Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/BmtcxyfetrPfrELtWK5P7qO8BAo.roa
File: BmtcxyfetrPfrELtWK5P7qO8BAo.roa (raw, json)
Hash identifier: KjLWzKN0SnCeqmfgk/zCVyjap5PlSMNqpEELDNV2skI=
Subject key identifier: 06:6B:5C:C7:27:DE:B6:B3:DF:AC:42:ED:58:AE:4F:EE:A3:BC:04:0A
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01975463385A73F6305027F32329052E757B
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/BmtcxyfetrPfrELtWK5P7qO8BAo.roa
Signing time: Mon 09 Jun 2025 11:11:17 +0000
ROA not before: Mon 09 Jun 2025 11:11:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201776
IP address blocks: 2.63.144.0/20 maxlen: 20
2.63.176.0/20 maxlen: 20
2.63.224.0/20 maxlen: 20
46.61.245.0/24 maxlen: 24
84.42.92.0/24 maxlen: 24
84.42.93.0/24 maxlen: 24
84.42.94.0/24 maxlen: 24
84.42.95.0/24 maxlen: 24
85.174.144.0/20 maxlen: 24
92.50.204.0/23 maxlen: 23
92.50.204.0/24 maxlen: 24
92.50.205.0/24 maxlen: 24
176.119.169.0/24 maxlen: 24
176.119.170.0/24 maxlen: 24
176.119.171.0/24 maxlen: 24
176.119.172.0/24 maxlen: 24
176.208.74.0/24 maxlen: 24
176.211.120.0/22 maxlen: 22
188.128.76.0/23 maxlen: 24
188.128.76.0/24 maxlen: 24
188.128.77.0/24 maxlen: 24
188.254.122.0/23 maxlen: 24
188.254.122.0/24 maxlen: 24
188.254.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 22:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:54:63:38:5a:73:f6:30:50:27:f3:23:29:05:2e:75:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jun 9 11:11:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=066b5cc727deb6b3dfac42ed58ae4feea3bc040a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a0:1f:49:9e:56:cb:6a:b0:3f:b4:dd:71:8e:
a0:70:0e:f0:05:2b:74:28:34:30:f8:a4:90:21:3f:
e3:5d:a8:93:f0:f0:61:4f:c9:c1:06:a4:ca:25:f5:
47:a6:81:c8:03:4f:95:ec:f9:88:cf:11:06:32:43:
df:56:0c:fb:72:11:c5:6a:44:6d:f5:1f:93:25:15:
77:37:b7:7a:ce:d4:57:73:09:ce:c7:df:4a:be:9f:
a7:1a:ee:54:f2:b4:d6:6b:40:57:8a:40:ff:b4:87:
67:c3:b4:07:3a:5d:69:10:c4:d7:a3:05:8e:c8:ac:
88:d8:cc:0a:19:9d:69:5a:34:d6:13:3a:2d:83:07:
8e:09:eb:bb:dd:33:c9:99:dc:bd:5e:51:1a:c4:12:
66:93:4d:ac:10:40:df:8a:fa:78:0b:a0:47:32:59:
5c:e1:0b:2f:72:22:d7:73:e1:19:85:79:94:9e:39:
c4:90:de:59:11:a7:83:a8:74:c2:41:40:cb:79:90:
64:f2:20:24:28:a5:eb:e1:e9:fd:3f:fc:8b:42:42:
f4:a1:c5:30:98:2f:28:90:e0:c8:08:fc:a6:61:2d:
8d:34:a0:c9:fb:96:ca:f7:0f:d8:29:87:4c:61:7e:
e2:1f:1c:7d:46:63:8b:46:c0:74:56:d7:19:4c:15:
0a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:6B:5C:C7:27:DE:B6:B3:DF:AC:42:ED:58:AE:4F:EE:A3:BC:04:0A
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/BmtcxyfetrPfrELtWK5P7qO8BAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.63.144.0/20
2.63.176.0/20
2.63.224.0/20
46.61.245.0/24
84.42.92.0/22
85.174.144.0/20
92.50.204.0/23
176.119.169.0-176.119.172.255
176.208.74.0/24
176.211.120.0/22
188.128.76.0/23
188.254.122.0/23
Signature Algorithm: sha256WithRSAEncryption
51:09:1d:53:20:e4:e9:a3:29:70:a5:79:79:8e:07:49:f2:15:
4e:b8:f5:fe:48:0b:08:2c:8a:08:f3:c3:14:1e:e1:36:40:b4:
b8:ef:4b:df:d1:8c:b8:f5:d5:b6:1d:68:3a:49:18:24:a7:5d:
a4:8f:4f:92:ba:85:7a:22:8e:74:d5:17:ee:9a:8c:f4:72:55:
b8:1b:99:74:0f:ca:23:45:2f:99:62:ba:37:34:00:d8:8c:52:
0d:c7:43:42:e9:d2:b8:df:7e:a8:0d:ab:33:97:0b:db:2a:59:
2e:ab:46:b5:0b:9f:16:db:b6:0c:85:41:28:f7:a9:64:10:d6:
30:e4:c8:11:4e:6e:ea:cc:a9:28:e0:f3:c6:a0:b8:da:7f:01:
a4:17:c7:da:a7:e3:73:bf:bd:f1:e2:0d:26:fc:f6:2c:33:e5:
c7:2f:38:88:5a:c8:cb:16:fb:8e:c0:4d:fa:6b:7f:1b:72:63:
3c:6e:e4:47:90:1e:88:92:d1:4c:26:ec:23:cd:df:4c:01:28:
33:62:1c:74:47:21:7e:3a:85:e8:bd:fe:15:3d:c9:ef:3b:97:
73:e1:4d:ce:19:7c:6a:ea:48:cc:9c:78:a2:e6:7f:b3:e1:5c:
c4:29:92:8a:8a:e2:2d:90:cf:96:fe:fe:10:4f:33:c0:eb:51:
e3:58:a1:bb
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZdUYzhac/YwUCfzIykFLnV7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwNjA5MTExMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjZiNWNjNzI3ZGViNmIzZGZhYzQyZWQ1OGFlNGZlZWEzYmMwNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhaAfSZ5Wy2qwP7TdcY6gcA7wBSt0
KDQw+KSQIT/jXaiT8PBhT8nBBqTKJfVHpoHIA0+V7PmIzxEGMkPfVgz7chHFakRt
9R+TJRV3N7d6ztRXcwnOx99Kvp+nGu5U8rTWa0BXikD/tIdnw7QHOl1pEMTXowWO
yKyI2MwKGZ1pWjTWEzotgweOCeu73TPJmdy9XlEaxBJmk02sEEDfivp4C6BHMllc
4QsvciLXc+EZhXmUnjnEkN5ZEaeDqHTCQUDLeZBk8iAkKKXr4en9P/yLQkL0ocUw
mC8okODICPymYS2NNKDJ+5bK9w/YKYdMYX7iHxx9RmOLRsB0VtcZTBUKjwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFAZrXMcn3raz36xC7ViuT+6jvAQKMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvQm10Y3h5ZmV0clBmckVMdFdLNVA3cU84QkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQEAj+QAwQE
Aj+wAwQEAj/gAwQALj31AwQCVCpcAwQEVa6QAwQBXDLMMAwDBACwd6kDBACwd6wD
BACw0EoDBAKw03gDBAG8gEwDBAG8/nowDQYJKoZIhvcNAQELBQADggEBAFEJHVMg
5OmjKXCleXmOB0nyFU649f5ICwgsigjzwxQe4TZAtLjvS9/RjLj11bYdaDpJGCSn
XaSPT5K6hXoijnTVF+6ajPRyVbgbmXQPyiNFL5liujc0ANiMUg3HQ0Lp0rjffqgN
qzOXC9sqWS6rRrULnxbbtgyFQSj3qWQQ1jDkyBFOburMqSjg88aguNp/AaQXx9qn
43O/vfHiDSb89iwz5ccvOIhayMsW+47ATfprfxtyYzxu5EeQHoiS0Uwm7CPN30wB
KDNiHHRHIX46hei9/hU9ye87l3PhTc4ZfGrqSMyceKLmf7PhXMQpkoqK4i2Qz5b+
/hBPM8DrUeNYobs=
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:43:36 2025 by rpki-client