Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/bd5HjHWKnoDBVJoA6gHXpW9_IeE.roa
File: bd5HjHWKnoDBVJoA6gHXpW9_IeE.roa (raw, json)
Hash identifier: gy+WqX/DnfJm/Wi+Ssb/2H3wdJYB8xCppPchFUbr5l0=
Subject key identifier: 6D:DE:47:8C:75:8A:9E:80:C1:54:9A:00:EA:01:D7:A5:6F:7F:21:E1
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019743A10E7CD2ABECA2BEAAFE84D25A9477
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/bd5HjHWKnoDBVJoA6gHXpW9_IeE.roa
Signing time: Fri 06 Jun 2025 05:05:17 +0000
ROA not before: Fri 06 Jun 2025 05:05:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19318
IP address blocks: 124.198.131.0/24 maxlen: 24
124.198.132.0/24 maxlen: 24
155.2.192.0/24 maxlen: 24
203.188.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 09:21:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:43:a1:0e:7c:d2:ab:ec:a2:be:aa:fe:84:d2:5a:94:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jun 6 05:05:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6dde478c758a9e80c1549a00ea01d7a56f7f21e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:60:d3:66:4c:b0:09:9c:bd:14:5b:72:b8:82:
d1:c7:89:f1:ae:de:3a:fd:22:aa:8c:de:d4:62:9c:
6a:ab:f2:76:5b:03:cd:92:23:b8:5b:e0:6f:2b:39:
6d:47:82:fe:97:d8:f3:55:2d:ca:7d:55:5e:ed:34:
25:13:aa:13:83:67:43:53:45:d9:fd:58:d8:10:b0:
77:2d:c0:33:d7:c7:d5:6e:f3:1b:20:75:7f:b1:02:
81:5f:35:ad:56:b6:54:e3:51:c8:99:73:52:a9:40:
fb:22:5c:9c:02:cd:e5:72:d6:73:2b:d8:68:db:f5:
15:a4:45:2b:a9:98:14:43:16:d3:28:49:06:3c:18:
b9:fb:85:f3:04:92:df:47:9b:86:c7:0f:51:6a:1a:
d1:15:eb:a7:c1:ad:79:b3:59:e1:d1:64:b1:0e:62:
e6:5e:5d:af:8e:1d:9b:2b:69:02:52:03:bc:20:90:
30:76:3e:5d:b4:db:c8:76:69:8a:36:aa:f3:63:45:
6a:d8:82:a2:99:c4:0a:62:9c:d0:f8:ae:42:db:3a:
de:59:3c:62:58:e4:40:9f:b3:97:d5:12:39:13:39:
94:f4:ad:97:59:45:e0:02:80:e4:33:b6:51:96:d5:
c0:49:2b:e1:2e:5b:47:3a:73:09:0f:27:67:d6:ac:
32:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:DE:47:8C:75:8A:9E:80:C1:54:9A:00:EA:01:D7:A5:6F:7F:21:E1
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/bd5HjHWKnoDBVJoA6gHXpW9_IeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
124.198.131.0-124.198.132.255
155.2.192.0/24
203.188.171.0/24
Signature Algorithm: sha256WithRSAEncryption
30:19:b1:1a:d9:43:cc:2e:a1:45:19:66:05:1c:d3:5f:22:40:
56:43:1a:51:c2:ec:a8:0d:db:32:4c:10:c4:3d:a6:62:84:b0:
17:13:b5:de:7c:82:53:73:59:88:50:00:f0:ca:8e:13:cc:93:
83:1d:7d:65:b4:36:50:81:63:60:36:34:12:2f:f8:47:d8:6b:
fe:64:09:4a:9e:33:a0:0a:2a:c7:43:35:cd:5f:0c:31:0d:a8:
d7:89:34:d8:24:8f:ab:dd:8f:60:67:a1:eb:00:15:41:b5:10:
f7:b4:92:4c:02:18:20:4e:48:3d:2d:cf:49:de:3d:3b:04:20:
d6:7c:c0:5c:14:51:c1:51:a4:e4:22:c3:48:f4:61:d4:ec:96:
e9:a5:6c:7a:ff:5a:16:57:96:9f:4c:6a:f1:e5:a3:b8:ee:4d:
1b:05:80:ce:d8:35:86:66:54:60:7c:bf:f1:53:23:f4:4d:61:
36:b5:04:ba:73:20:5c:08:b6:55:da:e0:1b:aa:03:c9:7b:d2:
fa:9c:7e:2a:2b:73:3c:5c:27:c9:33:6a:6f:56:4d:11:6c:db:
bb:9b:10:10:2d:7b:01:d0:12:30:a8:3c:55:5b:38:f6:9e:d0:
ac:89:bc:60:b3:b6:79:36:69:0a:cc:67:52:f1:61:d0:c5:be:
31:8e:19:3d
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZdDoQ580qvsor6q/oTSWpR3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwNjA2MDUwNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGRlNDc4Yzc1OGE5ZTgwYzE1NDlhMDBlYTAxZDdhNTZmN2YyMWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx2DTZkywCZy9FFtyuILRx4nxrt46
/SKqjN7UYpxqq/J2WwPNkiO4W+BvKzltR4L+l9jzVS3KfVVe7TQlE6oTg2dDU0XZ
/VjYELB3LcAz18fVbvMbIHV/sQKBXzWtVrZU41HImXNSqUD7IlycAs3lctZzK9ho
2/UVpEUrqZgUQxbTKEkGPBi5+4XzBJLfR5uGxw9RahrRFeunwa15s1nh0WSxDmLm
Xl2vjh2bK2kCUgO8IJAwdj5dtNvIdmmKNqrzY0Vq2IKimcQKYpzQ+K5C2zreWTxi
WORAn7OX1RI5EzmU9K2XWUXgAoDkM7ZRltXASSvhLltHOnMJDydn1qwyKwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFG3eR4x1ip6AwVSaAOoB16VvfyHhMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvYmQ1SGpIV0tub0RCVkpvQTZnSFhwVzlfSWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAB8xoMD
BAB8xoQDBACbAsADBADLvKswDQYJKoZIhvcNAQELBQADggEBADAZsRrZQ8wuoUUZ
ZgUc018iQFZDGlHC7KgN2zJMEMQ9pmKEsBcTtd58glNzWYhQAPDKjhPMk4MdfWW0
NlCBY2A2NBIv+EfYa/5kCUqeM6AKKsdDNc1fDDENqNeJNNgkj6vdj2BnoesAFUG1
EPe0kkwCGCBOSD0tz0nePTsEINZ8wFwUUcFRpOQiw0j0YdTslumlbHr/WhZXlp9M
avHlo7juTRsFgM7YNYZmVGB8v/FTI/RNYTa1BLpzIFwItlXa4BuqA8l70vqcfior
czxcJ8kzam9WTRFs27ubEBAtewHQEjCoPFVbOPae0KyJvGCztnk2aQrMZ1LxYdDF
vjGOGT0=
-----END CERTIFICATE-----
Generated at Sun Jun 8 16:31:36 2025 by rpki-client