Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/BJP-H2Zzd42uuQpoquH1ViVfils.roa
File: BJP-H2Zzd42uuQpoquH1ViVfils.roa (raw, json)
Hash identifier: s1yM80zJjReddKIgPH7xzxEKOsllacgAFVka287RRRY=
Subject key identifier: 04:93:FE:1F:66:73:77:8D:AE:B9:0A:68:AA:E1:F5:56:25:5F:8A:5B
Certificate issuer: /CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Certificate serial: 019DB96217C7A4A61058889D90E0F76E6605
Authority key identifier: 75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/BJP-H2Zzd42uuQpoquH1ViVfils.roa
Signing time: Thu 23 Apr 2026 08:08:26 +0000
ROA not before: Thu 23 Apr 2026 08:08:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3302
IP address blocks: 5.150.128.0/20 maxlen: 20
31.10.48.0/21 maxlen: 21
46.228.240.0/20 maxlen: 20
62.94.0.0/16 maxlen: 24
62.173.160.0/19 maxlen: 19
62.196.0.0/16 maxlen: 16
77.43.0.0/17 maxlen: 17
77.94.68.0/22 maxlen: 22
77.94.72.0/21 maxlen: 21
77.94.80.0/20 maxlen: 20
77.246.0.0/20 maxlen: 20
80.74.176.0/20 maxlen: 20
81.27.176.0/20 maxlen: 20
81.92.32.0/20 maxlen: 20
82.193.0.0/19 maxlen: 19
83.211.0.0/16 maxlen: 24
84.253.128.0/18 maxlen: 18
88.86.160.0/19 maxlen: 19
94.138.32.0/19 maxlen: 19
128.65.112.0/20 maxlen: 20
185.53.0.0/22 maxlen: 22
185.58.44.0/22 maxlen: 22
185.82.0.0/22 maxlen: 22
185.168.24.0/22 maxlen: 24
194.20.0.0/16 maxlen: 24
194.21.0.0/18 maxlen: 24
194.153.192.0/20 maxlen: 24
194.153.208.0/22 maxlen: 24
194.242.192.0/19 maxlen: 19
194.244.0.0/16 maxlen: 16
195.62.224.0/19 maxlen: 24
195.78.192.0/19 maxlen: 19
195.110.128.0/19 maxlen: 24
212.90.0.0/19 maxlen: 24
212.110.0.0/19 maxlen: 24
213.21.128.0/18 maxlen: 18
213.136.128.0/18 maxlen: 24
213.149.192.0/19 maxlen: 19
213.183.128.0/19 maxlen: 19
213.198.128.0/18 maxlen: 24
213.203.128.0/18 maxlen: 24
217.11.80.0/20 maxlen: 20
217.12.176.0/20 maxlen: 20
217.15.208.0/20 maxlen: 24
217.26.80.0/20 maxlen: 20
217.29.160.0/20 maxlen: 20
2001:750::/29 maxlen: 32
2a02:7d8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.mft
rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 08:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b9:62:17:c7:a4:a6:10:58:88:9d:90:e0:f7:6e:66:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7539b7a123417aa719325946aa89e0f30ab0ca09
Validity
Not Before: Apr 23 08:08:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0493fe1f6673778daeb90a68aae1f556255f8a5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:57:a3:b7:ef:46:c0:5d:cd:9b:c6:4e:48:ed:
9f:23:b6:51:43:07:b4:06:c7:28:11:db:60:b1:97:
4f:52:4a:0f:9a:fd:05:f2:c7:7c:2c:32:b8:2f:e9:
d6:ad:01:16:6b:a5:35:c5:7c:de:b5:ae:b2:e3:84:
5b:99:c2:c2:13:29:02:42:65:1b:3b:d3:81:0c:73:
97:1a:bb:70:da:0b:d6:20:ce:0d:0e:c8:49:42:8b:
0d:b6:25:1e:8f:52:25:ad:28:02:73:9b:6f:80:43:
ed:35:e0:8b:f8:17:e1:61:e0:0a:04:db:b0:a0:be:
09:2d:4d:5e:95:2d:2d:54:6f:ba:02:3b:6c:e4:13:
ef:76:70:68:af:a9:55:4c:18:13:44:6b:2c:f7:b5:
ef:09:ac:03:43:92:61:8b:e6:be:5a:01:20:cd:ec:
70:ff:1d:04:0b:99:e7:27:6f:b2:b0:87:c9:84:a2:
b5:c1:24:92:6f:80:ff:88:f7:be:af:bd:d0:1b:00:
88:41:17:61:b5:71:ab:d5:ef:86:fd:e7:6d:84:45:
44:93:96:d0:e0:b1:44:54:9f:90:1b:3f:4e:07:bc:
fb:12:75:e4:5f:8d:fb:79:ee:91:e1:ee:7f:75:51:
07:a0:2b:c2:81:58:d9:48:45:35:32:24:a4:4f:8d:
29:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:93:FE:1F:66:73:77:8D:AE:B9:0A:68:AA:E1:F5:56:25:5F:8A:5B
X509v3 Authority Key Identifier:
keyid:75:39:B7:A1:23:41:7A:A7:19:32:59:46:AA:89:E0:F3:0A:B0:CA:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dTm3oSNBeqcZMllGqong8wqwygk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/BJP-H2Zzd42uuQpoquH1ViVfils.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/807ed5-50b3-4e5f-9367-5b5e33ce70ad/1/dTm3oSNBeqcZMllGqong8wqwygk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.150.128.0/20
31.10.48.0/21
46.228.240.0/20
62.94.0.0/16
62.173.160.0/19
62.196.0.0/16
77.43.0.0/17
77.94.68.0-77.94.95.255
77.246.0.0/20
80.74.176.0/20
81.27.176.0/20
81.92.32.0/20
82.193.0.0/19
83.211.0.0/16
84.253.128.0/18
88.86.160.0/19
94.138.32.0/19
128.65.112.0/20
185.53.0.0/22
185.58.44.0/22
185.82.0.0/22
185.168.24.0/22
194.20.0.0-194.21.63.255
194.153.192.0-194.153.211.255
194.242.192.0/19
194.244.0.0/16
195.62.224.0/19
195.78.192.0/19
195.110.128.0/19
212.90.0.0/19
212.110.0.0/19
213.21.128.0/18
213.136.128.0/18
213.149.192.0/19
213.183.128.0/19
213.198.128.0/18
213.203.128.0/18
217.11.80.0/20
217.12.176.0/20
217.15.208.0/20
217.26.80.0/20
217.29.160.0/20
IPv6:
2001:750::/29
2a02:7d8::/32
Signature Algorithm: sha256WithRSAEncryption
3e:87:71:d7:86:42:c5:a4:a3:7a:f8:d9:81:67:be:53:b3:1f:
41:53:c3:61:31:6e:f3:20:a5:f1:75:ee:0e:b3:31:a2:15:0a:
92:ed:91:43:c5:11:b5:b1:87:8b:1e:59:ef:8d:2c:55:9f:13:
3f:2e:ba:b9:48:63:bd:07:42:98:7f:b6:b4:5c:74:ab:a0:3c:
da:c3:c0:f3:7c:4c:7b:17:5a:5d:34:48:66:c4:04:88:50:45:
b1:73:35:de:ee:80:1b:ec:b5:b0:ce:14:66:22:ed:cc:68:ec:
fd:16:4b:23:b7:18:1b:1f:f0:75:d8:f8:57:17:30:f9:fe:ec:
91:2a:e0:12:2c:40:02:2c:ea:59:e2:d1:80:a5:1c:af:69:2c:
6a:73:e6:70:2f:8c:67:c4:27:88:5e:e1:16:98:e2:8a:00:bd:
71:a1:01:5f:d3:39:b1:a8:d9:41:d0:44:94:f3:ea:b6:2f:fb:
61:be:37:de:6b:86:dc:25:25:e4:0e:bc:bb:d1:be:02:f5:c6:
dc:44:17:f9:b6:a2:e3:8a:c7:b7:e9:cd:38:89:7e:20:ba:46:
23:34:27:a3:2a:05:94:31:b0:b6:21:a5:23:72:11:1b:72:b7:
76:e1:b0:6d:f4:c0:6f:45:37:98:03:87:4f:ea:13:20:8f:23:
15:ad:8e:bf
-----BEGIN CERTIFICATE-----
MIIGJjCCBQ6gAwIBAgISAZ25YhfHpKYQWIidkOD3bmYFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MzliN2ExMjM0MTdhYTcxOTMyNTk0NmFhODllMGYzMGFi
MGNhMDkwHhcNMjYwNDIzMDgwODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDkzZmUxZjY2NzM3NzhkYWViOTBhNjhhYWUxZjU1NjI1NWY4YTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFejt+9GwF3Nm8ZOSO2fI7ZRQwe0
BscoEdtgsZdPUkoPmv0F8sd8LDK4L+nWrQEWa6U1xXzeta6y44RbmcLCEykCQmUb
O9OBDHOXGrtw2gvWIM4NDshJQosNtiUej1IlrSgCc5tvgEPtNeCL+BfhYeAKBNuw
oL4JLU1elS0tVG+6Ajts5BPvdnBor6lVTBgTRGss97XvCawDQ5Jhi+a+WgEgzexw
/x0EC5nnJ2+ysIfJhKK1wSSSb4D/iPe+r73QGwCIQRdhtXGr1e+G/edthEVEk5bQ
4LFEVJ+QGz9OB7z7EnXkX437ee6R4e5/dVEHoCvCgVjZSEU1MiSkT40pKQIDAQAB
o4IDMjCCAy4wHQYDVR0OBBYEFAST/h9mc3eNrrkKaKrh9VYlX4pbMB8GA1UdIwQY
MBaAFHU5t6EjQXqnGTJZRqqJ4PMKsMoJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjct
NWI1ZTMzY2U3MGFkLzEvQkpQLUgyWnpkNDJ1dVFwb3F1SDFWaVZmaWxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi84MDdlZDUtNTBiMy00ZTVmLTkzNjctNWI1ZTMzY2U3MGFk
LzEvZFRtM29TTkJlcWNaTWxsR3Fvbmc4d3F3eWdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRgYIKwYBBQUHAQcBAf8EggE1MIIBMTCCARcEAgABMIIB
DwMEBAWWgAMEAx8KMAMEBC7k8AMDAD5eAwQFPq2gAwMAPsQDBAdNKwAwDAMEAk1e
RAMEBU1eQAMEBE32AAMEBFBKsAMEBFEbsAMEBFFcIAMEBVLBAAMDAFPTAwQGVP2A
AwQFWFagAwQFXoogAwQEgEFwAwQCuTUAAwQCuTosAwQCuVIAAwQCuagYMAsDAwLC
FAMEBsIVADAMAwQGwpnAAwQCwpnQAwQFwvLAAwMAwvQDBAXDPuADBAXDTsADBAXD
boADBAXUWgADBAXUbgADBAbVFYADBAbViIADBAXVlcADBAXVt4ADBAbVxoADBAbV
y4ADBATZC1ADBATZDLADBATZD9ADBATZGlADBATZHaAwFAQCAAIwDgMFAyABB1AD
BQAqAgfYMA0GCSqGSIb3DQEBCwUAA4IBAQA+h3HXhkLFpKN6+NmBZ75Tsx9BU8Nh
MW7zIKXxde4OszGiFQqS7ZFDxRG1sYeLHlnvjSxVnxM/Lrq5SGO9B0KYf7a0XHSr
oDzaw8DzfEx7F1pdNEhmxASIUEWxczXe7oAb7LWwzhRmIu3MaOz9FksjtxgbH/B1
2PhXFzD5/uyRKuASLEACLOpZ4tGApRyvaSxqc+ZwL4xnxCeIXuEWmOKKAL1xoQFf
0zmxqNlB0ESU8+q2L/thvjfea4bcJSXkDry70b4C9cbcRBf5tqLjise36c04iX4g
ukYjNCejKgWUMbC2IaUjchEbcrd24bBt9MBvRTeYA4dP6hMgjyMVrY6/
-----END CERTIFICATE-----
Generated at Mon Apr 27 15:44:41 2026 by rpki-client