Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/BY0ulxbKjju4vLrdhG3t1EWUsfc.roa
File: BY0ulxbKjju4vLrdhG3t1EWUsfc.roa (raw, json)
Hash identifier: K5zGur7lx+aV24qdxwKfnGw/Mm79v7yGfl4MiAhAsZQ=
Subject key identifier: 05:8D:2E:97:16:CA:8E:3B:B8:BC:BA:DD:84:6D:ED:D4:45:94:B1:F7
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 0198377005F73863EE7518626F58C3BD8B85
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/BY0ulxbKjju4vLrdhG3t1EWUsfc.roa
Signing time: Wed 23 Jul 2025 13:19:05 +0000
ROA not before: Wed 23 Jul 2025 13:19:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49037
IP address blocks: 46.226.160.0/21 maxlen: 32
80.72.16.0/21 maxlen: 32
85.198.120.0/21 maxlen: 32
89.169.52.0/22 maxlen: 32
92.118.72.0/22 maxlen: 32
92.246.132.0/22 maxlen: 32
92.246.136.0/21 maxlen: 32
93.185.144.0/20 maxlen: 32
94.141.100.0/22 maxlen: 32
95.174.96.0/19 maxlen: 32
178.212.139.0/24 maxlen: 32
185.9.184.0/22 maxlen: 32
185.136.32.0/22 maxlen: 32
185.230.240.0/22 maxlen: 32
185.230.241.0/24 maxlen: 24
185.230.242.0/24 maxlen: 24
213.108.20.0/22 maxlen: 32
217.144.176.0/20 maxlen: 32
2a00:8740::/32 maxlen: 128
2a0b:1c40::/29 maxlen: 128
2a12:3280::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:37:70:05:f7:38:63:ee:75:18:62:6f:58:c3:bd:8b:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Jul 23 13:19:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=058d2e9716ca8e3bb8bcbadd846dedd44594b1f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b8:87:45:e1:74:58:d2:c9:ac:33:af:53:29:
e2:7c:0c:e1:07:2a:03:db:ad:e1:c7:75:6e:39:e8:
c1:c0:1e:51:84:b8:b2:d9:eb:88:d7:92:94:e1:4e:
46:a3:89:e4:21:8f:a6:3d:a4:cc:54:8e:d7:63:4f:
16:ec:98:42:1d:67:8b:6c:ea:a6:86:a2:34:e9:f4:
d5:6f:8b:c4:68:cd:d6:20:6b:77:7c:5e:54:cc:fb:
93:51:fe:c8:8f:29:d6:c4:7f:79:03:ac:e5:98:b1:
d2:ee:1a:c6:f2:53:d5:c2:db:0a:db:18:7c:33:65:
80:b1:5c:dd:2a:85:60:d1:18:54:ae:07:dc:2a:8f:
11:da:1a:88:15:f1:b5:2a:64:36:f7:b3:2e:f8:eb:
e5:82:38:e7:5d:15:fd:bc:8f:1a:47:1c:b0:ec:3c:
c8:48:99:92:79:5c:e6:3a:f9:6c:ac:cb:35:60:4f:
49:bf:74:5b:3f:f3:5f:f8:fb:cd:b4:2d:ab:9a:84:
b7:0a:66:96:c2:6b:7b:ac:07:4f:4c:5c:f5:95:93:
a4:bb:c1:1a:1c:6f:a5:8f:fb:66:a7:54:7d:db:89:
b3:e8:96:c2:f0:9f:db:d9:f2:49:ef:a6:71:3a:a3:
94:83:99:03:c9:e9:a6:b7:07:d1:5b:41:3b:b3:0b:
f6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:8D:2E:97:16:CA:8E:3B:B8:BC:BA:DD:84:6D:ED:D4:45:94:B1:F7
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/BY0ulxbKjju4vLrdhG3t1EWUsfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.160.0/21
80.72.16.0/21
85.198.120.0/21
89.169.52.0/22
92.118.72.0/22
92.246.132.0-92.246.143.255
93.185.144.0/20
94.141.100.0/22
95.174.96.0/19
178.212.139.0/24
185.9.184.0/22
185.136.32.0/22
185.230.240.0/22
213.108.20.0/22
217.144.176.0/20
IPv6:
2a00:8740::/32
2a0b:1c40::/29
2a12:3280::/32
Signature Algorithm: sha256WithRSAEncryption
32:64:3a:9d:4d:16:78:e2:79:87:60:ab:7b:83:2a:7c:a2:fa:
5c:89:47:a3:2c:69:a0:ee:14:45:49:fb:06:56:04:8e:c7:5e:
97:68:5b:f6:e5:c4:bc:03:79:fb:50:2a:37:e2:61:1a:68:a2:
9c:8c:af:a4:9a:b8:30:b4:48:78:08:ec:ea:3b:c9:3f:cf:91:
02:9f:da:db:8d:93:cb:8c:00:12:8b:32:b2:a2:5d:a4:c6:65:
77:74:63:fa:d3:48:89:71:eb:32:46:90:87:b5:f2:40:3d:f6:
bf:01:a1:5f:22:07:0d:78:7e:2a:fd:36:9c:cd:ae:80:c4:0f:
2b:40:58:ae:1d:d9:f3:28:91:d6:2c:21:66:ed:46:77:4c:aa:
6f:11:1c:db:4f:da:7d:80:ab:f5:12:46:c0:f1:ca:9e:73:d4:
9e:3f:bd:ba:91:68:29:63:42:ea:36:62:70:4f:e9:2a:f7:22:
92:96:f3:62:32:94:4d:18:30:ec:16:e9:e8:3c:e3:fe:f4:0e:
82:4a:13:aa:b9:e8:ff:ae:22:d8:0c:2a:07:f5:bb:dd:08:c4:
42:28:87:7c:bb:ef:da:18:3d:14:90:1d:e9:d0:fd:ab:6a:7a:
44:1d:57:01:86:e5:60:ef:8f:00:92:6e:62:6b:8d:fd:a3:c4:
d3:65:5e:b7
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZg3cAX3OGPudRhib1jDvYuFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjUwNzIzMTMxOTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNThkMmU5NzE2Y2E4ZTNiYjhiY2JhZGQ4NDZkZWRkNDQ1OTRiMWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7iHReF0WNLJrDOvUynifAzhByoD
263hx3VuOejBwB5RhLiy2euI15KU4U5Go4nkIY+mPaTMVI7XY08W7JhCHWeLbOqm
hqI06fTVb4vEaM3WIGt3fF5UzPuTUf7IjynWxH95A6zlmLHS7hrG8lPVwtsK2xh8
M2WAsVzdKoVg0RhUrgfcKo8R2hqIFfG1KmQ297Mu+OvlgjjnXRX9vI8aRxyw7DzI
SJmSeVzmOvlsrMs1YE9Jv3RbP/Nf+PvNtC2rmoS3CmaWwmt7rAdPTFz1lZOku8Ea
HG+lj/tmp1R924mz6JbC8J/b2fJJ76ZxOqOUg5kDyemmtwfRW0E7swv2RwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFAWNLpcWyo47uLy63YRt7dRFlLH3MB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvQlkwdWx4YktqanU0dkxyZGhHM3QxRVdVc2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzBoBAIAATBiAwQDLuKg
AwQDUEgQAwQDVcZ4AwQCWak0AwQCXHZIMAwDBAJc9oQDBARc9oADBARduZADBAJe
jWQDBAVfrmADBACy1IsDBAK5CbgDBAK5iCADBAK55vADBALVbBQDBATZkLAwGwQC
AAIwFQMFACoAh0ADBQMqCxxAAwUAKhIygDANBgkqhkiG9w0BAQsFAAOCAQEAMmQ6
nU0WeOJ5h2Cre4MqfKL6XIlHoyxpoO4URUn7BlYEjsdel2hb9uXEvAN5+1AqN+Jh
GmiinIyvpJq4MLRIeAjs6jvJP8+RAp/a242Ty4wAEosysqJdpMZld3Rj+tNIiXHr
MkaQh7XyQD32vwGhXyIHDXh+Kv02nM2ugMQPK0BYrh3Z8yiR1iwhZu1Gd0yqbxEc
20/afYCr9RJGwPHKnnPUnj+9upFoKWNC6jZicE/pKvcikpbzYjKUTRgw7Bbp6Dzj
/vQOgkoTqrno/64i2AwqB/W73QjEQiiHfLvv2hg9FJAd6dD9q2p6RB1XAYblYO+P
AJJuYmuN/aPE02Vetw==
-----END CERTIFICATE-----
Generated at Fri Jul 25 13:00:34 2025 by rpki-client