Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/bhbbDS-1fRi0YZYd4HQcXgCmraM.roa
File: bhbbDS-1fRi0YZYd4HQcXgCmraM.roa (raw, json)
Hash identifier: Oc1LIi9fo5CXFk5Nkm2KdL+/MECS7o+E4CeQBySDINk=
Subject key identifier: 6E:16:DB:0D:2F:B5:7D:18:B4:61:96:1D:E0:74:1C:5E:00:A6:AD:A3
Certificate issuer: /CN=a499903dab85f6a59772b3edfd4bf0e491af57c4
Certificate serial: 019E878342DE2C6EF752E5233E943508318E
Authority key identifier: A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/bhbbDS-1fRi0YZYd4HQcXgCmraM.roa
Signing time: Tue 02 Jun 2026 08:46:26 +0000
ROA not before: Tue 02 Jun 2026 08:46:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 680
IP address blocks: 141.9.0.0/16 maxlen: 16
141.39.0.0/16 maxlen: 16
188.1.0.0/16 maxlen: 16
188.1.101.0/24 maxlen: 24
192.76.176.0/24 maxlen: 24
192.108.67.0/24 maxlen: 24
192.108.69.0/24 maxlen: 24
192.108.70.0/24 maxlen: 24
192.108.71.0/24 maxlen: 24
192.129.26.0/23 maxlen: 23
192.129.28.0/23 maxlen: 23
192.129.31.0/24 maxlen: 24
193.174.0.0/15 maxlen: 15
194.94.0.0/15 maxlen: 15
195.37.0.0/16 maxlen: 16
212.201.0.0/16 maxlen: 16
2001:638::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:87:83:42:de:2c:6e:f7:52:e5:23:3e:94:35:08:31:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a499903dab85f6a59772b3edfd4bf0e491af57c4
Validity
Not Before: Jun 2 08:46:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e16db0d2fb57d18b461961de0741c5e00a6ada3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:94:94:8a:e7:40:9c:10:17:a2:d2:85:57:a3:
50:75:ff:65:61:74:0e:bb:9e:8a:31:1c:44:fa:29:
4e:21:49:62:4c:2d:50:1e:7e:78:36:64:8d:f4:4b:
cb:5c:0f:9c:9a:9b:ab:a7:c0:3e:ff:ea:c6:a8:47:
ed:98:af:66:88:24:87:11:df:e1:4f:9e:6e:2a:b5:
c6:5e:72:1d:2c:62:02:8f:45:db:cd:7f:3e:0c:8e:
7a:3b:3b:dd:38:72:5a:7f:7d:6f:93:7b:62:01:a4:
f6:6a:c9:24:d7:9c:9c:18:1e:a5:24:f2:63:8c:52:
30:dc:04:f5:31:af:c6:c5:b6:3d:b0:18:0b:42:29:
fd:76:5b:83:3a:30:fb:9e:99:d2:e1:da:2e:3b:98:
4e:07:ee:fb:98:a0:55:87:c1:d5:b6:5c:a3:6e:04:
8d:ce:00:c1:f9:67:f6:a7:e9:af:19:30:21:32:5a:
c8:4e:8d:81:fa:9f:2c:4a:81:fe:26:02:ee:db:62:
c7:b6:71:f9:d3:77:f0:91:b7:3f:b4:2f:69:2c:6d:
fd:52:d2:07:8b:ab:bc:21:f5:35:db:99:aa:a4:b1:
9d:0a:75:fd:bc:da:09:52:69:d3:a1:53:f4:f2:6f:
33:ff:18:c5:3c:fe:89:2a:11:81:58:46:65:b6:96:
42:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:16:DB:0D:2F:B5:7D:18:B4:61:96:1D:E0:74:1C:5E:00:A6:AD:A3
X509v3 Authority Key Identifier:
keyid:A4:99:90:3D:AB:85:F6:A5:97:72:B3:ED:FD:4B:F0:E4:91:AF:57:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/bhbbDS-1fRi0YZYd4HQcXgCmraM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/8eda9a-d13c-4430-8cf4-57ec12e8641e/1/pJmQPauF9qWXcrPt_Uvw5JGvV8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.9.0.0/16
141.39.0.0/16
188.1.0.0/16
192.76.176.0/24
192.108.67.0/24
192.108.69.0-192.108.71.255
192.129.26.0-192.129.29.255
192.129.31.0/24
193.174.0.0/15
194.94.0.0/15
195.37.0.0/16
212.201.0.0/16
IPv6:
2001:638::/32
Signature Algorithm: sha256WithRSAEncryption
7f:a2:cb:92:dd:02:d9:05:79:48:22:f4:31:eb:8d:1c:38:32:
12:cb:dd:c1:72:7e:fd:db:d0:57:a0:41:f5:d4:c8:33:de:44:
22:85:91:7f:2b:93:9a:5c:4c:78:d4:88:5f:e2:81:22:0e:14:
37:cc:c5:38:20:e3:88:d0:38:f2:46:40:0b:d5:d4:59:54:7d:
e7:d3:42:a8:4f:f4:0b:ec:87:5e:38:d2:b7:9e:e4:63:78:08:
52:79:68:4e:5d:76:48:6e:f1:2d:31:3f:db:88:89:af:30:ec:
3f:d7:7a:a5:22:d6:fd:58:80:59:6b:e3:a3:77:0f:1b:00:91:
aa:a7:d2:b0:02:1d:5d:a6:35:10:72:ff:3d:41:d8:94:65:53:
4a:a7:0b:f7:81:0a:d8:25:71:08:51:bb:63:63:4c:fd:8b:6b:
c9:cd:94:1a:67:a4:51:19:f5:8e:1d:53:2a:34:4d:d5:b8:ee:
ef:62:1d:2d:63:7f:b3:7f:f2:87:b7:56:97:e7:6f:65:e9:24:
7a:a8:fe:f4:6e:7e:e9:ed:66:64:58:a4:be:1e:2f:03:fb:27:
79:5c:fd:0c:b7:0f:48:6e:a1:61:d3:c1:18:70:f3:a6:08:1e:
45:0c:6b:42:a2:c1:66:93:7a:9c:2b:96:28:c6:9b:c1:c5:a9:
2d:34:ac:2e
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZ6Hg0LeLG73UuUjPpQ1CDGOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0OTk5MDNkYWI4NWY2YTU5NzcyYjNlZGZkNGJmMGU0OTFh
ZjU3YzQwHhcNMjYwNjAyMDg0NjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTE2ZGIwZDJmYjU3ZDE4YjQ2MTk2MWRlMDc0MWM1ZTAwYTZhZGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pSUiudAnBAXotKFV6NQdf9lYXQO
u56KMRxE+ilOIUliTC1QHn54NmSN9EvLXA+cmpurp8A+/+rGqEftmK9miCSHEd/h
T55uKrXGXnIdLGICj0XbzX8+DI56OzvdOHJaf31vk3tiAaT2askk15ycGB6lJPJj
jFIw3AT1Ma/GxbY9sBgLQin9dluDOjD7npnS4douO5hOB+77mKBVh8HVtlyjbgSN
zgDB+Wf2p+mvGTAhMlrITo2B+p8sSoH+JgLu22LHtnH503fwkbc/tC9pLG39UtIH
i6u8IfU125mqpLGdCnX9vNoJUmnToVP08m8z/xjFPP6JKhGBWEZltpZCTQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFG4W2w0vtX0YtGGWHeB0HF4Apq2jMB8GA1UdIwQY
MBaAFKSZkD2rhfall3Kz7f1L8OSRr1fEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEptUVBhdUY5cVdYY3JQdF9Vdnc1Skd2VjhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC84ZWRhOWEtZDEzYy00NDMwLThjZjQt
NTdlYzEyZTg2NDFlLzEvYmhiYkRTLTFmUmkwWVpZZDRIUWNYZ0NtcmFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC84ZWRhOWEtZDEzYy00NDMwLThjZjQtNTdlYzEyZTg2NDFl
LzEvcEptUVBhdUY5cVdYY3JQdF9Vdnc1Skd2VjhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBXBAIAATBRAwMAjQkDAwCN
JwMDALwBAwQAwEywAwQAwGxDMAwDBADAbEUDBAPAbEAwDAMEAcCBGgMEAcCBHAME
AMCBHwMDAcGuAwMBwl4DAwDDJQMDANTJMA0EAgACMAcDBQAgAQY4MA0GCSqGSIb3
DQEBCwUAA4IBAQB/osuS3QLZBXlIIvQx640cODISy93Bcn7929BXoEH11Mgz3kQi
hZF/K5OaXEx41Ihf4oEiDhQ3zMU4IOOI0DjyRkAL1dRZVH3n00KoT/QL7IdeONK3
nuRjeAhSeWhOXXZIbvEtMT/biImvMOw/13qlItb9WIBZa+Ojdw8bAJGqp9KwAh1d
pjUQcv89QdiUZVNKpwv3gQrYJXEIUbtjY0z9i2vJzZQaZ6RRGfWOHVMqNE3VuO7v
Yh0tY3+zf/KHt1aX529l6SR6qP70bn7p7WZkWKS+Hi8D+yd5XP0Mtw9IbqFh08EY
cPOmCB5FDGtCosFmk3qcK5YoxpvBxaktNKwu
-----END CERTIFICATE-----
Generated at Thu Jun 11 22:32:23 2026 by rpki-client