Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/bQXvZTDMEPb1Z1Yz0iKNwTJnSuE.roa
File: bQXvZTDMEPb1Z1Yz0iKNwTJnSuE.roa (raw, json)
Hash identifier: hjvCIFIfV6QqgEX4RwfG7HblsHoidBW7RJECyS+GMK0=
Subject key identifier: 6D:05:EF:65:30:CC:10:F6:F5:67:56:33:D2:22:8D:C1:32:67:4A:E1
Certificate issuer: /CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Certificate serial: 019741010F5B44D99388FC038422645239A5
Authority key identifier: 5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/bQXvZTDMEPb1Z1Yz0iKNwTJnSuE.roa
Signing time: Thu 05 Jun 2025 16:51:17 +0000
ROA not before: Thu 05 Jun 2025 16:51:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58030
IP address blocks: 91.238.0.0/24 maxlen: 24
2001:67c:1158::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:41:01:0f:5b:44:d9:93:88:fc:03:84:22:64:52:39:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Validity
Not Before: Jun 5 16:51:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d05ef6530cc10f6f5675633d2228dc132674ae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:34:a6:83:cd:54:c4:a2:78:5a:07:13:c4:36:
c1:73:2c:6f:29:34:2e:30:c0:e2:7e:25:a7:61:1c:
2c:03:4a:3d:d9:c9:6e:9d:af:84:66:fa:04:da:60:
91:fa:c6:f7:a6:b5:70:39:64:60:d6:96:c8:93:6b:
93:3b:04:f8:51:4c:61:d1:95:d7:4e:09:b3:bb:29:
d9:7e:cb:c9:18:f5:30:54:f5:37:1e:4d:c9:29:6e:
fc:0f:95:6e:0f:4b:ab:0f:14:c9:4c:cd:15:27:1c:
30:42:77:b3:95:96:00:52:14:ce:78:3d:80:56:65:
13:0b:fa:19:29:30:34:98:a7:f0:ed:60:44:05:9d:
ac:76:ab:9a:31:28:00:60:a2:68:dd:e4:a9:af:57:
05:0b:f1:cc:1f:3b:a5:17:58:76:1d:ac:3d:03:de:
9b:6e:8f:92:67:9c:94:b9:72:c0:80:39:ce:09:17:
9e:80:88:ea:0e:fc:52:d4:ce:30:99:13:16:01:7f:
98:54:b5:2e:9e:58:cc:85:28:8f:44:7a:ac:8a:f1:
bf:1f:0d:c8:9e:d5:01:55:f0:8e:54:89:5a:0c:74:
e1:37:f9:33:e9:af:cd:fe:82:44:8c:d7:75:8e:f6:
b4:eb:07:fe:73:9c:c7:7f:51:63:46:a6:5b:82:38:
e0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:05:EF:65:30:CC:10:F6:F5:67:56:33:D2:22:8D:C1:32:67:4A:E1
X509v3 Authority Key Identifier:
keyid:5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/bQXvZTDMEPb1Z1Yz0iKNwTJnSuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.0.0/24
IPv6:
2001:67c:1158::/48
Signature Algorithm: sha256WithRSAEncryption
33:61:76:e4:87:8d:fe:cc:1b:bf:1b:7e:8f:fe:f5:5f:2c:73:
52:6a:dd:5f:19:9b:b2:28:b9:0a:d4:ad:5f:57:c1:8d:19:ab:
fa:da:d0:a7:db:07:d1:71:1f:bb:ce:d2:c4:db:ca:ac:49:27:
1c:6a:e9:2c:70:58:22:7b:ff:fb:31:a5:a7:bc:d5:dc:59:fa:
33:70:9a:40:91:7c:4b:f1:89:15:9c:47:47:19:a9:15:01:cf:
c4:4d:45:f0:f7:8d:26:f5:30:4d:78:5f:47:c7:f8:1f:14:35:
16:31:18:7c:65:38:87:b6:e4:d9:dc:0a:4a:da:16:27:1f:a4:
86:ea:e2:61:01:5c:b0:a2:09:6f:ee:f9:f8:f9:4c:f3:e7:7b:
3f:00:61:d9:56:03:d1:96:fc:d8:46:0b:ac:64:4c:76:cc:dd:
c4:f3:c6:47:1e:6f:00:2b:a5:d3:64:42:80:07:64:17:5b:20:
62:ae:b5:ec:9e:36:d2:a1:3f:ba:db:3a:25:a3:f8:d8:1b:4b:
79:9f:50:bd:50:19:47:4d:41:01:c6:73:0e:1b:49:c3:4e:f8:
73:10:d9:b8:34:e6:b3:20:02:14:84:7e:d6:c7:32:24:af:68:
d4:f7:10:55:34:81:42:19:7b:a7:39:60:0c:72:91:2a:a5:a4:
1d:bd:8b:3f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZdBAQ9bRNmTiPwDhCJkUjmlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNWU2NmIyNzU5ZTUwYmI2OWJiMGE0NDA5ZWViM2JhNDhj
NDZjNTYwHhcNMjUwNjA1MTY1MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDA1ZWY2NTMwY2MxMGY2ZjU2NzU2MzNkMjIyOGRjMTMyNjc0YWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjSmg81UxKJ4WgcTxDbBcyxvKTQu
MMDifiWnYRwsA0o92cluna+EZvoE2mCR+sb3prVwOWRg1pbIk2uTOwT4UUxh0ZXX
TgmzuynZfsvJGPUwVPU3Hk3JKW78D5VuD0urDxTJTM0VJxwwQnezlZYAUhTOeD2A
VmUTC/oZKTA0mKfw7WBEBZ2sdquaMSgAYKJo3eSpr1cFC/HMHzulF1h2Haw9A96b
bo+SZ5yUuXLAgDnOCReegIjqDvxS1M4wmRMWAX+YVLUunljMhSiPRHqsivG/Hw3I
ntUBVfCOVIlaDHThN/kz6a/N/oJEjNd1jva06wf+c5zHf1FjRqZbgjjg+QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFG0F72UwzBD29WdWM9IijcEyZ0rhMB8GA1UdIwQY
MBaAFFpeZrJ1nlC7absKRAnus7pIxGxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWIt
NjUzZjIzOWZlOWEwLzEvYlFYdlpURE1FUGIxWjFZejBpS053VEpuU3VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWItNjUzZjIzOWZlOWEw
LzEvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW+4AMA8E
AgACMAkDBwAgAQZ8EVgwDQYJKoZIhvcNAQELBQADggEBADNhduSHjf7MG78bfo/+
9V8sc1Jq3V8Zm7IouQrUrV9XwY0Zq/ra0KfbB9FxH7vO0sTbyqxJJxxq6SxwWCJ7
//sxpae81dxZ+jNwmkCRfEvxiRWcR0cZqRUBz8RNRfD3jSb1ME14X0fH+B8UNRYx
GHxlOIe25NncCkraFicfpIbq4mEBXLCiCW/u+fj5TPPnez8AYdlWA9GW/NhGC6xk
THbM3cTzxkcebwArpdNkQoAHZBdbIGKuteyeNtKhP7rbOiWj+NgbS3mfUL1QGUdN
QQHGcw4bScNO+HMQ2bg05rMgAhSEftbHMiSvaNT3EFU0gUIZe6c5YAxykSqlpB29
iz8=
-----END CERTIFICATE-----
Generated at Sun Jun 8 13:37:27 2025 by rpki-client