Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Bdw9YVkBUb2q_jb3LI4QtLpdqfs.roa
File: Bdw9YVkBUb2q_jb3LI4QtLpdqfs.roa (raw, json)
Hash identifier: WEJrUwozeaiD5ylNzDdT8mZsoRkXyDc/DQHcBXA9OkQ=
Subject key identifier: 05:DC:3D:61:59:01:51:BD:AA:FE:36:F7:2C:8E:10:B4:BA:5D:A9:FB
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019EAE35F4A74B177ECED08D9B5875077BEF
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Bdw9YVkBUb2q_jb3LI4QtLpdqfs.roa
Signing time: Tue 09 Jun 2026 21:07:11 +0000
ROA not before: Tue 09 Jun 2026 21:07:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199412
IP address blocks: 62.76.231.0/24 maxlen: 24
62.76.235.0/24 maxlen: 24
192.124.178.0/24 maxlen: 24
194.58.223.0/24 maxlen: 24
194.87.16.0/24 maxlen: 24
194.87.228.0/24 maxlen: 24
195.58.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ae:35:f4:a7:4b:17:7e:ce:d0:8d:9b:58:75:07:7b:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 9 21:07:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=05dc3d61590151bdaafe36f72c8e10b4ba5da9fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:45:9c:e5:c9:84:cf:11:61:50:f9:80:5a:0c:
b7:1c:f5:27:50:80:ec:04:c1:6b:ce:42:f4:93:70:
0b:c9:4c:ff:b8:af:b5:de:d4:2b:25:a9:a8:4b:c5:
1c:20:87:58:38:a8:c8:a2:6f:aa:83:0e:2a:68:97:
07:51:7b:41:6a:ef:a0:04:97:ef:31:d4:9a:20:69:
2e:7d:89:f3:a3:1a:3d:b4:e4:40:73:e8:58:6f:d7:
c4:d2:1c:7f:b4:a7:2c:d0:50:88:74:58:2e:e8:76:
a1:0d:15:8d:ad:96:ff:41:74:58:b6:0e:6d:ef:f6:
77:ee:36:fa:4d:8b:b5:d2:4b:71:d4:34:06:d6:04:
8d:c3:2f:19:dd:ab:ae:7d:b8:8e:da:31:c1:d8:58:
dc:d8:9c:4b:88:a1:58:6a:0f:d3:74:ca:36:b4:c6:
5f:7f:29:52:31:35:65:c7:ef:c1:1a:2d:a4:6c:16:
7b:16:3f:62:8f:cb:af:16:3d:da:23:1b:57:23:91:
32:54:80:21:04:18:ed:5d:e4:d7:b2:2d:37:f0:81:
3d:32:2e:4f:75:1a:d9:ed:38:3d:e5:65:54:83:72:
cc:d5:20:f1:ec:17:92:6c:b1:33:52:4f:f6:32:e0:
1b:a6:d9:7f:ec:1a:a0:fa:09:8e:61:fa:2d:fe:16:
db:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:DC:3D:61:59:01:51:BD:AA:FE:36:F7:2C:8E:10:B4:BA:5D:A9:FB
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Bdw9YVkBUb2q_jb3LI4QtLpdqfs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.231.0/24
62.76.235.0/24
192.124.178.0/24
194.58.223.0/24
194.87.16.0/24
194.87.228.0/24
195.58.45.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:cb:69:be:ae:bb:9a:60:e3:ac:94:04:e9:00:ec:52:c7:cf:
c2:da:79:86:59:4a:d4:86:ef:a6:9c:55:b6:6c:60:9c:7a:b8:
69:30:92:b2:ba:e9:7e:ff:ef:0e:67:32:3d:5c:9e:99:f0:bd:
cb:af:e1:c5:65:52:b1:8a:b2:3a:47:8b:34:6f:6f:0b:8a:3e:
ae:52:65:10:2a:16:64:72:91:80:d0:7a:73:fe:18:26:02:9b:
c5:42:27:8b:88:69:97:fa:0a:b5:9c:8a:3e:8a:50:42:d6:e0:
e9:31:3c:c4:5f:78:50:eb:84:e3:83:6c:00:99:96:78:ba:a0:
50:2c:e1:43:d9:5b:d8:dd:e6:51:1e:87:8c:98:37:25:5f:d4:
01:b8:6c:14:55:a2:49:62:e9:db:4a:a0:2b:f2:de:24:38:82:
99:88:fc:cf:72:70:88:cf:53:8b:6b:36:83:f8:c3:9e:b1:bc:
db:c2:15:17:71:e0:9e:90:31:17:e1:f1:3c:d8:51:ca:f4:b9:
4f:ae:00:0d:d7:66:3d:b4:0d:6d:51:2f:2e:e1:ae:d4:eb:48:
b5:cb:4b:ae:dd:8b:78:06:bb:6d:7d:e6:62:ac:4f:31:22:d9:
cc:49:f0:18:70:d2:41:35:4b:91:96:1f:4d:90:22:78:e3:a9:
66:11:1c:33
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ6uNfSnSxd+ztCNm1h1B3vvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjYwNjA5MjEwNzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWRjM2Q2MTU5MDE1MWJkYWFmZTM2ZjcyYzhlMTBiNGJhNWRhOWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0Wc5cmEzxFhUPmAWgy3HPUnUIDs
BMFrzkL0k3ALyUz/uK+13tQrJamoS8UcIIdYOKjIom+qgw4qaJcHUXtBau+gBJfv
MdSaIGkufYnzoxo9tORAc+hYb9fE0hx/tKcs0FCIdFgu6HahDRWNrZb/QXRYtg5t
7/Z37jb6TYu10ktx1DQG1gSNwy8Z3auufbiO2jHB2Fjc2JxLiKFYag/TdMo2tMZf
fylSMTVlx+/BGi2kbBZ7Fj9ij8uvFj3aIxtXI5EyVIAhBBjtXeTXsi038IE9Mi5P
dRrZ7Tg95WVUg3LM1SDx7BeSbLEzUk/2MuAbptl/7Bqg+gmOYfot/hbbUwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAXcPWFZAVG9qv429yyOELS6Xan7MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQmR3OVlWa0JVYjJxX2piM0xJNFF0THBkcWZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAPkznAwQA
PkzrAwQAwHyyAwQAwjrfAwQAwlcQAwQAwlfkAwQAwzotMA0GCSqGSIb3DQEBCwUA
A4IBAQAuy2m+rruaYOOslATpAOxSx8/C2nmGWUrUhu+mnFW2bGCcerhpMJKyuul+
/+8OZzI9XJ6Z8L3Lr+HFZVKxirI6R4s0b28Lij6uUmUQKhZkcpGA0Hpz/hgmApvF
QieLiGmX+gq1nIo+ilBC1uDpMTzEX3hQ64Tjg2wAmZZ4uqBQLOFD2VvY3eZRHoeM
mDclX9QBuGwUVaJJYunbSqAr8t4kOIKZiPzPcnCIz1OLazaD+MOesbzbwhUXceCe
kDEX4fE82FHK9LlPrgAN12Y9tA1tUS8u4a7U60i1y0uu3Yt4BrttfeZirE8xItnM
SfAYcNJBNUuRlh9NkCJ446lmERwz
-----END CERTIFICATE-----
Generated at Fri Jun 12 05:31:03 2026 by rpki-client