Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/BPQCE551jGC7AfZxENf1vLcZuQw.roa
File: BPQCE551jGC7AfZxENf1vLcZuQw.roa (raw, json)
Hash identifier: b4X/8S2+3tpuUpa3epnbHaVzUEealAaoYFbctbKomoU=
Subject key identifier: 04:F4:02:13:9E:75:8C:60:BB:01:F6:71:10:D7:F5:BC:B7:19:B9:0C
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 01978676371067358AA8E6B2991508037633
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/BPQCE551jGC7AfZxENf1vLcZuQw.roa
Signing time: Thu 19 Jun 2025 04:33:03 +0000
ROA not before: Thu 19 Jun 2025 04:33:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213893
IP address blocks: 2a0d:d940:10::/48 maxlen: 48
2a0d:d940:11::/48 maxlen: 48
2a0d:d940:13::/48 maxlen: 48
2a0d:d940:14::/48 maxlen: 48
2a0d:d940:15::/48 maxlen: 48
2a0d:d940:18::/48 maxlen: 48
2a0d:d940:19::/48 maxlen: 48
2a0d:d940:1a::/48 maxlen: 48
2a0d:d940:1b::/48 maxlen: 48
2a0d:d940:1f00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:86:76:37:10:67:35:8a:a8:e6:b2:99:15:08:03:76:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: Jun 19 04:33:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04f402139e758c60bb01f67110d7f5bcb719b90c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:34:42:b7:f9:fe:fa:14:4d:35:fd:67:a5:53:
6e:b9:ad:19:a4:65:89:06:94:b6:c3:25:a0:69:5b:
de:ef:36:1e:c8:a8:23:18:1a:88:a3:2f:00:32:cf:
3d:df:1a:7b:00:c1:44:fb:72:fe:1d:72:64:6b:c2:
39:da:c2:ff:68:8b:38:7d:5c:67:2d:dd:4d:bc:df:
2a:d6:1c:fa:df:71:dd:ac:6a:3d:eb:a8:4a:55:cc:
35:91:b9:52:47:db:79:f0:01:af:eb:ee:5e:51:3a:
80:a9:57:1f:9e:03:97:af:32:85:d5:2e:44:c5:8d:
8c:9f:b2:46:f2:69:11:f1:02:05:ce:09:49:3d:88:
1a:03:90:e1:19:2b:b1:a4:9b:24:c1:dd:7a:ad:72:
2c:e2:f7:6a:80:7f:94:f5:dc:3d:67:7f:c6:18:17:
ba:c4:75:d5:1e:3a:e1:6a:2f:e1:48:04:87:a9:0d:
98:f6:1a:c0:f3:a7:7f:07:c5:bf:b2:e3:87:f3:41:
d0:7c:86:83:df:c2:c6:b8:64:67:98:e1:c3:bc:ed:
87:de:c2:01:80:36:3c:5d:4f:f3:eb:48:90:18:48:
12:4a:2b:dd:46:2b:d0:3e:fd:98:f2:ed:c2:4b:56:
45:36:0d:9d:6c:05:66:67:c0:8d:1a:8c:c7:3a:df:
d4:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:F4:02:13:9E:75:8C:60:BB:01:F6:71:10:D7:F5:BC:B7:19:B9:0C
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/BPQCE551jGC7AfZxENf1vLcZuQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:10::/47
2a0d:d940:13::-2a0d:d940:15:ffff:ffff:ffff:ffff:ffff
2a0d:d940:18::/46
2a0d:d940:1f00::/40
Signature Algorithm: sha256WithRSAEncryption
2c:79:1e:2e:cc:db:e8:2a:e6:85:2e:25:3b:be:1b:01:55:e3:
76:82:56:69:62:c0:33:3d:7e:1b:0c:5b:b6:fd:f3:e0:be:6c:
bf:a3:14:50:7d:04:08:86:a0:a0:29:5a:76:93:1f:d6:9a:ea:
2c:5d:28:83:9d:95:e7:74:0f:03:41:15:65:e6:75:9b:cc:50:
ad:1d:20:d2:e8:78:36:8c:db:90:a8:47:1c:63:3d:90:1c:15:
65:17:87:d2:e8:62:40:5f:67:8b:a1:53:a2:be:25:be:19:b6:
7f:b0:d3:e2:65:93:6a:76:b2:98:6e:4d:7c:bc:21:d9:73:e6:
2b:7d:ec:e6:b3:21:ef:bc:6c:6b:71:57:96:f5:a7:4e:eb:d0:
13:0e:95:e6:22:63:db:83:18:96:98:14:63:ad:ad:dc:fa:97:
ca:8b:0b:d5:6d:c7:11:83:cb:36:32:03:42:9a:43:a7:30:97:
f8:fb:81:68:94:75:1f:8d:0f:81:99:cb:68:d6:41:d0:17:85:
cc:f2:65:b5:b5:8e:1c:8e:f0:a7:09:30:7e:90:c3:55:7e:ac:
67:6e:9d:61:86:6f:c7:6e:34:0d:ce:e4:82:41:44:dc:91:dd:
ff:4d:21:f5:39:e1:39:19:9b:16:c0:cd:de:c4:6f:dd:cc:1b:
72:e7:44:fc
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZeGdjcQZzWKqOaymRUIA3YzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUwNjE5MDQzMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGY0MDIxMzllNzU4YzYwYmIwMWY2NzExMGQ3ZjViY2I3MTliOTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDRCt/n++hRNNf1npVNuua0ZpGWJ
BpS2wyWgaVve7zYeyKgjGBqIoy8AMs893xp7AMFE+3L+HXJka8I52sL/aIs4fVxn
Ld1NvN8q1hz633HdrGo966hKVcw1kblSR9t58AGv6+5eUTqAqVcfngOXrzKF1S5E
xY2Mn7JG8mkR8QIFzglJPYgaA5DhGSuxpJskwd16rXIs4vdqgH+U9dw9Z3/GGBe6
xHXVHjrhai/hSASHqQ2Y9hrA86d/B8W/suOH80HQfIaD38LGuGRnmOHDvO2H3sIB
gDY8XU/z60iQGEgSSivdRivQPv2Y8u3CS1ZFNg2dbAVmZ8CNGozHOt/UiwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAT0AhOedYxguwH2cRDX9by3GbkMMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvQlBRQ0U1NTFqR0M3QWZaeEVOZjF2TGNadVF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAAjAuAwcBKg3ZQAAQ
MBIDBwAqDdlAABMDBwEqDdlAABQDBwIqDdlAABgDBgAqDdlAHzANBgkqhkiG9w0B
AQsFAAOCAQEALHkeLszb6CrmhS4lO74bAVXjdoJWaWLAMz1+Gwxbtv3z4L5sv6MU
UH0ECIagoCladpMf1prqLF0og52V53QPA0EVZeZ1m8xQrR0g0uh4NozbkKhHHGM9
kBwVZReH0uhiQF9ni6FTor4lvhm2f7DT4mWTanaymG5NfLwh2XPmK33s5rMh77xs
a3FXlvWnTuvQEw6V5iJj24MYlpgUY62t3PqXyosL1W3HEYPLNjIDQppDpzCX+PuB
aJR1H40PgZnLaNZB0BeFzPJltbWOHI7wpwkwfpDDVX6sZ26dYYZvx240Dc7kgkFE
3JHd/00h9TnhORmbFsDN3sRv3cwbcudE/A==
-----END CERTIFICATE-----
Generated at Tue Jul 1 07:03:39 2025 by rpki-client