Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/bvJaB1n4DlwgW-YHgMlWz2d0zE0.roa
File: bvJaB1n4DlwgW-YHgMlWz2d0zE0.roa (raw, json)
Hash identifier: Aum897RCErwCFSWkB8MTk4Vue2u5uq3XMcwvd1bOMFQ=
Subject key identifier: 6E:F2:5A:07:59:F8:0E:5C:20:5B:E6:07:80:C9:56:CF:67:74:CC:4D
Certificate issuer: /CN=e5a6794b91b81406412a137870bfde3b170de094
Certificate serial: 01987F0BFD8731C122BA962D75C8F8E0A010
Authority key identifier: E5:A6:79:4B:91:B8:14:06:41:2A:13:78:70:BF:DE:3B:17:0D:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/bvJaB1n4DlwgW-YHgMlWz2d0zE0.roa
Signing time: Wed 06 Aug 2025 11:02:28 +0000
ROA not before: Wed 06 Aug 2025 11:02:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199335
IP address blocks: 80.94.192.0/20 maxlen: 20
85.12.112.0/21 maxlen: 21
85.12.124.0/24 maxlen: 24
85.12.125.0/24 maxlen: 24
85.92.160.0/22 maxlen: 22
85.92.164.0/22 maxlen: 22
85.92.168.0/22 maxlen: 22
85.92.172.0/22 maxlen: 22
85.92.176.0/22 maxlen: 22
85.92.180.0/22 maxlen: 22
85.92.184.0/22 maxlen: 22
85.92.188.0/22 maxlen: 22
176.126.224.0/21 maxlen: 21
185.5.64.0/22 maxlen: 22
185.41.228.0/22 maxlen: 22
185.99.21.0/24 maxlen: 24
185.113.60.0/22 maxlen: 22
188.241.40.0/21 maxlen: 21
2a02:77c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7f:0b:fd:87:31:c1:22:ba:96:2d:75:c8:f8:e0:a0:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a6794b91b81406412a137870bfde3b170de094
Validity
Not Before: Aug 6 11:02:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ef25a0759f80e5c205be60780c956cf6774cc4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:e1:23:85:96:cc:14:98:77:b9:f6:da:de:6d:
6d:0a:8e:1f:45:73:cd:b9:9f:7d:b4:78:c4:ef:09:
38:a1:6a:ae:40:9e:0e:eb:92:63:67:c8:90:99:45:
00:5a:52:71:d2:b8:69:6a:bc:fe:4b:6f:0e:2a:aa:
02:7a:12:8e:75:38:75:61:ff:55:b6:02:24:ad:e2:
43:91:62:2c:42:39:be:20:23:1b:c5:de:ac:a9:60:
ab:e9:35:d4:3d:e6:a1:ef:3b:dd:42:61:6e:70:c9:
25:36:ed:bc:ba:ac:92:01:37:31:53:36:98:a6:a4:
1c:43:07:ea:0f:f9:b1:f6:3e:32:9e:15:de:fd:0e:
83:bc:c1:6a:0c:14:55:bc:04:1c:af:38:cb:14:fe:
31:e0:75:f7:82:4c:45:6c:cf:f2:e9:11:16:2c:d3:
62:e8:1b:63:34:01:a1:b2:86:ca:95:fb:17:f6:ae:
31:a8:01:1c:46:56:3e:ec:6c:35:b9:df:a8:d7:74:
ba:19:d6:4c:d7:21:7f:7a:db:35:b7:0b:be:ec:d8:
c5:08:bb:d3:fb:fc:02:2c:37:d7:1a:13:55:4a:3b:
2b:11:de:17:0e:cb:05:fc:1c:6f:93:7f:61:ad:87:
25:56:09:54:1e:c5:29:ff:2c:8a:91:52:f1:0b:e4:
36:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F2:5A:07:59:F8:0E:5C:20:5B:E6:07:80:C9:56:CF:67:74:CC:4D
X509v3 Authority Key Identifier:
keyid:E5:A6:79:4B:91:B8:14:06:41:2A:13:78:70:BF:DE:3B:17:0D:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/bvJaB1n4DlwgW-YHgMlWz2d0zE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/ca34eb-8e20-4bf1-b1b2-5872109b67a8/1/5aZ5S5G4FAZBKhN4cL_eOxcN4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.94.192.0/20
85.12.112.0/21
85.12.124.0/23
85.92.160.0/19
176.126.224.0/21
185.5.64.0/22
185.41.228.0/22
185.99.21.0/24
185.113.60.0/22
188.241.40.0/21
IPv6:
2a02:77c0::/32
Signature Algorithm: sha256WithRSAEncryption
1b:3e:77:ce:66:80:fd:b3:2f:a8:9f:cf:2a:8b:89:09:9a:b3:
57:d1:3a:7f:67:f9:33:e4:17:fe:29:c8:fd:b3:a5:28:4a:3e:
29:0f:8f:e2:3b:fb:2b:99:20:46:88:6a:28:34:28:81:40:10:
cc:8f:17:cb:8d:03:1f:3b:0a:72:75:92:91:c7:c1:ae:c0:2d:
ee:31:1f:bb:66:c5:82:13:10:b8:64:f6:4f:3c:7a:56:96:89:
ea:90:f7:ca:0f:2c:44:18:0d:dd:27:64:de:1a:b9:22:30:9d:
e2:3f:3d:b8:f1:75:0c:25:f5:8e:ea:d9:71:64:d3:79:c3:6b:
0f:0d:e2:b0:c4:f1:2a:c3:36:de:07:44:2a:39:fd:49:8e:44:
85:c2:83:67:21:5d:76:96:ec:7a:90:ca:a3:a3:d8:e4:e6:06:
3d:b4:8b:b8:9c:09:71:a4:6d:bb:23:b0:15:de:20:4f:16:9d:
3c:4a:73:58:ca:27:8e:27:48:1c:e8:6c:8e:a6:11:c7:a2:cf:
28:eb:8d:63:fe:8a:92:e4:d7:87:4d:41:fd:16:ab:de:f4:d6:
fd:ad:43:78:ef:bd:86:f6:69:ba:6c:14:a3:9f:01:f4:68:a9:
73:36:b8:5c:5a:bc:cb:d0:d6:fc:42:67:78:62:eb:fb:99:74:
3b:8a:8d:5c
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZh/C/2HMcEiupYtdcj44KAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTY3OTRiOTFiODE0MDY0MTJhMTM3ODcwYmZkZTNiMTcw
ZGUwOTQwHhcNMjUwODA2MTEwMjI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWYyNWEwNzU5ZjgwZTVjMjA1YmU2MDc4MGM5NTZjZjY3NzRjYzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5uEjhZbMFJh3ufba3m1tCo4fRXPN
uZ99tHjE7wk4oWquQJ4O65JjZ8iQmUUAWlJx0rhparz+S28OKqoCehKOdTh1Yf9V
tgIkreJDkWIsQjm+ICMbxd6sqWCr6TXUPeah7zvdQmFucMklNu28uqySATcxUzaY
pqQcQwfqD/mx9j4ynhXe/Q6DvMFqDBRVvAQcrzjLFP4x4HX3gkxFbM/y6REWLNNi
6BtjNAGhsobKlfsX9q4xqAEcRlY+7Gw1ud+o13S6GdZM1yF/ets1twu+7NjFCLvT
+/wCLDfXGhNVSjsrEd4XDssF/Bxvk39hrYclVglUHsUp/yyKkVLxC+Q2GwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFG7yWgdZ+A5cIFvmB4DJVs9ndMxNMB8GA1UdIwQY
MBaAFOWmeUuRuBQGQSoTeHC/3jsXDeCUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFaNVM1RzRGQVpCS2hONGNMX2VPeGNONEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9jYTM0ZWItOGUyMC00YmYxLWIxYjIt
NTg3MjEwOWI2N2E4LzEvYnZKYUIxbjREbHdnVy1ZSGdNbFd6MmQwekUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9jYTM0ZWItOGUyMC00YmYxLWIxYjItNTg3MjEwOWI2N2E4
LzEvNWFaNVM1RzRGQVpCS2hONGNMX2VPeGNONEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQEUF7AAwQD
VQxwAwQBVQx8AwQFVVygAwQDsH7gAwQCuQVAAwQCuSnkAwQAuWMVAwQCuXE8AwQD
vPEoMA0EAgACMAcDBQAqAnfAMA0GCSqGSIb3DQEBCwUAA4IBAQAbPnfOZoD9sy+o
n88qi4kJmrNX0Tp/Z/kz5Bf+Kcj9s6UoSj4pD4/iO/srmSBGiGooNCiBQBDMjxfL
jQMfOwpydZKRx8GuwC3uMR+7ZsWCExC4ZPZPPHpWlonqkPfKDyxEGA3dJ2TeGrki
MJ3iPz248XUMJfWO6tlxZNN5w2sPDeKwxPEqwzbeB0QqOf1JjkSFwoNnIV12lux6
kMqjo9jk5gY9tIu4nAlxpG27I7AV3iBPFp08SnNYyieOJ0gc6GyOphHHos8o641j
/oqS5NeHTUH9Fqve9Nb9rUN4772G9mm6bBSjnwH0aKlzNrhcWrzL0Nb8Qmd4Yuv7
mXQ7io1c
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:59:37 2025 by rpki-client