Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/BVjAALpJvxuQy2GyePspuTkr6KE.roa
File: BVjAALpJvxuQy2GyePspuTkr6KE.roa (raw, json)
Hash identifier: n2Oqqyn+P3DE0EdI3BsAkGnYPcIXpRm9D9/3qqS3Klw=
Subject key identifier: 05:58:C0:00:BA:49:BF:1B:90:CB:61:B2:78:FB:29:B9:39:2B:E8:A1
Certificate issuer: /CN=5df5ed040efe2e581754deb5c3cd82d99dfee8d9
Certificate serial: 019DCF47DDE6F6BC6530F9991D4B8A3D9F6A
Authority key identifier: 5D:F5:ED:04:0E:FE:2E:58:17:54:DE:B5:C3:CD:82:D9:9D:FE:E8:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfXtBA7-LlgXVN61w82C2Z3-6Nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/BVjAALpJvxuQy2GyePspuTkr6KE.roa
Signing time: Mon 27 Apr 2026 14:11:26 +0000
ROA not before: Mon 27 Apr 2026 14:11:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56911
IP address blocks: 176.58.80.0/21 maxlen: 24
185.49.248.0/22 maxlen: 24
185.146.64.0/24 maxlen: 24
185.169.236.0/23 maxlen: 24
185.169.236.0/24 maxlen: 24
185.169.237.0/24 maxlen: 24
185.169.238.0/23 maxlen: 24
195.234.92.0/23 maxlen: 23
2a01:a620::/32 maxlen: 48
2a0a:7300::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/XfXtBA7-LlgXVN61w82C2Z3-6Nk.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/XfXtBA7-LlgXVN61w82C2Z3-6Nk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XfXtBA7-LlgXVN61w82C2Z3-6Nk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 14:11:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:47:dd:e6:f6:bc:65:30:f9:99:1d:4b:8a:3d:9f:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5df5ed040efe2e581754deb5c3cd82d99dfee8d9
Validity
Not Before: Apr 27 14:11:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0558c000ba49bf1b90cb61b278fb29b9392be8a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a8:ce:ef:9a:f8:f4:d7:f1:7b:28:69:c6:89:
a5:a3:75:b1:b6:fc:2f:f7:bd:76:5a:1d:b1:0d:6a:
00:76:7c:30:ae:f9:80:91:b3:5b:3d:23:64:a8:d1:
d6:ee:17:80:0b:eb:80:4f:b4:6f:61:34:2c:69:33:
8d:20:01:51:94:d6:40:9b:25:05:9b:2d:ee:ac:76:
85:88:f2:9a:49:2b:2b:9e:d5:09:54:7a:51:d9:55:
d1:aa:c6:bd:78:75:95:4c:37:db:9c:41:da:70:10:
07:f9:aa:9e:6d:c7:0b:bc:0f:50:21:96:5c:24:28:
15:62:27:e1:07:03:45:40:9f:2f:4c:a6:0e:ac:1c:
7d:4f:e1:0e:28:ef:5d:fe:ae:dc:10:5e:f0:95:bd:
33:4b:e8:7b:74:2f:4d:37:09:2f:25:f0:99:74:46:
23:96:63:c0:2e:21:72:b8:6d:bf:f2:34:67:2c:9e:
f6:c6:e8:21:9f:0e:63:5c:c0:d7:69:6b:ab:90:b4:
2e:92:7a:67:88:74:1f:ca:57:22:33:37:e5:32:27:
dd:da:ff:71:fe:02:64:e6:ee:51:d2:37:16:ca:14:
6b:c6:d1:37:82:5a:2c:17:54:7c:97:7f:38:06:ce:
ae:09:fe:d2:d5:94:ab:2d:c4:e9:92:83:5d:85:b7:
2e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:58:C0:00:BA:49:BF:1B:90:CB:61:B2:78:FB:29:B9:39:2B:E8:A1
X509v3 Authority Key Identifier:
keyid:5D:F5:ED:04:0E:FE:2E:58:17:54:DE:B5:C3:CD:82:D9:9D:FE:E8:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfXtBA7-LlgXVN61w82C2Z3-6Nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/BVjAALpJvxuQy2GyePspuTkr6KE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/XfXtBA7-LlgXVN61w82C2Z3-6Nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.58.80.0/21
185.49.248.0/22
185.146.64.0/24
185.169.236.0/22
195.234.92.0/23
IPv6:
2a01:a620::/32
2a0a:7300::/32
Signature Algorithm: sha256WithRSAEncryption
35:7c:9a:f4:1b:c8:8e:3b:cc:8c:9f:9a:ba:b1:3b:71:7d:87:
1f:47:24:bd:ba:28:70:89:d7:ef:01:ff:2a:94:13:74:81:ab:
2c:c9:91:57:4a:83:9f:cb:e5:e9:2f:93:19:19:b6:a1:c0:9c:
58:6d:61:10:d5:6d:f3:6d:f2:34:94:bd:d6:cf:75:ca:4a:ea:
f2:50:01:fc:2b:6a:89:2a:4f:32:ef:4b:dd:85:21:14:cd:f3:
0f:83:91:a9:1f:8a:c6:c0:68:4d:a5:e1:7c:48:e2:45:96:78:
3f:35:6e:1d:bc:9b:c8:56:cd:92:ba:41:56:2b:17:fc:15:ad:
a8:5b:0d:16:7d:85:0c:aa:f5:a7:1d:79:9a:79:0e:68:9f:58:
a5:bc:fa:21:9e:c5:8b:d9:55:55:ae:30:bb:a9:a2:b6:b9:07:
db:a8:87:ad:74:bf:46:ff:66:7a:16:34:2b:5c:c4:21:04:e5:
20:b7:55:c7:c8:1b:7a:56:5e:e2:d1:1f:31:f7:52:3a:b0:f7:
0c:42:52:06:e6:33:8c:ba:8f:c5:81:61:f9:15:d1:01:cc:a1:
ae:02:4e:b0:7e:ab:f6:af:94:f1:7b:b3:6d:62:8e:95:2c:cb:
5a:3d:ef:b0:91:b2:87:0b:71:ca:c8:b1:c7:1b:e8:d5:4d:66:
48:e9:c8:68
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZ3PR93m9rxlMPmZHUuKPZ9qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZjVlZDA0MGVmZTJlNTgxNzU0ZGViNWMzY2Q4MmQ5OWRm
ZWU4ZDkwHhcNMjYwNDI3MTQxMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTU4YzAwMGJhNDliZjFiOTBjYjYxYjI3OGZiMjliOTM5MmJlOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqjO75r49Nfxeyhpxomlo3Wxtvwv
9712Wh2xDWoAdnwwrvmAkbNbPSNkqNHW7heAC+uAT7RvYTQsaTONIAFRlNZAmyUF
my3urHaFiPKaSSsrntUJVHpR2VXRqsa9eHWVTDfbnEHacBAH+aqebccLvA9QIZZc
JCgVYifhBwNFQJ8vTKYOrBx9T+EOKO9d/q7cEF7wlb0zS+h7dC9NNwkvJfCZdEYj
lmPALiFyuG2/8jRnLJ72xughnw5jXMDXaWurkLQuknpniHQfylciMzflMifd2v9x
/gJk5u5R0jcWyhRrxtE3glosF1R8l384Bs6uCf7S1ZSrLcTpkoNdhbcuTQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFAVYwAC6Sb8bkMthsnj7Kbk5K+ihMB8GA1UdIwQY
MBaAFF317QQO/i5YF1TetcPNgtmd/ujZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGZYdEJBNy1MbGdYVk42MXc4MkMyWjMtNk5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9iM2Q3NmYtNmVmOS00YzRhLTgxMmMt
YmVmZTRiMzRjNmYwLzEvQlZqQUFMcEp2eHVReTJHeWVQc3B1VGtyNktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9iM2Q3NmYtNmVmOS00YzRhLTgxMmMtYmVmZTRiMzRjNmYw
LzEvWGZYdEJBNy1MbGdYVk42MXc4MkMyWjMtNk5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDsDpQAwQC
uTH4AwQAuZJAAwQCuansAwQBw+pcMBQEAgACMA4DBQAqAaYgAwUAKgpzADANBgkq
hkiG9w0BAQsFAAOCAQEANXya9BvIjjvMjJ+aurE7cX2HH0ckvboocInX7wH/KpQT
dIGrLMmRV0qDn8vl6S+TGRm2ocCcWG1hENVt823yNJS91s91ykrq8lAB/CtqiSpP
Mu9L3YUhFM3zD4ORqR+KxsBoTaXhfEjiRZZ4PzVuHbybyFbNkrpBVisX/BWtqFsN
Fn2FDKr1px15mnkOaJ9Ypbz6IZ7Fi9lVVa4wu6mitrkH26iHrXS/Rv9mehY0K1zE
IQTlILdVx8gbelZe4tEfMfdSOrD3DEJSBuYzjLqPxYFh+RXRAcyhrgJOsH6r9q+U
8XuzbWKOlSzLWj3vsJGyhwtxysixxxvo1U1mSOnIaA==
-----END CERTIFICATE-----
Generated at Mon Apr 27 19:26:04 2026 by rpki-client