Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/bKjVJOTQEmK6CBXhuHKDL_MtVNA.roa
File: bKjVJOTQEmK6CBXhuHKDL_MtVNA.roa (raw, json)
Hash identifier: bw0+h33P5VdWTPSoMFRvI+rSiT2enbeGyOyycE406Ig=
Subject key identifier: 6C:A8:D5:24:E4:D0:12:62:BA:08:15:E1:B8:72:83:2F:F3:2D:54:D0
Certificate issuer: /CN=ea46963cc479dadbe3c52234ab9fabaa8122d25b
Certificate serial: 01978192E74156B0742811B7888E3ACB5462
Authority key identifier: EA:46:96:3C:C4:79:DA:DB:E3:C5:22:34:AB:9F:AB:AA:81:22:D2:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/bKjVJOTQEmK6CBXhuHKDL_MtVNA.roa
Signing time: Wed 18 Jun 2025 05:46:17 +0000
ROA not before: Wed 18 Jun 2025 05:46:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 91.195.242.0/23 maxlen: 24
139.66.0.0/16 maxlen: 24
147.204.0.0/16 maxlen: 24
155.56.0.0/16 maxlen: 24
194.39.128.0/21 maxlen: 24
194.39.136.0/22 maxlen: 24
194.45.236.0/23 maxlen: 24
194.55.88.0/22 maxlen: 24
2a00:fe00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.mft
rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 09:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:81:92:e7:41:56:b0:74:28:11:b7:88:8e:3a:cb:54:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea46963cc479dadbe3c52234ab9fabaa8122d25b
Validity
Not Before: Jun 18 05:46:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ca8d524e4d01262ba0815e1b872832ff32d54d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d7:25:f9:1a:77:dd:dd:72:f6:24:8d:97:56:
80:65:da:e4:dd:29:10:d7:33:ad:3d:20:e8:00:2f:
ab:3a:3f:e9:89:8f:01:73:9b:21:3e:67:cc:7f:b8:
59:65:36:ce:ff:cc:cb:1e:ac:b2:1d:a6:97:65:02:
4b:1c:8f:64:7e:94:c6:1e:1d:6b:6b:41:20:29:95:
f7:86:03:75:30:ed:72:a7:c0:a7:8c:88:61:f0:b0:
94:16:7a:0d:d7:89:bb:8c:36:59:c3:ee:4e:66:f9:
f8:42:3a:57:3f:c2:5e:a6:ee:61:6c:f6:69:2f:3f:
45:19:29:01:c9:9a:32:7c:06:6a:51:1b:ef:a6:74:
ca:13:b0:4f:6e:b4:ce:16:36:49:ba:40:7d:c2:0e:
b7:9c:48:03:d6:97:74:78:94:5b:af:82:bd:84:ad:
63:cb:96:ad:c2:5c:fc:33:c3:f7:07:a5:50:ee:4d:
df:a7:85:a7:c1:7c:b5:70:73:5f:e0:89:31:72:f9:
5f:de:b5:cc:0c:bb:0e:aa:fe:19:e1:d1:fc:a0:22:
3f:b8:1f:fb:26:f4:a5:1f:e5:82:74:07:cc:1b:01:
d9:2c:45:46:52:ac:5c:d6:7f:fd:bc:82:8c:ec:0c:
64:0d:cb:9e:91:ed:e9:91:8a:8c:9e:c6:80:3d:c9:
6d:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A8:D5:24:E4:D0:12:62:BA:08:15:E1:B8:72:83:2F:F3:2D:54:D0
X509v3 Authority Key Identifier:
keyid:EA:46:96:3C:C4:79:DA:DB:E3:C5:22:34:AB:9F:AB:AA:81:22:D2:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/bKjVJOTQEmK6CBXhuHKDL_MtVNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.242.0/23
139.66.0.0/16
147.204.0.0/16
155.56.0.0/16
194.39.128.0-194.39.139.255
194.45.236.0/23
194.55.88.0/22
IPv6:
2a00:fe00::/32
Signature Algorithm: sha256WithRSAEncryption
32:a9:66:87:c2:e6:18:1a:3a:e0:3e:fc:c5:a3:be:b0:28:1a:
b7:ad:73:fd:06:10:24:e7:10:e1:ec:d9:63:63:03:09:bb:6b:
b3:d7:e7:2e:54:bc:c9:d9:30:3b:98:c5:34:07:f2:68:e4:47:
d0:d7:d4:43:7f:85:d2:c7:16:6c:16:f6:05:ec:c5:16:a9:29:
84:6f:0a:b6:23:d7:32:4f:5d:36:e3:61:33:3f:ff:26:ee:f3:
5a:2d:1b:64:0d:f7:4c:75:2b:49:f8:09:10:ee:4f:35:6b:27:
70:19:9a:46:b1:30:e9:7e:42:87:9e:ea:f8:81:db:d0:c0:58:
70:09:a5:46:0e:56:ff:8d:d7:42:96:19:ea:c0:8a:16:a4:9e:
ea:0a:c4:eb:6d:f0:a5:3a:d0:71:90:93:9d:67:5b:1f:7f:b8:
82:a5:c7:bc:38:68:5e:a5:54:a8:75:0a:1f:e1:de:4e:f0:60:
db:63:84:b6:2a:80:30:1d:ed:cd:0c:24:ed:3f:10:36:4d:85:
ca:d4:27:ba:ff:7e:b2:10:86:ed:2d:bb:9a:16:28:83:5b:57:
8d:de:b6:f0:5a:61:c7:93:75:ed:68:e1:01:18:d7:db:86:92:
e8:a8:42:b2:28:51:7c:ce:c4:a9:4d:8a:f3:45:3e:7e:bb:1b:
5e:12:09:b2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZeBkudBVrB0KBG3iI46y1RiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNDY5NjNjYzQ3OWRhZGJlM2M1MjIzNGFiOWZhYmFhODEy
MmQyNWIwHhcNMjUwNjE4MDU0NjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2E4ZDUyNGU0ZDAxMjYyYmEwODE1ZTFiODcyODMyZmYzMmQ1NGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Ncl+Rp33d1y9iSNl1aAZdrk3SkQ
1zOtPSDoAC+rOj/piY8Bc5shPmfMf7hZZTbO/8zLHqyyHaaXZQJLHI9kfpTGHh1r
a0EgKZX3hgN1MO1yp8CnjIhh8LCUFnoN14m7jDZZw+5OZvn4QjpXP8Jepu5hbPZp
Lz9FGSkByZoyfAZqURvvpnTKE7BPbrTOFjZJukB9wg63nEgD1pd0eJRbr4K9hK1j
y5atwlz8M8P3B6VQ7k3fp4WnwXy1cHNf4Ikxcvlf3rXMDLsOqv4Z4dH8oCI/uB/7
JvSlH+WCdAfMGwHZLEVGUqxc1n/9vIKM7AxkDcueke3pkYqMnsaAPcltFQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFGyo1STk0BJiuggV4bhygy/zLVTQMB8GA1UdIwQY
MBaAFOpGljzEedrb48UiNKufq6qBItJbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmthV1BNUjUydHZqeFNJMHE1LXJxb0VpMGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9lODYyZGUtYzQ2Yy00ZjIxLWIzOGUt
ZWI1YmM3ZDk3YWEwLzEvYktqVkpPVFFFbUs2Q0JYaHVIS0RMX010Vk5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9lODYyZGUtYzQ2Yy00ZjIxLWIzOGUtZWI1YmM3ZDk3YWEw
LzEvNmthV1BNUjUydHZqeFNJMHE1LXJxb0VpMGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjA1BAIAATAvAwQBW8PyAwMA
i0IDAwCTzAMDAJs4MAwDBAfCJ4ADBALCJ4gDBAHCLewDBALCN1gwDQQCAAIwBwMF
ACoA/gAwDQYJKoZIhvcNAQELBQADggEBADKpZofC5hgaOuA+/MWjvrAoGretc/0G
ECTnEOHs2WNjAwm7a7PX5y5UvMnZMDuYxTQH8mjkR9DX1EN/hdLHFmwW9gXsxRap
KYRvCrYj1zJPXTbjYTM//ybu81otG2QN90x1K0n4CRDuTzVrJ3AZmkaxMOl+Qoee
6viB29DAWHAJpUYOVv+N10KWGerAihaknuoKxOtt8KU60HGQk51nWx9/uIKlx7w4
aF6lVKh1Ch/h3k7wYNtjhLYqgDAd7c0MJO0/EDZNhcrUJ7r/frIQhu0tu5oWKINb
V43etvBaYceTde1o4QEY19uGkuioQrIoUXzOxKlNivNFPn67G14SCbI=
-----END CERTIFICATE-----
Generated at Sun Jun 29 17:10:28 2025 by rpki-client