Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BgdQAowcb3s1hh7maOROYZeELGE.roa
File: BgdQAowcb3s1hh7maOROYZeELGE.roa (raw, json)
Hash identifier: ZB08PvZ/lb4TJ3K1Ps9YMzWooZrzjWkj/vsjehcty0A=
Subject key identifier: 06:07:50:02:8C:1C:6F:7B:35:86:1E:E6:68:E4:4E:61:97:84:2C:61
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019E172B0D20AE792150E1705AE1FCC7B25B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BgdQAowcb3s1hh7maOROYZeELGE.roa
Signing time: Mon 11 May 2026 13:12:37 +0000
ROA not before: Mon 11 May 2026 13:12:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 151612
IP address blocks: 81.161.230.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 01:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:17:2b:0d:20:ae:79:21:50:e1:70:5a:e1:fc:c7:b2:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 11 13:12:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=060750028c1c6f7b35861ee668e44e6197842c61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:06:fd:3e:ad:c4:20:80:70:63:12:24:6b:b5:
e3:d1:5f:54:d6:b1:0a:06:a3:df:49:11:ea:3b:94:
f9:ef:63:e1:b5:e0:4a:b1:fd:8e:33:e1:f8:e5:45:
45:1f:85:20:1c:a1:86:d6:c5:73:58:02:21:cc:37:
42:48:9b:f9:33:f8:30:e5:de:b5:d3:3a:7c:d2:2d:
ac:50:d5:28:c6:fc:eb:9a:d7:99:c2:67:7c:8b:b9:
07:15:88:ba:2d:08:53:d6:92:33:e3:6e:21:d3:d2:
bc:f3:f9:7a:d7:1f:66:10:af:ab:5f:6a:65:87:a6:
cb:6f:e9:e1:e4:a0:40:a2:1d:e3:3f:4c:3a:fe:c5:
7e:6a:f0:c7:d9:b5:14:95:0c:c8:e1:8a:f4:d9:c5:
6e:cc:e0:e4:5c:8f:cc:07:5d:20:b3:0a:85:2a:a3:
fa:c1:1f:17:9b:a3:01:02:d0:3b:a0:2a:1b:4a:57:
79:0b:51:e5:b3:7b:67:4d:3f:9a:b1:77:2f:b1:0d:
12:f4:e5:fc:fb:99:d2:a2:23:a3:4e:1f:a7:9c:71:
e4:19:27:c2:1d:12:71:5b:7a:80:44:95:68:9a:5f:
a4:3d:6c:48:03:b6:52:db:41:78:c5:84:68:fc:1c:
fc:e5:4f:24:dc:d0:dd:8d:79:db:e4:c4:75:e1:3a:
0c:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:07:50:02:8C:1C:6F:7B:35:86:1E:E6:68:E4:4E:61:97:84:2C:61
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BgdQAowcb3s1hh7maOROYZeELGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.230.0/24
87.120.89.0/24
193.37.47.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:d5:21:74:ac:46:23:e0:26:36:30:97:3a:e1:10:da:cf:d7:
6c:70:a3:07:5c:5b:d8:23:ef:33:c4:99:8b:db:f9:2b:f3:20:
6f:ae:a2:ba:60:ea:a5:98:5b:86:28:0f:60:c9:6f:66:1d:4d:
6e:77:c6:23:3b:47:fc:67:bf:18:65:e9:86:bc:1c:47:d1:9e:
a6:dc:93:77:74:30:90:21:46:1d:ce:02:66:0c:52:d3:ad:ff:
82:56:3f:49:88:39:5b:92:8f:62:40:83:a0:25:6b:3e:4e:72:
d5:8b:7a:9a:4b:61:99:e3:71:8f:5b:6c:50:69:1b:c4:78:53:
e8:47:66:89:96:2d:05:3a:19:fb:37:aa:f2:f3:17:c1:03:0e:
10:f4:06:64:a9:dc:99:8e:b7:d5:dd:da:eb:af:90:c9:b5:72:
cd:33:79:27:28:cf:ab:46:43:be:53:ec:08:4c:a4:ff:2d:02:
01:21:ca:b6:87:09:49:37:f0:9f:86:3d:dc:00:7b:73:39:bd:
cd:9d:9d:68:be:37:50:2e:d0:6b:ed:c7:15:57:a1:35:e2:fa:
bf:0c:83:db:b6:fe:d3:41:8f:a4:15:52:13:10:b3:e5:d9:fb:
74:33:e3:93:fb:e4:99:4d:18:94:d0:d4:1c:3a:89:7f:62:0a:
4e:ff:cc:03
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ4XKw0grnkhUOFwWuH8x7JbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNTExMTMxMjM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjA3NTAwMjhjMWM2ZjdiMzU4NjFlZTY2OGU0NGU2MTk3ODQyYzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAb9Pq3EIIBwYxIka7Xj0V9U1rEK
BqPfSRHqO5T572PhteBKsf2OM+H45UVFH4UgHKGG1sVzWAIhzDdCSJv5M/gw5d61
0zp80i2sUNUoxvzrmteZwmd8i7kHFYi6LQhT1pIz424h09K88/l61x9mEK+rX2pl
h6bLb+nh5KBAoh3jP0w6/sV+avDH2bUUlQzI4Yr02cVuzODkXI/MB10gswqFKqP6
wR8Xm6MBAtA7oCobSld5C1Hls3tnTT+asXcvsQ0S9OX8+5nSoiOjTh+nnHHkGSfC
HRJxW3qARJVoml+kPWxIA7ZS20F4xYRo/Bz85U8k3NDdjXnb5MR14ToMtwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAYHUAKMHG97NYYe5mjkTmGXhCxhMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQmdkUUFvd2NiM3MxaGg3bWFPUk9ZWmVFTEdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUaHmAwQA
V3hZAwQAwSUvMA0GCSqGSIb3DQEBCwUAA4IBAQCL1SF0rEYj4CY2MJc64RDaz9ds
cKMHXFvYI+8zxJmL2/kr8yBvrqK6YOqlmFuGKA9gyW9mHU1ud8YjO0f8Z78YZemG
vBxH0Z6m3JN3dDCQIUYdzgJmDFLTrf+CVj9JiDlbko9iQIOgJWs+TnLVi3qaS2GZ
43GPW2xQaRvEeFPoR2aJli0FOhn7N6ry8xfBAw4Q9AZkqdyZjrfV3drrr5DJtXLN
M3knKM+rRkO+U+wITKT/LQIBIcq2hwlJN/Cfhj3cAHtzOb3NnZ1ovjdQLtBr7ccV
V6E14vq/DIPbtv7TQY+kFVITELPl2ft0M+OT++SZTRiU0NQcOol/YgpO/8wD
-----END CERTIFICATE-----
Generated at Wed May 13 10:20:42 2026 by rpki-client