Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/biONUDB1iLS86N-lmaqB6_yoBtQ.roa
File: biONUDB1iLS86N-lmaqB6_yoBtQ.roa (raw, json)
Hash identifier: 5maaRfHknlsWIxQOJIJbyzAegwgxyX3Q4OIbKY62ook=
Subject key identifier: 6E:23:8D:50:30:75:88:B4:BC:E8:DF:A5:99:AA:81:EB:FC:A8:06:D4
Certificate issuer: /CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Certificate serial: 0198F0CFD10CDF3E3D132887E144AA99D938
Authority key identifier: DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/biONUDB1iLS86N-lmaqB6_yoBtQ.roa
Signing time: Thu 28 Aug 2025 13:13:28 +0000
ROA not before: Thu 28 Aug 2025 13:13:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2876
IP address blocks: 91.195.195.0/24 maxlen: 24
195.245.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f0:cf:d1:0c:df:3e:3d:13:28:87:e1:44:aa:99:d9:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc7821e1bcbf6e074ea4814aaa5c63e3ba813c5f
Validity
Not Before: Aug 28 13:13:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e238d50307588b4bce8dfa599aa81ebfca806d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e4:33:fe:97:68:e9:bc:f1:c1:03:f3:09:2c:
1a:3b:aa:5a:6e:59:ac:a4:ab:ad:92:46:2d:af:57:
ae:f5:55:ca:2b:61:81:f5:14:37:35:72:f0:a5:00:
27:ad:d9:18:8f:4b:40:3a:b9:fa:d1:38:33:8b:63:
51:5e:18:12:14:ae:0b:ec:44:cc:df:e5:71:24:46:
26:a9:2a:2b:b5:6c:95:c5:3c:fa:8a:c6:ce:82:f2:
4a:4b:d9:03:ba:4c:45:f5:5d:81:36:a0:80:bd:7b:
98:88:76:86:be:55:e7:97:f9:0a:85:71:28:fe:40:
8c:34:d3:68:ae:e8:37:ee:6a:92:92:00:64:75:f1:
26:03:ab:4e:5a:ee:0e:06:7f:c7:c9:5f:22:93:a1:
d6:fe:07:3d:ce:2e:20:77:cf:95:aa:34:c2:2d:c5:
07:ae:4d:56:f4:45:fe:fd:da:83:dc:ee:f5:8a:f5:
4e:96:72:ee:bf:a4:3f:5f:81:2a:bf:88:30:20:3b:
bf:87:52:87:da:82:b4:d8:d8:03:fd:40:cc:82:10:
1d:d6:85:c9:6a:6a:12:90:13:62:da:ae:3d:e0:fc:
1d:e6:8e:85:fd:7c:05:e0:0f:4b:3e:26:fe:ed:43:
db:39:b0:e1:0a:e3:9a:0b:2c:e4:96:de:a2:dc:e9:
77:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:23:8D:50:30:75:88:B4:BC:E8:DF:A5:99:AA:81:EB:FC:A8:06:D4
X509v3 Authority Key Identifier:
keyid:DC:78:21:E1:BC:BF:6E:07:4E:A4:81:4A:AA:5C:63:E3:BA:81:3C:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Hgh4by_bgdOpIFKqlxj47qBPF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/biONUDB1iLS86N-lmaqB6_yoBtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/9daff4-f158-480f-b41f-d48b42ef159b/1/3Hgh4by_bgdOpIFKqlxj47qBPF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.195.0/24
195.245.83.0/24
Signature Algorithm: sha256WithRSAEncryption
00:d1:3f:b4:c4:e0:4a:74:f5:82:5d:a7:4f:af:95:1d:4a:14:
f6:bc:82:78:49:81:3a:dd:13:ce:58:a7:39:91:d5:54:3d:dc:
a4:7e:db:a3:7d:8f:c6:3b:a4:7c:91:7d:7d:b3:56:2b:54:54:
9d:5d:b2:4d:d3:b6:45:df:ab:71:10:74:df:a9:7e:ee:53:fb:
cb:43:b7:01:71:8a:8d:3c:1f:54:76:19:64:c8:aa:97:77:29:
91:95:b4:4c:b0:7d:9e:0a:76:1e:3c:a6:78:0d:91:5e:e8:ad:
42:9e:fa:06:d4:45:58:ed:96:a3:50:a1:5d:d7:1d:3f:91:94:
ef:78:20:d5:51:5c:0b:bc:a5:a8:de:d4:8d:2a:df:36:17:45:
bc:08:25:f9:02:cf:cf:5c:ba:ad:c2:00:97:a5:85:3d:6f:bd:
37:64:9a:f7:cf:14:fa:ab:f8:93:2a:4a:20:2c:93:c1:fd:33:
97:43:b2:4e:76:cc:aa:fa:81:f1:f5:b9:f4:2f:8b:83:46:1c:
5c:b5:2e:40:c4:b0:01:0d:97:e6:ac:73:38:16:03:b8:60:3d:
0e:e7:b2:67:35:ed:ca:a6:df:5e:d8:a2:bb:b5:57:ba:cc:65:
cf:b4:71:0d:92:4c:47:62:e7:7f:17:ef:d4:eb:c6:77:6c:58:
88:e7:7a:3c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZjwz9EM3z49EyiH4USqmdk4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNzgyMWUxYmNiZjZlMDc0ZWE0ODE0YWFhNWM2M2UzYmE4
MTNjNWYwHhcNMjUwODI4MTMxMzI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTIzOGQ1MDMwNzU4OGI0YmNlOGRmYTU5OWFhODFlYmZjYTgwNmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtOQz/pdo6bzxwQPzCSwaO6pablms
pKutkkYtr1eu9VXKK2GB9RQ3NXLwpQAnrdkYj0tAOrn60Tgzi2NRXhgSFK4L7ETM
3+VxJEYmqSortWyVxTz6isbOgvJKS9kDukxF9V2BNqCAvXuYiHaGvlXnl/kKhXEo
/kCMNNNorug37mqSkgBkdfEmA6tOWu4OBn/HyV8ik6HW/gc9zi4gd8+VqjTCLcUH
rk1W9EX+/dqD3O71ivVOlnLuv6Q/X4Eqv4gwIDu/h1KH2oK02NgD/UDMghAd1oXJ
amoSkBNi2q494Pwd5o6F/XwF4A9LPib+7UPbObDhCuOaCyzklt6i3Ol38QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG4jjVAwdYi0vOjfpZmqgev8qAbUMB8GA1UdIwQY
MBaAFNx4IeG8v24HTqSBSqpcY+O6gTxfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYt
ZDQ4YjQyZWYxNTliLzEvYmlPTlVEQjFpTFM4Nk4tbG1hcUI2X3lvQnRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC85ZGFmZjQtZjE1OC00ODBmLWI0MWYtZDQ4YjQyZWYxNTli
LzEvM0hnaDRieV9iZ2RPcElGS3FseGo0N3FCUEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8PDAwQA
w/VTMA0GCSqGSIb3DQEBCwUAA4IBAQAA0T+0xOBKdPWCXadPr5UdShT2vIJ4SYE6
3RPOWKc5kdVUPdykftujfY/GO6R8kX19s1YrVFSdXbJN07ZF36txEHTfqX7uU/vL
Q7cBcYqNPB9UdhlkyKqXdymRlbRMsH2eCnYePKZ4DZFe6K1CnvoG1EVY7ZajUKFd
1x0/kZTveCDVUVwLvKWo3tSNKt82F0W8CCX5As/PXLqtwgCXpYU9b703ZJr3zxT6
q/iTKkogLJPB/TOXQ7JOdsyq+oHx9bn0L4uDRhxctS5AxLABDZfmrHM4FgO4YD0O
57JnNe3Kpt9e2KK7tVe6zGXPtHENkkxHYud/F+/U68Z3bFiI53o8
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:45:52 2025 by rpki-client