Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/Vephb5Pt3B3EXLg7EOPVAzOC8yA.roa
File: Vephb5Pt3B3EXLg7EOPVAzOC8yA.roa (raw, json)
Hash identifier: wPf553d/HK8+hJAOoCPQVSLwr68fouqN6FsXjPzFiWo=
Subject key identifier: 55:EA:61:6F:93:ED:DC:1D:C4:5C:B8:3B:10:E3:D5:03:33:82:F3:20
Certificate issuer: /CN=ff711054a89446a76f493ce2c127a948eba4a8ff
Certificate serial: 0197AD48DB33C8953571BD7C4C5254DEF11F
Authority key identifier: FF:71:10:54:A8:94:46:A7:6F:49:3C:E2:C1:27:A9:48:EB:A4:A8:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_3EQVKiURqdvSTziwSepSOukqP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/Vephb5Pt3B3EXLg7EOPVAzOC8yA.roa
Signing time: Thu 26 Jun 2025 17:28:42 +0000
ROA not before: Thu 26 Jun 2025 17:28:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7488
IP address blocks: 185.13.108.0/22 maxlen: 22
185.34.144.0/22 maxlen: 22
185.92.188.0/22 maxlen: 22
185.93.148.0/22 maxlen: 22
185.170.76.0/22 maxlen: 22
195.34.70.0/24 maxlen: 24
195.34.71.0/24 maxlen: 24
195.242.177.0/24 maxlen: 24
195.242.178.0/24 maxlen: 24
2a14:7a40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/_3EQVKiURqdvSTziwSepSOukqP8.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/_3EQVKiURqdvSTziwSepSOukqP8.mft
rsync://rpki.ripe.net/repository/DEFAULT/_3EQVKiURqdvSTziwSepSOukqP8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 20:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ad:48:db:33:c8:95:35:71:bd:7c:4c:52:54:de:f1:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff711054a89446a76f493ce2c127a948eba4a8ff
Validity
Not Before: Jun 26 17:28:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55ea616f93eddc1dc45cb83b10e3d5033382f320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:89:9f:02:8e:b2:59:32:94:ae:d3:c0:85:7f:
a1:4a:5b:d9:8f:36:75:b3:6b:fc:65:8c:96:b7:97:
ea:a0:ce:06:56:45:ad:15:cd:d8:5a:0f:04:47:0d:
40:59:bb:83:4c:50:67:c1:06:c1:64:19:c5:29:2f:
52:40:88:22:f7:f1:b2:d4:e3:2b:aa:28:9c:f3:c5:
e1:ae:9a:29:a9:62:00:a3:b3:06:16:43:d3:e3:81:
8d:2b:29:69:9a:15:e9:96:1a:37:c2:da:c8:95:e3:
28:8d:ea:f2:5c:41:91:e8:d9:9a:d4:26:15:29:fe:
db:58:e2:6f:a1:80:b0:24:d7:51:c0:d7:83:f3:29:
0f:85:be:60:ad:4d:2e:69:56:ac:f2:4b:27:66:45:
3f:f2:78:f2:14:37:81:15:b3:88:28:77:b6:01:a2:
69:71:c0:28:6d:e6:b0:a1:3e:36:91:14:b0:b9:84:
a0:76:32:31:07:d6:c1:ba:da:29:97:f0:7f:8a:74:
15:2a:ed:24:b1:bd:32:81:31:01:2e:42:cc:0d:a1:
cc:a6:7e:3a:a3:14:14:ea:21:26:04:1d:b8:49:0b:
96:66:94:10:93:31:73:94:6f:b2:3c:43:e4:6d:3e:
b5:f4:59:c4:0e:db:e0:c2:e4:d8:ac:fa:fe:84:0f:
3c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:EA:61:6F:93:ED:DC:1D:C4:5C:B8:3B:10:E3:D5:03:33:82:F3:20
X509v3 Authority Key Identifier:
keyid:FF:71:10:54:A8:94:46:A7:6F:49:3C:E2:C1:27:A9:48:EB:A4:A8:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_3EQVKiURqdvSTziwSepSOukqP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/Vephb5Pt3B3EXLg7EOPVAzOC8yA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b8fc55-b4cd-4d1f-9990-47ac389d3261/1/_3EQVKiURqdvSTziwSepSOukqP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.13.108.0/22
185.34.144.0/22
185.92.188.0/22
185.93.148.0/22
185.170.76.0/22
195.34.70.0/23
195.242.177.0-195.242.178.255
IPv6:
2a14:7a40::/29
Signature Algorithm: sha256WithRSAEncryption
92:a6:2c:c3:23:db:58:e1:61:4a:44:9b:78:dc:58:90:3d:89:
51:cf:04:da:31:13:9c:0e:23:5f:7d:5e:04:37:80:4e:92:41:
a4:c9:e0:5c:2e:2d:21:3f:c8:20:45:27:12:da:70:2c:f7:63:
cb:84:ee:75:ff:60:61:b5:d1:ca:88:bf:c0:f8:84:31:c6:da:
92:ea:e3:d4:19:ed:dc:98:23:55:62:a6:7a:cc:96:46:3e:4e:
71:17:4e:ce:25:c8:7b:34:40:58:0a:fd:0e:19:f0:ea:96:54:
39:cf:87:59:3f:24:c6:d5:28:e9:e2:94:02:c7:bb:30:78:89:
03:9c:32:dc:2b:4b:a5:e0:8b:e3:2c:ee:f3:a5:b3:18:be:e2:
5e:cf:3a:5c:1c:a5:24:2a:20:1b:26:1d:46:29:a6:22:ec:d7:
19:86:f2:83:45:96:ca:50:96:ef:7d:6b:60:c3:dd:39:fb:4a:
1c:1b:06:84:d3:32:6f:38:4e:b5:6a:20:a2:22:6c:91:06:2f:
8d:d5:1a:56:ee:2c:b3:c4:4c:fc:a8:76:b3:b3:82:86:2f:bb:
cc:24:eb:55:48:07:70:d1:5c:de:62:0e:8e:df:d3:40:1f:8c:
dd:b5:10:15:df:33:27:65:fe:1c:42:cf:f1:d6:65:c1:ed:2c:
24:43:4d:0f
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZetSNszyJU1cb18TFJU3vEfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNzExMDU0YTg5NDQ2YTc2ZjQ5M2NlMmMxMjdhOTQ4ZWJh
NGE4ZmYwHhcNMjUwNjI2MTcyODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWVhNjE2ZjkzZWRkYzFkYzQ1Y2I4M2IxMGUzZDUwMzMzODJmMzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0omfAo6yWTKUrtPAhX+hSlvZjzZ1
s2v8ZYyWt5fqoM4GVkWtFc3YWg8ERw1AWbuDTFBnwQbBZBnFKS9SQIgi9/Gy1OMr
qiic88XhrpopqWIAo7MGFkPT44GNKylpmhXplho3wtrIleMojeryXEGR6Nma1CYV
Kf7bWOJvoYCwJNdRwNeD8ykPhb5grU0uaVas8ksnZkU/8njyFDeBFbOIKHe2AaJp
ccAobeawoT42kRSwuYSgdjIxB9bButopl/B/inQVKu0ksb0ygTEBLkLMDaHMpn46
oxQU6iEmBB24SQuWZpQQkzFzlG+yPEPkbT619FnEDtvgwuTYrPr+hA88qwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFFXqYW+T7dwdxFy4OxDj1QMzgvMgMB8GA1UdIwQY
MBaAFP9xEFSolEanb0k84sEnqUjrpKj/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzNFUVZLaVVScWR2U1R6aXdTZXBTT3VrcVA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9iOGZjNTUtYjRjZC00ZDFmLTk5OTAt
NDdhYzM4OWQzMjYxLzEvVmVwaGI1UHQzQjNFWExnN0VPUFZBek9DOHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9iOGZjNTUtYjRjZC00ZDFmLTk5OTAtNDdhYzM4OWQzMjYx
LzEvXzNFUVZLaVVScWR2U1R6aXdTZXBTT3VrcVA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQCuQ1sAwQC
uSKQAwQCuVy8AwQCuV2UAwQCuapMAwQBwyJGMAwDBADD8rEDBADD8rIwDQQCAAIw
BwMFAyoUekAwDQYJKoZIhvcNAQELBQADggEBAJKmLMMj21jhYUpEm3jcWJA9iVHP
BNoxE5wOI199XgQ3gE6SQaTJ4FwuLSE/yCBFJxLacCz3Y8uE7nX/YGG10cqIv8D4
hDHG2pLq49QZ7dyYI1VipnrMlkY+TnEXTs4lyHs0QFgK/Q4Z8OqWVDnPh1k/JMbV
KOnilALHuzB4iQOcMtwrS6Xgi+Ms7vOlsxi+4l7POlwcpSQqIBsmHUYppiLs1xmG
8oNFlspQlu99a2DD3Tn7ShwbBoTTMm84TrVqIKIibJEGL43VGlbuLLPETPyodrOz
goYvu8wk61VIB3DRXN5iDo7f00AfjN21EBXfMydl/hxCz/HWZcHtLCRDTQ8=
-----END CERTIFICATE-----
Generated at Tue Jul 1 05:44:36 2025 by rpki-client