Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/72c095-d640-41ec-a0bd-8d320062ae89/1/VApcgRE4jCfqWsVvaGSgipYw68w.roa
File: VApcgRE4jCfqWsVvaGSgipYw68w.roa (raw, json)
Hash identifier: A0jt937wu1wIoLHac2gn8nLqE9B73D2kq/AGcMo7Moc=
Subject key identifier: 54:0A:5C:81:11:38:8C:27:EA:5A:C5:6F:68:64:A0:8A:96:30:EB:CC
Certificate issuer: /CN=853f1d5a188ae6b2b5f2aa138db8f99aa5aad7a1
Certificate serial: 0199C91BFBB4510454BD94A277CE2D224FE8
Authority key identifier: 85:3F:1D:5A:18:8A:E6:B2:B5:F2:AA:13:8D:B8:F9:9A:A5:AA:D7:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hT8dWhiK5rK18qoTjbj5mqWq16E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/72c095-d640-41ec-a0bd-8d320062ae89/1/VApcgRE4jCfqWsVvaGSgipYw68w.roa
Signing time: Thu 09 Oct 2025 13:14:38 +0000
ROA not before: Thu 09 Oct 2025 13:14:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50349
IP address blocks: 91.214.0.0/22 maxlen: 22
93.190.36.0/22 maxlen: 22
2a06:a380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/72c095-d640-41ec-a0bd-8d320062ae89/1/hT8dWhiK5rK18qoTjbj5mqWq16E.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/72c095-d640-41ec-a0bd-8d320062ae89/1/hT8dWhiK5rK18qoTjbj5mqWq16E.mft
rsync://rpki.ripe.net/repository/DEFAULT/hT8dWhiK5rK18qoTjbj5mqWq16E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c9:1b:fb:b4:51:04:54:bd:94:a2:77:ce:2d:22:4f:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=853f1d5a188ae6b2b5f2aa138db8f99aa5aad7a1
Validity
Not Before: Oct 9 13:14:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=540a5c8111388c27ea5ac56f6864a08a9630ebcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:30:df:2b:70:9a:59:67:8c:53:e3:11:b4:fb:
68:6e:e1:82:05:68:39:fe:c3:23:c5:13:35:01:2a:
5b:fe:bc:ee:6a:c2:e7:1b:cf:c3:ce:7f:82:85:58:
09:84:f5:7e:99:1c:b1:2b:4c:c4:06:e3:e2:f4:f4:
02:7b:90:f8:5c:fd:f1:70:a8:c5:18:49:7a:cd:ac:
8d:6e:9e:e5:b8:24:cb:06:a6:a0:b8:f7:a9:65:2d:
36:2e:42:50:e5:13:6f:a7:45:e7:f3:4c:97:57:a7:
e0:1b:71:ec:de:f8:91:48:b9:e4:92:19:73:10:5b:
d9:e0:ce:d9:72:ac:ba:e5:1c:bb:7b:4c:d8:d5:01:
00:7f:71:20:c8:99:af:1d:ea:de:0c:75:e4:4e:53:
ca:82:13:e9:6c:e6:93:14:3a:93:71:d5:30:93:e3:
b8:d6:fd:f0:ef:bd:97:9e:1b:c3:94:16:7e:b4:9a:
d6:4f:1e:23:fb:a4:79:63:f6:12:a6:f4:57:d2:b9:
3e:4e:f1:12:74:6f:00:95:93:14:5d:b5:eb:f5:0f:
e0:1f:a4:4f:c4:8f:5f:27:43:8a:d2:5f:00:e2:c5:
dd:dd:c8:29:79:69:20:1e:26:1d:af:d2:3e:cb:40:
65:79:e2:ac:57:23:dd:e8:95:34:f5:63:94:83:1e:
29:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:0A:5C:81:11:38:8C:27:EA:5A:C5:6F:68:64:A0:8A:96:30:EB:CC
X509v3 Authority Key Identifier:
keyid:85:3F:1D:5A:18:8A:E6:B2:B5:F2:AA:13:8D:B8:F9:9A:A5:AA:D7:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hT8dWhiK5rK18qoTjbj5mqWq16E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/72c095-d640-41ec-a0bd-8d320062ae89/1/VApcgRE4jCfqWsVvaGSgipYw68w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/72c095-d640-41ec-a0bd-8d320062ae89/1/hT8dWhiK5rK18qoTjbj5mqWq16E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.0.0/22
93.190.36.0/22
IPv6:
2a06:a380::/29
Signature Algorithm: sha256WithRSAEncryption
2d:c0:18:ff:a9:32:e8:f7:9e:5f:09:70:06:5f:e0:42:2f:6f:
45:0f:81:64:92:d1:3e:a6:d5:a1:23:82:d4:32:1e:83:49:1d:
cd:da:e4:08:b5:da:93:48:07:fd:a9:10:fd:e8:ea:31:9a:c8:
34:85:7e:06:38:2b:76:21:32:40:f2:59:e7:03:46:7c:f5:b8:
02:8f:d7:3d:83:78:e5:40:6f:23:56:ac:0c:72:24:25:19:3c:
32:1b:be:8d:71:91:94:bb:f7:a1:40:c3:44:d6:99:cd:0c:f1:
79:b4:2a:d3:62:36:b0:ff:48:16:f1:91:f8:ea:96:94:50:89:
50:e7:61:4e:40:48:50:1f:24:0b:49:26:73:85:96:24:67:e8:
e3:95:bd:96:ad:8e:c1:41:f4:4c:4a:34:40:7e:7e:78:b7:12:
fa:26:b1:86:d2:c7:b5:bd:c7:42:b2:ab:d1:56:b3:61:1c:3e:
38:56:88:26:81:2b:cb:f4:2a:9c:77:32:0a:7f:e0:a0:b8:4a:
c8:cb:09:07:37:2a:2b:51:e3:61:cd:70:6d:08:9b:60:d3:4f:
66:5c:21:b1:21:bd:d1:7b:19:63:93:3c:0b:41:77:28:f6:f1:
1f:e9:61:0a:11:fd:d5:49:44:ee:b0:f4:55:da:71:db:77:80:
1f:fc:8f:ca
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZnJG/u0UQRUvZSid84tIk/oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1M2YxZDVhMTg4YWU2YjJiNWYyYWExMzhkYjhmOTlhYTVh
YWQ3YTEwHhcNMjUxMDA5MTMxNDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDBhNWM4MTExMzg4YzI3ZWE1YWM1NmY2ODY0YTA4YTk2MzBlYmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TDfK3CaWWeMU+MRtPtobuGCBWg5
/sMjxRM1ASpb/rzuasLnG8/Dzn+ChVgJhPV+mRyxK0zEBuPi9PQCe5D4XP3xcKjF
GEl6zayNbp7luCTLBqaguPepZS02LkJQ5RNvp0Xn80yXV6fgG3Hs3viRSLnkkhlz
EFvZ4M7Zcqy65Ry7e0zY1QEAf3EgyJmvHereDHXkTlPKghPpbOaTFDqTcdUwk+O4
1v3w772XnhvDlBZ+tJrWTx4j+6R5Y/YSpvRX0rk+TvESdG8AlZMUXbXr9Q/gH6RP
xI9fJ0OK0l8A4sXd3cgpeWkgHiYdr9I+y0BleeKsVyPd6JU09WOUgx4p2wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFQKXIEROIwn6lrFb2hkoIqWMOvMMB8GA1UdIwQY
MBaAFIU/HVoYiuaytfKqE424+ZqlqtehMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFQ4ZFdoaUs1cksxOHFvVGpiajVtcVdxMTZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MmMwOTUtZDY0MC00MWVjLWEwYmQt
OGQzMjAwNjJhZTg5LzEvVkFwY2dSRTRqQ2ZxV3NWdmFHU2dpcFl3Njh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MmMwOTUtZDY0MC00MWVjLWEwYmQtOGQzMjAwNjJhZTg5
LzEvaFQ4ZFdoaUs1cksxOHFvVGpiajVtcVdxMTZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW9YAAwQC
Xb4kMA0EAgACMAcDBQMqBqOAMA0GCSqGSIb3DQEBCwUAA4IBAQAtwBj/qTLo955f
CXAGX+BCL29FD4FkktE+ptWhI4LUMh6DSR3N2uQItdqTSAf9qRD96Ooxmsg0hX4G
OCt2ITJA8lnnA0Z89bgCj9c9g3jlQG8jVqwMciQlGTwyG76NcZGUu/ehQMNE1pnN
DPF5tCrTYjaw/0gW8ZH46paUUIlQ52FOQEhQHyQLSSZzhZYkZ+jjlb2WrY7BQfRM
SjRAfn54txL6JrGG0se1vcdCsqvRVrNhHD44VogmgSvL9CqcdzIKf+CguErIywkH
NyorUeNhzXBtCJtg009mXCGxIb3RexljkzwLQXco9vEf6WEKEf3VSUTusPRV2nHb
d4Af/I/K
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:14:40 2025 by rpki-client