
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/BqfUS67NwEGbDUdjYax38K2Njlg.roa
File: BqfUS67NwEGbDUdjYax38K2Njlg.roa (raw, json)
Hash identifier: FXBdDnrJbkKIYFCTwLmrjslC3wsmF26/kRrmIGLYDVE=
Subject key identifier: 06:A7:D4:4B:AE:CD:C0:41:9B:0D:47:63:61:AC:77:F0:AD:8D:8E:58
Certificate issuer: /CN=f030658f16d2d88d34164592fcd4de13131f1695
Certificate serial: 0199C7F7035C56E737A6C23ABDC1C30C0496
Authority key identifier: F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/BqfUS67NwEGbDUdjYax38K2Njlg.roa
Signing time: Thu 09 Oct 2025 07:54:38 +0000
ROA not before: Thu 09 Oct 2025 07:54:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216024
IP address blocks: 45.15.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.mft
rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c7:f7:03:5c:56:e7:37:a6:c2:3a:bd:c1:c3:0c:04:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f030658f16d2d88d34164592fcd4de13131f1695
Validity
Not Before: Oct 9 07:54:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06a7d44baecdc0419b0d476361ac77f0ad8d8e58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:b1:ed:86:90:8c:4a:d9:fd:10:47:32:0a:1a:
ac:db:a1:21:13:62:c1:5d:fa:e8:cd:6a:04:1c:3d:
7e:a4:ed:7f:57:2d:1b:59:e2:b9:ae:c2:73:f0:5e:
9d:44:c0:12:15:d9:e3:a8:8c:37:43:6a:aa:d6:04:
15:fc:c0:68:48:cd:2a:fd:96:bd:18:53:b1:71:ec:
50:74:37:5d:0f:58:12:fd:20:4e:6c:42:a2:6e:f6:
88:7d:e5:96:1e:49:d6:b0:ac:59:0b:86:56:66:2e:
9b:bf:17:18:49:bd:2f:08:e5:c3:0f:eb:f0:ad:b8:
d2:a7:39:48:50:89:3d:6a:d9:29:2e:7f:b5:94:88:
44:83:28:82:ee:a3:97:ab:7e:bc:0d:a6:3f:e2:83:
34:77:70:66:50:66:87:86:b5:91:81:9b:3e:4d:12:
a2:18:6d:cb:ed:91:66:e2:6d:9b:24:6a:b1:83:57:
64:0c:ea:28:c4:96:fc:b1:d4:52:8a:d0:f1:47:d8:
28:c2:28:0f:b3:af:d5:8b:13:b6:15:31:28:f7:0a:
b3:40:e6:2c:41:d4:19:80:ed:4e:aa:c9:b3:82:40:
18:51:13:e5:56:ad:1a:be:2c:4c:55:af:6e:6d:e5:
6a:ef:88:05:a6:bb:a3:ab:a7:81:fd:c5:94:b9:b0:
36:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A7:D4:4B:AE:CD:C0:41:9B:0D:47:63:61:AC:77:F0:AD:8D:8E:58
X509v3 Authority Key Identifier:
keyid:F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/BqfUS67NwEGbDUdjYax38K2Njlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.156.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:68:ec:ad:26:d4:9c:cd:8a:88:5e:01:bf:e9:64:1c:23:1a:
92:76:c2:c5:b3:9b:4e:61:48:48:d1:ab:cd:e6:57:d0:77:c8:
20:ee:d8:c7:f1:9b:20:33:5d:58:8d:d8:b9:52:4d:37:e5:51:
41:2d:76:b6:e3:cb:9b:de:df:d5:7f:a3:cc:da:b6:47:41:9f:
9b:8d:ad:b4:42:6b:be:2b:5e:ee:4c:89:3f:65:8f:7a:df:50:
99:99:f6:44:bb:b3:1d:8a:11:87:c3:a1:c5:26:96:6c:4d:04:
1d:d4:da:db:e3:2b:5d:2d:86:75:ad:5d:66:9c:5c:a3:b1:a3:
d0:3f:00:18:b4:8c:2e:d1:14:77:b9:27:1f:06:df:5d:30:20:
78:c2:dc:ab:7f:c2:bd:30:9b:cf:eb:68:c4:81:34:ef:7a:32:
bd:e2:78:93:25:e4:1f:61:95:97:d6:ba:10:15:27:c2:8c:2e:
21:d5:89:1f:29:e3:90:28:dd:21:8f:97:ac:1f:87:fc:41:c1:
4d:e7:07:e9:d7:27:2a:45:21:cf:94:44:2b:92:5f:27:94:db:
ab:12:40:50:10:70:64:27:c5:23:08:51:77:56:cc:f2:98:3b:
2e:20:51:41:96:c5:1a:47:ec:33:a4:73:0d:73:6a:bd:a1:73:
da:c8:0c:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZnH9wNcVuc3psI6vcHDDASWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzA2NThmMTZkMmQ4OGQzNDE2NDU5MmZjZDRkZTEzMTMx
ZjE2OTUwHhcNMjUxMDA5MDc1NDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmE3ZDQ0YmFlY2RjMDQxOWIwZDQ3NjM2MWFjNzdmMGFkOGQ4ZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrHthpCMStn9EEcyChqs26EhE2LB
XfrozWoEHD1+pO1/Vy0bWeK5rsJz8F6dRMASFdnjqIw3Q2qq1gQV/MBoSM0q/Za9
GFOxcexQdDddD1gS/SBObEKibvaIfeWWHknWsKxZC4ZWZi6bvxcYSb0vCOXDD+vw
rbjSpzlIUIk9atkpLn+1lIhEgyiC7qOXq368DaY/4oM0d3BmUGaHhrWRgZs+TRKi
GG3L7ZFm4m2bJGqxg1dkDOooxJb8sdRSitDxR9gowigPs6/VixO2FTEo9wqzQOYs
QdQZgO1OqsmzgkAYURPlVq0avixMVa9ubeVq74gFprujq6eB/cWUubA2WQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAan1EuuzcBBmw1HY2Gsd/CtjY5YMB8GA1UdIwQY
MBaAFPAwZY8W0tiNNBZFkvzU3hMTHxaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYt
ODk0ODA1Mjg5Y2MwLzEvQnFmVVM2N053RUdiRFVkallheDM4SzJOamxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYtODk0ODA1Mjg5Y2Mw
LzEvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALQ+cMA0G
CSqGSIb3DQEBCwUAA4IBAQAPaOytJtSczYqIXgG/6WQcIxqSdsLFs5tOYUhI0avN
5lfQd8gg7tjH8ZsgM11Yjdi5Uk035VFBLXa248ub3t/Vf6PM2rZHQZ+bja20Qmu+
K17uTIk/ZY9631CZmfZEu7MdihGHw6HFJpZsTQQd1Nrb4ytdLYZ1rV1mnFyjsaPQ
PwAYtIwu0RR3uScfBt9dMCB4wtyrf8K9MJvP62jEgTTvejK94niTJeQfYZWX1roQ
FSfCjC4h1YkfKeOQKN0hj5esH4f8QcFN5wfp1ycqRSHPlEQrkl8nlNurEkBQEHBk
J8UjCFF3VszymDsuIFFBlsUaR+wzpHMNc2q9oXPayAwp
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:52 2025 by rpki-client