Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/BhaT-M-zQEVQbEPTvK_whwRLo3g.roa
File: BhaT-M-zQEVQbEPTvK_whwRLo3g.roa (raw, json)
Hash identifier: yoydrscKhHCdRvyWQAObyBBT0xMyfOzTOU389MtWZv4=
Subject key identifier: 06:16:93:F8:CF:B3:40:45:50:6C:43:D3:BC:AF:F0:87:04:4B:A3:78
Certificate issuer: /CN=4da4d6199aec828f6989e2e84cec17765bac5cd5
Certificate serial: 019711C381F693A058E64898E97ABF3139F3
Authority key identifier: 4D:A4:D6:19:9A:EC:82:8F:69:89:E2:E8:4C:EC:17:76:5B:AC:5C:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TaTWGZrsgo9pieLoTOwXdlusXNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/BhaT-M-zQEVQbEPTvK_whwRLo3g.roa
Signing time: Tue 27 May 2025 12:41:54 +0000
ROA not before: Tue 27 May 2025 12:41:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20776
IP address blocks: 80.243.240.0/20 maxlen: 20
80.243.240.0/21 maxlen: 21
80.243.248.0/21 maxlen: 21
82.197.96.0/19 maxlen: 23
82.197.112.0/20 maxlen: 20
82.197.126.0/24 maxlen: 24
89.16.0.0/19 maxlen: 19
89.16.0.0/20 maxlen: 20
89.16.0.0/21 maxlen: 21
89.16.8.0/21 maxlen: 21
89.16.16.0/20 maxlen: 20
89.16.16.0/21 maxlen: 21
89.16.24.0/21 maxlen: 21
92.49.64.0/19 maxlen: 19
92.49.64.0/20 maxlen: 20
92.49.64.0/21 maxlen: 21
92.49.72.0/21 maxlen: 21
92.49.80.0/20 maxlen: 20
92.49.96.0/19 maxlen: 21
92.49.96.0/20 maxlen: 21
92.49.96.0/21 maxlen: 21
92.49.104.0/24 maxlen: 24
92.49.105.0/24 maxlen: 24
92.49.106.0/24 maxlen: 24
92.49.107.0/24 maxlen: 24
92.49.108.0/22 maxlen: 22
92.49.112.0/20 maxlen: 20
92.49.112.0/21 maxlen: 21
92.49.120.0/21 maxlen: 21
92.49.125.0/24 maxlen: 24
93.176.0.0/19 maxlen: 19
93.176.0.0/20 maxlen: 20
93.176.16.0/20 maxlen: 20
93.176.32.0/20 maxlen: 20
93.176.48.0/20 maxlen: 20
109.62.0.0/17 maxlen: 24
109.62.0.0/19 maxlen: 19
109.62.0.0/21 maxlen: 21
109.62.4.0/22 maxlen: 22
109.62.8.0/24 maxlen: 24
109.62.9.0/24 maxlen: 24
109.62.10.0/23 maxlen: 23
109.62.12.0/23 maxlen: 23
109.62.14.0/24 maxlen: 24
109.62.15.0/24 maxlen: 24
109.62.16.0/21 maxlen: 21
109.62.24.0/23 maxlen: 23
109.62.26.0/24 maxlen: 24
109.62.27.0/24 maxlen: 24
109.62.28.0/22 maxlen: 22
109.62.56.0/21 maxlen: 21
109.62.56.0/22 maxlen: 22
109.62.60.0/22 maxlen: 22
109.62.64.0/24 maxlen: 24
109.62.66.0/24 maxlen: 24
109.62.67.0/24 maxlen: 24
109.62.68.0/22 maxlen: 23
109.62.68.0/23 maxlen: 23
109.62.70.0/23 maxlen: 23
109.62.72.0/21 maxlen: 21
109.62.72.0/22 maxlen: 22
109.62.76.0/22 maxlen: 22
109.62.80.0/20 maxlen: 20
109.62.80.0/21 maxlen: 21
109.62.88.0/21 maxlen: 21
109.62.96.0/20 maxlen: 20
185.13.218.0/23 maxlen: 23
188.115.64.0/18 maxlen: 18
188.115.64.0/19 maxlen: 19
188.115.64.0/20 maxlen: 20
188.115.80.0/20 maxlen: 20
188.115.96.0/19 maxlen: 19
188.115.96.0/21 maxlen: 21
188.115.104.0/21 maxlen: 21
188.115.112.0/20 maxlen: 20
188.115.112.0/22 maxlen: 22
188.115.116.0/22 maxlen: 22
188.115.120.0/21 maxlen: 21
217.175.160.0/19 maxlen: 24
217.175.168.0/21 maxlen: 21
217.175.168.0/24 maxlen: 24
217.175.169.0/24 maxlen: 24
217.175.170.0/24 maxlen: 24
217.175.171.0/24 maxlen: 24
217.175.172.0/24 maxlen: 24
217.175.174.0/23 maxlen: 23
217.175.176.0/21 maxlen: 21
217.175.176.0/22 maxlen: 22
217.175.180.0/22 maxlen: 22
217.175.184.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/TaTWGZrsgo9pieLoTOwXdlusXNU.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/TaTWGZrsgo9pieLoTOwXdlusXNU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TaTWGZrsgo9pieLoTOwXdlusXNU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 18:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:11:c3:81:f6:93:a0:58:e6:48:98:e9:7a:bf:31:39:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da4d6199aec828f6989e2e84cec17765bac5cd5
Validity
Not Before: May 27 12:41:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=061693f8cfb34045506c43d3bcaff087044ba378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:40:5f:99:5f:ae:e9:e1:ce:9c:8c:30:3f:55:
6f:72:7b:a2:09:b2:86:71:ba:c2:f9:d1:2c:38:dd:
bd:36:af:ac:e8:d1:df:e2:87:f5:80:60:17:1f:e0:
28:b5:d7:cc:c6:ec:5a:e9:59:25:71:9c:eb:05:65:
2e:6b:62:95:1e:a2:ed:e8:0a:ba:cc:52:37:6e:12:
fe:f9:30:c7:2c:12:0f:0a:43:f6:f7:9e:b0:b3:cd:
99:50:de:3e:80:ce:a1:04:40:29:0c:0e:2e:e8:74:
a7:44:71:31:dc:6d:85:8d:89:e5:11:9d:b6:57:42:
0d:e6:fc:9b:07:d6:21:bb:2c:98:c5:2a:d8:c7:8f:
5c:54:65:0c:7c:12:82:c3:86:c6:c2:78:6f:5a:50:
91:a3:34:60:44:23:4a:fb:8b:3a:0c:e9:0b:f9:2a:
3b:70:4d:ce:76:90:87:22:f1:4b:2a:38:b9:99:ff:
14:14:9a:1a:7f:0a:cb:65:76:65:9b:7b:d1:d4:da:
73:3e:e4:2e:c6:f9:ad:a1:19:f4:7c:4b:6e:d4:b9:
78:f9:40:fd:07:a0:36:9a:97:f3:01:3f:68:fd:22:
96:00:54:d1:a0:8b:09:92:92:34:97:ec:6a:42:39:
cf:5b:13:97:2b:53:5f:d7:b4:33:97:27:b8:67:2c:
77:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:16:93:F8:CF:B3:40:45:50:6C:43:D3:BC:AF:F0:87:04:4B:A3:78
X509v3 Authority Key Identifier:
keyid:4D:A4:D6:19:9A:EC:82:8F:69:89:E2:E8:4C:EC:17:76:5B:AC:5C:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TaTWGZrsgo9pieLoTOwXdlusXNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/BhaT-M-zQEVQbEPTvK_whwRLo3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/2c8482-5331-4e57-9974-40837d48473d/1/TaTWGZrsgo9pieLoTOwXdlusXNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.243.240.0/20
82.197.96.0/19
89.16.0.0/19
92.49.64.0/18
93.176.0.0/18
109.62.0.0/17
185.13.218.0/23
188.115.64.0/18
217.175.160.0/19
Signature Algorithm: sha256WithRSAEncryption
44:e1:4c:33:20:c5:12:c2:aa:2c:af:ca:a1:c7:af:d2:48:29:
53:76:1a:93:5d:cf:fb:91:df:6a:00:de:a0:c1:95:ff:4a:93:
53:65:93:a3:bd:d5:57:5e:c7:c4:6f:47:20:b3:01:dd:56:b8:
2f:3a:0e:2c:f9:8e:d3:b6:71:89:e4:f5:88:54:bd:b4:82:dd:
d0:49:67:98:8c:84:8e:5c:22:61:39:fb:2f:2d:3a:6e:c7:a7:
40:b4:29:ad:b2:d3:3c:47:97:25:df:13:4d:f5:68:b4:72:42:
2b:77:73:98:7d:16:55:41:7b:42:bb:39:82:42:10:b2:fe:ce:
b8:4f:4b:b4:5a:3c:6a:03:f6:92:51:27:01:58:4f:6b:85:61:
27:cf:d2:3e:70:21:a5:bc:ac:66:74:9b:06:86:0f:cc:74:6c:
fa:08:66:e1:bd:82:ab:63:42:c2:df:d3:e0:de:cd:0f:a2:48:
30:20:86:17:7e:7f:3c:c1:a0:de:89:78:04:f9:02:00:b3:72:
47:a7:04:ad:73:11:95:75:04:e3:99:f9:9d:3b:79:da:89:a5:
4f:e9:78:ba:b7:03:12:e8:1c:1f:36:8e:5a:a7:bb:29:93:9a:
ee:3f:b0:23:28:a4:d8:47:f8:ce:fa:b3:cf:ef:0b:d7:e0:45:
2d:0f:8f:9b
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZcRw4H2k6BY5kiY6Xq/MTnzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTRkNjE5OWFlYzgyOGY2OTg5ZTJlODRjZWMxNzc2NWJh
YzVjZDUwHhcNMjUwNTI3MTI0MTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjE2OTNmOGNmYjM0MDQ1NTA2YzQzZDNiY2FmZjA4NzA0NGJhMzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEBfmV+u6eHOnIwwP1VvcnuiCbKG
cbrC+dEsON29Nq+s6NHf4of1gGAXH+AotdfMxuxa6VklcZzrBWUua2KVHqLt6Aq6
zFI3bhL++TDHLBIPCkP2956ws82ZUN4+gM6hBEApDA4u6HSnRHEx3G2FjYnlEZ22
V0IN5vybB9YhuyyYxSrYx49cVGUMfBKCw4bGwnhvWlCRozRgRCNK+4s6DOkL+So7
cE3OdpCHIvFLKji5mf8UFJoafwrLZXZlm3vR1NpzPuQuxvmtoRn0fEtu1Ll4+UD9
B6A2mpfzAT9o/SKWAFTRoIsJkpI0l+xqQjnPWxOXK1Nf17Qzlye4Zyx32wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAYWk/jPs0BFUGxD07yv8IcES6N4MB8GA1UdIwQY
MBaAFE2k1hma7IKPaYni6EzsF3ZbrFzVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFUV0dacnNnbzlwaWVMb1RPd1hkbHVzWE5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8yYzg0ODItNTMzMS00ZTU3LTk5NzQt
NDA4MzdkNDg0NzNkLzEvQmhhVC1NLXpRRVZRYkVQVHZLX3dod1JMbzNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8yYzg0ODItNTMzMS00ZTU3LTk5NzQtNDA4MzdkNDg0NzNk
LzEvVGFUV0dacnNnbzlwaWVMb1RPd1hkbHVzWE5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQEUPPwAwQF
UsVgAwQFWRAAAwQGXDFAAwQGXbAAAwQHbT4AAwQBuQ3aAwQGvHNAAwQF2a+gMA0G
CSqGSIb3DQEBCwUAA4IBAQBE4UwzIMUSwqosr8qhx6/SSClTdhqTXc/7kd9qAN6g
wZX/SpNTZZOjvdVXXsfEb0cgswHdVrgvOg4s+Y7TtnGJ5PWIVL20gt3QSWeYjISO
XCJhOfsvLTpux6dAtCmtstM8R5cl3xNN9Wi0ckIrd3OYfRZVQXtCuzmCQhCy/s64
T0u0WjxqA/aSUScBWE9rhWEnz9I+cCGlvKxmdJsGhg/MdGz6CGbhvYKrY0LC39Pg
3s0PokgwIIYXfn88waDeiXgE+QIAs3JHpwStcxGVdQTjmfmdO3naiaVP6Xi6twMS
6BwfNo5ap7spk5ruP7AjKKTYR/jO+rPP7wvX4EUtD4+b
-----END CERTIFICATE-----
Generated at Wed Jun 11 03:48:03 2025 by rpki-client