Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/BzkbGahih7pOTa5nqw1O7ACzwY4.roa
File: BzkbGahih7pOTa5nqw1O7ACzwY4.roa (raw, json)
Hash identifier: tSlEIaeeRu+se53sPLrkr3gMXzvlFTdPbHMazU5Wmds=
Subject key identifier: 07:39:1B:19:A8:62:87:BA:4E:4D:AE:67:AB:0D:4E:EC:00:B3:C1:8E
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 0198CC3C5C49A3CC5A09C1CB68C0A02726DF
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/BzkbGahih7pOTa5nqw1O7ACzwY4.roa
Signing time: Thu 21 Aug 2025 10:46:04 +0000
ROA not before: Thu 21 Aug 2025 10:46:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197540
IP address blocks: 94.16.30.0/23 maxlen: 23
94.16.30.128/25 maxlen: 25
94.16.104.0/22 maxlen: 24
94.16.108.0/22 maxlen: 24
94.16.112.0/21 maxlen: 24
94.16.120.0/22 maxlen: 24
185.216.176.0/22 maxlen: 22
185.232.68.0/22 maxlen: 22
188.172.228.0/23 maxlen: 24
193.26.156.0/22 maxlen: 22
194.36.144.0/22 maxlen: 22
2a00:11c0:47:1000::/52 maxlen: 52
2a00:11c0:47:2000::/56 maxlen: 56
2a00:11c0:47:3000::/52 maxlen: 52
2a00:11c0:5d::/48 maxlen: 48
2a00:11c0:5f::/48 maxlen: 48
2a00:11c0:5f:100::/56 maxlen: 56
2a00:11c0:5f:200::/56 maxlen: 56
2a00:11c0:5f:1000::/56 maxlen: 56
2a00:11c0:5f:2000::/52 maxlen: 52
2a00:11c0:5f:3000::/52 maxlen: 52
2a00:11c0:60::/48 maxlen: 48
2a00:11c0:81::/56 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cc:3c:5c:49:a3:cc:5a:09:c1:cb:68:c0:a0:27:26:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Aug 21 10:46:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07391b19a86287ba4e4dae67ab0d4eec00b3c18e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:57:4b:fd:f4:7c:2d:df:ee:8e:38:75:86:37:
83:a5:0b:d5:30:08:4f:6d:69:1a:31:3c:29:df:0c:
a0:5a:75:a1:13:a2:04:c4:6d:88:c3:df:73:a3:68:
6b:66:5b:b9:c1:00:f4:d2:5e:76:5e:cd:31:f1:f5:
77:71:8c:b7:d6:40:69:42:b3:c0:a3:c5:16:c4:a3:
36:cc:d8:64:40:5b:7c:5e:63:88:e1:cc:c4:95:7a:
43:19:af:fe:0b:21:c9:3f:fd:f6:73:a1:55:f5:e3:
ff:cb:fc:f2:33:10:5e:f9:59:f0:6e:cf:ae:6e:1a:
10:94:a4:b7:52:a0:a7:ad:8e:01:f6:9a:6a:ec:75:
b2:ee:0c:55:70:a0:55:30:84:d9:e6:fe:48:a7:d7:
d1:48:c5:71:47:88:7a:e6:8d:63:98:8e:64:32:e9:
b7:de:44:b9:c6:94:95:80:85:08:af:52:ff:6d:1d:
66:f3:40:fa:2b:23:c4:12:18:59:d3:02:cc:83:6e:
44:ab:08:39:8a:d4:e6:34:70:81:c2:4a:66:d1:6d:
2e:94:c2:54:4b:24:94:e6:11:6f:b6:37:d0:28:a8:
50:e9:8d:6c:39:6e:8f:ee:fa:7b:6c:b1:d0:cc:66:
17:3f:76:8f:04:2f:86:73:2a:02:6e:83:2d:c5:01:
04:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:39:1B:19:A8:62:87:BA:4E:4D:AE:67:AB:0D:4E:EC:00:B3:C1:8E
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/BzkbGahih7pOTa5nqw1O7ACzwY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.16.30.0/23
94.16.104.0-94.16.123.255
185.216.176.0/22
185.232.68.0/22
188.172.228.0/23
193.26.156.0/22
194.36.144.0/22
IPv6:
2a00:11c0:47:1000::-2a00:11c0:47:20ff:ffff:ffff:ffff:ffff
2a00:11c0:47:3000::/52
2a00:11c0:5d::/48
2a00:11c0:5f::-2a00:11c0:60:ffff:ffff:ffff:ffff:ffff
2a00:11c0:81::/56
Signature Algorithm: sha256WithRSAEncryption
a2:90:87:c9:cd:c8:b3:66:0a:ab:a5:99:b4:d3:5a:bf:8d:20:
76:40:bd:62:46:e8:98:6e:89:eb:94:15:f5:20:89:24:2a:da:
e8:27:29:f6:f3:ab:6e:0d:10:78:90:d5:1f:fd:56:98:42:5e:
66:77:8c:45:13:1d:b9:25:08:7e:e9:c7:88:cb:38:4a:36:ec:
40:a1:4b:b7:fb:54:16:20:c0:ef:34:4d:5f:90:fb:e9:76:6e:
32:4b:bc:c9:19:1f:74:c4:55:31:cc:a4:eb:e6:15:d8:8f:e6:
46:05:ae:8b:06:c2:d9:c4:da:86:18:de:e0:d7:18:58:74:3d:
6b:4e:eb:44:a3:55:a0:3e:cb:7f:50:cb:56:65:b1:ab:2d:e4:
a2:2a:dd:52:bf:29:6c:dd:c9:f3:ef:11:9d:1d:14:3c:63:31:
f7:10:a3:40:3a:d8:97:31:91:46:ed:20:eb:9d:f7:b5:ae:d1:
a5:80:53:cb:7f:2d:07:95:9d:d3:52:2f:33:13:fc:4b:de:42:
f2:4d:d8:e0:df:50:b8:07:52:3b:3a:bd:f9:5f:f1:50:4c:10:
33:6b:04:1b:10:c7:f1:b2:25:48:0a:e3:e7:d9:d2:79:5d:80:
85:bd:4c:57:4d:d3:ca:6c:79:66:8d:53:f3:50:5e:45:68:04:
be:c8:56:21
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZjMPFxJo8xaCcHLaMCgJybfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjUwODIxMTA0NjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzM5MWIxOWE4NjI4N2JhNGU0ZGFlNjdhYjBkNGVlYzAwYjNjMThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxldL/fR8Ld/ujjh1hjeDpQvVMAhP
bWkaMTwp3wygWnWhE6IExG2Iw99zo2hrZlu5wQD00l52Xs0x8fV3cYy31kBpQrPA
o8UWxKM2zNhkQFt8XmOI4czElXpDGa/+CyHJP/32c6FV9eP/y/zyMxBe+Vnwbs+u
bhoQlKS3UqCnrY4B9ppq7HWy7gxVcKBVMITZ5v5Ip9fRSMVxR4h65o1jmI5kMum3
3kS5xpSVgIUIr1L/bR1m80D6KyPEEhhZ0wLMg25Eqwg5itTmNHCBwkpm0W0ulMJU
SySU5hFvtjfQKKhQ6Y1sOW6P7vp7bLHQzGYXP3aPBC+GcyoCboMtxQEEKQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFAc5GxmoYoe6Tk2uZ6sNTuwAs8GOMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvQnprYkdhaGloN3BPVGE1bnF3MU83QUN6d1k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTA4BAIAATAyAwQBXhAe
MAwDBANeEGgDBAJeEHgDBAK52LADBAK56EQDBAG8rOQDBALBGpwDBALCJJAwTQQC
AAIwRzAUAwgEKgARwABHEAMIACoAEcAARyADCAQqABHAAEcwAwcAKgARwABdMBID
BwAqABHAAF8DBwAqABHAAGADCAAqABHAAIEAMA0GCSqGSIb3DQEBCwUAA4IBAQCi
kIfJzcizZgqrpZm001q/jSB2QL1iRuiYbonrlBX1IIkkKtroJyn286tuDRB4kNUf
/VaYQl5md4xFEx25JQh+6ceIyzhKNuxAoUu3+1QWIMDvNE1fkPvpdm4yS7zJGR90
xFUxzKTr5hXYj+ZGBa6LBsLZxNqGGN7g1xhYdD1rTutEo1WgPst/UMtWZbGrLeSi
Kt1Svyls3cnz7xGdHRQ8YzH3EKNAOtiXMZFG7SDrnfe1rtGlgFPLfy0HlZ3TUi8z
E/xL3kLyTdjg31C4B1I7Or35X/FQTBAzawQbEMfxsiVICuPn2dJ5XYCFvUxXTdPK
bHlmjVPzUF5FaAS+yFYh
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:10:52 2025 by rpki-client