Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/bHy-mIa0N2PUBmcSaAbEEYNgoP4.roa
File: bHy-mIa0N2PUBmcSaAbEEYNgoP4.roa (raw, json)
Hash identifier: iverEw7JZB7HHr8v7fULJa+xWlt0LPnIKcpn5P2mNxQ=
Subject key identifier: 6C:7C:BE:98:86:B4:37:63:D4:06:67:12:68:06:C4:11:83:60:A0:FE
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 01997ADEC58A49653FDAF719B15A5DE87DC0
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/bHy-mIa0N2PUBmcSaAbEEYNgoP4.roa
Signing time: Wed 24 Sep 2025 08:37:23 +0000
ROA not before: Wed 24 Sep 2025 08:37:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41313
IP address blocks: 46.35.160.0/19 maxlen: 24
79.110.120.0/21 maxlen: 24
80.95.16.0/21 maxlen: 24
93.152.234.0/23 maxlen: 24
93.175.244.0/22 maxlen: 24
95.158.128.0/18 maxlen: 24
95.158.140.0/23 maxlen: 24
151.252.192.0/20 maxlen: 24
185.18.228.0/22 maxlen: 24
185.40.164.0/22 maxlen: 24
212.21.128.0/19 maxlen: 24
2a00:e200::/32 maxlen: 48
2a0d:3b40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.mft
rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7a:de:c5:8a:49:65:3f:da:f7:19:b1:5a:5d:e8:7d:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Sep 24 08:37:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c7cbe9886b43763d40667126806c4118360a0fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:44:f2:22:f5:27:8d:91:5a:f0:51:11:16:95:
97:66:e7:c5:72:ed:9d:17:42:8e:76:da:54:97:f5:
e3:5d:50:af:a4:d5:72:9e:5c:cc:9b:88:8d:a3:eb:
7f:45:1c:7b:66:94:56:80:ca:5c:0b:c5:39:f0:fb:
d8:bd:1d:57:28:4d:09:a9:4e:26:42:c4:f8:63:ef:
e6:96:b4:84:31:f2:df:ae:ff:a8:ff:6a:3d:2c:8f:
59:ab:d6:7f:a7:3d:f8:6e:60:db:1e:9d:ef:48:ca:
a1:24:da:5f:dc:9a:6d:7b:5f:0f:3b:88:06:45:5a:
4b:bc:95:4b:12:74:73:21:32:5c:06:26:1c:95:50:
f3:14:67:31:2a:3e:2b:25:f9:68:30:62:5e:3e:3c:
be:7e:85:5e:af:fc:35:e0:07:45:ff:85:af:f6:1d:
91:9f:13:0d:9a:1d:fd:f8:44:39:47:74:30:90:a8:
8c:2b:e7:a6:80:71:55:a5:6e:6c:d3:92:b2:4c:38:
84:f8:c9:72:d6:39:65:46:bd:37:c2:28:c8:f1:bd:
b3:b0:2e:35:77:00:e9:0e:07:bd:86:82:48:7f:94:
3e:ef:3b:ee:7e:71:91:9b:78:2f:ca:8a:cf:92:e8:
83:5b:ea:31:4f:71:f9:61:b8:80:d2:5e:e4:53:a3:
d1:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:7C:BE:98:86:B4:37:63:D4:06:67:12:68:06:C4:11:83:60:A0:FE
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/bHy-mIa0N2PUBmcSaAbEEYNgoP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.35.160.0/19
79.110.120.0/21
80.95.16.0/21
93.152.234.0/23
93.175.244.0/22
95.158.128.0/18
151.252.192.0/20
185.18.228.0/22
185.40.164.0/22
212.21.128.0/19
IPv6:
2a00:e200::/32
2a0d:3b40::/29
Signature Algorithm: sha256WithRSAEncryption
53:2a:ed:85:87:91:c5:76:52:5e:a5:a4:c8:d2:f3:52:1b:af:
16:e1:84:f2:19:20:80:fa:1b:96:71:02:88:2b:8d:16:09:cf:
ef:87:82:f0:f6:f5:4b:96:75:0a:7c:a1:13:83:2b:91:8f:60:
0d:14:00:15:dc:01:56:6f:0e:b7:76:21:40:ad:cb:3a:b3:93:
a5:81:32:27:22:6e:10:59:0f:d0:50:f4:e0:8c:2a:13:95:73:
65:1c:19:1b:d5:13:e8:06:f8:4d:56:a1:7e:c8:26:c8:4f:97:
51:b6:dc:1f:51:69:d2:c2:8f:af:a3:c1:b2:4e:cd:3e:14:3f:
f9:4a:15:32:21:b6:70:01:6d:0f:10:d0:3c:6a:49:dd:73:44:
79:1f:44:eb:99:8e:06:31:5f:74:c4:9a:c5:94:b8:06:ea:f1:
8d:f6:2a:26:66:96:f2:dd:16:53:b7:56:05:c6:03:67:6d:99:
bf:59:c0:af:58:d6:9e:d2:10:e8:15:77:50:18:f7:af:fa:68:
f8:4c:7b:26:a8:f8:77:ef:f2:b0:3d:2f:7a:5e:33:7b:50:09:
e4:b8:1b:27:11:1d:bb:dc:73:53:78:b0:cc:d0:dc:eb:cf:9f:
2f:2a:5b:0b:99:e7:1d:f2:cc:e4:3c:de:3b:8a:79:bf:5c:7e:
ad:de:87:c4
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZl63sWKSWU/2vcZsVpd6H3AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjUwOTI0MDgzNzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzdjYmU5ODg2YjQzNzYzZDQwNjY3MTI2ODA2YzQxMTgzNjBhMGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0TyIvUnjZFa8FERFpWXZufFcu2d
F0KOdtpUl/XjXVCvpNVynlzMm4iNo+t/RRx7ZpRWgMpcC8U58PvYvR1XKE0JqU4m
QsT4Y+/mlrSEMfLfrv+o/2o9LI9Zq9Z/pz34bmDbHp3vSMqhJNpf3Jpte18PO4gG
RVpLvJVLEnRzITJcBiYclVDzFGcxKj4rJfloMGJePjy+foVer/w14AdF/4Wv9h2R
nxMNmh39+EQ5R3QwkKiMK+emgHFVpW5s05KyTDiE+Mly1jllRr03wijI8b2zsC41
dwDpDge9hoJIf5Q+7zvufnGRm3gvyorPkuiDW+oxT3H5YbiA0l7kU6PRRQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFGx8vpiGtDdj1AZnEmgGxBGDYKD+MB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvYkh5LW1JYTBOMlBVQm1jU2FBYkVFWU5nb1A0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQFLiOgAwQD
T254AwQDUF8QAwQBXZjqAwQCXa/0AwQGX56AAwQEl/zAAwQCuRLkAwQCuSikAwQF
1BWAMBQEAgACMA4DBQAqAOIAAwUDKg07QDANBgkqhkiG9w0BAQsFAAOCAQEAUyrt
hYeRxXZSXqWkyNLzUhuvFuGE8hkggPoblnECiCuNFgnP74eC8Pb1S5Z1CnyhE4Mr
kY9gDRQAFdwBVm8Ot3YhQK3LOrOTpYEyJyJuEFkP0FD04IwqE5VzZRwZG9UT6Ab4
TVahfsgmyE+XUbbcH1Fp0sKPr6PBsk7NPhQ/+UoVMiG2cAFtDxDQPGpJ3XNEeR9E
65mOBjFfdMSaxZS4BurxjfYqJmaW8t0WU7dWBcYDZ22Zv1nAr1jWntIQ6BV3UBj3
r/po+Ex7Jqj4d+/ysD0vel4ze1AJ5LgbJxEdu9xzU3iwzNDc68+fLypbC5nnHfLM
5DzeO4p5v1x+rd6HxA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:59 2025 by rpki-client