Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/bpDGnjDq6WTARX2Q6bwLdJiU6EY.roa
File: bpDGnjDq6WTARX2Q6bwLdJiU6EY.roa (raw, json)
Hash identifier: 0jYeuypPQJIalP9SGwmuvhVcgHmOStRgjd3ZhZ8vf6I=
Subject key identifier: 6E:90:C6:9E:30:EA:E9:64:C0:45:7D:90:E9:BC:0B:74:98:94:E8:46
Certificate issuer: /CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Certificate serial: 019743E4CDE7752B05DFBB69020B434EC53B
Authority key identifier: 4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/bpDGnjDq6WTARX2Q6bwLdJiU6EY.roa
Signing time: Fri 06 Jun 2025 06:19:17 +0000
ROA not before: Fri 06 Jun 2025 06:19:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12338
IP address blocks: 77.26.0.0/18 maxlen: 18
77.26.64.0/18 maxlen: 18
77.26.128.0/18 maxlen: 18
77.26.192.0/18 maxlen: 18
77.27.0.0/18 maxlen: 18
77.27.64.0/18 maxlen: 18
77.27.128.0/18 maxlen: 18
77.27.192.0/18 maxlen: 18
83.165.0.0/18 maxlen: 18
83.165.64.0/18 maxlen: 18
83.165.128.0/18 maxlen: 18
83.165.192.0/18 maxlen: 18
85.152.104.0/22 maxlen: 22
85.152.124.0/22 maxlen: 22
91.116.64.0/18 maxlen: 18
91.116.128.0/18 maxlen: 18
91.116.192.0/18 maxlen: 18
91.117.0.0/18 maxlen: 18
91.117.64.0/18 maxlen: 18
91.117.128.0/18 maxlen: 18
91.117.192.0/18 maxlen: 18
92.53.192.0/19 maxlen: 19
178.60.0.0/18 maxlen: 18
178.60.128.0/18 maxlen: 18
178.60.192.0/18 maxlen: 18
178.60.197.0/24 maxlen: 24
188.171.234.0/24 maxlen: 24
188.171.240.0/21 maxlen: 21
188.171.248.0/21 maxlen: 21
212.51.32.0/19 maxlen: 19
213.60.0.0/18 maxlen: 18
213.60.64.0/18 maxlen: 18
213.60.128.0/18 maxlen: 18
213.60.192.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.mft
rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 20:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:43:e4:cd:e7:75:2b:05:df:bb:69:02:0b:43:4e:c5:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ea65c7edba469d099d76aacd7dc263f4dfec5eb
Validity
Not Before: Jun 6 06:19:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e90c69e30eae964c0457d90e9bc0b749894e846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5c:86:1c:5b:f4:dd:8b:2d:46:75:ec:f8:ed:
8b:80:ef:a4:ee:a6:20:04:9f:b9:1d:89:a2:89:68:
a8:79:93:d8:93:63:d5:4b:4c:6f:0b:5a:9a:f0:a1:
b9:56:2e:63:ce:6d:2b:0d:8b:99:1d:8e:74:fe:d5:
e6:1d:9b:74:e4:e7:2a:42:f4:39:1a:3e:31:13:2d:
6a:a2:61:e9:4b:ea:5e:ad:a5:fb:75:18:f5:43:da:
b9:9f:19:cf:18:35:43:b2:4d:3c:5e:01:39:11:73:
66:73:c5:ac:73:1f:2a:27:fc:bc:7f:e0:39:f0:86:
f1:05:8a:07:1d:91:a5:2d:97:99:30:0d:99:1a:2f:
a8:a6:b5:c4:b9:cb:94:65:5b:6e:b0:71:02:d7:1f:
3c:17:fd:57:b3:76:ab:5a:4b:a0:95:bd:b2:5f:51:
35:df:b9:4a:9d:94:35:fb:46:4a:2b:27:7d:a2:05:
9c:58:86:25:22:ed:04:3c:ee:cd:66:d7:ea:50:dc:
22:28:c7:18:94:30:23:22:74:da:0f:c1:65:2f:b4:
6c:85:17:fb:66:bb:90:b5:db:f0:b7:0f:bf:58:ab:
42:e6:03:e0:b8:cf:7a:71:9f:d3:b3:1a:15:02:c4:
64:03:50:8d:5b:62:7f:d0:d9:85:b2:52:aa:7f:b0:
d4:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:90:C6:9E:30:EA:E9:64:C0:45:7D:90:E9:BC:0B:74:98:94:E8:46
X509v3 Authority Key Identifier:
keyid:4E:A6:5C:7E:DB:A4:69:D0:99:D7:6A:AC:D7:DC:26:3F:4D:FE:C5:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TqZcftukadCZ12qs19wmP03-xes.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/bpDGnjDq6WTARX2Q6bwLdJiU6EY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/07f270-c6cc-49cd-ae46-5100a26d274b/1/TqZcftukadCZ12qs19wmP03-xes.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.26.0.0/15
83.165.0.0/16
85.152.104.0/22
85.152.124.0/22
91.116.64.0-91.117.255.255
92.53.192.0/19
178.60.0.0/18
178.60.128.0/17
188.171.234.0/24
188.171.240.0/20
212.51.32.0/19
213.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b2:13:eb:7f:4b:95:89:a3:60:4b:da:00:86:a7:6d:59:ba:d5:
96:75:64:c6:c5:cd:70:95:e0:d6:c8:f4:30:3e:d2:fb:b0:ec:
97:31:03:fd:92:79:56:fe:a3:c4:0a:e4:9a:5f:1c:ce:9b:8e:
82:95:38:65:23:10:21:d2:90:4a:f6:c8:7a:e0:63:a3:18:99:
00:8d:5c:28:97:3c:1d:ba:51:34:14:7b:57:d6:6d:58:3b:48:
06:ae:c1:65:f0:98:6c:9c:89:a3:d4:6d:dc:e0:3b:d2:6d:6c:
0d:17:98:90:db:cd:5f:31:ec:d9:26:59:45:6f:ff:5a:e3:e6:
24:5d:2c:c0:e3:cd:5f:76:bb:8d:de:cb:72:1c:6a:20:26:1e:
03:c8:d1:0f:68:be:7e:46:eb:ce:71:9a:d1:7a:6e:dd:da:fc:
07:c3:3b:d5:80:0c:41:44:80:6a:b9:88:b2:1e:56:bc:a9:87:
be:59:dc:c2:23:fe:c1:ae:16:aa:9b:78:25:d8:cd:90:c2:5a:
09:ed:2d:97:2d:37:53:e7:18:3e:11:08:86:8e:22:b5:8e:88:
e4:07:cf:a3:90:77:37:99:7f:f5:4d:12:ec:42:f8:20:aa:80:
70:6b:8f:87:6e:66:75:0a:28:ed:cb:59:b6:f2:8f:88:2f:ab:
12:52:95:15
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZdD5M3ndSsF37tpAgtDTsU7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlYTY1YzdlZGJhNDY5ZDA5OWQ3NmFhY2Q3ZGMyNjNmNGRm
ZWM1ZWIwHhcNMjUwNjA2MDYxOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTkwYzY5ZTMwZWFlOTY0YzA0NTdkOTBlOWJjMGI3NDk4OTRlODQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1yGHFv03YstRnXs+O2LgO+k7qYg
BJ+5HYmiiWioeZPYk2PVS0xvC1qa8KG5Vi5jzm0rDYuZHY50/tXmHZt05OcqQvQ5
Gj4xEy1qomHpS+peraX7dRj1Q9q5nxnPGDVDsk08XgE5EXNmc8Wscx8qJ/y8f+A5
8IbxBYoHHZGlLZeZMA2ZGi+oprXEucuUZVtusHEC1x88F/1Xs3arWkuglb2yX1E1
37lKnZQ1+0ZKKyd9ogWcWIYlIu0EPO7NZtfqUNwiKMcYlDAjInTaD8FlL7RshRf7
ZruQtdvwtw+/WKtC5gPguM96cZ/TsxoVAsRkA1CNW2J/0NmFslKqf7DU6QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFG6Qxp4w6ulkwEV9kOm8C3SYlOhGMB8GA1UdIwQY
MBaAFE6mXH7bpGnQmddqrNfcJj9N/sXrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYt
NTEwMGEyNmQyNzRiLzEvYnBER25qRHE2V1RBUlgyUTZid0xkSmlVNkVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8wN2YyNzAtYzZjYy00OWNkLWFlNDYtNTEwMGEyNmQyNzRi
LzEvVHFaY2Z0dWthZENaMTJxczE5d21QMDMteGVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwMBTRoDAwBT
pQMEAlWYaAMEAlWYfDALAwQGW3RAAwMBW3QDBAVcNcADBAayPAADBAeyPIADBAC8
q+oDBAS8q/ADBAXUMyADAwDVPDANBgkqhkiG9w0BAQsFAAOCAQEAshPrf0uViaNg
S9oAhqdtWbrVlnVkxsXNcJXg1sj0MD7S+7DslzED/ZJ5Vv6jxArkml8czpuOgpU4
ZSMQIdKQSvbIeuBjoxiZAI1cKJc8HbpRNBR7V9ZtWDtIBq7BZfCYbJyJo9Rt3OA7
0m1sDReYkNvNXzHs2SZZRW//WuPmJF0swOPNX3a7jd7LchxqICYeA8jRD2i+fkbr
znGa0Xpu3dr8B8M71YAMQUSAarmIsh5WvKmHvlncwiP+wa4Wqpt4JdjNkMJaCe0t
ly03U+cYPhEIho4itY6I5AfPo5B3N5l/9U0S7EL4IKqAcGuPh25mdQoo7ctZtvKP
iC+rElKVFQ==
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:42:30 2025 by rpki-client