Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/BGKLdnBBDejou33OrAMguB4fA_4.roa
File: BGKLdnBBDejou33OrAMguB4fA_4.roa (raw, json)
Hash identifier: nQjabd0iTAbPBudq8662bhERneJSKjsRW9LjqK/8NoE=
Subject key identifier: 04:62:8B:76:70:41:0D:E8:E8:BB:7D:CE:AC:03:20:B8:1E:1F:03:FE
Certificate issuer: /CN=1795ac843cd8ba90188f7313652bb561299b296f
Certificate serial: 0198BBBFC6AC5FEE42B1024BFD761BCAE9B7
Authority key identifier: 17:95:AC:84:3C:D8:BA:90:18:8F:73:13:65:2B:B5:61:29:9B:29:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5WshDzYupAYj3MTZSu1YSmbKW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/BGKLdnBBDejou33OrAMguB4fA_4.roa
Signing time: Mon 18 Aug 2025 05:56:04 +0000
ROA not before: Mon 18 Aug 2025 05:56:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31313
IP address blocks: 86.105.108.0/22 maxlen: 32
86.105.216.0/22 maxlen: 32
89.35.192.0/24 maxlen: 32
89.41.56.0/23 maxlen: 32
89.42.116.0/23 maxlen: 32
89.43.190.0/23 maxlen: 32
89.200.246.0/23 maxlen: 32
89.200.247.0/24 maxlen: 32
91.235.4.0/23 maxlen: 32
93.113.29.0/24 maxlen: 32
130.195.57.0/24 maxlen: 24
176.126.252.0/22 maxlen: 32
176.126.252.0/24 maxlen: 24
176.126.253.0/24 maxlen: 24
176.126.254.0/24 maxlen: 24
176.126.255.0/24 maxlen: 24
185.57.80.0/22 maxlen: 32
185.57.80.0/24 maxlen: 24
185.57.81.0/24 maxlen: 24
185.233.148.0/22 maxlen: 32
185.233.148.0/24 maxlen: 24
185.233.149.0/24 maxlen: 24
185.233.150.0/24 maxlen: 24
185.233.151.0/24 maxlen: 24
193.151.28.0/22 maxlen: 32
193.169.21.0/24 maxlen: 32
195.242.244.0/22 maxlen: 32
203.25.143.0/24 maxlen: 32
213.177.0.0/21 maxlen: 32
213.177.8.0/21 maxlen: 32
213.177.16.0/21 maxlen: 32
213.177.24.0/21 maxlen: 32
2a00:5dc0::/29 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/F5WshDzYupAYj3MTZSu1YSmbKW8.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/F5WshDzYupAYj3MTZSu1YSmbKW8.mft
rsync://rpki.ripe.net/repository/DEFAULT/F5WshDzYupAYj3MTZSu1YSmbKW8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bb:bf:c6:ac:5f:ee:42:b1:02:4b:fd:76:1b:ca:e9:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1795ac843cd8ba90188f7313652bb561299b296f
Validity
Not Before: Aug 18 05:56:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04628b7670410de8e8bb7dceac0320b81e1f03fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:c0:f7:e8:c2:94:64:58:8b:04:57:10:26:00:
ee:81:8d:af:96:36:78:5f:0e:df:88:5f:48:3a:05:
94:e4:7a:89:c9:07:ff:e7:8f:dd:9c:60:ba:15:93:
46:df:66:e3:20:ca:0c:7e:e3:6d:3e:63:8c:74:1e:
0c:92:0e:61:4e:36:69:cb:b6:a3:b8:33:a8:dd:9b:
7e:25:cf:64:9e:44:fe:5a:1c:38:5e:9a:d5:c1:81:
35:31:77:86:78:ad:60:7b:ed:63:93:49:d2:d5:48:
44:43:e8:d2:c4:7f:97:b3:74:de:e3:e1:c6:2e:77:
2c:d1:7f:5d:0e:51:59:17:40:b8:08:fb:99:5d:3e:
07:53:76:78:11:57:8c:b8:71:c8:f7:77:99:ed:da:
a9:f7:1e:ec:6b:b7:11:7d:eb:84:79:3a:1e:6d:21:
56:ac:61:d1:de:46:26:2c:eb:17:98:06:e6:50:a8:
35:2e:2b:bb:cf:d7:b8:0d:99:0f:a0:58:a6:86:5f:
0b:25:14:97:b9:1e:5a:06:42:e1:0d:8a:c1:0e:10:
59:67:1b:5f:82:1c:8d:18:35:83:bc:41:ce:d4:d2:
58:11:70:ed:f6:9f:41:93:dc:80:cd:af:16:8d:33:
ba:ec:53:6d:83:51:13:18:43:e7:b5:8a:73:db:d0:
fd:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:62:8B:76:70:41:0D:E8:E8:BB:7D:CE:AC:03:20:B8:1E:1F:03:FE
X509v3 Authority Key Identifier:
keyid:17:95:AC:84:3C:D8:BA:90:18:8F:73:13:65:2B:B5:61:29:9B:29:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5WshDzYupAYj3MTZSu1YSmbKW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/BGKLdnBBDejou33OrAMguB4fA_4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/F5WshDzYupAYj3MTZSu1YSmbKW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.108.0/22
86.105.216.0/22
89.35.192.0/24
89.41.56.0/23
89.42.116.0/23
89.43.190.0/23
89.200.246.0/23
91.235.4.0/23
93.113.29.0/24
130.195.57.0/24
176.126.252.0/22
185.57.80.0/22
185.233.148.0/22
193.151.28.0/22
193.169.21.0/24
195.242.244.0/22
203.25.143.0/24
213.177.0.0/19
IPv6:
2a00:5dc0::/29
Signature Algorithm: sha256WithRSAEncryption
8c:f8:f6:9b:d6:a0:d5:84:5f:24:0c:61:ae:be:85:da:c6:80:
38:29:13:bc:ba:7a:32:ed:fd:38:7f:be:d4:79:ac:ff:09:9e:
27:63:6d:96:5b:75:3e:fd:59:60:2e:a8:ff:66:07:e0:f2:0c:
67:bc:fd:52:fa:82:c0:1b:40:73:31:7f:76:f1:2a:38:4d:80:
05:4d:dd:81:7a:d0:c8:b8:1f:93:db:59:0f:94:cf:b2:4a:3e:
42:a3:85:aa:37:8b:0b:b6:97:0e:ea:99:5d:c2:ea:30:f2:60:
dd:8d:32:ff:71:97:9c:f1:2d:be:46:5a:4e:ca:4c:03:71:b6:
30:3e:df:47:6c:90:34:66:5c:2e:a5:5b:34:6f:b1:46:b5:8e:
b0:a1:c7:44:30:54:ed:50:e3:ee:31:2e:6a:69:ca:da:49:87:
f0:eb:f5:e1:5a:46:0e:fd:11:ab:79:19:7f:f2:01:9b:cc:55:
81:6c:4b:06:f0:e0:a6:82:69:51:b9:ec:bc:2c:69:f0:24:62:
c7:b4:b6:d8:7f:b0:9e:83:65:01:76:dd:cd:1d:e2:7b:29:99:
0e:5c:26:34:b2:85:6f:4d:c0:b8:04:75:62:08:89:a8:cc:83:
8e:ea:0c:7d:c2:87:1d:3f:3d:67:16:71:bd:ca:ce:96:5c:a5:
ab:79:bd:e5
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZi7v8asX+5CsQJL/XYbyum3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTVhYzg0M2NkOGJhOTAxODhmNzMxMzY1MmJiNTYxMjk5
YjI5NmYwHhcNMjUwODE4MDU1NjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDYyOGI3NjcwNDEwZGU4ZThiYjdkY2VhYzAzMjBiODFlMWYwM2ZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+sD36MKUZFiLBFcQJgDugY2vljZ4
Xw7fiF9IOgWU5HqJyQf/54/dnGC6FZNG32bjIMoMfuNtPmOMdB4Mkg5hTjZpy7aj
uDOo3Zt+Jc9knkT+Whw4XprVwYE1MXeGeK1ge+1jk0nS1UhEQ+jSxH+Xs3Te4+HG
Lncs0X9dDlFZF0C4CPuZXT4HU3Z4EVeMuHHI93eZ7dqp9x7sa7cRfeuEeToebSFW
rGHR3kYmLOsXmAbmUKg1Liu7z9e4DZkPoFimhl8LJRSXuR5aBkLhDYrBDhBZZxtf
ghyNGDWDvEHO1NJYEXDt9p9Bk9yAza8WjTO67FNtg1ETGEPntYpz29D9SwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFARii3ZwQQ3o6Lt9zqwDILgeHwP+MB8GA1UdIwQY
MBaAFBeVrIQ82LqQGI9zE2UrtWEpmylvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVXc2hEell1cEFZajNNVFpTdTFZU21iS1c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS82NjgzZjQtM2VlYy00ZGNiLTg3ODct
NzMxYWJjNmY3NWNhLzEvQkdLTGRuQkJEZWpvdTMzT3JBTWd1QjRmQV80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS82NjgzZjQtM2VlYy00ZGNiLTg3ODctNzMxYWJjNmY3NWNh
LzEvRjVXc2hEell1cEFZajNNVFpTdTFZU21iS1c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzByBAIAATBsAwQCVmls
AwQCVmnYAwQAWSPAAwQBWSk4AwQBWSp0AwQBWSu+AwQBWcj2AwQBW+sEAwQAXXEd
AwQAgsM5AwQCsH78AwQCuTlQAwQCuemUAwQCwZccAwQAwakVAwQCw/L0AwQAyxmP
AwQF1bEAMA0EAgACMAcDBQMqAF3AMA0GCSqGSIb3DQEBCwUAA4IBAQCM+Pab1qDV
hF8kDGGuvoXaxoA4KRO8unoy7f04f77Ueaz/CZ4nY22WW3U+/VlgLqj/Zgfg8gxn
vP1S+oLAG0BzMX928So4TYAFTd2BetDIuB+T21kPlM+ySj5Co4WqN4sLtpcO6pld
wuow8mDdjTL/cZec8S2+RlpOykwDcbYwPt9HbJA0ZlwupVs0b7FGtY6wocdEMFTt
UOPuMS5qacraSYfw6/XhWkYO/RGreRl/8gGbzFWBbEsG8OCmgmlRuey8LGnwJGLH
tLbYf7Ceg2UBdt3NHeJ7KZkOXCY0soVvTcC4BHViCImozIOO6gx9wocdPz1nFnG9
ys6WXKWreb3l
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:35:15 2025 by rpki-client