Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/BqJCYVCpg8VWeMoniME0vsYhlyQ.roa
File: BqJCYVCpg8VWeMoniME0vsYhlyQ.roa (raw, json)
Hash identifier: ofR5bq3H44bra1ENKiI96q9jbowr0b8ah7T8pQmV+pQ=
Subject key identifier: 06:A2:42:61:50:A9:83:C5:56:78:CA:27:88:C1:34:BE:C6:21:97:24
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 0197AD435DCB813DC31D5995AC6BE5613D75
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/BqJCYVCpg8VWeMoniME0vsYhlyQ.roa
Signing time: Thu 26 Jun 2025 17:22:42 +0000
ROA not before: Thu 26 Jun 2025 17:22:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213861
IP address blocks: 45.14.222.0/24 maxlen: 24
193.3.19.0/24 maxlen: 24
2a14:7b81::/32 maxlen: 32
2a14:7b83::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 11:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ad:43:5d:cb:81:3d:c3:1d:59:95:ac:6b:e5:61:3d:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Jun 26 17:22:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06a2426150a983c55678ca2788c134bec6219724
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:6f:df:c7:bd:3f:ea:15:74:6f:28:ee:ba:50:
02:f5:6c:6b:ad:3d:a4:98:6a:d7:cf:34:48:37:61:
d4:7c:63:fc:a8:4e:d7:d4:af:41:2e:16:8d:0f:7e:
c9:ec:70:43:b9:c0:0a:90:ec:c5:b9:54:63:e2:89:
b6:62:35:cc:96:47:4b:c9:e1:ee:c4:04:60:45:7a:
9d:66:8c:a7:6e:18:94:78:d1:77:17:67:54:c4:25:
d5:68:50:44:7d:f2:5c:93:56:ee:af:e9:01:4e:6b:
e1:77:ef:32:a9:b1:50:c8:bb:73:a9:b6:ee:8b:ad:
93:78:c3:ed:9c:d8:aa:41:41:93:84:e5:1a:d9:bb:
1d:72:99:84:9f:94:09:e5:9d:fb:24:3c:da:52:3c:
88:33:33:dc:39:b0:8f:a1:81:09:8d:94:33:f4:09:
95:f3:e8:52:ac:2b:a1:c9:f0:07:d6:2c:4c:d9:f8:
2f:62:03:c0:47:cf:fe:e7:52:93:ba:b6:c4:2b:ae:
0c:f2:94:30:43:11:82:61:fd:02:24:d8:ba:49:55:
62:ea:33:60:eb:d2:6b:95:69:bf:58:86:ab:e3:f1:
40:95:ec:07:d1:72:23:c2:16:7a:81:f2:e2:28:4f:
3d:e1:d8:ad:d6:c6:46:bc:7f:f0:d3:2e:12:76:2b:
6a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A2:42:61:50:A9:83:C5:56:78:CA:27:88:C1:34:BE:C6:21:97:24
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/BqJCYVCpg8VWeMoniME0vsYhlyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.222.0/24
193.3.19.0/24
IPv6:
2a14:7b81::/32
2a14:7b83::/32
Signature Algorithm: sha256WithRSAEncryption
1c:fa:5f:3b:05:a9:48:f6:08:48:77:56:d0:6b:9d:1c:2b:5a:
4f:96:05:c8:cf:91:62:d5:bb:84:ef:b0:7a:9c:00:bb:dc:d5:
3f:ea:82:0b:1b:86:2d:ad:6e:66:e8:e2:f5:0b:ba:93:5c:d1:
ca:ad:18:6a:28:74:ca:ea:c2:43:23:90:56:26:91:0a:24:78:
ed:5d:46:4d:e8:3f:39:20:33:1b:ab:cb:43:d2:6c:14:3d:c4:
be:d1:19:29:c8:b4:e2:ca:66:a9:75:ea:21:16:c5:2d:32:14:
71:24:ac:56:00:3e:a8:d2:e4:b1:3a:08:de:07:6b:39:68:e8:
17:b2:d6:0a:de:1d:03:37:2a:ed:5c:bb:ff:3a:bb:8b:99:b1:
b1:53:38:ec:0f:ac:a9:f5:70:47:8c:c0:d8:6f:f6:0b:a6:2d:
78:85:c8:f7:8e:39:7e:a3:c5:97:bb:90:9f:3f:dd:31:68:6a:
54:ba:91:60:b9:e4:60:bd:a2:6b:ec:98:03:88:9a:06:2b:a9:
67:f4:ae:54:c0:94:31:a3:09:79:7a:71:3e:f2:00:92:a7:a7:
22:06:66:a2:d3:d7:62:3c:e1:cc:27:e0:65:d1:b4:73:86:0a:
2f:2d:d4:ac:4b:11:c1:3e:12:42:3a:8a:97:95:0b:15:ca:91:
3c:0b:b4:d3
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZetQ13LgT3DHVmVrGvlYT11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwNjI2MTcyMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmEyNDI2MTUwYTk4M2M1NTY3OGNhMjc4OGMxMzRiZWM2MjE5NzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4G/fx70/6hV0byjuulAC9WxrrT2k
mGrXzzRIN2HUfGP8qE7X1K9BLhaND37J7HBDucAKkOzFuVRj4om2YjXMlkdLyeHu
xARgRXqdZoynbhiUeNF3F2dUxCXVaFBEffJck1bur+kBTmvhd+8yqbFQyLtzqbbu
i62TeMPtnNiqQUGThOUa2bsdcpmEn5QJ5Z37JDzaUjyIMzPcObCPoYEJjZQz9AmV
8+hSrCuhyfAH1ixM2fgvYgPAR8/+51KTurbEK64M8pQwQxGCYf0CJNi6SVVi6jNg
69JrlWm/WIar4/FAlewH0XIjwhZ6gfLiKE894dit1sZGvH/w0y4SditqhQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFAaiQmFQqYPFVnjKJ4jBNL7GIZckMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvQnFKQ1lWQ3BnOFZXZU1vbmlNRTB2c1lobHlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQALQ7eAwQA
wQMTMBQEAgACMA4DBQAqFHuBAwUAKhR7gzANBgkqhkiG9w0BAQsFAAOCAQEAHPpf
OwWpSPYISHdW0GudHCtaT5YFyM+RYtW7hO+wepwAu9zVP+qCCxuGLa1uZuji9Qu6
k1zRyq0Yaih0yurCQyOQViaRCiR47V1GTeg/OSAzG6vLQ9JsFD3EvtEZKci04spm
qXXqIRbFLTIUcSSsVgA+qNLksToI3gdrOWjoF7LWCt4dAzcq7Vy7/zq7i5mxsVM4
7A+sqfVwR4zA2G/2C6YteIXI9445fqPFl7uQnz/dMWhqVLqRYLnkYL2ia+yYA4ia
BiupZ/SuVMCUMaMJeXpxPvIAkqenIgZmotPXYjzhzCfgZdG0c4YKLy3UrEsRwT4S
QjqKl5ULFcqRPAu00w==
-----END CERTIFICATE-----
Generated at Mon Jun 30 19:31:46 2025 by rpki-client