Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/bjGyoAnqbJlTY8yxoW8Vw9QTKXY.roa
File: bjGyoAnqbJlTY8yxoW8Vw9QTKXY.roa (raw, json)
Hash identifier: KkR9uPlQKsAZ2pDuHous5MwgFIvneEVZmAg7v37TsdA=
Subject key identifier: 6E:31:B2:A0:09:EA:6C:99:53:63:CC:B1:A1:6F:15:C3:D4:13:29:76
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 0197BA9EDC0A4181A5AF389796F42F7D0CE0
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/bjGyoAnqbJlTY8yxoW8Vw9QTKXY.roa
Signing time: Sun 29 Jun 2025 07:37:42 +0000
ROA not before: Sun 29 Jun 2025 07:37:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42337
IP address blocks: 2.182.172.0/24 maxlen: 24
2.188.40.0/21 maxlen: 24
2.188.72.0/22 maxlen: 24
2.188.160.0/21 maxlen: 24
2.188.160.0/22 maxlen: 22
2.188.161.0/24 maxlen: 24
2.188.164.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.170.0/24 maxlen: 24
2.188.176.0/23 maxlen: 23
2.188.192.0/19 maxlen: 24
2.188.224.0/20 maxlen: 24
2.188.225.0/24 maxlen: 24
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 24
2.189.48.0/21 maxlen: 24
2.189.64.0/22 maxlen: 24
2.189.80.0/21 maxlen: 24
2.189.88.0/21 maxlen: 24
2.189.160.0/21 maxlen: 24
2.189.168.0/21 maxlen: 24
78.38.25.0/24 maxlen: 24
78.38.243.0/24 maxlen: 24
78.38.246.0/24 maxlen: 24
78.38.248.0/24 maxlen: 24
78.38.250.0/24 maxlen: 24
78.38.251.0/24 maxlen: 24
78.38.254.0/24 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.59.0/24 maxlen: 24
78.39.62.0/23 maxlen: 24
78.39.155.0/24 maxlen: 24
78.39.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ba:9e:dc:0a:41:81:a5:af:38:97:96:f4:2f:7d:0c:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: Jun 29 07:37:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e31b2a009ea6c995363ccb1a16f15c3d4132976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f9:1a:d8:7c:98:1e:c6:cf:be:0e:e1:82:32:
97:af:20:f5:46:f2:e9:8c:83:a3:74:f6:d6:b5:e2:
d7:eb:19:ed:36:e9:ff:53:e6:00:e5:f9:12:51:af:
12:29:8e:fb:cb:ce:e5:bb:70:d8:26:53:6b:10:b8:
5f:ab:c6:64:09:2c:fe:ce:18:89:ff:63:9b:14:26:
cf:3b:b3:a0:7c:e5:dc:14:0b:2e:90:81:04:19:3b:
d9:e0:62:7e:d2:08:7b:bf:71:31:2e:d3:99:a0:68:
5f:bd:d7:c5:f4:c1:28:70:76:7e:ef:f0:11:af:d4:
aa:f4:e5:5f:68:fa:20:57:46:68:21:40:58:30:3c:
ae:e2:37:6e:cd:f7:af:56:0e:0f:e9:09:37:86:7b:
e9:c0:e2:20:98:69:32:33:f1:4f:23:b4:ba:46:02:
7a:69:97:e2:e5:64:88:03:5f:f3:7b:ba:42:d1:4c:
84:0c:fc:4e:ba:ff:47:f7:8b:ab:97:e6:54:e3:e0:
54:7f:ae:8e:82:0d:87:51:ca:0d:a2:b2:1c:70:24:
06:94:5e:e3:9c:ba:61:8a:6e:22:50:cc:9e:29:05:
9f:38:17:51:4b:78:69:91:a1:7b:19:e7:80:d5:2a:
4c:ef:ba:31:ab:6d:ac:c8:6e:26:33:4e:d4:73:c2:
3f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:31:B2:A0:09:EA:6C:99:53:63:CC:B1:A1:6F:15:C3:D4:13:29:76
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/bjGyoAnqbJlTY8yxoW8Vw9QTKXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.182.172.0/24
2.188.40.0/21
2.188.72.0/22
2.188.160.0/21
2.188.170.0/24
2.188.176.0/23
2.188.192.0/18
2.189.48.0/21
2.189.64.0/22
2.189.80.0/20
2.189.160.0/20
78.38.25.0/24
78.38.243.0/24
78.38.246.0/24
78.38.248.0/24
78.38.250.0/23
78.38.254.0/24
78.39.40.0/24
78.39.43.0/24
78.39.46.0-78.39.51.255
78.39.53.0-78.39.59.255
78.39.62.0/23
78.39.155.0-78.39.156.255
Signature Algorithm: sha256WithRSAEncryption
a0:0a:73:6b:09:b4:73:70:b9:4a:e3:21:fc:fa:30:a0:28:bd:
37:ec:03:bb:48:ee:43:56:a5:25:4a:6b:32:4e:0f:fb:03:49:
c5:f9:d3:a4:df:44:5c:31:47:eb:cf:49:ef:51:5d:83:09:ed:
b8:89:5f:e0:d1:ff:ea:09:26:bb:6b:8d:23:37:ed:ee:d5:a5:
cb:94:2e:8c:32:e3:35:a1:37:ec:4f:fa:09:86:06:4f:24:7a:
5f:62:23:85:bc:08:b3:c1:b2:c7:29:0d:63:b0:29:44:15:7f:
55:4c:83:31:a6:1d:08:f0:98:cb:25:ee:6a:7f:60:72:0c:9d:
02:35:87:d3:22:e7:c0:63:5b:85:6b:bb:f0:52:30:b7:79:f7:
76:b8:1c:c6:f5:63:7b:a4:16:b1:76:ec:3b:f7:92:27:1b:1b:
20:f6:95:ce:a0:ab:ed:30:95:e7:9d:45:c8:64:48:68:bb:d5:
93:9d:9e:10:09:9f:23:47:29:28:ee:4d:87:86:d2:06:73:96:
87:2b:83:9e:5e:d1:11:af:cb:da:51:d6:03:95:7d:6c:da:21:
fa:03:f8:9a:de:91:0a:2c:b6:03:93:f4:48:9a:fe:df:26:50:
c0:a7:c0:c2:71:da:d1:3a:f8:42:b8:a0:71:18:24:3e:c9:1a:
3c:0d:76:c8
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAZe6ntwKQYGlrziXlvQvfQzgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjUwNjI5MDczNzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTMxYjJhMDA5ZWE2Yzk5NTM2M2NjYjFhMTZmMTVjM2Q0MTMyOTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/ka2HyYHsbPvg7hgjKXryD1RvLp
jIOjdPbWteLX6xntNun/U+YA5fkSUa8SKY77y87lu3DYJlNrELhfq8ZkCSz+zhiJ
/2ObFCbPO7OgfOXcFAsukIEEGTvZ4GJ+0gh7v3ExLtOZoGhfvdfF9MEocHZ+7/AR
r9Sq9OVfaPogV0ZoIUBYMDyu4jduzfevVg4P6Qk3hnvpwOIgmGkyM/FPI7S6RgJ6
aZfi5WSIA1/ze7pC0UyEDPxOuv9H94url+ZU4+BUf66Ogg2HUcoNorIccCQGlF7j
nLphim4iUMyeKQWfOBdRS3hpkaF7GeeA1SpM77oxq22syG4mM07Uc8I/xQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFG4xsqAJ6myZU2PMsaFvFcPUEyl2MB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvYmpHeW9BbnFiSmxUWTh5eG9XOFZ3OVFUS1hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDCBqQQCAAEwgaIDBAAC
tqwDBAMCvCgDBAICvEgDBAMCvKADBAACvKoDBAECvLADBAYCvMADBAMCvTADBAIC
vUADBAQCvVADBAQCvaADBABOJhkDBABOJvMDBABOJvYDBABOJvgDBAFOJvoDBABO
Jv4DBABOJygDBABOJyswDAMEAU4nLgMEAk4nMDAMAwQATic1AwQCTic4AwQBTic+
MAwDBABOJ5sDBABOJ5wwDQYJKoZIhvcNAQELBQADggEBAKAKc2sJtHNwuUrjIfz6
MKAovTfsA7tI7kNWpSVKazJOD/sDScX506TfRFwxR+vPSe9RXYMJ7biJX+DR/+oJ
JrtrjSM37e7VpcuULowy4zWhN+xP+gmGBk8kel9iI4W8CLPBsscpDWOwKUQVf1VM
gzGmHQjwmMsl7mp/YHIMnQI1h9Mi58BjW4Vru/BSMLd593a4HMb1Y3ukFrF27Dv3
kicbGyD2lc6gq+0wleedRchkSGi71ZOdnhAJnyNHKSjuTYeG0gZzlocrg55e0RGv
y9pR1gOVfWzaIfoD+JrekQostgOT9Eia/t8mUMCnwMJx2tE6+EK4oHEYJD7JGjwN
dsg=
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:55:52 2025 by rpki-client