Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Ble-2DKUX-bI_pCO2COt4CKXa8c.roa
File: Ble-2DKUX-bI_pCO2COt4CKXa8c.roa (raw, json)
Hash identifier: CZIHpvsUMQoZP0t5OmkQjhg6lPLENkoG8ZqKq6OJf9Q=
Subject key identifier: 06:57:BE:D8:32:94:5F:E6:C8:FE:90:8E:D8:23:AD:E0:22:97:6B:C7
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 019CB9248F6AFBC839014EE80D2AB6CE2EB8
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Ble-2DKUX-bI_pCO2COt4CKXa8c.roa
Signing time: Wed 04 Mar 2026 13:58:26 +0000
ROA not before: Wed 04 Mar 2026 13:58:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29075
IP address blocks: 45.10.224.0/23 maxlen: 23
45.10.226.0/24 maxlen: 24
45.94.124.0/22 maxlen: 22
45.94.128.0/22 maxlen: 22
45.94.128.0/23 maxlen: 23
45.94.130.0/23 maxlen: 23
85.118.32.0/19 maxlen: 19
91.109.176.0/20 maxlen: 20
128.204.224.0/20 maxlen: 20
141.255.144.0/20 maxlen: 20
178.20.48.0/21 maxlen: 21
185.10.252.0/22 maxlen: 24
185.10.252.0/24 maxlen: 24
185.10.254.0/24 maxlen: 24
185.10.255.0/24 maxlen: 24
185.118.0.0/22 maxlen: 22
185.123.24.0/22 maxlen: 22
185.132.74.0/24 maxlen: 24
185.177.180.0/22 maxlen: 22
188.121.224.0/19 maxlen: 19
188.121.227.0/24 maxlen: 24
212.85.144.0/20 maxlen: 20
2a00:1b88::/32 maxlen: 32
2a02:2178::/29 maxlen: 29
2a02:2178::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Mar 2026 15:50:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b9:24:8f:6a:fb:c8:39:01:4e:e8:0d:2a:b6:ce:2e:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Mar 4 13:58:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0657bed832945fe6c8fe908ed823ade022976bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4f:1e:25:d6:aa:f6:15:fa:b8:54:a4:d7:e5:
df:5b:93:53:03:20:5a:3a:57:18:3e:53:9e:96:3c:
7b:4f:1e:e8:ba:e3:b8:04:48:7a:04:30:11:d7:bc:
8c:c5:e8:a5:b6:4b:ed:44:bf:51:a4:a2:e1:d5:4e:
b2:53:64:f6:84:3d:9a:f3:38:81:09:54:e3:34:74:
2b:9e:a2:9d:b2:93:3f:08:f4:c9:05:35:7f:03:c1:
63:91:e8:b9:50:b6:3f:ce:27:c0:3d:bd:bc:7b:b0:
73:78:73:2b:45:1c:7c:2d:0f:c3:c4:56:fd:1e:19:
72:f2:e5:4a:48:a7:cd:2a:c0:67:f9:a3:2b:44:fc:
b1:7b:18:7f:24:3e:be:46:26:c0:9c:e6:30:43:4e:
5c:1b:6d:ff:ef:f5:98:d8:5a:2a:4b:31:62:91:93:
62:72:9c:40:f6:3d:b5:3d:ed:47:dd:cf:24:7b:a8:
15:49:6c:e5:37:fd:ad:83:be:18:85:72:dd:1d:95:
8e:53:6a:d7:f4:ef:a3:56:f3:3f:06:b0:f7:3e:29:
a0:53:3d:28:3a:8a:75:b2:bc:9d:c1:dc:91:e8:f5:
5e:fc:d1:19:28:06:72:ea:ab:55:83:f1:6f:69:29:
28:67:60:43:e7:6f:81:19:0b:33:01:c3:45:c4:75:
c8:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:57:BE:D8:32:94:5F:E6:C8:FE:90:8E:D8:23:AD:E0:22:97:6B:C7
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Ble-2DKUX-bI_pCO2COt4CKXa8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.224.0-45.10.226.255
45.94.124.0-45.94.131.255
85.118.32.0/19
91.109.176.0/20
128.204.224.0/20
141.255.144.0/20
178.20.48.0/21
185.10.252.0/22
185.118.0.0/22
185.123.24.0/22
185.132.74.0/24
185.177.180.0/22
188.121.224.0/19
212.85.144.0/20
IPv6:
2a00:1b88::/32
2a02:2178::/29
Signature Algorithm: sha256WithRSAEncryption
39:e4:a5:5a:c1:38:dc:17:30:68:0f:43:e8:07:02:c8:ef:15:
2b:50:a6:b0:d1:4e:4e:9d:f4:fd:6b:64:25:a4:ee:7a:de:1a:
73:94:06:6f:f3:b7:3c:d3:12:66:0f:5b:68:47:4a:43:f1:ab:
9b:ec:af:d5:6b:a2:53:f3:a8:4a:35:e0:6b:af:ef:fd:b9:c2:
99:e8:dd:29:c6:6c:a9:9c:16:23:17:e7:57:15:12:71:25:0d:
ab:ab:73:b7:df:6c:fa:bf:2d:23:fe:ca:73:44:23:94:12:73:
e2:8e:0a:e9:0a:5e:14:b4:ff:af:56:bf:98:08:7c:29:ff:5a:
26:10:55:be:bb:86:3f:08:75:f3:3a:06:a5:c3:e7:0d:ce:42:
50:6f:16:e6:08:b5:e0:b9:86:a0:3d:32:d3:e0:5b:22:c6:5f:
da:89:5d:b3:38:0b:7c:fa:75:53:2f:82:fc:74:87:88:15:85:
fd:dc:71:a5:09:5e:12:bf:57:dd:4b:18:3c:8c:3c:31:6f:c1:
dd:1a:3b:31:76:91:7b:7f:4a:03:68:6b:f1:c9:ca:a3:c8:2b:
db:db:ce:56:5b:db:5e:ec:10:77:fa:2a:37:04:34:b3:ca:96:
36:74:98:72:81:aa:55:df:d1:4e:a1:e0:aa:04:79:00:69:ba:
fc:61:9b:75
-----BEGIN CERTIFICATE-----
MIIFdDCCBFygAwIBAgISAZy5JI9q+8g5AU7oDSq2zi64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjYwMzA0MTM1ODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjU3YmVkODMyOTQ1ZmU2YzhmZTkwOGVkODIzYWRlMDIyOTc2YmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj08eJdaq9hX6uFSk1+XfW5NTAyBa
OlcYPlOeljx7Tx7ouuO4BEh6BDAR17yMxeiltkvtRL9RpKLh1U6yU2T2hD2a8ziB
CVTjNHQrnqKdspM/CPTJBTV/A8Fjkei5ULY/zifAPb28e7BzeHMrRRx8LQ/DxFb9
Hhly8uVKSKfNKsBn+aMrRPyxexh/JD6+RibAnOYwQ05cG23/7/WY2FoqSzFikZNi
cpxA9j21Pe1H3c8ke6gVSWzlN/2tg74YhXLdHZWOU2rX9O+jVvM/BrD3PimgUz0o
Oop1srydwdyR6PVe/NEZKAZy6qtVg/FvaSkoZ2BD52+BGQszAcNFxHXImwIDAQAB
o4ICgDCCAnwwHQYDVR0OBBYEFAZXvtgylF/myP6QjtgjreAil2vHMB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvQmxlLTJES1VYLWJJX3BDTzJDT3Q0Q0tYYThjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYtNDA0Nzk4NzA5NzZl
LzEvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGVBggrBgEFBQcBBwEB/wSBhTCBgjBqBAIAATBkMAwDBAUt
CuADBAAtCuIwDAMEAi1efAMEAi1egAMEBVV2IAMEBFttsAMEBIDM4AMEBI3/kAME
A7IUMAMEArkK/AMEArl2AAMEArl7GAMEALmESgMEArmxtAMEBbx54AMEBNRVkDAU
BAIAAjAOAwUAKgAbiAMFAyoCIXgwDQYJKoZIhvcNAQELBQADggEBADnkpVrBONwX
MGgPQ+gHAsjvFStQprDRTk6d9P1rZCWk7nreGnOUBm/ztzzTEmYPW2hHSkPxq5vs
r9VrolPzqEo14Guv7/25wpno3SnGbKmcFiMX51cVEnElDaurc7ffbPq/LSP+ynNE
I5QSc+KOCukKXhS0/69Wv5gIfCn/WiYQVb67hj8IdfM6BqXD5w3OQlBvFuYIteC5
hqA9MtPgWyLGX9qJXbM4C3z6dVMvgvx0h4gVhf3ccaUJXhK/V91LGDyMPDFvwd0a
OzF2kXt/SgNoa/HJyqPIK9vbzlZb217sEHf6KjcENLPKljZ0mHKBqlXf0U6h4KoE
eQBpuvxhm3U=
-----END CERTIFICATE-----
Generated at Tue Mar 17 00:40:11 2026 by rpki-client