:70:ef:0d:62:bf:00:79:ef:38:
d6:0f:76:92:7f:52:d4:c6:1a:28:ea:83:cf:49:36:
34:d1:d6:70:4b:44:c8:03:b2:c2:62:95:05:b6:47:
32:75:28:1c:12:cb:b7:d3:3e:4d:4b:68:84:b0:bd:
65:3e:99:23:f2:d6:d2:ea:88:87:3b:53:92:60:5f:
99:7d:77:34:4f:30:f6:ea:34:5a:a9:27:67:fe:52:
a0:e3:b1:dc:33:9a:51:e2:1c:f1:ec:fc:cf:b7:bb:
6c:4d:79:ac:02:9e:9d:9e:a5:5f:09:92:d7:6f:b3:
36:79:d5:f2:2f:53:94:57:ce:dc:cb:24:b7:2c:50:
93:98:7a:f5:6f:69:e0:c9:f9:79:39:66:1a:e1:b4:
34:78:f3:54:12:46:18:d3:65:f1:e4:4e:c8:c0:37:
44:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:3C:03:F7:CC:A4:B6:7B:C0:C2:67:03:92:0A:31:CC:8B:79:94:27
X509v3 Authority Key Identifier:
keyid:69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/vDwD98yktnvAwmcDkgoxzIt5lCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.70.0/24
95.164.168.0/23
95.164.192.0/22
95.164.200.0/21
95.164.240.0/21
95.164.252.0/22
Signature Algorithm: sha256WithRSAEncryption
bd:36:de:f9:11:4f:89:13:f9:45:e3:9a:52:81:82:6b:91:5d:
9c:88:c3:c4:38:9e:22:61:7a:cc:35:4c:47:46:76:50:40:1c:
c2:16:f6:ff:40:3d:29:f7:3a:b2:9b:e4:b6:72:e4:0c:cb:1e:
fc:2e:b6:07:9a:2a:c7:24:d0:76:22:9f:ee:93:6b:c7:35:57:
aa:a6:14:b5:26:f3:1a:b8:a9:8a:d9:8f:a0:bd:26:ff:45:c8:
94:b1:6a:17:a8:b6:6c:30:ee:8a:07:1a:a5:80:aa:7c:2d:cc:
69:7f:b6:f3:a3:c0:42:e5:4d:1e:36:4c:96:62:86:50:04:43:
88:31:ce:b9:a5:96:fb:f4:93:9d:bb:e7:a3:01:41:e6:7b:20:
62:c3:0d:4c:e6:4d:fc:83:14:71:1a:6e:1b:f5:43:df:99:fb:
dc:58:37:8c:c8:a1:20:05:91:4f:22:9b:ff:ca:79:87:22:3c:
23:c7:9f:51:bf:bb:dd:e6:b5:52:a8:f2:6d:9b:30:9d:ee:38:
ab:36:23:ae:b0:db:3c:75:a9:7f:d7:29:ed:31:16:68:95:c8:
0f:6a:78:bd:28:af:13:82:91:08:32:14:e3:fa:b1:dd:96:a1:
35:f6:61:a4:d7:29:ce:8a:d7:bc:bf:1f:6b:55:dd:0f:c0:b4:
cb:70:72:11
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ27BlImOHZIaLRGCopSjhldMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OTFjNTZmMTFhNzE3MWM2MTUzMjM5NzY5ZjU1N2JlYmEx
MDE4MmQwHhcNMjYwNDIzMTU0NzI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzNjMDNmN2NjYTRiNjdiYzBjMjY3MDM5MjBhMzFjYzhiNzk5NDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAxcwJSxBnzMlBTsQZGZ8knhGCXX
prvXdZ8d5CMFry6nhhekeqFF0+zL2DEdHwzfxAhEI3bfqUswc60pbF+JJBddcAYO
ect10K0QRfJAQhz13aePs7NQFNfLkfbgyrdw7w1ivwB57zjWD3aSf1LUxhoo6oPP
STY00dZwS0TIA7LCYpUFtkcydSgcEsu30z5NS2iEsL1lPpkj8tbS6oiHO1OSYF+Z
fXc0TzD26jRaqSdn/lKg47HcM5pR4hzx7PzPt7tsTXmsAp6dnqVfCZLXb7M2edXy
L1OUV87cyyS3LFCTmHr1b2ngyfl5OWYa4bQ0ePNUEkYY02Xx5E7IwDdE2QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLw8A/fMpLZ7wMJnA5IKMcyLeZQnMB8GA1UdIwQY
MBaAFGmRxW8RpxccYVMjl2n1V766EBgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYt
NjVkMTU2NzM0MGZkLzEvdkR3RDk4eWt0bnZBd21jRGtnb3h6SXQ1bENjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYtNjVkMTU2NzM0MGZk
LzEvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAX6RGAwQB
X6SoAwQCX6TAAwQDX6TIAwQDX6TwAwQCX6T8MA0GCSqGSIb3DQEBCwUAA4IBAQC9
Nt75EU+JE/lF45pSgYJrkV2ciMPEOJ4iYXrMNUxHRnZQQBzCFvb/QD0p9zqym+S2
cuQMyx78LrYHmirHJNB2Ip/uk2vHNVeqphS1JvMauKmK2Y+gvSb/RciUsWoXqLZs
MO6KBxqlgKp8Lcxpf7bzo8BC5U0eNkyWYoZQBEOIMc65pZb79JOdu+ejAUHmeyBi
ww1M5k38gxRxGm4b9UPfmfvcWDeMyKEgBZFPIpv/ynmHIjwjx59Rv7vd5rVSqPJt
mzCd7jirNiOusNs8dal/1yntMRZolcgPani9KK8TgpEIMhTj+rHdlqE19mGk1ynO
ite8vx9rVd0PwLTLcHIR
-----END CERTIFICATE-----
Generated at Tue May 12 21:32:28 2026 by rpki-client