Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/f21883-177d-4083-bfb7-6b9805286100/1/BLwnlpOPwEzBKmF_4QRTJYpcxNU.roa
File: BLwnlpOPwEzBKmF_4QRTJYpcxNU.roa (raw, json)
Hash identifier: v4Ot4HyO70Y+AHmwBRqB50tH8tjobdfYFYP+6RLw5hM=
Subject key identifier: 04:BC:27:96:93:8F:C0:4C:C1:2A:61:7F:E1:04:53:25:8A:5C:C4:D5
Certificate issuer: /CN=48762663b493f0ea59fafdf847a018bb38a9a186
Certificate serial: 019CF389551F7EA8D0E333AE74F26EE473C2
Authority key identifier: 48:76:26:63:B4:93:F0:EA:59:FA:FD:F8:47:A0:18:BB:38:A9:A1:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SHYmY7ST8OpZ-v34R6AYuzipoYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/f21883-177d-4083-bfb7-6b9805286100/1/BLwnlpOPwEzBKmF_4QRTJYpcxNU.roa
Signing time: Sun 15 Mar 2026 22:06:29 +0000
ROA not before: Sun 15 Mar 2026 22:06:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207624
IP address blocks: 185.65.104.0/24 maxlen: 24
2a12:9a40:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/f21883-177d-4083-bfb7-6b9805286100/1/SHYmY7ST8OpZ-v34R6AYuzipoYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/f21883-177d-4083-bfb7-6b9805286100/1/SHYmY7ST8OpZ-v34R6AYuzipoYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/SHYmY7ST8OpZ-v34R6AYuzipoYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:f3:89:55:1f:7e:a8:d0:e3:33:ae:74:f2:6e:e4:73:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48762663b493f0ea59fafdf847a018bb38a9a186
Validity
Not Before: Mar 15 22:06:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=04bc2796938fc04cc12a617fe10453258a5cc4d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:33:86:ea:bc:4c:60:3f:d7:f9:54:da:d6:d0:
43:19:ea:59:da:a7:41:91:2a:b1:ed:eb:01:19:90:
77:93:3d:d6:97:93:fd:af:94:cb:e2:81:76:d8:22:
3c:ee:ec:c6:c8:4d:60:c0:9b:53:7f:e9:e3:b0:a5:
00:ce:7a:41:12:d7:e6:0f:fd:d4:43:09:db:78:31:
ba:09:d1:b1:a4:c1:94:5f:02:3f:de:75:a2:79:d3:
09:f2:c2:fa:75:0b:c5:89:2a:04:73:ba:99:25:10:
d4:34:4c:20:47:6b:9f:78:55:a9:a1:98:a7:57:51:
c0:5f:0b:11:ea:e0:9b:f1:24:b2:5f:43:59:53:86:
e0:12:65:2b:65:0c:07:36:88:04:74:0e:33:9c:8b:
cc:af:24:e8:30:cf:c4:42:16:ed:35:99:86:0b:08:
a6:14:31:fb:17:2a:44:72:ba:88:c8:3b:6b:56:d3:
68:b4:15:6d:40:72:f3:35:4e:f5:f0:4f:5f:b9:aa:
9c:b9:3a:81:a0:69:1d:98:9d:f7:18:7c:c0:7d:d3:
d1:96:52:a3:3d:36:d1:a2:a0:96:04:ba:a6:97:50:
3e:91:cf:26:a6:15:00:bc:b6:51:dd:3f:d2:e1:bf:
e1:48:c9:9a:22:0f:7a:95:05:bd:12:81:62:63:7b:
f7:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:BC:27:96:93:8F:C0:4C:C1:2A:61:7F:E1:04:53:25:8A:5C:C4:D5
X509v3 Authority Key Identifier:
keyid:48:76:26:63:B4:93:F0:EA:59:FA:FD:F8:47:A0:18:BB:38:A9:A1:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SHYmY7ST8OpZ-v34R6AYuzipoYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/f21883-177d-4083-bfb7-6b9805286100/1/BLwnlpOPwEzBKmF_4QRTJYpcxNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/f21883-177d-4083-bfb7-6b9805286100/1/SHYmY7ST8OpZ-v34R6AYuzipoYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.104.0/24
IPv6:
2a12:9a40:1000::/48
Signature Algorithm: sha256WithRSAEncryption
44:0b:40:9b:a3:61:bb:a7:3a:45:dc:cc:ea:50:fd:b8:ec:ab:
69:a0:c2:41:fa:94:0b:e9:e9:f5:cc:55:d5:bd:8b:26:a3:27:
cb:f5:0f:38:5e:a0:6c:62:ef:6c:87:c8:45:82:59:2b:f7:27:
de:fb:1f:ca:c5:2f:b2:fa:49:e2:b4:ee:5e:67:13:1c:10:eb:
c2:fc:f3:36:f9:7d:c2:d8:79:ec:37:01:2b:3e:23:11:70:37:
f8:01:2f:27:b8:36:2a:55:57:8b:3c:a4:c3:d4:3c:ef:ef:b3:
bd:09:61:16:55:c4:b8:7f:c0:c2:21:6d:7b:f9:b4:57:ef:11:
7c:9d:2e:1b:84:61:66:a1:66:7e:d9:e0:4b:40:1e:7e:b5:17:
61:d9:71:61:7b:c1:22:0f:ef:34:39:e5:a1:41:7a:9e:0b:e8:
d6:0e:e0:44:2d:15:0c:14:7a:8e:ea:67:26:3f:5e:ac:10:e2:
24:ef:a2:37:ba:d6:07:31:87:cc:2f:f8:5f:04:dc:0e:bc:4d:
64:09:c8:f6:92:01:fa:20:69:52:13:a7:93:7e:bb:0a:7d:43:
c3:db:a8:e9:ae:2a:48:f7:16:23:a1:d3:7c:a6:59:6e:a1:29:
bf:77:a2:1c:64:1c:a7:ee:51:80:46:37:a3:76:b5:2c:c4:fa:
b8:7c:ae:29
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZzziVUffqjQ4zOudPJu5HPCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NzYyNjYzYjQ5M2YwZWE1OWZhZmRmODQ3YTAxOGJiMzhh
OWExODYwHhcNMjYwMzE1MjIwNjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGJjMjc5NjkzOGZjMDRjYzEyYTYxN2ZlMTA0NTMyNThhNWNjNGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDOG6rxMYD/X+VTa1tBDGepZ2qdB
kSqx7esBGZB3kz3Wl5P9r5TL4oF22CI87uzGyE1gwJtTf+njsKUAznpBEtfmD/3U
QwnbeDG6CdGxpMGUXwI/3nWiedMJ8sL6dQvFiSoEc7qZJRDUNEwgR2ufeFWpoZin
V1HAXwsR6uCb8SSyX0NZU4bgEmUrZQwHNogEdA4znIvMryToMM/EQhbtNZmGCwim
FDH7FypEcrqIyDtrVtNotBVtQHLzNU718E9fuaqcuTqBoGkdmJ33GHzAfdPRllKj
PTbRoqCWBLqml1A+kc8mphUAvLZR3T/S4b/hSMmaIg96lQW9EoFiY3v35wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAS8J5aTj8BMwSphf+EEUyWKXMTVMB8GA1UdIwQY
MBaAFEh2JmO0k/DqWfr9+EegGLs4qaGGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0hZbVk3U1Q4T3BaLXYzNFI2QVl1emlwb1lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9mMjE4ODMtMTc3ZC00MDgzLWJmYjct
NmI5ODA1Mjg2MTAwLzEvQkx3bmxwT1B3RXpCS21GXzRRUlRKWXBjeE5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9mMjE4ODMtMTc3ZC00MDgzLWJmYjctNmI5ODA1Mjg2MTAw
LzEvU0hZbVk3U1Q4T3BaLXYzNFI2QVl1emlwb1lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuUFoMA8E
AgACMAkDBwAqEppAEAAwDQYJKoZIhvcNAQELBQADggEBAEQLQJujYbunOkXczOpQ
/bjsq2mgwkH6lAvp6fXMVdW9iyajJ8v1DzheoGxi72yHyEWCWSv3J977H8rFL7L6
SeK07l5nExwQ68L88zb5fcLYeew3ASs+IxFwN/gBLye4NipVV4s8pMPUPO/vs70J
YRZVxLh/wMIhbXv5tFfvEXydLhuEYWahZn7Z4EtAHn61F2HZcWF7wSIP7zQ55aFB
ep4L6NYO4EQtFQwUeo7qZyY/XqwQ4iTvoje61gcxh8wv+F8E3A68TWQJyPaSAfog
aVITp5N+uwp9Q8PbqOmuKkj3FiOh03ymWW6hKb93ohxkHKfuUYBGN6N2tSzE+rh8
rik=
-----END CERTIFICATE-----
Generated at Thu Mar 26 15:26:02 2026 by rpki-client