Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/bjyRiEtsDWXbWRbjIyTuyPBX95U.roa
File: bjyRiEtsDWXbWRbjIyTuyPBX95U.roa (raw, json)
Hash identifier: whnQt35/onN65pzitXWQt/7e/9ycIz0NMzBZ7rbttws=
Subject key identifier: 6E:3C:91:88:4B:6C:0D:65:DB:59:16:E3:23:24:EE:C8:F0:57:F7:95
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019E6DDEF0073310A698C8D077572807BC6C
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/bjyRiEtsDWXbWRbjIyTuyPBX95U.roa
Signing time: Thu 28 May 2026 09:16:27 +0000
ROA not before: Thu 28 May 2026 09:16:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39831
IP address blocks: 185.181.35.0/24 maxlen: 24
185.226.192.0/24 maxlen: 24
201.49.191.0/24 maxlen: 24
2a05:4380::/32 maxlen: 32
2a0a:e9c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 00:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6d:de:f0:07:33:10:a6:98:c8:d0:77:57:28:07:bc:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: May 28 09:16:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e3c91884b6c0d65db5916e32324eec8f057f795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:96:07:fa:d9:5b:0c:2e:27:9e:35:8b:93:73:
9c:a5:9d:70:18:19:fd:f6:8f:70:e6:8a:da:a5:67:
27:fb:0f:a3:91:0d:b3:e9:8c:b3:ff:fd:8d:79:ad:
37:f5:fd:17:1e:c8:7c:6b:7f:10:8f:af:b8:c0:1b:
7b:2c:2a:bc:11:d3:a4:d9:24:f8:05:10:a0:68:72:
7f:a2:4f:8b:23:fe:ee:a7:82:98:d2:b4:82:07:4b:
a9:6a:3f:a2:b3:aa:32:f7:e6:0b:16:3a:23:6c:68:
97:94:80:c6:97:6e:f4:ea:8a:9c:c5:32:99:53:b6:
af:80:e4:50:f9:f2:33:d9:8f:24:5b:da:a5:30:66:
71:55:05:9d:d6:62:7b:4c:a0:a8:7e:45:79:44:47:
f7:a5:7d:88:4b:c7:a5:57:26:0c:33:3d:aa:a4:b7:
b4:83:53:47:de:21:02:de:d8:45:e2:38:f0:6c:d0:
8f:e3:55:51:4d:77:ed:d6:fc:c9:f9:42:68:7b:5a:
e6:95:57:61:c8:21:16:21:43:a9:d8:a2:ad:7b:3c:
8d:78:75:34:7b:4c:ad:53:fc:e3:76:9e:63:6c:11:
27:9a:43:73:57:06:2c:e8:c0:7e:e3:f7:cb:ec:ea:
2e:d2:84:a6:c3:07:43:7a:cb:11:39:4a:a2:61:6e:
21:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:3C:91:88:4B:6C:0D:65:DB:59:16:E3:23:24:EE:C8:F0:57:F7:95
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/bjyRiEtsDWXbWRbjIyTuyPBX95U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.35.0/24
185.226.192.0/24
201.49.191.0/24
IPv6:
2a05:4380::/32
2a0a:e9c0::/32
Signature Algorithm: sha256WithRSAEncryption
ca:48:8a:b8:c9:60:5e:62:4d:f0:00:85:fe:9a:89:66:2d:01:
e7:80:02:85:94:a0:4f:17:c3:fa:f2:9e:25:0f:79:ec:4f:6e:
cb:4f:fc:ac:ee:5c:84:cb:5c:8e:fa:61:48:0b:44:4f:ec:4b:
cb:5f:3d:0c:e4:9b:50:ef:90:a2:a0:96:48:65:ae:33:2a:70:
6e:38:70:0e:9d:48:b0:aa:39:54:2e:f0:c9:ea:4a:c8:56:1f:
33:a3:e3:d0:52:41:93:f3:ff:33:eb:7d:64:b8:64:66:8b:1a:
0e:83:53:2b:b0:a5:23:46:88:c2:04:a8:80:1e:fb:64:b3:3f:
a1:60:14:96:83:e5:8c:cf:a4:5b:0c:e4:0a:03:d2:03:87:10:
3c:e6:4d:2b:74:4c:a5:36:3a:41:1a:a0:90:90:20:f2:bd:c0:
1a:a7:ae:36:91:3f:97:a0:bd:de:6c:6b:1e:5c:63:3c:e7:de:
ab:fa:22:54:fd:11:7c:67:26:79:19:c0:b6:e4:83:b7:a6:6b:
e6:97:6c:78:3b:29:30:d3:d7:a4:a1:a3:db:40:59:37:78:69:
ed:69:0a:f3:db:45:27:e2:5b:5e:7a:56:32:b6:c3:ad:4e:26:
7f:2d:21:8d:c6:c7:c5:5e:20:a9:af:c2:7c:33:fb:45:7a:b3:
47:62:96:38
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZ5t3vAHMxCmmMjQd1coB7xsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjYwNTI4MDkxNjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTNjOTE4ODRiNmMwZDY1ZGI1OTE2ZTMyMzI0ZWVjOGYwNTdmNzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7JYH+tlbDC4nnjWLk3OcpZ1wGBn9
9o9w5orapWcn+w+jkQ2z6Yyz//2Nea039f0XHsh8a38Qj6+4wBt7LCq8EdOk2ST4
BRCgaHJ/ok+LI/7up4KY0rSCB0upaj+is6oy9+YLFjojbGiXlIDGl2706oqcxTKZ
U7avgORQ+fIz2Y8kW9qlMGZxVQWd1mJ7TKCofkV5REf3pX2IS8elVyYMMz2qpLe0
g1NH3iEC3thF4jjwbNCP41VRTXft1vzJ+UJoe1rmlVdhyCEWIUOp2KKtezyNeHU0
e0ytU/zjdp5jbBEnmkNzVwYs6MB+4/fL7Oou0oSmwwdDessROUqiYW4hmQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFG48kYhLbA1l21kW4yMk7sjwV/eVMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvYmp5UmlFdHNEV1hiV1Jiakl5VHV5UEJYOTVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQAubUjAwQA
ueLAAwQAyTG/MBQEAgACMA4DBQAqBUOAAwUAKgrpwDANBgkqhkiG9w0BAQsFAAOC
AQEAykiKuMlgXmJN8ACF/pqJZi0B54AChZSgTxfD+vKeJQ957E9uy0/8rO5chMtc
jvphSAtET+xLy189DOSbUO+QoqCWSGWuMypwbjhwDp1IsKo5VC7wyepKyFYfM6Pj
0FJBk/P/M+t9ZLhkZosaDoNTK7ClI0aIwgSogB77ZLM/oWAUloPljM+kWwzkCgPS
A4cQPOZNK3RMpTY6QRqgkJAg8r3AGqeuNpE/l6C93mxrHlxjPOfeq/oiVP0RfGcm
eRnAtuSDt6Zr5pdseDspMNPXpKGj20BZN3hp7WkK89tFJ+JbXnpWMrbDrU4mfy0h
jcbHxV4gqa/CfDP7RXqzR2KWOA==
-----END CERTIFICATE-----
Generated at Thu Jun 11 09:44:12 2026 by rpki-client