Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/BKQznejUWQ60TuGm9rYkoGduhm8.roa
File: BKQznejUWQ60TuGm9rYkoGduhm8.roa (raw, json)
Hash identifier: O398a+KiJXVcAv/CECjXR8PP+APYUvmzkRhPMc+yNKA=
Subject key identifier: 04:A4:33:9D:E8:D4:59:0E:B4:4E:E1:A6:F6:B6:24:A0:67:6E:86:6F
Certificate issuer: /CN=e7fed4e778209c3cae93d4b76d350704462c3aab
Certificate serial: 01977D973CBA7316D88501A2EC29979FE0E7
Authority key identifier: E7:FE:D4:E7:78:20:9C:3C:AE:93:D4:B7:6D:35:07:04:46:2C:3A:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_7U53ggnDyuk9S3bTUHBEYsOqs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/BKQznejUWQ60TuGm9rYkoGduhm8.roa
Signing time: Tue 17 Jun 2025 11:12:32 +0000
ROA not before: Tue 17 Jun 2025 11:12:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59703
IP address blocks: 45.140.30.0/23 maxlen: 23
89.33.129.0/24 maxlen: 24
89.44.112.0/24 maxlen: 24
89.44.113.0/24 maxlen: 24
89.44.118.0/24 maxlen: 24
89.44.119.0/24 maxlen: 24
89.45.68.0/24 maxlen: 24
89.45.69.0/24 maxlen: 24
89.45.126.0/23 maxlen: 23
89.45.126.0/24 maxlen: 24
89.45.127.0/24 maxlen: 24
185.46.0.0/23 maxlen: 23
185.46.2.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/5_7U53ggnDyuk9S3bTUHBEYsOqs.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/5_7U53ggnDyuk9S3bTUHBEYsOqs.mft
rsync://rpki.ripe.net/repository/DEFAULT/5_7U53ggnDyuk9S3bTUHBEYsOqs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7d:97:3c:ba:73:16:d8:85:01:a2:ec:29:97:9f:e0:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7fed4e778209c3cae93d4b76d350704462c3aab
Validity
Not Before: Jun 17 11:12:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04a4339de8d4590eb44ee1a6f6b624a0676e866f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:26:cd:96:45:13:68:f2:4e:c4:40:03:9a:a4:
e4:43:e8:06:d4:5d:05:f5:c9:4a:ea:aa:ce:33:09:
38:83:b9:9c:4b:bd:dd:48:06:73:c0:84:53:1f:2a:
bc:ae:5c:b9:43:11:d8:8c:c0:64:0b:b3:2d:2b:6f:
64:16:cb:76:2e:26:2b:23:ef:35:fc:a8:80:01:9a:
9e:a8:5d:41:f9:52:65:38:f7:c1:c1:7a:dc:34:1f:
b9:e5:1d:08:41:83:6a:ca:78:11:99:7e:81:85:43:
cb:d6:da:0f:c6:98:f4:1a:c0:80:2c:db:c6:92:75:
d6:23:bc:d3:4f:7a:d4:b8:b5:bd:d3:64:67:dc:e0:
52:37:af:94:db:d1:9f:13:63:bd:0a:ad:ba:08:e1:
bc:59:80:af:0e:65:44:66:ee:be:c6:12:cc:ac:f4:
3a:cf:45:be:d7:8b:04:c8:ab:52:1f:56:93:97:97:
34:2c:63:a2:4d:b6:89:1e:b2:eb:a6:b0:88:4e:d0:
76:e8:ba:37:d5:3a:2e:53:c6:3e:31:4c:5f:56:82:
a9:1c:ad:b6:9e:cd:54:f3:c4:fb:61:b5:9f:93:fe:
8a:99:a8:25:77:b2:1b:c5:3a:05:93:29:cc:1f:40:
01:5c:41:e6:4e:f7:54:91:7c:0e:97:4c:ff:44:45:
04:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:A4:33:9D:E8:D4:59:0E:B4:4E:E1:A6:F6:B6:24:A0:67:6E:86:6F
X509v3 Authority Key Identifier:
keyid:E7:FE:D4:E7:78:20:9C:3C:AE:93:D4:B7:6D:35:07:04:46:2C:3A:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_7U53ggnDyuk9S3bTUHBEYsOqs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/BKQznejUWQ60TuGm9rYkoGduhm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/22a3c7-6fe5-49e1-935d-8bb80152ab34/1/5_7U53ggnDyuk9S3bTUHBEYsOqs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.30.0/23
89.33.129.0/24
89.44.112.0/23
89.44.118.0/23
89.45.68.0/23
89.45.126.0/23
185.46.0.0/22
Signature Algorithm: sha256WithRSAEncryption
32:32:d6:7d:21:29:79:5f:73:1c:bf:42:9f:fb:cf:e3:47:23:
6e:60:6a:05:85:e7:26:d8:48:f4:60:32:f7:ba:de:e4:a5:79:
4d:d0:c1:eb:b2:6d:e4:12:63:e1:bb:07:03:29:7e:75:d9:e5:
b3:4d:26:9a:a2:51:3a:2f:28:ae:1d:85:3a:52:cc:7e:2d:ea:
c5:b6:64:ca:65:52:00:65:60:61:37:54:f2:48:9f:07:82:d4:
56:e2:2f:b6:a9:a8:d2:5b:0c:10:4b:17:b5:c0:84:e8:42:2b:
9e:cd:cf:96:b4:7a:b9:83:2f:eb:71:bf:22:9f:a8:0f:b9:d2:
42:18:15:9a:14:da:5c:ce:79:39:e4:1d:b8:8e:53:69:90:04:
94:ef:3e:09:e2:37:71:a2:a9:fa:3a:04:10:65:0b:1f:dc:ed:
f0:ef:c0:c9:f2:0e:43:92:2b:e2:a8:76:be:b7:0b:84:b5:d0:
da:12:6e:b8:1c:ad:a5:61:57:50:f1:18:5b:b6:da:bf:ac:79:
84:78:6c:0d:a6:56:26:a9:ac:59:8a:b1:22:e3:40:e4:03:ea:
bf:15:41:e8:49:dd:ea:31:28:99:59:03:52:fc:69:a6:96:f1:
4d:a7:aa:dd:b4:99:5e:e1:ee:af:cd:d0:64:4d:4c:41:34:d4:
b0:4f:cd:ec
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZd9lzy6cxbYhQGi7CmXn+DnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZmVkNGU3NzgyMDljM2NhZTkzZDRiNzZkMzUwNzA0NDYy
YzNhYWIwHhcNMjUwNjE3MTExMjMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGE0MzM5ZGU4ZDQ1OTBlYjQ0ZWUxYTZmNmI2MjRhMDY3NmU4NjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSbNlkUTaPJOxEADmqTkQ+gG1F0F
9clK6qrOMwk4g7mcS73dSAZzwIRTHyq8rly5QxHYjMBkC7MtK29kFst2LiYrI+81
/KiAAZqeqF1B+VJlOPfBwXrcNB+55R0IQYNqyngRmX6BhUPL1toPxpj0GsCALNvG
knXWI7zTT3rUuLW902Rn3OBSN6+U29GfE2O9Cq26COG8WYCvDmVEZu6+xhLMrPQ6
z0W+14sEyKtSH1aTl5c0LGOiTbaJHrLrprCITtB26Lo31TouU8Y+MUxfVoKpHK22
ns1U88T7YbWfk/6Kmagld7IbxToFkynMH0ABXEHmTvdUkXwOl0z/REUEAQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFASkM53o1FkOtE7hpva2JKBnboZvMB8GA1UdIwQY
MBaAFOf+1Od4IJw8rpPUt201BwRGLDqrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV83VTUzZ2duRHl1azlTM2JUVUhCRVlzT3FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8yMmEzYzctNmZlNS00OWUxLTkzNWQt
OGJiODAxNTJhYjM0LzEvQktRem5lalVXUTYwVHVHbTlyWWtvR2R1aG04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8yMmEzYzctNmZlNS00OWUxLTkzNWQtOGJiODAxNTJhYjM0
LzEvNV83VTUzZ2duRHl1azlTM2JUVUhCRVlzT3FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLYweAwQA
WSGBAwQBWSxwAwQBWSx2AwQBWS1EAwQBWS1+AwQCuS4AMA0GCSqGSIb3DQEBCwUA
A4IBAQAyMtZ9ISl5X3Mcv0Kf+8/jRyNuYGoFhecm2Ej0YDL3ut7kpXlN0MHrsm3k
EmPhuwcDKX512eWzTSaaolE6LyiuHYU6Usx+LerFtmTKZVIAZWBhN1TySJ8HgtRW
4i+2qajSWwwQSxe1wIToQiuezc+WtHq5gy/rcb8in6gPudJCGBWaFNpcznk55B24
jlNpkASU7z4J4jdxoqn6OgQQZQsf3O3w78DJ8g5DkiviqHa+twuEtdDaEm64HK2l
YVdQ8Rhbttq/rHmEeGwNplYmqaxZirEi40DkA+q/FUHoSd3qMSiZWQNS/GmmlvFN
p6rdtJle4e6vzdBkTUxBNNSwT83s
-----END CERTIFICATE-----
Generated at Thu Jul 3 07:56:21 2025 by rpki-client