Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/70658b-377a-4915-b1e8-6af215bff1ce/1/bfk_MR19Wkt9P8nZBnMSgF6MsRU.roa
File: bfk_MR19Wkt9P8nZBnMSgF6MsRU.roa (raw, json)
Hash identifier: 0hszlwIo4wu2t5VGtUVdAEdA9lm13yBTsn0Utr0zB2A=
Subject key identifier: 6D:F9:3F:31:1D:7D:5A:4B:7D:3F:C9:D9:06:73:12:80:5E:8C:B1:15
Certificate issuer: /CN=72e6fd2271dde10886d97ff14703e581a204b65e
Certificate serial: 019778A79436EA4C8D648A4A9534479E46CA
Authority key identifier: 72:E6:FD:22:71:DD:E1:08:86:D9:7F:F1:47:03:E5:81:A2:04:B6:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cub9InHd4QiG2X_xRwPlgaIEtl4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/70658b-377a-4915-b1e8-6af215bff1ce/1/bfk_MR19Wkt9P8nZBnMSgF6MsRU.roa
Signing time: Mon 16 Jun 2025 12:12:17 +0000
ROA not before: Mon 16 Jun 2025 12:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210734
IP address blocks: 95.128.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/70658b-377a-4915-b1e8-6af215bff1ce/1/cub9InHd4QiG2X_xRwPlgaIEtl4.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/70658b-377a-4915-b1e8-6af215bff1ce/1/cub9InHd4QiG2X_xRwPlgaIEtl4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cub9InHd4QiG2X_xRwPlgaIEtl4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 13:02:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:78:a7:94:36:ea:4c:8d:64:8a:4a:95:34:47:9e:46:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72e6fd2271dde10886d97ff14703e581a204b65e
Validity
Not Before: Jun 16 12:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6df93f311d7d5a4b7d3fc9d9067312805e8cb115
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:48:a3:e9:06:b3:28:7c:68:a0:0a:62:69:10:
c7:c4:ff:8c:3c:97:3c:09:da:cb:53:f1:87:4b:9f:
db:82:33:da:a0:09:5b:2e:f9:d0:93:b3:a3:7a:26:
8b:26:f2:05:09:ed:d5:3e:6e:d6:75:fe:8f:be:f1:
33:9c:d0:89:3d:2d:a2:a6:42:ce:b6:b3:83:f5:89:
5e:89:b3:b4:7c:bb:bc:f3:d4:a2:86:7d:65:54:31:
9a:fb:07:4f:51:ab:d0:aa:b1:54:40:6c:b0:ab:8a:
ef:95:45:21:f0:25:e5:fa:c2:d6:bd:ec:d4:91:79:
8f:2b:00:10:68:c1:8b:cc:91:b7:fe:0a:8d:27:e5:
a3:80:2e:33:09:95:aa:6e:8c:5b:51:6b:b5:ba:72:
b6:f3:de:75:ba:0f:57:3a:6b:bf:8d:56:f2:13:8d:
14:31:73:b4:b9:9c:64:b5:8a:61:e5:0f:74:4c:bc:
6e:3f:4d:b3:23:78:86:48:1a:03:9f:25:40:09:c5:
75:70:99:5a:06:24:9a:36:2b:3d:21:85:bc:30:cd:
eb:14:3d:a4:d3:6b:70:74:c6:92:11:83:c5:a8:f0:
66:89:8f:07:f1:8d:6c:4e:43:42:de:10:f5:f4:3d:
16:3f:2c:6a:be:82:f9:32:da:42:d4:0c:1e:7e:45:
8e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F9:3F:31:1D:7D:5A:4B:7D:3F:C9:D9:06:73:12:80:5E:8C:B1:15
X509v3 Authority Key Identifier:
keyid:72:E6:FD:22:71:DD:E1:08:86:D9:7F:F1:47:03:E5:81:A2:04:B6:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cub9InHd4QiG2X_xRwPlgaIEtl4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/70658b-377a-4915-b1e8-6af215bff1ce/1/bfk_MR19Wkt9P8nZBnMSgF6MsRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/70658b-377a-4915-b1e8-6af215bff1ce/1/cub9InHd4QiG2X_xRwPlgaIEtl4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.157.0/24
Signature Algorithm: sha256WithRSAEncryption
37:42:75:8f:93:a2:f0:86:33:70:cd:b4:5d:b3:67:69:d3:4f:
e5:99:be:d4:c5:f4:15:2a:c5:1b:fd:63:8f:c2:6c:15:89:f1:
c8:04:c4:46:87:98:57:72:26:e0:a7:19:76:b6:49:6b:0d:47:
a1:ce:b5:28:09:52:de:9b:72:2a:48:76:2f:27:7c:61:b3:3f:
83:c3:ea:b1:46:4c:9a:6a:6a:4a:57:4f:0f:98:b7:1a:99:a3:
bb:c0:5c:bb:3e:96:71:0f:cb:4b:16:70:ee:e8:bb:37:86:5e:
23:72:19:c5:77:4c:3f:65:7a:7f:52:fa:b4:e3:40:b2:03:ea:
9f:ee:2c:81:66:32:e6:96:8a:05:f0:a2:6f:71:7e:df:5e:16:
f5:a1:a8:1f:85:db:26:38:1f:2c:89:ca:1e:3e:9c:16:6e:ef:
46:74:ff:dd:ee:73:0e:ab:56:61:46:9e:15:53:f2:ad:40:33:
3d:b8:85:e7:30:8d:8d:b2:90:68:56:98:5e:0f:4f:5f:32:8e:
be:84:7f:81:1b:3a:78:1f:48:ef:b9:37:57:57:01:31:f9:8c:
3b:66:7b:72:87:e2:07:43:c6:d1:6f:0e:f2:ef:c5:aa:7f:99:
4e:ad:61:74:a3:18:fb:2a:4f:5f:dd:9f:e1:70:88:e7:bb:79:
a8:ca:a2:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZd4p5Q26kyNZIpKlTRHnkbKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyZTZmZDIyNzFkZGUxMDg4NmQ5N2ZmMTQ3MDNlNTgxYTIw
NGI2NWUwHhcNMjUwNjE2MTIxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGY5M2YzMTFkN2Q1YTRiN2QzZmM5ZDkwNjczMTI4MDVlOGNiMTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk0ij6QazKHxooApiaRDHxP+MPJc8
CdrLU/GHS5/bgjPaoAlbLvnQk7OjeiaLJvIFCe3VPm7Wdf6PvvEznNCJPS2ipkLO
trOD9YleibO0fLu889Sihn1lVDGa+wdPUavQqrFUQGywq4rvlUUh8CXl+sLWvezU
kXmPKwAQaMGLzJG3/gqNJ+WjgC4zCZWqboxbUWu1unK28951ug9XOmu/jVbyE40U
MXO0uZxktYph5Q90TLxuP02zI3iGSBoDnyVACcV1cJlaBiSaNis9IYW8MM3rFD2k
02twdMaSEYPFqPBmiY8H8Y1sTkNC3hD19D0WPyxqvoL5MtpC1AwefkWO4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG35PzEdfVpLfT/J2QZzEoBejLEVMB8GA1UdIwQY
MBaAFHLm/SJx3eEIhtl/8UcD5YGiBLZeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3ViOUluSGQ0UWlHMlhfeFJ3UGxnYUlFdGw0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83MDY1OGItMzc3YS00OTE1LWIxZTgt
NmFmMjE1YmZmMWNlLzEvYmZrX01SMTlXa3Q5UDhuWkJuTVNnRjZNc1JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83MDY1OGItMzc3YS00OTE1LWIxZTgtNmFmMjE1YmZmMWNl
LzEvY3ViOUluSGQ0UWlHMlhfeFJ3UGxnYUlFdGw0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4CdMA0G
CSqGSIb3DQEBCwUAA4IBAQA3QnWPk6LwhjNwzbRds2dp00/lmb7UxfQVKsUb/WOP
wmwVifHIBMRGh5hXcibgpxl2tklrDUehzrUoCVLem3IqSHYvJ3xhsz+Dw+qxRkya
ampKV08PmLcamaO7wFy7PpZxD8tLFnDu6Ls3hl4jchnFd0w/ZXp/Uvq040CyA+qf
7iyBZjLmlooF8KJvcX7fXhb1oagfhdsmOB8sicoePpwWbu9GdP/d7nMOq1ZhRp4V
U/KtQDM9uIXnMI2NspBoVpheD09fMo6+hH+BGzp4H0jvuTdXVwEx+Yw7Zntyh+IH
Q8bRbw7y78Wqf5lOrWF0oxj7Kk9f3Z/hcIjnu3moyqL3
-----END CERTIFICATE-----
Generated at Tue Jul 1 21:16:21 2025 by rpki-client