Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/bGFZk-kHQ9m1m7XUouhh9J74uEs.roa
File: bGFZk-kHQ9m1m7XUouhh9J74uEs.roa (raw, json)
Hash identifier: is26oNy+nmh6Dh7mIlXRVoZc9ITrh5vIy1Zb2WLtALg=
Subject key identifier: 6C:61:59:93:E9:07:43:D9:B5:9B:B5:D4:A2:E8:61:F4:9E:F8:B8:4B
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0199E1C48AEC4CD961FD0C1408698CB87988
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/bGFZk-kHQ9m1m7XUouhh9J74uEs.roa
Signing time: Tue 14 Oct 2025 08:09:38 +0000
ROA not before: Tue 14 Oct 2025 08:09:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 185.206.248.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.36.0/23 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.153.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.155.0/24 maxlen: 24
185.218.102.0/24 maxlen: 24
185.223.76.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.227.145.0/24 maxlen: 24
185.234.20.0/22 maxlen: 24
185.234.23.0/24 maxlen: 24
185.238.228.0/22 maxlen: 24
185.240.120.0/23 maxlen: 24
185.251.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:08:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e1:c4:8a:ec:4c:d9:61:fd:0c:14:08:69:8c:b8:79:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Oct 14 08:09:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c615993e90743d9b59bb5d4a2e861f49ef8b84b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:87:58:18:82:8a:6b:ec:91:1d:b6:b5:8c:3b:
22:54:c2:fa:31:5b:14:56:8c:2f:4d:14:e4:28:d9:
74:d7:e8:2b:cd:98:97:f4:30:dc:31:d4:87:11:f1:
f2:86:85:e5:01:14:99:5a:7d:5b:7a:6c:31:66:3b:
f5:59:f3:eb:b7:ed:47:1b:c4:67:17:66:ff:20:27:
81:06:b7:1c:1b:5e:38:f7:77:09:a7:7b:88:9a:fe:
9f:c6:91:ee:44:80:76:b9:3f:d5:c1:5e:79:95:ff:
9d:0e:67:c1:06:94:03:29:10:3e:54:62:55:45:05:
a2:15:53:1f:53:32:e5:0b:0f:b4:1c:13:17:ae:ca:
c8:25:df:55:18:c3:7c:03:76:31:12:47:16:e0:2c:
19:fa:b9:85:d6:4b:2b:e5:5f:59:40:d9:8d:a4:56:
09:2f:c0:1f:9d:8c:6f:ea:96:26:a1:09:bb:87:2c:
51:97:94:96:d4:82:13:c6:75:7f:56:55:63:fd:d2:
69:56:72:5c:36:ff:0f:72:36:5d:f7:5b:91:66:f3:
b0:37:95:7a:78:3d:0b:46:a0:63:fc:be:36:41:1f:
64:1c:e9:84:a2:b2:a8:ee:a9:5e:f0:55:03:37:87:
bd:da:c0:91:dc:39:b7:31:ca:33:77:1a:62:b8:2b:
89:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:61:59:93:E9:07:43:D9:B5:9B:B5:D4:A2:E8:61:F4:9E:F8:B8:4B
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/bGFZk-kHQ9m1m7XUouhh9J74uEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.248.0/24
185.206.251.0/24
185.209.36.0/23
185.210.152.0/22
185.218.102.0/24
185.223.76.0/24
185.225.2.0/24
185.227.145.0/24
185.234.20.0/22
185.238.228.0/22
185.240.120.0/23
185.251.231.0/24
Signature Algorithm: sha256WithRSAEncryption
72:80:71:31:6f:75:b3:bf:fc:61:b5:65:96:72:eb:c6:3f:00:
a3:a5:13:2f:7b:97:3e:87:11:0e:28:3e:de:48:82:63:db:38:
e6:14:e6:78:35:78:53:2d:ef:b1:b6:b7:1e:36:f8:fc:8e:d9:
f0:bc:e6:da:3c:f4:09:cc:f4:4f:e2:d4:cc:e5:aa:6e:77:0b:
36:4d:b3:84:fd:d2:4d:5c:0d:ea:62:dc:6c:e5:99:be:23:31:
7d:a1:a7:11:34:14:5a:00:a7:ba:4e:a2:87:75:59:df:f9:db:
df:d5:bd:0f:72:99:d8:4d:90:0d:b3:fa:b3:e3:0d:c8:3f:59:
da:7b:7e:66:b2:71:ef:8a:5a:fb:51:37:d3:13:7e:d7:cd:36:
df:58:92:91:3a:0f:50:7d:1e:4a:c9:a9:a7:1d:61:4b:ae:42:
36:f2:56:2e:ab:7d:81:b6:07:33:bd:69:e9:d5:b3:c2:a5:41:
6e:98:d9:de:ee:5c:90:b6:62:0f:dc:be:84:52:39:96:d7:51:
a8:54:8a:1d:45:8e:b7:50:2c:ca:10:6d:f7:02:a2:35:53:ec:
da:f7:7d:ab:0e:a6:51:03:be:f3:4f:bc:4b:e9:7c:79:d7:94:
34:0d:0b:96:fb:6b:be:de:c3:b8:c1:5e:3c:e7:e6:86:ac:c8:
81:e0:a1:56
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZnhxIrsTNlh/QwUCGmMuHmIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUxMDE0MDgwOTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzYxNTk5M2U5MDc0M2Q5YjU5YmI1ZDRhMmU4NjFmNDllZjhiODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwodYGIKKa+yRHba1jDsiVML6MVsU
VowvTRTkKNl01+grzZiX9DDcMdSHEfHyhoXlARSZWn1bemwxZjv1WfPrt+1HG8Rn
F2b/ICeBBrccG14493cJp3uImv6fxpHuRIB2uT/VwV55lf+dDmfBBpQDKRA+VGJV
RQWiFVMfUzLlCw+0HBMXrsrIJd9VGMN8A3YxEkcW4CwZ+rmF1ksr5V9ZQNmNpFYJ
L8AfnYxv6pYmoQm7hyxRl5SW1IITxnV/VlVj/dJpVnJcNv8PcjZd91uRZvOwN5V6
eD0LRqBj/L42QR9kHOmEorKo7qle8FUDN4e92sCR3Dm3McozdxpiuCuJWwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGxhWZPpB0PZtZu11KLoYfSe+LhLMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvYkdGWmsta0hROW0xbTdYVW91aGg5Sjc0dUVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAuc74AwQA
uc77AwQBudEkAwQCudKYAwQAudpmAwQAud9MAwQAueECAwQAueORAwQCueoUAwQC
ue7kAwQBufB4AwQAufvnMA0GCSqGSIb3DQEBCwUAA4IBAQBygHExb3Wzv/xhtWWW
cuvGPwCjpRMve5c+hxEOKD7eSIJj2zjmFOZ4NXhTLe+xtrceNvj8jtnwvObaPPQJ
zPRP4tTM5apudws2TbOE/dJNXA3qYtxs5Zm+IzF9oacRNBRaAKe6TqKHdVnf+dvf
1b0PcpnYTZANs/qz4w3IP1nae35msnHvilr7UTfTE37XzTbfWJKROg9QfR5Kyamn
HWFLrkI28lYuq32BtgczvWnp1bPCpUFumNne7lyQtmIP3L6EUjmW11GoVIodRY63
UCzKEG33AqI1U+za932rDqZRA77zT7xL6Xx515Q0DQuW+2u+3sO4wV485+aGrMiB
4KFW
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:55:03 2025 by rpki-client