Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/BFpvKhELM78QLCFM7cjT2Dri-Ks.roa
File: BFpvKhELM78QLCFM7cjT2Dri-Ks.roa (raw, json)
Hash identifier: c09KIIz60Nm+dgzrURYFnp6FyV+tcK5Ue3poQFctk+0=
Subject key identifier: 04:5A:6F:2A:11:0B:33:BF:10:2C:21:4C:ED:C8:D3:D8:3A:E2:F8:AB
Certificate issuer: /CN=66e92c341e769443fde1d27566044b4b65159060
Certificate serial: 019840EDD558E3AE1A55F3F17FABA53ED85C
Authority key identifier: 66:E9:2C:34:1E:76:94:43:FD:E1:D2:75:66:04:4B:4B:65:15:90:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZuksNB52lEP94dJ1ZgRLS2UVkGA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/BFpvKhELM78QLCFM7cjT2Dri-Ks.roa
Signing time: Fri 25 Jul 2025 09:33:05 +0000
ROA not before: Fri 25 Jul 2025 09:33:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205072
IP address blocks: 45.137.36.0/22 maxlen: 22
45.147.88.0/22 maxlen: 22
45.155.20.0/22 maxlen: 22
45.155.21.0/24 maxlen: 24
87.239.16.0/21 maxlen: 24
109.109.128.0/20 maxlen: 24
146.19.83.0/24 maxlen: 24
185.149.108.0/22 maxlen: 24
193.22.80.0/24 maxlen: 24
194.26.214.0/24 maxlen: 24
195.5.168.0/24 maxlen: 24
195.5.170.0/24 maxlen: 24
195.5.176.0/24 maxlen: 24
217.8.119.0/24 maxlen: 24
2a0d:da00::/29 maxlen: 29
2a0d:da00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/ZuksNB52lEP94dJ1ZgRLS2UVkGA.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/ZuksNB52lEP94dJ1ZgRLS2UVkGA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZuksNB52lEP94dJ1ZgRLS2UVkGA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:40:ed:d5:58:e3:ae:1a:55:f3:f1:7f:ab:a5:3e:d8:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66e92c341e769443fde1d27566044b4b65159060
Validity
Not Before: Jul 25 09:33:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=045a6f2a110b33bf102c214cedc8d3d83ae2f8ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4b:ed:b2:2f:6d:dd:0a:d1:11:cf:84:a7:dc:
b0:60:e7:57:b0:d0:eb:25:1e:e4:1e:af:c5:25:21:
c9:39:8e:f9:5e:25:d4:1b:a2:c4:75:ae:8c:33:9e:
6b:91:fc:df:ce:70:b8:3d:5b:f5:07:42:91:b0:20:
64:94:91:85:5c:c7:f4:00:e1:10:6a:b4:75:54:8e:
6a:b7:22:86:c3:ad:60:42:8d:f4:00:a2:4d:77:6f:
9e:fb:41:f0:85:90:5d:2b:dc:51:f8:53:d8:e8:5a:
a2:5b:d9:ee:40:61:94:93:9b:95:ee:fa:9c:e8:78:
e3:cd:d8:97:3d:c2:30:bd:91:b8:6d:d8:ee:19:9c:
13:93:b5:19:a6:d4:3e:b0:f3:74:e4:18:ce:af:84:
a0:25:7e:62:ce:00:06:23:7c:90:9a:f3:b8:d7:46:
b5:8a:11:2b:51:75:d4:86:70:1b:fd:b9:e0:c0:a6:
a7:27:5e:95:89:76:44:98:e6:67:fa:54:d0:ab:ea:
f1:13:3c:4d:09:62:f5:1b:be:00:c6:2b:fc:97:66:
13:94:35:df:48:94:9e:8f:c3:65:eb:a7:30:58:3c:
ff:11:44:f6:b5:01:cf:17:dc:69:ee:41:9a:55:10:
cb:72:c4:bc:9c:e9:db:d0:59:e4:c3:5e:b4:4a:85:
86:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:5A:6F:2A:11:0B:33:BF:10:2C:21:4C:ED:C8:D3:D8:3A:E2:F8:AB
X509v3 Authority Key Identifier:
keyid:66:E9:2C:34:1E:76:94:43:FD:E1:D2:75:66:04:4B:4B:65:15:90:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZuksNB52lEP94dJ1ZgRLS2UVkGA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/BFpvKhELM78QLCFM7cjT2Dri-Ks.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/8f1968-a79a-4a07-ace6-c1d296f8fd07/1/ZuksNB52lEP94dJ1ZgRLS2UVkGA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.36.0/22
45.147.88.0/22
45.155.20.0/22
87.239.16.0/21
109.109.128.0/20
146.19.83.0/24
185.149.108.0/22
193.22.80.0/24
194.26.214.0/24
195.5.168.0/24
195.5.170.0/24
195.5.176.0/24
217.8.119.0/24
IPv6:
2a0d:da00::/29
Signature Algorithm: sha256WithRSAEncryption
96:86:eb:d4:27:96:b0:35:e3:b9:44:f9:4d:d4:a0:9e:69:53:
59:31:1f:59:33:a7:96:0d:30:a4:39:3e:44:b2:76:ed:65:d9:
4f:4a:33:80:d2:64:cd:c6:6d:f6:d6:12:eb:1a:e7:65:ed:25:
56:19:50:e0:4c:cb:15:c0:59:ce:7b:a5:7a:a3:cd:2a:aa:d9:
65:71:8c:4e:22:28:96:30:90:49:99:6c:91:8f:e7:17:e4:1c:
e2:14:12:d5:54:78:40:84:c1:dc:dd:59:f4:49:64:0e:2e:05:
66:b3:eb:65:81:44:fb:89:57:d8:1e:14:94:f6:c2:12:94:bb:
54:7f:26:44:90:6d:76:c0:de:70:e1:7d:1a:60:4e:57:60:a8:
dd:f6:fe:52:27:5e:a5:9c:a0:e2:35:4d:ba:c9:2c:93:ad:b4:
56:59:5a:57:fb:54:76:0d:e1:e1:19:ec:a2:8e:39:20:4d:f6:
1f:bf:8a:ff:70:84:19:5e:bd:cd:dc:60:a0:1c:40:c1:0f:c9:
db:c5:42:97:28:21:c6:7d:05:44:a0:3d:67:93:08:fe:fb:3f:
07:10:82:0a:89:77:2f:13:38:18:97:3c:5f:90:c3:b8:eb:fd:
24:6f:37:6f:e0:91:2f:1b:1d:84:30:68:28:29:a5:22:a2:25:
da:d4:0a:fc
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZhA7dVY464aVfPxf6ulPthcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZTkyYzM0MWU3Njk0NDNmZGUxZDI3NTY2MDQ0YjRiNjUx
NTkwNjAwHhcNMjUwNzI1MDkzMzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDVhNmYyYTExMGIzM2JmMTAyYzIxNGNlZGM4ZDNkODNhZTJmOGFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkvtsi9t3QrREc+Ep9ywYOdXsNDr
JR7kHq/FJSHJOY75XiXUG6LEda6MM55rkfzfznC4PVv1B0KRsCBklJGFXMf0AOEQ
arR1VI5qtyKGw61gQo30AKJNd2+e+0HwhZBdK9xR+FPY6FqiW9nuQGGUk5uV7vqc
6HjjzdiXPcIwvZG4bdjuGZwTk7UZptQ+sPN05BjOr4SgJX5izgAGI3yQmvO410a1
ihErUXXUhnAb/bngwKanJ16ViXZEmOZn+lTQq+rxEzxNCWL1G74Axiv8l2YTlDXf
SJSej8Nl66cwWDz/EUT2tQHPF9xp7kGaVRDLcsS8nOnb0Fnkw160SoWG7QIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFARabyoRCzO/ECwhTO3I09g64virMB8GA1UdIwQY
MBaAFGbpLDQedpRD/eHSdWYES0tlFZBgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnVrc05CNTJsRVA5NGRKMVpnUkxTMlVWa0dBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS84ZjE5NjgtYTc5YS00YTA3LWFjZTYt
YzFkMjk2ZjhmZDA3LzEvQkZwdktoRUxNNzhRTENGTTdjalQyRHJpLUtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS84ZjE5NjgtYTc5YS00YTA3LWFjZTYtYzFkMjk2ZjhmZDA3
LzEvWnVrc05CNTJsRVA5NGRKMVpnUkxTMlVWa0dBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQCLYkkAwQC
LZNYAwQCLZsUAwQDV+8QAwQEbW2AAwQAkhNTAwQCuZVsAwQAwRZQAwQAwhrWAwQA
wwWoAwQAwwWqAwQAwwWwAwQA2Qh3MA0EAgACMAcDBQMqDdoAMA0GCSqGSIb3DQEB
CwUAA4IBAQCWhuvUJ5awNeO5RPlN1KCeaVNZMR9ZM6eWDTCkOT5EsnbtZdlPSjOA
0mTNxm321hLrGudl7SVWGVDgTMsVwFnOe6V6o80qqtllcYxOIiiWMJBJmWyRj+cX
5BziFBLVVHhAhMHc3Vn0SWQOLgVms+tlgUT7iVfYHhSU9sISlLtUfyZEkG12wN5w
4X0aYE5XYKjd9v5SJ16lnKDiNU26ySyTrbRWWVpX+1R2DeHhGeyijjkgTfYfv4r/
cIQZXr3N3GCgHEDBD8nbxUKXKCHGfQVEoD1nkwj++z8HEIIKiXcvEzgYlzxfkMO4
6/0kbzdv4JEvGx2EMGgoKaUioiXa1Ar8
-----END CERTIFICATE-----
Generated at Sun Jul 27 01:59:05 2025 by rpki-client