Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/130a65-1b7a-4575-b280-90c3cce569f0/1/VupnGTTOfrBpe5_ufe4-GMR0Hao.roa
File: VupnGTTOfrBpe5_ufe4-GMR0Hao.roa (raw, json)
Hash identifier: RJZvVW8Owbg4R5MLF9yvr42vDFcG2psZgHSUWvn3eSI=
Subject key identifier: 56:EA:67:19:34:CE:7E:B0:69:7B:9F:EE:7D:EE:3E:18:C4:74:1D:AA
Certificate issuer: /CN=2f3eaf4ec754f4a0e3d84ca253ad406ee9c7de15
Certificate serial: 019942B35E9E6463F519078A2E28B828DB71
Authority key identifier: 2F:3E:AF:4E:C7:54:F4:A0:E3:D8:4C:A2:53:AD:40:6E:E9:C7:DE:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lz6vTsdU9KDj2EyiU61AbunH3hU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/130a65-1b7a-4575-b280-90c3cce569f0/1/VupnGTTOfrBpe5_ufe4-GMR0Hao.roa
Signing time: Sat 13 Sep 2025 10:51:15 +0000
ROA not before: Sat 13 Sep 2025 10:51:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 176.105.236.0/24 maxlen: 24
176.105.237.0/24 maxlen: 24
176.105.238.0/24 maxlen: 24
176.105.239.0/24 maxlen: 24
193.219.112.0/24 maxlen: 24
195.7.8.0/24 maxlen: 24
195.7.9.0/24 maxlen: 24
195.7.10.0/24 maxlen: 24
195.7.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/130a65-1b7a-4575-b280-90c3cce569f0/1/Lz6vTsdU9KDj2EyiU61AbunH3hU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/130a65-1b7a-4575-b280-90c3cce569f0/1/Lz6vTsdU9KDj2EyiU61AbunH3hU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Lz6vTsdU9KDj2EyiU61AbunH3hU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:42:b3:5e:9e:64:63:f5:19:07:8a:2e:28:b8:28:db:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f3eaf4ec754f4a0e3d84ca253ad406ee9c7de15
Validity
Not Before: Sep 13 10:51:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=56ea671934ce7eb0697b9fee7dee3e18c4741daa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:97:73:85:0b:44:21:3e:ec:fc:35:0f:0b:7e:
17:d0:5b:e2:c1:38:ff:c0:1f:5d:5f:97:d6:5c:8d:
1b:6d:83:4c:8b:7a:c5:ad:91:16:3d:29:49:2d:8e:
21:07:2b:55:37:88:78:4e:a3:fb:c1:60:77:62:33:
bc:be:f3:e1:58:2e:dc:b5:aa:4a:f5:67:85:9a:6f:
6a:9d:bf:94:36:b6:7e:84:25:50:52:2e:60:99:21:
89:5f:6a:96:a8:8c:61:9a:8f:f2:36:d7:5d:a0:f3:
1f:f8:0d:5b:fd:72:15:50:a1:a3:c2:be:30:56:7a:
5b:39:a2:ff:bd:19:65:05:25:b6:72:64:78:3e:58:
26:5d:d2:ce:37:44:07:e2:59:a0:9b:5b:f4:17:0e:
27:fd:24:05:e0:43:48:e5:fb:f9:a4:a3:26:3f:db:
16:68:e0:78:c7:8e:7f:15:47:88:94:a0:5d:f6:6d:
40:30:a0:f7:64:60:b0:1b:73:e9:58:ca:ee:42:ab:
5b:07:50:d5:5c:3a:24:b0:c0:77:21:c8:36:5a:9a:
94:d6:f9:e7:2f:e2:89:23:a6:78:77:ca:49:10:4f:
5e:a4:22:52:9f:42:a8:f1:2f:83:17:ba:5a:cf:51:
c6:2b:38:72:9b:9c:49:4e:a4:33:ff:59:42:1c:bf:
17:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:EA:67:19:34:CE:7E:B0:69:7B:9F:EE:7D:EE:3E:18:C4:74:1D:AA
X509v3 Authority Key Identifier:
keyid:2F:3E:AF:4E:C7:54:F4:A0:E3:D8:4C:A2:53:AD:40:6E:E9:C7:DE:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lz6vTsdU9KDj2EyiU61AbunH3hU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/130a65-1b7a-4575-b280-90c3cce569f0/1/VupnGTTOfrBpe5_ufe4-GMR0Hao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/130a65-1b7a-4575-b280-90c3cce569f0/1/Lz6vTsdU9KDj2EyiU61AbunH3hU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.105.236.0/22
193.219.112.0/24
195.7.8.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:cd:44:88:f1:12:49:2c:1c:d0:7a:c1:51:3e:97:70:d2:37:
2f:a0:89:93:83:eb:1a:73:2c:a7:5f:0f:31:e2:16:e0:bd:46:
d7:a0:31:cb:a6:16:3d:d7:4b:e2:c8:20:41:f3:a7:67:ab:d8:
f4:af:8c:7f:8d:12:dd:60:04:b2:66:9c:35:02:ea:c7:26:e9:
60:60:4a:28:2b:77:65:0d:1d:0c:5c:d4:f2:d5:49:ce:a9:b7:
48:fe:4f:1a:8a:e6:c1:db:95:90:43:cd:d2:da:a1:ec:ee:28:
98:68:07:6d:22:bf:aa:1c:c9:aa:5c:eb:64:c8:ae:3c:60:b4:
ed:cd:0f:3c:53:bb:b5:84:a8:b7:bc:b5:52:bb:15:cc:58:cc:
9a:9f:f0:24:18:b7:7b:a5:df:16:5f:2b:ef:8d:f7:b9:84:05:
21:97:49:00:1e:19:06:40:12:d8:fc:d8:f8:af:8e:7f:86:7a:
35:4f:78:18:dd:da:bc:eb:24:74:4e:30:bc:2e:57:83:a0:fc:
48:30:3a:fa:47:6d:70:23:cf:32:6a:a7:ed:bd:0f:13:86:bd:
ac:f0:e1:83:30:c2:45:46:73:7b:9f:67:36:83:1b:2b:d7:13:
14:d6:06:95:0d:46:31:ec:18:0a:d0:6d:13:fb:0d:72:14:ca:
d9:31:12:55
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZlCs16eZGP1GQeKLii4KNtxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmM2VhZjRlYzc1NGY0YTBlM2Q4NGNhMjUzYWQ0MDZlZTlj
N2RlMTUwHhcNMjUwOTEzMTA1MTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NmVhNjcxOTM0Y2U3ZWIwNjk3YjlmZWU3ZGVlM2UxOGM0NzQxZGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpdzhQtEIT7s/DUPC34X0FviwTj/
wB9dX5fWXI0bbYNMi3rFrZEWPSlJLY4hBytVN4h4TqP7wWB3YjO8vvPhWC7ctapK
9WeFmm9qnb+UNrZ+hCVQUi5gmSGJX2qWqIxhmo/yNtddoPMf+A1b/XIVUKGjwr4w
VnpbOaL/vRllBSW2cmR4PlgmXdLON0QH4lmgm1v0Fw4n/SQF4ENI5fv5pKMmP9sW
aOB4x45/FUeIlKBd9m1AMKD3ZGCwG3PpWMruQqtbB1DVXDoksMB3Icg2WpqU1vnn
L+KJI6Z4d8pJEE9epCJSn0Ko8S+DF7paz1HGKzhym5xJTqQz/1lCHL8X7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFbqZxk0zn6waXuf7n3uPhjEdB2qMB8GA1UdIwQY
MBaAFC8+r07HVPSg49hMolOtQG7px94VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHo2dlRzZFU5S0RqMkV5aVU2MUFidW5IM2hVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8xMzBhNjUtMWI3YS00NTc1LWIyODAt
OTBjM2NjZTU2OWYwLzEvVnVwbkdUVE9mckJwZTVfdWZlNC1HTVIwSGFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8xMzBhNjUtMWI3YS00NTc1LWIyODAtOTBjM2NjZTU2OWYw
LzEvTHo2dlRzZFU5S0RqMkV5aVU2MUFidW5IM2hVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCsGnsAwQA
wdtwAwQCwwcIMA0GCSqGSIb3DQEBCwUAA4IBAQCPzUSI8RJJLBzQesFRPpdw0jcv
oImTg+sacyynXw8x4hbgvUbXoDHLphY910viyCBB86dnq9j0r4x/jRLdYASyZpw1
AurHJulgYEooK3dlDR0MXNTy1UnOqbdI/k8aiubB25WQQ83S2qHs7iiYaAdtIr+q
HMmqXOtkyK48YLTtzQ88U7u1hKi3vLVSuxXMWMyan/AkGLd7pd8WXyvvjfe5hAUh
l0kAHhkGQBLY/Nj4r45/hno1T3gY3dq86yR0TjC8LleDoPxIMDr6R21wI88yaqft
vQ8Thr2s8OGDMMJFRnN7n2c2gxsr1xMU1gaVDUYx7BgK0G0T+w1yFMrZMRJV
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:32:11 2025 by rpki-client