Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/BOsoT_8cHHlHPp4TNYXa5KBCs4k.roa
File: BOsoT_8cHHlHPp4TNYXa5KBCs4k.roa (raw, json)
Hash identifier: 93HhNat4MIOuEgH6RhS2/x/PFQHIK5pmPn1SQJLneU0=
Subject key identifier: 04:EB:28:4F:FF:1C:1C:79:47:3E:9E:13:35:85:DA:E4:A0:42:B3:89
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 01981E37201C29027E7BCA0F292928914CC6
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/BOsoT_8cHHlHPp4TNYXa5KBCs4k.roa
Signing time: Fri 18 Jul 2025 15:46:25 +0000
ROA not before: Fri 18 Jul 2025 15:46:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48444
IP address blocks: 91.224.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.mft
rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 12:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1e:37:20:1c:29:02:7e:7b:ca:0f:29:29:28:91:4c:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Jul 18 15:46:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04eb284fff1c1c79473e9e133585dae4a042b389
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:8d:14:4d:b0:0f:04:fb:73:a7:88:4f:50:c2:
b8:83:de:c1:4f:48:e1:71:08:2a:99:9e:87:0f:16:
9d:ec:54:a9:e4:09:97:c5:30:70:3a:fb:06:b7:d2:
7c:e3:d2:dc:bd:cd:5a:f1:60:4b:c0:ef:7c:5b:e4:
bb:4f:27:7c:5b:74:4d:48:2e:c1:d1:9e:fe:23:26:
32:68:b6:f6:47:26:eb:01:6c:bb:98:27:24:32:da:
6b:63:14:e8:8a:97:33:63:18:1a:57:80:80:45:a4:
da:03:de:b4:1e:6d:38:1e:f2:82:78:43:43:6d:25:
02:59:7b:4b:67:03:3f:62:9a:ac:5f:ef:20:bc:4e:
fc:2d:ec:dd:ca:70:91:1f:ff:53:5a:40:15:82:9a:
ee:c7:e2:08:13:f2:a7:f9:ec:43:3d:e5:fa:4d:ae:
69:67:3d:9d:84:1f:a1:17:79:d0:a9:d3:25:13:6d:
ee:c9:f2:4f:a1:bc:27:c4:f1:3d:de:24:43:a9:8a:
79:5f:63:53:bb:9e:e9:db:f5:93:81:ad:4a:3d:fc:
9e:c1:50:d0:9a:aa:1d:c6:17:c0:c6:36:2c:fc:f6:
59:d8:83:a7:1a:c0:14:6f:73:a8:e4:93:68:b4:7d:
17:fa:c3:af:d9:6a:c9:50:45:71:9f:6c:1d:a6:05:
bc:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:EB:28:4F:FF:1C:1C:79:47:3E:9E:13:35:85:DA:E4:A0:42:B3:89
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/BOsoT_8cHHlHPp4TNYXa5KBCs4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.109.0/24
Signature Algorithm: sha256WithRSAEncryption
59:3a:04:c7:9c:e0:63:87:ec:c4:31:f2:cd:a7:8a:a3:d0:16:
e5:e2:04:8f:f0:bb:07:90:5b:ca:b0:f0:a7:6a:6b:ed:89:bb:
5c:94:c0:e0:83:12:9b:43:ee:83:68:a3:50:c7:e3:7a:0a:1b:
1d:c2:3d:21:0e:04:d7:d5:51:69:6d:d9:f8:01:54:26:30:4f:
80:27:4b:42:ab:4c:13:34:31:0a:86:0d:5d:fb:fb:ff:a3:66:
8f:1d:ea:bd:7d:15:a5:bb:e3:73:d9:45:13:ec:85:28:e6:cc:
b4:5a:3d:c8:51:50:60:7d:63:c3:b0:46:79:14:b4:59:8d:f5:
1f:42:49:14:84:5e:b3:5f:a6:b6:cb:30:d1:69:f5:ff:84:e9:
86:c6:0e:c7:3d:1c:e0:32:f4:06:2b:9b:74:be:cb:c4:54:1b:
d3:ab:14:ec:e8:7d:51:b4:87:a9:a7:7b:12:02:24:35:f9:4e:
e8:42:11:21:4e:87:03:a7:04:77:9c:dc:a9:2f:49:d0:2b:86:
17:9c:21:70:47:9b:58:db:91:a7:44:23:42:8c:7c:7b:aa:33:
8f:fe:5c:bd:d3:01:1a:63:b2:ac:5f:4e:8a:15:e9:df:d9:8b:
ad:c7:f9:b0:a0:e2:5e:68:a2:02:91:49:cd:47:13:00:1c:cc:
dc:ca:04:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgeNyAcKQJ+e8oPKSkokUzGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjUwNzE4MTU0NjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGViMjg0ZmZmMWMxYzc5NDczZTllMTMzNTg1ZGFlNGEwNDJiMzg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl40UTbAPBPtzp4hPUMK4g97BT0jh
cQgqmZ6HDxad7FSp5AmXxTBwOvsGt9J849Lcvc1a8WBLwO98W+S7Tyd8W3RNSC7B
0Z7+IyYyaLb2RybrAWy7mCckMtprYxToipczYxgaV4CARaTaA960Hm04HvKCeEND
bSUCWXtLZwM/YpqsX+8gvE78LezdynCRH/9TWkAVgprux+IIE/Kn+exDPeX6Ta5p
Zz2dhB+hF3nQqdMlE23uyfJPobwnxPE93iRDqYp5X2NTu57p2/WTga1KPfyewVDQ
mqodxhfAxjYs/PZZ2IOnGsAUb3Oo5JNotH0X+sOv2WrJUEVxn2wdpgW8BQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFATrKE//HBx5Rz6eEzWF2uSgQrOJMB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvQk9zb1RfOGNISGxIUHA0VE5ZWGE1S0JDczRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+BtMA0G
CSqGSIb3DQEBCwUAA4IBAQBZOgTHnOBjh+zEMfLNp4qj0Bbl4gSP8LsHkFvKsPCn
amvtibtclMDggxKbQ+6DaKNQx+N6Chsdwj0hDgTX1VFpbdn4AVQmME+AJ0tCq0wT
NDEKhg1d+/v/o2aPHeq9fRWlu+Nz2UUT7IUo5sy0Wj3IUVBgfWPDsEZ5FLRZjfUf
QkkUhF6zX6a2yzDRafX/hOmGxg7HPRzgMvQGK5t0vsvEVBvTqxTs6H1RtIepp3sS
AiQ1+U7oQhEhTocDpwR3nNypL0nQK4YXnCFwR5tY25GnRCNCjHx7qjOP/ly90wEa
Y7KsX06KFenf2Yutx/mwoOJeaKICkUnNRxMAHMzcygR3
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:16:48 2025 by rpki-client