Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/BuG2OAiPDQnyx6d-WMA8tpFdnHw.roa
File: BuG2OAiPDQnyx6d-WMA8tpFdnHw.roa (raw, json)
Hash identifier: uZBmZl0o3YtVzo0taGTcZqTYaNccqkyd0kSYhjubo7I=
Subject key identifier: 06:E1:B6:38:08:8F:0D:09:F2:C7:A7:7E:58:C0:3C:B6:91:5D:9C:7C
Certificate issuer: /CN=a6ed442b91d4e83a6de39fb67971a1e79c6b1ed5
Certificate serial: 019975F5BFB91EDE550F819B7E8CBAF94633
Authority key identifier: A6:ED:44:2B:91:D4:E8:3A:6D:E3:9F:B6:79:71:A1:E7:9C:6B:1E:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pu1EK5HU6Dpt45-2eXGh55xrHtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/BuG2OAiPDQnyx6d-WMA8tpFdnHw.roa
Signing time: Tue 23 Sep 2025 09:44:23 +0000
ROA not before: Tue 23 Sep 2025 09:44:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200019
IP address blocks: 91.208.162.0/24 maxlen: 24
91.208.184.0/24 maxlen: 24
91.208.197.0/24 maxlen: 24
91.208.206.0/24 maxlen: 24
2a0f:5f40::/29 maxlen: 48
2a0f:5f40::/48 maxlen: 48
2a0f:5f40:1::/48 maxlen: 48
2a0f:5f40:1000::/48 maxlen: 48
2a0f:5f45::/32 maxlen: 32
2a0f:5f46::/32 maxlen: 32
2a0f:5f46:700::/40 maxlen: 40
2a0f:5f46:800::/40 maxlen: 40
2a0f:5f47::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/pu1EK5HU6Dpt45-2eXGh55xrHtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/pu1EK5HU6Dpt45-2eXGh55xrHtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/pu1EK5HU6Dpt45-2eXGh55xrHtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:75:f5:bf:b9:1e:de:55:0f:81:9b:7e:8c:ba:f9:46:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6ed442b91d4e83a6de39fb67971a1e79c6b1ed5
Validity
Not Before: Sep 23 09:44:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06e1b638088f0d09f2c7a77e58c03cb6915d9c7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:32:1f:0b:a7:51:4a:d3:19:9c:a1:86:6e:05:
a0:56:33:eb:fd:57:c0:3d:e5:81:3e:0c:2a:22:27:
8c:5a:d2:1d:01:c4:10:28:20:17:ed:dc:e7:61:0c:
44:0a:bb:1d:38:57:02:2c:5e:b3:7d:b3:83:5f:2a:
d7:25:39:52:1a:a0:68:7d:06:6c:a6:86:5a:99:18:
39:20:59:21:a1:e5:fe:ff:08:fc:9e:9e:05:73:a6:
b4:80:3d:79:6e:ba:42:ee:43:2e:59:e8:05:c7:50:
66:1c:f3:a5:c9:66:9a:36:b6:28:72:d1:5f:ab:a6:
ed:19:00:a8:1a:e3:3b:84:c1:ab:b1:79:83:88:7b:
b3:55:f4:a1:ce:e2:67:50:71:c3:8f:c9:21:05:8e:
3b:ae:63:64:72:68:0d:d3:3b:00:80:d2:0e:16:82:
7e:1f:8b:f2:c2:35:18:72:4c:67:b4:b5:94:ae:94:
c5:7e:b3:ed:7f:35:16:57:6e:ff:2a:cb:3b:69:8b:
f8:b5:14:66:3f:01:bc:64:cd:0e:63:c8:1d:f1:32:
e7:c5:23:84:db:96:64:f9:e8:7b:47:8c:d4:4b:05:
f6:ff:72:54:ae:3f:68:04:c6:37:87:98:ed:ff:b2:
db:07:93:86:f7:04:22:5a:6a:f6:c0:37:1d:08:95:
a2:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:E1:B6:38:08:8F:0D:09:F2:C7:A7:7E:58:C0:3C:B6:91:5D:9C:7C
X509v3 Authority Key Identifier:
keyid:A6:ED:44:2B:91:D4:E8:3A:6D:E3:9F:B6:79:71:A1:E7:9C:6B:1E:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pu1EK5HU6Dpt45-2eXGh55xrHtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/BuG2OAiPDQnyx6d-WMA8tpFdnHw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/553dc6-12d0-4d4a-a294-97c5d59b0bbf/1/pu1EK5HU6Dpt45-2eXGh55xrHtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.162.0/24
91.208.184.0/24
91.208.197.0/24
91.208.206.0/24
IPv6:
2a0f:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
57:67:28:b4:20:34:2c:32:34:de:9a:93:1c:7c:d4:5d:42:c0:
77:55:f5:3f:13:9c:b0:b5:74:38:11:f7:7f:53:c7:74:91:c5:
22:2b:67:f3:e2:b7:4b:c7:0a:0d:50:05:d8:20:98:48:66:03:
f1:54:a0:90:4f:0e:60:dd:1d:6e:cb:7b:6e:a6:a8:67:73:5a:
c7:35:45:5c:8f:4e:eb:73:67:83:39:94:7c:3e:51:a5:31:3c:
f1:99:2c:79:a0:c4:90:1c:ef:84:8d:90:ec:0b:45:23:ad:73:
c8:6d:e7:aa:24:a9:5a:ef:dc:3d:6c:13:b2:4d:15:06:0d:a8:
05:91:6c:92:fa:ac:12:3b:8c:ef:a8:71:0b:f9:01:e3:49:65:
f3:57:55:bd:11:07:e6:30:89:fb:29:98:82:08:16:42:99:f9:
97:f6:0e:2c:38:03:43:70:4f:d9:8c:cc:d3:7f:b3:85:d7:21:
de:98:f4:5e:f3:bc:c3:f0:36:f7:b7:8c:d6:0d:e8:f1:74:7e:
17:a0:2f:cc:67:86:e3:7f:27:b8:ae:59:45:fb:bb:82:3e:7a:
e0:06:c0:dc:a6:5a:dc:f0:b7:c0:22:ab:bb:33:f2:47:65:17:
3c:24:9d:84:61:b1:e8:79:f6:8e:7b:1a:62:57:52:12:a5:0a:
d7:14:59:70
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZl19b+5Ht5VD4Gbfoy6+UYzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2ZWQ0NDJiOTFkNGU4M2E2ZGUzOWZiNjc5NzFhMWU3OWM2
YjFlZDUwHhcNMjUwOTIzMDk0NDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmUxYjYzODA4OGYwZDA5ZjJjN2E3N2U1OGMwM2NiNjkxNWQ5YzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzIfC6dRStMZnKGGbgWgVjPr/VfA
PeWBPgwqIieMWtIdAcQQKCAX7dznYQxECrsdOFcCLF6zfbODXyrXJTlSGqBofQZs
poZamRg5IFkhoeX+/wj8np4Fc6a0gD15brpC7kMuWegFx1BmHPOlyWaaNrYoctFf
q6btGQCoGuM7hMGrsXmDiHuzVfShzuJnUHHDj8khBY47rmNkcmgN0zsAgNIOFoJ+
H4vywjUYckxntLWUrpTFfrPtfzUWV27/Kss7aYv4tRRmPwG8ZM0OY8gd8TLnxSOE
25Zk+eh7R4zUSwX2/3JUrj9oBMY3h5jt/7LbB5OG9wQiWmr2wDcdCJWi5wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAbhtjgIjw0J8senfljAPLaRXZx8MB8GA1UdIwQY
MBaAFKbtRCuR1Og6beOftnlxoeecax7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHUxRUs1SFU2RHB0NDUtMmVYR2g1NXhySHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS81NTNkYzYtMTJkMC00ZDRhLWEyOTQt
OTdjNWQ1OWIwYmJmLzEvQnVHMk9BaVBEUW55eDZkLVdNQTh0cEZkbkh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS81NTNkYzYtMTJkMC00ZDRhLWEyOTQtOTdjNWQ1OWIwYmJm
LzEvcHUxRUs1SFU2RHB0NDUtMmVYR2g1NXhySHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9CiAwQA
W9C4AwQAW9DFAwQAW9DOMA0EAgACMAcDBQMqD19AMA0GCSqGSIb3DQEBCwUAA4IB
AQBXZyi0IDQsMjTempMcfNRdQsB3VfU/E5ywtXQ4Efd/U8d0kcUiK2fz4rdLxwoN
UAXYIJhIZgPxVKCQTw5g3R1uy3tupqhnc1rHNUVcj07rc2eDOZR8PlGlMTzxmSx5
oMSQHO+EjZDsC0UjrXPIbeeqJKla79w9bBOyTRUGDagFkWyS+qwSO4zvqHEL+QHj
SWXzV1W9EQfmMIn7KZiCCBZCmfmX9g4sOANDcE/ZjMzTf7OF1yHemPRe87zD8Db3
t4zWDejxdH4XoC/MZ4bjfye4rllF+7uCPnrgBsDcplrc8LfAIqu7M/JHZRc8JJ2E
YbHoefaOexpiV1ISpQrXFFlw
-----END CERTIFICATE-----
Generated at Mon Oct 20 11:33:41 2025 by rpki-client