Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/bhyD0fEsbA-7YL3eN0TtevS-hbY.roa
File: bhyD0fEsbA-7YL3eN0TtevS-hbY.roa (raw, json)
Hash identifier: Hr4qSZB4dUVM2zxAoHZo2LCYZLrJ0XQPkyZNq3zTTAg=
Subject key identifier: 6E:1C:83:D1:F1:2C:6C:0F:BB:60:BD:DE:37:44:ED:7A:F4:BE:85:B6
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 019E92BDC26214CF2AB75D622EB1296BBF97
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/bhyD0fEsbA-7YL3eN0TtevS-hbY.roa
Signing time: Thu 04 Jun 2026 13:06:10 +0000
ROA not before: Thu 04 Jun 2026 13:06:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 61087
IP address blocks: 45.140.145.0/24 maxlen: 32
194.39.110.0/24 maxlen: 24
2a0e:4000::/32 maxlen: 48
2a0e:4007:fff4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 00:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:92:bd:c2:62:14:cf:2a:b7:5d:62:2e:b1:29:6b:bf:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Jun 4 13:06:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e1c83d1f12c6c0fbb60bdde3744ed7af4be85b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:62:54:da:55:f3:ef:d3:ef:fc:1e:4b:96:75:
d3:bf:22:37:09:af:17:76:f0:4f:04:fd:42:5c:80:
d9:5f:81:fa:ee:52:e6:0d:e5:e3:d8:72:10:6c:c6:
d4:a5:e0:d8:8e:31:a4:87:de:9d:ca:ea:88:fa:82:
15:52:84:67:ca:82:3d:e8:e9:68:e7:d3:b8:f6:e4:
11:bc:b5:b7:c9:b1:e9:11:1c:93:3a:a7:99:f2:40:
b5:1c:a6:5d:06:dd:c5:f2:57:ea:43:3c:ff:96:53:
f9:a7:35:0e:3c:79:76:a2:5c:54:10:13:0c:8c:0c:
4c:c0:5c:03:f7:11:cd:7b:b3:94:99:8c:39:7e:77:
26:3a:e7:fa:71:6f:4e:8b:45:ae:ac:6f:3b:dc:83:
c3:8f:0b:6c:1d:1f:62:d9:38:ff:b2:15:72:98:c9:
1c:eb:d4:20:f8:93:d8:f6:ed:21:f5:4e:2c:0b:a8:
ae:79:11:dd:21:6a:57:61:40:23:60:5a:92:3c:96:
9f:03:1e:84:60:1b:11:2a:a4:bd:ee:f5:46:c7:ef:
c0:73:5a:fc:91:9d:7f:9b:33:6c:62:22:58:0c:b5:
6c:f9:fc:86:54:1f:7d:c0:04:cd:eb:d0:33:45:20:
ba:f3:ab:14:75:00:0e:32:05:ba:ea:31:21:d6:8c:
1a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:1C:83:D1:F1:2C:6C:0F:BB:60:BD:DE:37:44:ED:7A:F4:BE:85:B6
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/bhyD0fEsbA-7YL3eN0TtevS-hbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.140.145.0/24
194.39.110.0/24
IPv6:
2a0e:4000::/32
2a0e:4007:fff4::/48
Signature Algorithm: sha256WithRSAEncryption
df:ed:9a:5e:ec:2e:3a:13:fe:8c:ee:52:b3:40:46:07:6f:a8:
ef:04:13:3e:4d:c1:03:7a:90:eb:94:1d:44:a7:17:98:69:fb:
bd:fe:02:83:a2:d8:6a:df:21:97:68:00:8a:af:f3:4e:5a:9f:
8a:68:a1:e2:34:7b:11:a6:44:ca:2f:89:34:64:fe:50:5e:5c:
f6:2d:0f:30:b0:01:54:c9:a5:06:f1:89:87:15:f5:ea:d5:0e:
ce:4f:06:ad:89:77:80:c9:fb:d6:0a:9f:bc:d9:80:89:80:12:
a6:ce:fb:d4:0d:3a:f9:fd:08:d6:b3:c5:9a:65:3a:12:53:80:
c3:cd:de:59:4c:73:18:42:da:b1:3c:84:2f:6e:2e:90:a2:f1:
f7:f4:d4:82:e3:ae:18:f2:c2:20:c7:c8:40:15:ff:87:b4:d8:
c9:7f:8d:cd:d9:e4:d4:0a:c8:4d:8a:3c:4d:c2:70:67:1a:1e:
ec:86:96:54:a3:44:2c:c5:c3:98:bf:ed:f2:20:56:4f:d4:2d:
52:be:81:b9:5e:d1:63:64:8e:4c:ea:27:26:10:ce:27:86:4e:
57:38:b6:94:3b:d9:10:13:42:14:04:a1:71:ed:b0:72:54:bd:
e0:23:a5:fb:09:f3:86:bd:64:03:31:b2:82:e9:38:2e:19:4e:
2f:48:00:a7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ6SvcJiFM8qt11iLrEpa7+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjYwNjA0MTMwNjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTFjODNkMWYxMmM2YzBmYmI2MGJkZGUzNzQ0ZWQ3YWY0YmU4NWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumJU2lXz79Pv/B5LlnXTvyI3Ca8X
dvBPBP1CXIDZX4H67lLmDeXj2HIQbMbUpeDYjjGkh96dyuqI+oIVUoRnyoI96Olo
59O49uQRvLW3ybHpERyTOqeZ8kC1HKZdBt3F8lfqQzz/llP5pzUOPHl2olxUEBMM
jAxMwFwD9xHNe7OUmYw5fncmOuf6cW9Oi0WurG873IPDjwtsHR9i2Tj/shVymMkc
69Qg+JPY9u0h9U4sC6iueRHdIWpXYUAjYFqSPJafAx6EYBsRKqS97vVGx+/Ac1r8
kZ1/mzNsYiJYDLVs+fyGVB99wATN69AzRSC686sUdQAOMgW66jEh1owaVwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG4cg9HxLGwPu2C93jdE7Xr0voW2MB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvYmh5RDBmRXNiQS03WUwzZU4wVHRldlMtaGJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQALYyRAwQA
widuMBYEAgACMBADBQAqDkAAAwcAKg5AB//0MA0GCSqGSIb3DQEBCwUAA4IBAQDf
7Zpe7C46E/6M7lKzQEYHb6jvBBM+TcEDepDrlB1EpxeYafu9/gKDothq3yGXaACK
r/NOWp+KaKHiNHsRpkTKL4k0ZP5QXlz2LQ8wsAFUyaUG8YmHFfXq1Q7OTwatiXeA
yfvWCp+82YCJgBKmzvvUDTr5/QjWs8WaZToSU4DDzd5ZTHMYQtqxPIQvbi6QovH3
9NSC464Y8sIgx8hAFf+HtNjJf43N2eTUCshNijxNwnBnGh7shpZUo0QsxcOYv+3y
IFZP1C1SvoG5XtFjZI5M6icmEM4nhk5XOLaUO9kQE0IUBKFx7bByVL3gI6X7CfOG
vWQDMbKC6TguGU4vSACn
-----END CERTIFICATE-----
Generated at Sat Jun 6 08:21:42 2026 by rpki-client