Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/bCBYkVsnzvGoSyJpTWw2uA1ZshQ.roa
File: bCBYkVsnzvGoSyJpTWw2uA1ZshQ.roa (raw, json)
Hash identifier: 07ABJGXCK5xhNckM1BVEJZKVx4DAm87SxKln8pXQW9E=
Subject key identifier: 6C:20:58:91:5B:27:CE:F1:A8:4B:22:69:4D:6C:36:B8:0D:59:B2:14
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019905D9FE529A6D746D608899E25D6961F8
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/bCBYkVsnzvGoSyJpTWw2uA1ZshQ.roa
Signing time: Mon 01 Sep 2025 15:16:36 +0000
ROA not before: Mon 01 Sep 2025 15:16:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202656
IP address blocks: 31.41.251.0/24 maxlen: 24
31.41.252.0/24 maxlen: 24
31.41.254.0/24 maxlen: 24
45.87.126.0/24 maxlen: 24
45.95.29.0/24 maxlen: 24
45.128.125.0/24 maxlen: 24
45.128.126.0/24 maxlen: 24
45.128.127.0/24 maxlen: 24
45.128.128.0/24 maxlen: 24
45.151.29.0/24 maxlen: 24
83.138.54.0/24 maxlen: 24
88.151.8.0/24 maxlen: 24
91.212.103.0/24 maxlen: 24
94.154.190.0/24 maxlen: 24
176.116.15.0/24 maxlen: 24
176.126.96.0/24 maxlen: 24
193.28.178.0/24 maxlen: 24
193.187.105.0/24 maxlen: 24
194.59.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:05:d9:fe:52:9a:6d:74:6d:60:88:99:e2:5d:69:61:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Sep 1 15:16:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c2058915b27cef1a84b22694d6c36b80d59b214
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:8e:9a:8c:a3:c2:e6:aa:a5:ac:19:c4:35:d2:
f9:bd:ab:78:41:ba:a0:33:01:6c:af:6f:0a:73:7a:
cc:4c:01:e0:2d:77:77:ea:f9:37:7f:c4:7e:34:b0:
02:fc:25:df:5b:89:59:82:ff:27:25:ac:06:a7:5c:
f2:4a:5f:e7:33:49:de:a0:09:64:07:13:67:e8:c7:
07:f2:2d:dd:d7:db:a8:52:46:a7:c4:b8:35:b8:bf:
b8:52:4c:62:bd:a3:0e:e5:87:3e:c4:f1:50:3a:7d:
5a:d1:1c:70:97:e9:35:34:62:40:6c:98:dc:d0:14:
64:23:55:55:78:19:c5:14:17:84:45:e1:3e:03:7b:
c9:26:1e:6b:57:f6:99:94:9b:78:50:86:4a:22:e3:
c0:67:50:aa:72:0a:8c:ed:da:63:3a:f1:b4:05:3d:
c2:f1:d7:4f:40:80:f0:2e:96:4e:e9:73:f9:c4:25:
38:53:15:f2:1c:4a:d6:31:03:58:63:fd:38:34:ba:
5c:fd:0b:81:10:4f:37:48:06:ae:04:43:2f:ea:65:
70:74:76:d2:3a:aa:1d:04:3f:2a:05:be:a8:22:42:
6f:d2:a2:21:e0:46:89:dc:e2:a2:e9:91:a4:60:df:
c0:34:2a:b4:c0:01:8d:26:37:f8:c4:9b:a1:b1:93:
e0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:20:58:91:5B:27:CE:F1:A8:4B:22:69:4D:6C:36:B8:0D:59:B2:14
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/bCBYkVsnzvGoSyJpTWw2uA1ZshQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.251.0-31.41.252.255
31.41.254.0/24
45.87.126.0/24
45.95.29.0/24
45.128.125.0-45.128.128.255
45.151.29.0/24
83.138.54.0/24
88.151.8.0/24
91.212.103.0/24
94.154.190.0/24
176.116.15.0/24
176.126.96.0/24
193.28.178.0/24
193.187.105.0/24
194.59.187.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:96:e7:8c:1d:cb:ab:50:56:f3:31:ad:d4:9c:c1:10:4b:99:
7c:02:05:6d:5b:0d:4c:63:e6:ac:68:c6:a9:36:ad:49:14:f8:
84:b1:b8:77:01:58:ea:71:10:6a:7a:67:b4:3e:f4:82:af:4f:
77:08:08:6f:7e:7d:48:07:e6:d1:87:ba:99:79:77:20:04:fa:
f5:60:ed:96:01:0b:42:15:e9:29:7f:9c:10:aa:54:54:bb:d0:
ca:0b:bb:4d:e4:53:54:47:ed:89:94:1c:a0:af:de:7f:d2:59:
14:25:8c:27:29:58:af:6c:82:49:bd:12:78:68:d2:60:d4:50:
39:e0:79:57:61:84:cd:25:d3:9d:d9:8c:5f:d2:05:b0:55:94:
ca:d4:36:74:5e:7b:97:10:11:a3:48:99:33:35:cf:a8:ea:c5:
93:1e:16:38:a4:da:c3:47:7e:6c:8f:d6:ac:49:f6:42:a4:56:
ab:ab:92:c9:06:50:b5:39:e0:74:68:b5:16:45:7d:d9:fe:9d:
cf:67:00:1d:2e:51:7d:f5:63:8b:f1:57:13:8f:4d:55:74:b7:
ae:57:75:bf:9f:3a:7f:04:51:05:e3:e1:77:5a:e2:3e:e0:f6:
d5:7a:2f:74:07:2b:c9:86:8e:d8:71:09:7e:15:ae:e1:ba:23:
af:fa:3e:63
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZkF2f5Smm10bWCImeJdaWH4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwOTAxMTUxNjM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzIwNTg5MTViMjdjZWYxYTg0YjIyNjk0ZDZjMzZiODBkNTliMjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5o6ajKPC5qqlrBnENdL5vat4Qbqg
MwFsr28Kc3rMTAHgLXd36vk3f8R+NLAC/CXfW4lZgv8nJawGp1zySl/nM0neoAlk
BxNn6McH8i3d19uoUkanxLg1uL+4UkxivaMO5Yc+xPFQOn1a0Rxwl+k1NGJAbJjc
0BRkI1VVeBnFFBeEReE+A3vJJh5rV/aZlJt4UIZKIuPAZ1CqcgqM7dpjOvG0BT3C
8ddPQIDwLpZO6XP5xCU4UxXyHErWMQNYY/04NLpc/QuBEE83SAauBEMv6mVwdHbS
OqodBD8qBb6oIkJv0qIh4EaJ3OKi6ZGkYN/ANCq0wAGNJjf4xJuhsZPgEQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFGwgWJFbJ87xqEsiaU1sNrgNWbIUMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvYkNCWWtWc256dkdvU3lKcFRXdzJ1QTFac2hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwajAMAwQAHyn7
AwQAHyn8AwQAHyn+AwQALVd+AwQALV8dMAwDBAAtgH0DBAAtgIADBAAtlx0DBABT
ijYDBABYlwgDBABb1GcDBABemr4DBACwdA8DBACwfmADBADBHLIDBADBu2kDBADC
O7swDQYJKoZIhvcNAQELBQADggEBAI+W54wdy6tQVvMxrdScwRBLmXwCBW1bDUxj
5qxoxqk2rUkU+ISxuHcBWOpxEGp6Z7Q+9IKvT3cICG9+fUgH5tGHupl5dyAE+vVg
7ZYBC0IV6Sl/nBCqVFS70MoLu03kU1RH7YmUHKCv3n/SWRQljCcpWK9sgkm9Enho
0mDUUDngeVdhhM0l053ZjF/SBbBVlMrUNnRee5cQEaNImTM1z6jqxZMeFjik2sNH
fmyP1qxJ9kKkVqurkskGULU54HRotRZFfdn+nc9nAB0uUX31Y4vxVxOPTVV0t65X
db+fOn8EUQXj4Xda4j7g9tV6L3QHK8mGjthxCX4VruG6I6/6PmM=
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:46 2025 by rpki-client