Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/0e0c90-717f-40ea-b17e-e6f9db74139d/1/BwfVTKMmzPQcO6hQWHgwE-WzBlM.roa
File: BwfVTKMmzPQcO6hQWHgwE-WzBlM.roa (raw, json)
Hash identifier: K/mo2ikV7viOGHu5dYw3ftaMmyVAbJKcoqq2YMC1Njg=
Subject key identifier: 07:07:D5:4C:A3:26:CC:F4:1C:3B:A8:50:58:78:30:13:E5:B3:06:53
Certificate issuer: /CN=1627573c68929ab2a4590e92a51abc40ea9e5817
Certificate serial: 019904FD58966787924B1503AB06AC18FFAB
Authority key identifier: 16:27:57:3C:68:92:9A:B2:A4:59:0E:92:A5:1A:BC:40:EA:9E:58:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FidXPGiSmrKkWQ6SpRq8QOqeWBc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/0e0c90-717f-40ea-b17e-e6f9db74139d/1/BwfVTKMmzPQcO6hQWHgwE-WzBlM.roa
Signing time: Mon 01 Sep 2025 11:15:36 +0000
ROA not before: Mon 01 Sep 2025 11:15:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43220
IP address blocks: 185.60.160.0/24 maxlen: 24
185.60.161.0/24 maxlen: 24
185.60.162.0/24 maxlen: 24
185.60.163.0/24 maxlen: 24
185.161.124.0/22 maxlen: 22
185.211.52.0/22 maxlen: 22
2a07:c3c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/0e0c90-717f-40ea-b17e-e6f9db74139d/1/FidXPGiSmrKkWQ6SpRq8QOqeWBc.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/0e0c90-717f-40ea-b17e-e6f9db74139d/1/FidXPGiSmrKkWQ6SpRq8QOqeWBc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FidXPGiSmrKkWQ6SpRq8QOqeWBc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 20:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:04:fd:58:96:67:87:92:4b:15:03:ab:06:ac:18:ff:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1627573c68929ab2a4590e92a51abc40ea9e5817
Validity
Not Before: Sep 1 11:15:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0707d54ca326ccf41c3ba85058783013e5b30653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:39:7f:ac:45:5e:82:4a:31:5b:88:b6:2b:a2:
49:75:6a:2e:24:88:24:b9:48:69:59:26:60:f5:b2:
f8:58:6d:bb:ef:e8:3d:63:d2:75:fe:b8:ff:48:06:
04:9e:dc:93:75:41:95:26:36:7a:13:31:bb:c3:4e:
35:53:31:f2:eb:57:28:38:85:7a:9e:c7:b8:7a:1d:
70:3e:9d:c4:0e:9b:dd:68:c8:38:4d:9e:5a:b1:f0:
85:80:aa:6a:7a:e1:84:48:fc:5e:e2:21:61:7e:dc:
2d:a9:d2:4b:92:92:2a:83:28:f5:30:1f:47:8c:cc:
dd:50:1d:b1:55:46:1a:4c:a0:cd:61:94:62:29:82:
00:b8:ac:f3:e0:99:54:20:23:50:ae:0a:9e:02:fc:
86:51:55:85:65:76:f0:94:d6:09:a2:ee:e7:80:fb:
bb:30:89:7d:db:5d:7d:35:f0:75:f6:74:8a:a4:a0:
b3:2d:2e:fe:a1:6d:3e:da:8b:0b:c4:dd:25:bb:a9:
9c:f9:b6:6b:b7:34:45:9f:5d:e8:12:0b:2b:43:8f:
fc:5e:24:11:88:9d:d5:b8:0f:07:d5:1e:e7:0c:7c:
a5:27:e9:20:db:2f:6d:92:5b:e4:b5:c2:7d:8d:c7:
23:2c:50:ce:6e:64:f1:6b:dd:f7:6e:1a:22:02:bc:
53:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:07:D5:4C:A3:26:CC:F4:1C:3B:A8:50:58:78:30:13:E5:B3:06:53
X509v3 Authority Key Identifier:
keyid:16:27:57:3C:68:92:9A:B2:A4:59:0E:92:A5:1A:BC:40:EA:9E:58:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FidXPGiSmrKkWQ6SpRq8QOqeWBc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0e0c90-717f-40ea-b17e-e6f9db74139d/1/BwfVTKMmzPQcO6hQWHgwE-WzBlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/0e0c90-717f-40ea-b17e-e6f9db74139d/1/FidXPGiSmrKkWQ6SpRq8QOqeWBc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.160.0/22
185.161.124.0/22
185.211.52.0/22
IPv6:
2a07:c3c0::/29
Signature Algorithm: sha256WithRSAEncryption
05:a1:b6:f5:9b:8f:0c:e7:73:bc:bd:6a:d9:47:fa:6a:6a:4d:
2d:cf:45:33:d6:fb:d7:eb:a7:04:e0:ee:6d:39:5e:0d:12:c1:
a8:1c:30:7c:bb:61:fa:a7:29:77:6c:00:97:ca:ed:68:70:7d:
00:50:43:93:08:5a:12:56:9a:2c:c2:82:e5:44:60:a1:65:bf:
de:af:ed:fc:6e:84:6a:a6:19:2c:48:d1:32:ab:c7:39:87:55:
84:3b:05:82:a4:65:71:ab:c3:60:33:a7:fa:c0:73:ce:15:b4:
41:4d:d5:23:ba:5c:52:c0:8d:0f:14:58:1a:7d:08:d7:90:5e:
8f:23:c8:e9:1a:0a:ab:6c:e9:0a:81:61:77:1b:a6:54:9e:33:
e3:d3:ee:a7:01:62:77:c0:b7:94:38:55:bf:82:99:7f:09:e8:
9a:9d:b2:60:87:98:f9:ae:c5:a5:43:9c:1e:ce:26:3d:aa:1b:
3b:0e:3c:19:f6:11:60:97:e6:d9:24:b3:a9:15:5f:aa:b0:27:
32:c6:c8:6e:1d:0f:a3:61:13:73:07:45:5d:ca:06:21:e7:f9:
a9:04:eb:85:89:03:3c:cc:ba:b4:b9:f7:8a:cb:84:1e:b5:d8:
6e:be:d3:90:9b:ae:3e:a0:e3:6d:ee:67:9a:f6:eb:03:9a:d2:
61:a8:eb:ab
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZkE/ViWZ4eSSxUDqwasGP+rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2Mjc1NzNjNjg5MjlhYjJhNDU5MGU5MmE1MWFiYzQwZWE5
ZTU4MTcwHhcNMjUwOTAxMTExNTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzA3ZDU0Y2EzMjZjY2Y0MWMzYmE4NTA1ODc4MzAxM2U1YjMwNjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTl/rEVegkoxW4i2K6JJdWouJIgk
uUhpWSZg9bL4WG277+g9Y9J1/rj/SAYEntyTdUGVJjZ6EzG7w041UzHy61coOIV6
nse4eh1wPp3EDpvdaMg4TZ5asfCFgKpqeuGESPxe4iFhftwtqdJLkpIqgyj1MB9H
jMzdUB2xVUYaTKDNYZRiKYIAuKzz4JlUICNQrgqeAvyGUVWFZXbwlNYJou7ngPu7
MIl92119NfB19nSKpKCzLS7+oW0+2osLxN0lu6mc+bZrtzRFn13oEgsrQ4/8XiQR
iJ3VuA8H1R7nDHylJ+kg2y9tklvktcJ9jccjLFDObmTxa933bhoiArxTmQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAcH1UyjJsz0HDuoUFh4MBPlswZTMB8GA1UdIwQY
MBaAFBYnVzxokpqypFkOkqUavEDqnlgXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmlkWFBHaVNtcktrV1E2U3BScThRT3FlV0JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8wZTBjOTAtNzE3Zi00MGVhLWIxN2Ut
ZTZmOWRiNzQxMzlkLzEvQndmVlRLTW16UFFjTzZoUVdIZ3dFLVd6QmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi8wZTBjOTAtNzE3Zi00MGVhLWIxN2UtZTZmOWRiNzQxMzlk
LzEvRmlkWFBHaVNtcktrV1E2U3BScThRT3FlV0JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuTygAwQC
uaF8AwQCudM0MA0EAgACMAcDBQMqB8PAMA0GCSqGSIb3DQEBCwUAA4IBAQAFobb1
m48M53O8vWrZR/pqak0tz0Uz1vvX66cE4O5tOV4NEsGoHDB8u2H6pyl3bACXyu1o
cH0AUEOTCFoSVposwoLlRGChZb/er+38boRqphksSNEyq8c5h1WEOwWCpGVxq8Ng
M6f6wHPOFbRBTdUjulxSwI0PFFgafQjXkF6PI8jpGgqrbOkKgWF3G6ZUnjPj0+6n
AWJ3wLeUOFW/gpl/CeianbJgh5j5rsWlQ5weziY9qhs7DjwZ9hFgl+bZJLOpFV+q
sCcyxshuHQ+jYRNzB0VdygYh5/mpBOuFiQM8zLq0ufeKy4QetdhuvtOQm64+oONt
7mea9usDmtJhqOur
-----END CERTIFICATE-----
Generated at Wed Sep 10 22:57:55 2025 by rpki-client