Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/AW-bOYXjHucMnGpa7Bv_3g9MOig.roa
File: AW-bOYXjHucMnGpa7Bv_3g9MOig.roa (raw, json)
Hash identifier: 3TdnYSRhK4KqxOL9kQEcNdaiOdsQKyo1+IWzXbjJjAo=
Subject key identifier: 01:6F:9B:39:85:E3:1E:E7:0C:9C:6A:5A:EC:1B:FF:DE:0F:4C:3A:28
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0198BD76507B573209FD06B0DC65AC3AA3C6
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/AW-bOYXjHucMnGpa7Bv_3g9MOig.roa
Signing time: Mon 18 Aug 2025 13:55:04 +0000
ROA not before: Mon 18 Aug 2025 13:55:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 270175
IP address blocks: 45.80.83.0/24 maxlen: 24
185.216.128.0/23 maxlen: 23
185.216.128.0/24 maxlen: 24
185.216.129.0/24 maxlen: 24
201.77.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bd:76:50:7b:57:32:09:fd:06:b0:dc:65:ac:3a:a3:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Aug 18 13:55:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=016f9b3985e31ee70c9c6a5aec1bffde0f4c3a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:30:32:17:97:f2:fd:19:e7:4b:08:78:b1:ab:
cb:6d:d0:b1:15:3b:13:eb:13:18:fc:ee:cf:a6:52:
23:03:31:8f:68:9e:8e:16:d8:ab:9d:82:07:c0:5d:
05:ef:a7:45:94:fd:48:2a:58:62:6e:d1:e0:c6:75:
5a:48:71:04:c3:c9:3e:2a:1a:53:34:5a:3b:87:40:
ee:18:57:8c:a4:bb:17:82:60:37:1f:01:ad:2c:c3:
ba:e2:f1:63:11:87:e3:13:0f:5c:08:90:5a:61:4b:
78:f3:2a:f2:ec:c0:19:d2:c9:64:0b:ae:aa:b3:a5:
71:12:81:63:88:03:e2:97:1d:c7:46:c6:8e:84:3a:
6e:2a:32:d2:27:5f:a2:cf:ef:f9:2f:95:c3:61:ac:
9b:9f:a2:2b:0a:8b:52:df:3d:e9:68:08:96:a3:1c:
df:b5:cd:b2:ec:a0:50:8b:2c:a8:90:d1:92:56:4d:
73:4c:86:f1:80:67:0f:fd:05:a2:bc:94:fb:4c:15:
10:79:0f:f4:d0:b1:db:15:ad:ff:f4:de:cc:c0:e6:
4f:f2:ca:33:21:bb:af:43:52:eb:10:d2:d1:e6:06:
b4:ff:5e:29:9c:22:fd:3a:4e:da:50:b8:49:80:d6:
08:0e:67:71:31:ca:db:da:e0:63:12:2b:95:99:51:
cf:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:6F:9B:39:85:E3:1E:E7:0C:9C:6A:5A:EC:1B:FF:DE:0F:4C:3A:28
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/AW-bOYXjHucMnGpa7Bv_3g9MOig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.83.0/24
185.216.128.0/23
201.77.56.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:dd:f3:03:54:19:dd:2d:00:27:63:4a:3c:88:29:c7:23:79:
18:c7:4c:41:05:29:f8:b9:e6:3c:6e:47:26:70:a3:5a:e9:38:
44:7b:fc:77:b9:dc:29:f0:82:41:ae:e5:19:b2:d6:1f:d3:42:
04:bf:bb:f0:b3:65:9d:8f:5e:24:49:b5:71:79:af:ac:74:f8:
40:2b:f6:66:73:3f:fc:35:68:ec:1f:28:f3:6c:18:38:bb:27:
0d:13:6f:9b:d0:d2:cb:23:de:72:74:d6:00:2a:70:93:8f:1f:
ef:3f:72:81:58:db:7d:57:33:03:fc:13:62:86:f2:23:ed:fd:
f7:9d:3f:60:8d:4b:ce:16:52:fd:58:8c:61:b0:34:21:3e:b6:
b2:82:4e:3a:52:22:1f:15:2f:3c:b4:46:8b:b3:ea:36:3c:5d:
75:3d:d2:0f:13:0a:55:3c:83:37:1a:b4:c1:76:f7:f9:ab:56:
9d:62:ae:65:c5:da:65:c9:5c:20:1d:c5:ce:ef:b6:a7:3b:e1:
b1:e9:48:a6:2c:cc:15:fb:e6:ed:17:0e:7f:a4:1f:96:db:e0:
3a:6e:a4:72:40:12:e0:db:3d:10:99:1b:4b:f5:20:a5:92:f2:
5f:a0:46:03:5d:f8:39:7f:19:54:9a:a4:18:cc:1e:93:50:c2:
56:f8:0f:3e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZi9dlB7VzIJ/Qaw3GWsOqPGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwODE4MTM1NTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTZmOWIzOTg1ZTMxZWU3MGM5YzZhNWFlYzFiZmZkZTBmNGMzYTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTAyF5fy/RnnSwh4savLbdCxFTsT
6xMY/O7PplIjAzGPaJ6OFtirnYIHwF0F76dFlP1IKlhibtHgxnVaSHEEw8k+KhpT
NFo7h0DuGFeMpLsXgmA3HwGtLMO64vFjEYfjEw9cCJBaYUt48yry7MAZ0slkC66q
s6VxEoFjiAPilx3HRsaOhDpuKjLSJ1+iz+/5L5XDYaybn6IrCotS3z3paAiWoxzf
tc2y7KBQiyyokNGSVk1zTIbxgGcP/QWivJT7TBUQeQ/00LHbFa3/9N7MwOZP8soz
IbuvQ1LrENLR5ga0/14pnCL9Ok7aULhJgNYIDmdxMcrb2uBjEiuVmVHP7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAFvmzmF4x7nDJxqWuwb/94PTDooMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvQVctYk9ZWGpIdWNNbkdwYTdCdl8zZzlNT2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVBTAwQB
udiAAwQAyU04MA0GCSqGSIb3DQEBCwUAA4IBAQB/3fMDVBndLQAnY0o8iCnHI3kY
x0xBBSn4ueY8bkcmcKNa6ThEe/x3udwp8IJBruUZstYf00IEv7vws2Wdj14kSbVx
ea+sdPhAK/Zmcz/8NWjsHyjzbBg4uycNE2+b0NLLI95ydNYAKnCTjx/vP3KBWNt9
VzMD/BNihvIj7f33nT9gjUvOFlL9WIxhsDQhPraygk46UiIfFS88tEaLs+o2PF11
PdIPEwpVPIM3GrTBdvf5q1adYq5lxdplyVwgHcXO77anO+Gx6UimLMwV++btFw5/
pB+W2+A6bqRyQBLg2z0QmRtL9SClkvJfoEYDXfg5fxlUmqQYzB6TUMJW+A8+
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:17:22 2025 by rpki-client