Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/Vrmk2bULiTNAA5JeOQZ33ec3wXc.roa
File: Vrmk2bULiTNAA5JeOQZ33ec3wXc.roa (raw, json)
Hash identifier: l2T4AkC8bheD2TY5DDvz9/5pBIbrm/A780nuw41Lr6Y=
Subject key identifier: 56:B9:A4:D9:B5:0B:89:33:40:03:92:5E:39:06:77:DD:E7:37:C1:77
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 019E0E6196ACB350768356E14FEFBC432D2D
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/Vrmk2bULiTNAA5JeOQZ33ec3wXc.roa
Signing time: Sat 09 May 2026 20:15:37 +0000
ROA not before: Sat 09 May 2026 20:15:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3320
IP address blocks: 95.155.135.0/24 maxlen: 24
95.155.138.0/24 maxlen: 24
95.155.141.0/24 maxlen: 24
95.155.142.0/24 maxlen: 24
95.155.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:0e:61:96:ac:b3:50:76:83:56:e1:4f:ef:bc:43:2d:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: May 9 20:15:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=56b9a4d9b50b89334003925e390677dde737c177
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:06:c7:18:81:6c:11:4d:b7:02:89:d7:ea:80:
ca:a5:5e:60:ca:06:2e:0e:f0:a3:6c:4d:fa:19:c6:
cd:01:94:9f:42:ba:19:a5:6b:1c:c7:ba:26:a0:e1:
4b:e9:c8:56:d2:69:33:30:34:b1:87:c5:79:e4:d3:
2f:2e:9d:ed:3f:f3:a2:fb:58:ab:2d:01:a7:8d:8b:
f4:99:59:d4:cb:9a:8d:81:51:88:d3:e2:7f:e5:bf:
59:2f:c6:aa:78:59:33:e2:22:e1:85:0e:6b:44:04:
e6:59:0a:df:3d:10:94:37:04:c8:10:fc:a9:18:b7:
8d:64:04:bf:41:67:70:3d:cb:9b:59:de:f4:c2:62:
e4:72:26:2b:85:bd:4e:4b:d3:83:b0:7b:f7:dd:fb:
0d:a8:6a:4d:54:a2:f0:fc:25:69:3b:4d:5c:ed:88:
d0:ba:0c:87:f7:e6:ca:d5:60:b1:ea:55:6d:a0:b3:
05:fc:61:3e:1d:b2:fe:e8:26:c9:f2:20:26:48:e5:
6a:bd:16:de:59:ec:96:8c:df:4f:90:e3:c3:b7:ab:
95:79:60:f3:62:a1:69:e8:bd:ff:35:60:18:0d:65:
71:95:b3:ca:80:8a:ac:0a:ad:e2:46:77:90:13:50:
44:55:25:f0:a9:7b:dd:90:95:e6:32:45:01:b2:c6:
c1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:B9:A4:D9:B5:0B:89:33:40:03:92:5E:39:06:77:DD:E7:37:C1:77
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/Vrmk2bULiTNAA5JeOQZ33ec3wXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.155.135.0/24
95.155.138.0/24
95.155.141.0-95.155.143.255
Signature Algorithm: sha256WithRSAEncryption
3a:de:f7:a9:75:e9:c3:5c:5a:1c:e4:a7:da:64:d0:8b:6d:db:
f9:f1:26:71:82:66:3e:91:52:73:9c:34:ff:a1:91:cb:88:25:
4f:4f:4f:a2:61:41:98:23:24:de:d9:a4:74:5f:92:66:13:5c:
7d:2e:60:07:0e:59:93:df:b1:02:27:0e:bc:57:e0:c5:b6:3d:
cc:9c:a1:40:1a:fe:d6:91:8c:bb:36:58:01:11:da:a7:bd:09:
92:11:d8:0f:df:b1:e8:6c:3a:3f:6a:b3:71:4c:c5:da:e8:8c:
bf:bb:70:c3:43:e6:0f:3b:70:60:6d:7f:18:d3:8b:39:24:08:
d3:79:61:44:d7:d1:94:63:f1:cc:fe:30:93:be:a6:da:3c:69:
80:42:bf:39:ac:ee:79:4b:a5:6b:30:fa:ca:70:8f:f3:80:d4:
73:7e:e3:42:10:26:ba:52:e1:9a:3a:c0:7a:7a:34:e7:9c:a6:
ea:5f:eb:e8:dc:66:de:db:82:63:db:b8:5a:a5:ed:3d:4b:00:
28:d2:b2:48:f5:aa:cd:f8:4e:e1:52:4c:3c:f1:b5:35:72:f8:
47:40:48:97:36:7f:58:8b:3a:db:52:81:c3:06:a4:cb:66:30:
63:c0:3d:fa:79:3e:3c:97:44:cb:4d:5b:f8:2f:3d:8e:41:d9:
fc:de:da:86
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZ4OYZass1B2g1bhT++8Qy0tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjYwNTA5MjAxNTM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmI5YTRkOWI1MGI4OTMzNDAwMzkyNWUzOTA2NzdkZGU3MzdjMTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogbHGIFsEU23AonX6oDKpV5gygYu
DvCjbE36GcbNAZSfQroZpWscx7omoOFL6chW0mkzMDSxh8V55NMvLp3tP/Oi+1ir
LQGnjYv0mVnUy5qNgVGI0+J/5b9ZL8aqeFkz4iLhhQ5rRATmWQrfPRCUNwTIEPyp
GLeNZAS/QWdwPcubWd70wmLkciYrhb1OS9ODsHv33fsNqGpNVKLw/CVpO01c7YjQ
ugyH9+bK1WCx6lVtoLMF/GE+HbL+6CbJ8iAmSOVqvRbeWeyWjN9PkOPDt6uVeWDz
YqFp6L3/NWAYDWVxlbPKgIqsCq3iRneQE1BEVSXwqXvdkJXmMkUBssbBcQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFa5pNm1C4kzQAOSXjkGd93nN8F3MB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvVnJtazJiVUxpVE5BQTVKZU9RWjMzZWMzd1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAX5uHAwQA
X5uKMAwDBABfm40DBARfm4AwDQYJKoZIhvcNAQELBQADggEBADre96l16cNcWhzk
p9pk0Itt2/nxJnGCZj6RUnOcNP+hkcuIJU9PT6JhQZgjJN7ZpHRfkmYTXH0uYAcO
WZPfsQInDrxX4MW2PcycoUAa/taRjLs2WAER2qe9CZIR2A/fsehsOj9qs3FMxdro
jL+7cMND5g87cGBtfxjTizkkCNN5YUTX0ZRj8cz+MJO+pto8aYBCvzms7nlLpWsw
+spwj/OA1HN+40IQJrpS4Zo6wHp6NOecpupf6+jcZt7bgmPbuFql7T1LACjSskj1
qs34TuFSTDzxtTVy+EdASJc2f1iLOttSgcMGpMtmMGPAPfp5PjyXRMtNW/gvPY5B
2fze2oY=
-----END CERTIFICATE-----
Generated at Tue May 12 21:52:35 2026 by rpki-client