Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/BDYQwgLBbnXzyxnCPY_pCM4L2nc.roa
File: BDYQwgLBbnXzyxnCPY_pCM4L2nc.roa (raw, json)
Hash identifier: Dwn097khl7QE/wrVW+MLdk6jalK979i68YL0QuJEQkY=
Subject key identifier: 04:36:10:C2:02:C1:6E:75:F3:CB:19:C2:3D:8F:E9:08:CE:0B:DA:77
Certificate issuer: /CN=86d542323c0e3051c9c7bb8ed1d1e8acfd3db834
Certificate serial: 019E06E1D5145135CFE26DE3AC68B2018358
Authority key identifier: 86:D5:42:32:3C:0E:30:51:C9:C7:BB:8E:D1:D1:E8:AC:FD:3D:B8:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htVCMjwOMFHJx7uO0dHorP09uDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/BDYQwgLBbnXzyxnCPY_pCM4L2nc.roa
Signing time: Fri 08 May 2026 09:18:43 +0000
ROA not before: Fri 08 May 2026 09:18:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29695
IP address blocks: 77.110.192.0/18 maxlen: 18
77.222.192.0/19 maxlen: 19
80.89.32.0/19 maxlen: 19
82.148.128.0/19 maxlen: 19
89.162.0.0/17 maxlen: 17
141.0.224.0/19 maxlen: 19
178.16.64.0/20 maxlen: 20
185.10.28.0/22 maxlen: 22
185.65.152.0/22 maxlen: 22
194.182.224.0/21 maxlen: 21
2a00:e08::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/htVCMjwOMFHJx7uO0dHorP09uDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/htVCMjwOMFHJx7uO0dHorP09uDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/htVCMjwOMFHJx7uO0dHorP09uDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:06:e1:d5:14:51:35:cf:e2:6d:e3:ac:68:b2:01:83:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d542323c0e3051c9c7bb8ed1d1e8acfd3db834
Validity
Not Before: May 8 09:18:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=043610c202c16e75f3cb19c23d8fe908ce0bda77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ae:67:7e:28:a7:ba:40:36:cb:8b:7a:39:af:
10:b1:8a:7f:3b:61:89:b6:2c:05:02:e5:b9:f6:8e:
d7:39:c4:e9:f9:27:13:29:bc:b6:18:a5:cb:43:07:
39:56:87:39:27:11:68:2d:44:7f:df:0c:bd:3b:eb:
6a:35:4b:1b:15:eb:75:18:92:4c:35:0e:b8:ed:e4:
80:17:34:e4:3a:4e:0d:50:99:a6:e1:e1:ff:e1:d0:
fe:57:70:7f:ac:cb:04:57:35:27:36:79:c6:1a:48:
76:8a:f3:27:65:9c:3c:48:e1:9c:d9:44:f6:9e:72:
a0:57:52:e9:fc:b3:ed:61:87:0d:f8:ae:54:09:57:
d2:3f:0c:c4:c3:06:22:90:75:03:de:51:df:9b:f8:
c3:a9:83:99:38:cb:d1:df:42:ce:f4:d1:fd:dc:0d:
82:ce:cc:b0:79:4a:f6:2d:f6:e1:02:a3:18:b5:4e:
c0:b4:0a:6c:26:a4:6b:16:10:35:b2:65:3e:30:f2:
a9:3b:55:02:fd:81:e2:a7:96:62:6e:f0:8f:5e:5a:
78:88:86:b9:cf:3e:8a:16:dc:65:0d:f9:80:00:54:
23:d4:3a:5b:62:dd:62:d8:71:2c:be:51:17:3c:d1:
4c:b5:e1:0a:8c:48:09:55:0c:8c:a2:36:99:55:7c:
4b:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:36:10:C2:02:C1:6E:75:F3:CB:19:C2:3D:8F:E9:08:CE:0B:DA:77
X509v3 Authority Key Identifier:
keyid:86:D5:42:32:3C:0E:30:51:C9:C7:BB:8E:D1:D1:E8:AC:FD:3D:B8:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htVCMjwOMFHJx7uO0dHorP09uDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/BDYQwgLBbnXzyxnCPY_pCM4L2nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/htVCMjwOMFHJx7uO0dHorP09uDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.110.192.0/18
77.222.192.0/19
80.89.32.0/19
82.148.128.0/19
89.162.0.0/17
141.0.224.0/19
178.16.64.0/20
185.10.28.0/22
185.65.152.0/22
194.182.224.0/21
IPv6:
2a00:e08::/29
Signature Algorithm: sha256WithRSAEncryption
5e:2d:cc:b1:be:bf:35:33:74:43:b8:e7:22:b0:db:dc:8f:1d:
81:ec:3a:de:c2:2d:49:1b:ee:bd:20:e1:20:53:53:0f:c0:e6:
f0:f3:74:ad:13:ed:51:f4:f2:0e:17:ba:21:a6:87:7e:f7:f0:
15:07:06:60:e2:9c:7c:c0:51:a9:98:b0:01:ba:38:74:19:61:
be:b9:49:09:e4:06:99:07:77:58:ac:d5:59:34:de:ac:5b:74:
a9:00:bd:02:02:39:f3:15:08:3b:6b:90:3a:2e:b5:6e:24:a6:
3b:a7:c2:5f:1a:18:f2:e4:ad:82:50:5e:78:b5:a3:df:65:4e:
eb:db:a4:47:f7:ff:fe:b1:1b:34:b8:05:3d:cd:3f:1a:a1:ca:
c7:47:27:36:22:81:c8:de:da:7a:94:e0:76:4e:3e:5e:fe:ed:
f0:71:4b:96:c3:fa:e8:f7:46:46:21:f9:ff:03:a9:cd:fa:ed:
6e:1a:e5:ab:fe:61:1a:9d:88:89:b5:ce:83:1b:d1:76:fb:f9:
02:dd:98:a2:94:29:38:72:6f:c9:08:83:13:95:c5:48:bc:b3:
5b:73:5a:8b:6d:23:18:12:cf:67:ff:ae:80:61:23:f5:c8:93:
1f:bc:57:fc:63:83:4d:16:4c:4d:18:86:31:15:d7:3d:a4:e7:
11:b1:e7:fe
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZ4G4dUUUTXP4m3jrGiyAYNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDU0MjMyM2MwZTMwNTFjOWM3YmI4ZWQxZDFlOGFjZmQz
ZGI4MzQwHhcNMjYwNTA4MDkxODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDM2MTBjMjAyYzE2ZTc1ZjNjYjE5YzIzZDhmZTkwOGNlMGJkYTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoK5nfiinukA2y4t6Oa8QsYp/O2GJ
tiwFAuW59o7XOcTp+ScTKby2GKXLQwc5Voc5JxFoLUR/3wy9O+tqNUsbFet1GJJM
NQ647eSAFzTkOk4NUJmm4eH/4dD+V3B/rMsEVzUnNnnGGkh2ivMnZZw8SOGc2UT2
nnKgV1Lp/LPtYYcN+K5UCVfSPwzEwwYikHUD3lHfm/jDqYOZOMvR30LO9NH93A2C
zsyweUr2LfbhAqMYtU7AtApsJqRrFhA1smU+MPKpO1UC/YHip5ZibvCPXlp4iIa5
zz6KFtxlDfmAAFQj1DpbYt1i2HEsvlEXPNFMteEKjEgJVQyMojaZVXxLQwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFAQ2EMICwW5188sZwj2P6QjOC9p3MB8GA1UdIwQY
MBaAFIbVQjI8DjBRyce7jtHR6Kz9Pbg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRWQ01qd09NRkhKeDd1TzBkSG9yUDA5dURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hN2M3YzEtZmM0Mi00M2EzLTlhZDgt
NzBkYWQ1MWU3M2ZiLzEvQkRZUXdnTEJiblh6eXhuQ1BZX3BDTTRMMm5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hN2M3YzEtZmM0Mi00M2EzLTlhZDgtNzBkYWQ1MWU3M2Zi
LzEvaHRWQ01qd09NRkhKeDd1TzBkSG9yUDA5dURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQGTW7AAwQF
Td7AAwQFUFkgAwQFUpSAAwQHWaIAAwQFjQDgAwQEshBAAwQCuQocAwQCuUGYAwQD
wrbgMA0EAgACMAcDBQMqAA4IMA0GCSqGSIb3DQEBCwUAA4IBAQBeLcyxvr81M3RD
uOcisNvcjx2B7Drewi1JG+69IOEgU1MPwObw83StE+1R9PIOF7ohpod+9/AVBwZg
4px8wFGpmLABujh0GWG+uUkJ5AaZB3dYrNVZNN6sW3SpAL0CAjnzFQg7a5A6LrVu
JKY7p8JfGhjy5K2CUF54taPfZU7r26RH9//+sRs0uAU9zT8aocrHRyc2IoHI3tp6
lOB2Tj5e/u3wcUuWw/ro90ZGIfn/A6nN+u1uGuWr/mEanYiJtc6DG9F2+/kC3Zii
lCk4cm/JCIMTlcVIvLNbc1qLbSMYEs9n/66AYSP1yJMfvFf8Y4NNFkxNGIYxFdc9
pOcRsef+
-----END CERTIFICATE-----
Generated at Wed May 13 14:10:43 2026 by rpki-client