Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/bmuzzUnbORmwd_j7kSRhtBb10hs.roa
File: bmuzzUnbORmwd_j7kSRhtBb10hs.roa (raw, json)
Hash identifier: mCP+DgqAw7AAil7cmuJ6C/0pzIvUNHQHJ0eukQiyBr4=
Subject key identifier: 6E:6B:B3:CD:49:DB:39:19:B0:77:F8:FB:91:24:61:B4:16:F5:D2:1B
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 0197AC18E8C6F561A7246D9A2F70B62A8E92
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/bmuzzUnbORmwd_j7kSRhtBb10hs.roa
Signing time: Thu 26 Jun 2025 11:56:42 +0000
ROA not before: Thu 26 Jun 2025 11:56:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216157
IP address blocks: 2a0d:8b40::/29 maxlen: 29
2a11:26c0::/29 maxlen: 29
2a11:2b40::/29 maxlen: 29
2a11:3580::/29 maxlen: 29
2a11:4080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 07:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ac:18:e8:c6:f5:61:a7:24:6d:9a:2f:70:b6:2a:8e:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jun 26 11:56:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e6bb3cd49db3919b077f8fb912461b416f5d21b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:8c:a8:2d:ec:fd:9a:cd:ff:75:14:b1:23:43:
a4:0e:1e:ac:6b:a4:fa:d0:a4:73:05:8d:07:3c:b6:
79:e5:27:f3:8c:10:a4:4a:72:7a:d3:89:1d:98:26:
4b:36:62:73:17:73:60:8e:99:8d:7b:42:7d:5e:f5:
67:87:59:b9:66:3b:c5:3f:0a:0a:5c:2f:77:95:28:
80:59:85:98:74:99:bb:21:88:c1:2e:32:c2:7c:3c:
c6:03:f0:c9:fc:f2:58:96:d7:22:42:29:0e:84:60:
3a:fe:ed:eb:7b:09:31:4d:bc:ea:fd:7f:13:47:06:
81:25:14:aa:5f:5c:f1:c8:a2:26:77:4a:d2:6c:71:
46:20:b3:d2:a0:42:0a:ec:3c:3d:43:38:c2:44:d6:
1f:aa:31:61:11:06:db:9c:87:f1:8c:19:71:9b:59:
6a:55:4b:37:e2:16:7e:da:a2:74:b6:2d:6d:29:6b:
2c:22:8b:d7:ba:1b:19:12:84:00:78:b0:d8:d1:91:
19:fa:52:7a:95:96:17:b0:34:3b:93:8d:47:91:05:
dd:5d:f3:a5:a2:bf:89:4c:18:ad:dd:ea:25:01:20:
ca:3a:98:68:94:95:44:45:a6:d4:cd:2b:f0:24:47:
71:17:e7:8d:ac:5a:d8:07:8f:93:4a:60:4d:19:ed:
55:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:6B:B3:CD:49:DB:39:19:B0:77:F8:FB:91:24:61:B4:16:F5:D2:1B
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/bmuzzUnbORmwd_j7kSRhtBb10hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:8b40::/29
2a11:26c0::/29
2a11:2b40::/29
2a11:3580::/29
2a11:4080::/29
Signature Algorithm: sha256WithRSAEncryption
67:76:c9:a9:66:31:47:4e:78:d3:69:00:c2:14:63:9b:8c:44:
29:c3:1b:7e:69:a4:3d:80:de:59:b0:68:ed:fe:c4:df:a6:93:
f3:20:ea:10:68:07:ff:e5:f6:79:65:0c:78:91:79:60:be:a3:
37:29:86:c3:40:5b:bd:b1:ca:53:b7:9e:6f:a6:71:4a:1c:d3:
40:b6:58:94:05:5c:82:8a:74:69:1a:ef:76:90:2f:a4:d2:a8:
a9:b7:18:33:77:03:8e:e4:3a:5b:3b:0b:31:1e:97:e2:11:17:
27:2b:d0:10:48:27:b5:04:63:fa:db:a6:09:20:6c:07:ee:d6:
f9:c5:7b:9c:fb:e0:cd:58:57:b8:d3:51:93:bd:94:9d:e4:ab:
3f:bb:58:d3:05:75:01:2a:82:72:56:2c:e2:33:f9:7e:17:a2:
d1:50:cb:db:ec:48:73:7c:9c:85:36:f8:59:01:4d:a9:08:7f:
1c:28:df:3a:aa:d5:2f:88:76:18:71:16:5d:bc:d6:ee:46:cf:
8d:e6:02:08:e1:87:d4:eb:8a:48:98:cb:22:aa:95:e2:90:d7:
2b:12:22:6d:09:68:75:12:98:8a:b3:85:42:d1:fa:d9:14:f5:
2c:d2:46:20:b1:15:54:73:7a:d3:f2:20:0a:9b:f4:3e:83:4e:
52:5b:cc:40
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZesGOjG9WGnJG2aL3C2Ko6SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwNjI2MTE1NjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTZiYjNjZDQ5ZGIzOTE5YjA3N2Y4ZmI5MTI0NjFiNDE2ZjVkMjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4IyoLez9ms3/dRSxI0OkDh6sa6T6
0KRzBY0HPLZ55SfzjBCkSnJ604kdmCZLNmJzF3NgjpmNe0J9XvVnh1m5ZjvFPwoK
XC93lSiAWYWYdJm7IYjBLjLCfDzGA/DJ/PJYltciQikOhGA6/u3rewkxTbzq/X8T
RwaBJRSqX1zxyKImd0rSbHFGILPSoEIK7Dw9QzjCRNYfqjFhEQbbnIfxjBlxm1lq
VUs34hZ+2qJ0ti1tKWssIovXuhsZEoQAeLDY0ZEZ+lJ6lZYXsDQ7k41HkQXdXfOl
or+JTBit3eolASDKOpholJVERabUzSvwJEdxF+eNrFrYB4+TSmBNGe1VVQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFG5rs81J2zkZsHf4+5EkYbQW9dIbMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvYm11enpVbmJPUm13ZF9qN2tTUmh0QmIxMGhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAAjAjAwUDKg2LQAMF
AyoRJsADBQMqEStAAwUDKhE1gAMFAyoRQIAwDQYJKoZIhvcNAQELBQADggEBAGd2
yalmMUdOeNNpAMIUY5uMRCnDG35ppD2A3lmwaO3+xN+mk/Mg6hBoB//l9nllDHiR
eWC+ozcphsNAW72xylO3nm+mcUoc00C2WJQFXIKKdGka73aQL6TSqKm3GDN3A47k
Ols7CzEel+IRFycr0BBIJ7UEY/rbpgkgbAfu1vnFe5z74M1YV7jTUZO9lJ3kqz+7
WNMFdQEqgnJWLOIz+X4XotFQy9vsSHN8nIU2+FkBTakIfxwo3zqq1S+IdhhxFl28
1u5Gz43mAgjhh9TrikiYyyKqleKQ1ysSIm0JaHUSmIqzhULR+tkU9SzSRiCxFVRz
etPyIAqb9D6DTlJbzEA=
-----END CERTIFICATE-----
Generated at Tue Jul 1 10:32:07 2025 by rpki-client