Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/BsRpiiQK9KCjho6DrW1wtglo1IM.roa
File: BsRpiiQK9KCjho6DrW1wtglo1IM.roa (raw, json)
Hash identifier: sgLHVcWXtaVQyXDvrhkvDLVN/k+aJMJ4oliAJOu3y44=
Subject key identifier: 06:C4:69:8A:24:0A:F4:A0:A3:86:8E:83:AD:6D:70:B6:09:68:D4:83
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0197300B4734729826CFB373E9213F022274
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/BsRpiiQK9KCjho6DrW1wtglo1IM.roa
Signing time: Mon 02 Jun 2025 09:48:54 +0000
ROA not before: Mon 02 Jun 2025 09:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 135.196.6.0/24 maxlen: 24
135.196.9.0/24 maxlen: 24
135.196.18.0/24 maxlen: 24
135.196.21.0/24 maxlen: 24
135.196.23.0/24 maxlen: 24
135.196.27.0/24 maxlen: 24
135.196.31.0/24 maxlen: 24
135.196.35.0/24 maxlen: 24
135.196.98.0/24 maxlen: 24
135.196.105.0/24 maxlen: 24
135.196.106.0/24 maxlen: 24
135.196.116.0/24 maxlen: 24
135.196.180.0/23 maxlen: 24
135.196.186.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 08:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:30:0b:47:34:72:98:26:cf:b3:73:e9:21:3f:02:22:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jun 2 09:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06c4698a240af4a0a3868e83ad6d70b60968d483
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1a:d2:3c:f2:e1:67:1e:9f:bc:bb:f9:80:94:
a5:91:be:43:a6:fb:4e:f2:84:9b:7b:5d:15:5c:8e:
d5:92:6a:a9:e7:f8:45:10:cc:dd:d3:1f:71:52:f3:
46:56:5a:7c:ce:44:4e:5e:67:14:2d:e9:e2:f7:7c:
b7:7d:f8:5d:14:cd:0d:0a:2f:de:20:96:ae:59:5e:
78:69:92:0f:d0:88:2a:d9:1a:b7:93:b2:07:93:af:
86:47:79:89:28:6f:5b:22:62:b2:7a:ad:80:8b:04:
6f:64:17:97:1a:25:e6:94:49:bc:eb:07:4f:00:06:
0d:0a:fb:83:3f:32:c1:9d:3f:ba:10:ad:29:bf:0e:
dd:5f:fd:67:ec:af:39:05:ce:24:76:01:d1:b3:11:
af:37:ed:0d:7c:a2:84:d4:09:8d:c2:9c:87:38:10:
0c:d5:6d:4b:60:b8:51:65:4a:ed:f6:3a:3d:85:55:
bd:a7:e8:d3:55:77:68:eb:bb:1c:63:86:fa:45:9c:
8a:13:61:ca:1a:60:f9:e6:5f:b4:ed:5a:b8:ee:9e:
27:09:7d:5d:42:3f:95:4c:19:81:96:17:10:ab:c3:
3c:33:b4:a9:fd:28:9f:ce:bf:c3:02:ab:11:77:93:
c7:d7:0e:b0:25:b1:c8:f8:e5:a9:8e:80:96:21:30:
a4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C4:69:8A:24:0A:F4:A0:A3:86:8E:83:AD:6D:70:B6:09:68:D4:83
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/BsRpiiQK9KCjho6DrW1wtglo1IM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
135.196.6.0/24
135.196.9.0/24
135.196.18.0/24
135.196.21.0/24
135.196.23.0/24
135.196.27.0/24
135.196.31.0/24
135.196.35.0/24
135.196.98.0/24
135.196.105.0-135.196.106.255
135.196.116.0/24
135.196.180.0/23
135.196.186.0/23
Signature Algorithm: sha256WithRSAEncryption
44:ba:7e:9c:ae:12:53:f2:1e:df:de:0f:ac:8e:8f:1d:3a:dd:
df:4e:5b:17:e2:fa:d3:0e:55:1d:26:27:6d:6e:3a:83:7a:94:
e9:a0:30:a1:44:53:57:b4:3e:fc:50:68:9a:ee:ae:04:22:ec:
f1:b3:47:4d:81:a1:7f:bd:c9:7f:c6:22:3b:54:73:fc:c8:bf:
c2:e6:f5:de:33:c0:17:e9:8e:94:cb:31:d9:5f:a6:bb:9c:e0:
d4:68:0b:03:fd:71:52:f9:e9:f4:f2:8c:cf:37:2d:69:12:e6:
ec:bc:02:21:03:4c:4e:46:da:ca:1d:94:85:7d:be:ed:a6:23:
3e:ba:99:78:90:5b:8e:05:68:56:8e:48:5b:0b:ef:06:11:d9:
f6:e1:24:01:40:5d:5e:b6:2f:b4:ea:6a:92:02:27:6d:7b:8f:
0f:51:3c:fc:53:95:fc:d6:42:0a:7c:63:1c:c0:87:e3:c6:29:
c4:01:78:64:96:5a:c5:bb:a8:eb:51:a1:df:c8:a0:29:2e:84:
d7:eb:c1:96:7b:e9:06:61:3f:db:40:be:35:d9:07:b8:73:36:
19:78:91:ba:98:24:8a:19:ec:22:2b:80:d1:51:7e:21:3b:ba:
0b:d8:84:5c:4f:37:95:31:0f:87:7c:fe:64:2f:43:dd:76:81:
2a:e9:29:46
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZcwC0c0cpgmz7Nz6SE/AiJ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwNjAyMDk0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmM0Njk4YTI0MGFmNGEwYTM4NjhlODNhZDZkNzBiNjA5NjhkNDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxrSPPLhZx6fvLv5gJSlkb5DpvtO
8oSbe10VXI7Vkmqp5/hFEMzd0x9xUvNGVlp8zkROXmcULeni93y3ffhdFM0NCi/e
IJauWV54aZIP0Igq2Rq3k7IHk6+GR3mJKG9bImKyeq2AiwRvZBeXGiXmlEm86wdP
AAYNCvuDPzLBnT+6EK0pvw7dX/1n7K85Bc4kdgHRsxGvN+0NfKKE1AmNwpyHOBAM
1W1LYLhRZUrt9jo9hVW9p+jTVXdo67scY4b6RZyKE2HKGmD55l+07Vq47p4nCX1d
Qj+VTBmBlhcQq8M8M7Sp/Sifzr/DAqsRd5PH1w6wJbHI+OWpjoCWITCkPwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFAbEaYokCvSgo4aOg61tcLYJaNSDMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvQnNScGlpUUs5S0NqaG82RHJXMXd0Z2xvMUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAh8QGAwQA
h8QJAwQAh8QSAwQAh8QVAwQAh8QXAwQAh8QbAwQAh8QfAwQAh8QjAwQAh8RiMAwD
BACHxGkDBACHxGoDBACHxHQDBAGHxLQDBAGHxLowDQYJKoZIhvcNAQELBQADggEB
AES6fpyuElPyHt/eD6yOjx063d9OWxfi+tMOVR0mJ21uOoN6lOmgMKFEU1e0PvxQ
aJrurgQi7PGzR02BoX+9yX/GIjtUc/zIv8Lm9d4zwBfpjpTLMdlfpruc4NRoCwP9
cVL56fTyjM83LWkS5uy8AiEDTE5G2sodlIV9vu2mIz66mXiQW44FaFaOSFsL7wYR
2fbhJAFAXV62L7TqapICJ217jw9RPPxTlfzWQgp8YxzAh+PGKcQBeGSWWsW7qOtR
od/IoCkuhNfrwZZ76QZhP9tAvjXZB7hzNhl4kbqYJIoZ7CIrgNFRfiE7ugvYhFxP
N5UxD4d8/mQvQ912gSrpKUY=
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:06:01 2025 by rpki-client