Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BpsCJc8hxrWFq3n28J_TQRhdILQ.roa
File: BpsCJc8hxrWFq3n28J_TQRhdILQ.roa (raw, json)
Hash identifier: M6B2sithEVMeZdxNL584ejoDXin8MXxDsel1Ap6kTog=
Subject key identifier: 06:9B:02:25:CF:21:C6:B5:85:AB:79:F6:F0:9F:D3:41:18:5D:20:B4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019EE462040579941FCCEB8C59E3F332C46E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BpsCJc8hxrWFq3n28J_TQRhdILQ.roa
Signing time: Sat 20 Jun 2026 09:34:49 +0000
ROA not before: Sat 20 Jun 2026 09:34:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212171
IP address blocks: 5.253.57.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Jun 2026 13:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:e4:62:04:05:79:94:1f:cc:eb:8c:59:e3:f3:32:c4:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 20 09:34:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=069b0225cf21c6b585ab79f6f09fd341185d20b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:76:db:96:16:08:49:2b:06:d5:49:2a:b7:15:
2d:ac:a1:76:cb:1b:48:28:22:97:4d:5d:68:eb:66:
7f:4a:44:74:59:c9:23:63:c9:be:ef:38:be:a9:b3:
17:30:ae:c4:d3:5e:e9:dd:1b:19:b2:44:56:a2:e1:
cd:6c:4c:07:1c:ba:d5:8c:a4:e5:6a:d4:50:ac:16:
73:b2:bc:88:e9:be:17:40:c8:33:e6:ab:27:aa:0c:
56:cc:43:f0:68:e3:78:de:bf:81:d5:66:0a:83:df:
5d:0e:b3:8d:f3:df:6d:f7:8f:00:cf:4e:1d:5d:ba:
1c:91:ad:16:0c:c8:e6:0e:50:2c:7c:eb:aa:74:a7:
f0:8d:8c:f5:44:d2:40:91:d0:96:11:c0:39:7c:53:
16:5b:1e:cc:a3:1e:05:fe:78:91:aa:ba:c3:ed:dd:
05:22:b9:6e:88:35:a6:e3:12:69:f1:78:29:77:3a:
0a:a8:70:18:6e:d9:a1:5c:99:51:21:69:d4:85:25:
d5:09:7a:aa:aa:96:0d:f9:ca:98:46:c6:61:9a:78:
e6:3c:ef:75:e9:d5:da:9a:f1:52:38:74:26:6d:b9:
38:ae:31:25:2c:cf:41:45:39:25:ba:47:10:5a:bd:
e4:16:48:7f:90:da:9d:0e:70:37:e0:d9:fb:1c:6b:
1f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:9B:02:25:CF:21:C6:B5:85:AB:79:F6:F0:9F:D3:41:18:5D:20:B4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BpsCJc8hxrWFq3n28J_TQRhdILQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.57.0/24
185.207.14.0/23
Signature Algorithm: sha256WithRSAEncryption
28:dc:25:5d:a9:f5:6b:f7:5f:60:61:85:ef:34:83:11:cc:b2:
c4:82:0e:1e:21:8d:2f:ff:b8:21:e2:ee:11:ab:13:6c:7e:03:
c0:30:98:da:e0:ae:43:a3:7d:01:33:bf:6f:33:7f:a0:6f:b6:
0f:71:66:6b:e0:a5:51:e1:69:d9:a0:5b:3c:80:f4:eb:d2:09:
8c:ef:e4:3d:c9:76:4f:aa:75:ac:25:39:2f:e8:1d:f4:46:24:
25:a5:2c:53:c0:26:36:ab:4f:66:79:3c:6c:b1:28:5e:75:5a:
1b:25:f3:be:23:ff:e8:4e:96:df:0e:3d:c9:4e:29:cf:36:6d:
bf:ef:92:0a:46:54:8b:eb:4e:50:4c:5c:76:7f:4a:40:a2:89:
62:95:66:8d:f6:a7:24:28:53:c4:a8:13:2f:dd:ed:33:ed:15:
16:45:52:df:57:98:49:e8:fe:da:ae:ce:96:68:e7:68:f4:91:
64:ad:7c:66:1a:bc:9b:9d:e5:b9:7e:21:3f:bc:d8:7b:6b:55:
58:57:da:90:f1:64:56:c2:21:f1:40:f6:81:4d:ab:da:a6:d2:
b6:97:5a:0f:6b:40:fd:c9:88:d4:72:d0:6f:48:cc:35:f8:5f:
d9:af:0d:31:ca:12:92:e8:b1:4f:21:33:6f:e3:bb:d1:db:19:
4d:75:26:90
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ7kYgQFeZQfzOuMWePzMsRuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNjIwMDkzNDQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjliMDIyNWNmMjFjNmI1ODVhYjc5ZjZmMDlmZDM0MTE4NWQyMGI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5XbblhYISSsG1UkqtxUtrKF2yxtI
KCKXTV1o62Z/SkR0WckjY8m+7zi+qbMXMK7E017p3RsZskRWouHNbEwHHLrVjKTl
atRQrBZzsryI6b4XQMgz5qsnqgxWzEPwaON43r+B1WYKg99dDrON899t948Az04d
Xbocka0WDMjmDlAsfOuqdKfwjYz1RNJAkdCWEcA5fFMWWx7Mox4F/niRqrrD7d0F
IrluiDWm4xJp8XgpdzoKqHAYbtmhXJlRIWnUhSXVCXqqqpYN+cqYRsZhmnjmPO91
6dXamvFSOHQmbbk4rjElLM9BRTklukcQWr3kFkh/kNqdDnA34Nn7HGsfxQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAabAiXPIca1hat59vCf00EYXSC0MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQnBzQ0pjOGh4cldGcTNuMjhKX1RRUmhkSUxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABf05AwQB
uc8OMA0GCSqGSIb3DQEBCwUAA4IBAQAo3CVdqfVr919gYYXvNIMRzLLEgg4eIY0v
/7gh4u4RqxNsfgPAMJja4K5Do30BM79vM3+gb7YPcWZr4KVR4WnZoFs8gPTr0gmM
7+Q9yXZPqnWsJTkv6B30RiQlpSxTwCY2q09meTxssShedVobJfO+I//oTpbfDj3J
TinPNm2/75IKRlSL605QTFx2f0pAoolilWaN9qckKFPEqBMv3e0z7RUWRVLfV5hJ
6P7ars6WaOdo9JFkrXxmGrybneW5fiE/vNh7a1VYV9qQ8WRWwiHxQPaBTavaptK2
l1oPa0D9yYjUctBvSMw1+F/Zrw0xyhKS6LFPITNv47vR2xlNdSaQ
-----END CERTIFICATE-----
Generated at Sat Jun 20 20:12:55 2026 by rpki-client