Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/bgJ7rFWnfoshvC4eV7CAkgZqHG0.roa
File: bgJ7rFWnfoshvC4eV7CAkgZqHG0.roa (raw, json)
Hash identifier: PATqRpXU1ld4RrBFHxUB48disbekj/eibE1opPwFCWU=
Subject key identifier: 6E:02:7B:AC:55:A7:7E:8B:21:BC:2E:1E:57:B0:80:92:06:6A:1C:6D
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 01990F2DA7B7B057879351728330FEA15ECB
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/bgJ7rFWnfoshvC4eV7CAkgZqHG0.roa
Signing time: Wed 03 Sep 2025 10:44:34 +0000
ROA not before: Wed 03 Sep 2025 10:44:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215376
IP address blocks: 77.221.134.0/24 maxlen: 24
77.221.146.0/24 maxlen: 24
109.120.136.0/24 maxlen: 24
176.98.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 17:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0f:2d:a7:b7:b0:57:87:93:51:72:83:30:fe:a1:5e:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Sep 3 10:44:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e027bac55a77e8b21bc2e1e57b08092066a1c6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:d7:12:0e:2f:d9:bd:f6:c6:6f:4d:24:06:d3:
5f:8e:c2:c1:1c:d9:65:47:04:87:d1:4d:e2:dc:bd:
71:bf:15:36:da:88:87:5b:38:3c:2d:fa:47:22:d4:
dd:59:f3:71:d7:8f:56:b5:92:27:a6:d9:e1:fb:9e:
ae:42:ee:16:17:c6:bf:e7:e2:7f:8a:3f:1f:3e:b7:
7f:bf:78:cc:79:28:d1:8a:3b:6f:d5:7c:32:28:fb:
6d:8f:77:25:df:f6:5b:3c:81:04:26:c9:5c:6f:dc:
bb:c9:6f:69:ce:09:12:a6:80:57:80:99:5f:3c:8a:
2a:4c:1d:69:9e:e2:49:b1:75:5c:4a:1f:03:54:21:
6a:48:31:3a:c6:5b:65:54:b5:24:45:23:f1:59:86:
2c:72:72:31:de:4f:b4:30:c9:85:a7:98:e2:f9:d6:
6d:9f:d2:a1:04:03:91:89:18:8a:87:ab:dc:4c:0f:
60:46:25:49:93:90:81:4a:ea:de:be:55:de:69:62:
05:9f:6d:b9:9f:52:76:3d:84:5b:c0:81:d7:6f:25:
67:20:01:5b:40:1c:ab:30:c9:2a:3b:4e:0b:14:52:
73:81:3c:ca:f1:a1:07:ae:19:21:93:8a:98:1c:e1:
ee:33:7c:f8:ba:ed:9a:1c:7f:36:10:91:c3:78:2d:
de:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:02:7B:AC:55:A7:7E:8B:21:BC:2E:1E:57:B0:80:92:06:6A:1C:6D
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/bgJ7rFWnfoshvC4eV7CAkgZqHG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.221.134.0/24
77.221.146.0/24
109.120.136.0/24
176.98.187.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:f7:df:5f:2b:00:a1:dd:72:0c:0e:01:39:8b:49:7e:06:97:
3c:0b:06:ef:e4:87:33:2e:21:f6:b2:ed:6d:fb:32:2a:70:3f:
ac:0d:4d:7e:cf:78:43:99:de:5f:f1:f4:81:d9:c0:af:52:7c:
ff:42:5c:77:23:e5:ae:0b:8a:fc:46:50:f6:56:97:94:ac:3e:
7a:9e:9e:02:41:3e:f5:e2:27:c6:6e:ab:c6:49:5e:10:6f:94:
1e:d8:32:44:7d:b7:30:b2:cc:69:43:04:ae:80:dc:a7:86:a1:
3f:e5:f7:63:66:46:09:4f:f2:49:e4:02:d6:28:1f:81:e6:43:
8b:71:d9:9f:ae:7d:0a:d3:56:82:7c:79:bb:81:37:a3:c0:0e:
8f:18:71:b3:5e:14:98:a8:34:20:6c:db:0e:2f:e1:f5:cc:c6:
40:e0:d9:53:fb:d0:bf:34:6f:c6:5b:f7:39:18:00:31:d5:ad:
29:6a:9b:c9:23:ba:69:64:e1:f0:8c:af:89:02:6b:ae:ad:40:
2e:df:05:95:88:b3:e4:36:2b:60:53:45:36:c9:fb:cb:90:b7:
16:d6:a4:8a:ab:17:7a:fc:a3:3e:8e:08:3d:91:23:a4:b9:fe:
28:ad:80:50:8d:25:03:d4:88:2f:e1:5f:f9:ee:17:83:73:e0:
30:c8:cf:d1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZkPLae3sFeHk1FygzD+oV7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjUwOTAzMTA0NDM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTAyN2JhYzU1YTc3ZThiMjFiYzJlMWU1N2IwODA5MjA2NmExYzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdcSDi/ZvfbGb00kBtNfjsLBHNll
RwSH0U3i3L1xvxU22oiHWzg8LfpHItTdWfNx149WtZInptnh+56uQu4WF8a/5+J/
ij8fPrd/v3jMeSjRijtv1XwyKPttj3cl3/ZbPIEEJslcb9y7yW9pzgkSpoBXgJlf
PIoqTB1pnuJJsXVcSh8DVCFqSDE6xltlVLUkRSPxWYYscnIx3k+0MMmFp5ji+dZt
n9KhBAORiRiKh6vcTA9gRiVJk5CBSurevlXeaWIFn225n1J2PYRbwIHXbyVnIAFb
QByrMMkqO04LFFJzgTzK8aEHrhkhk4qYHOHuM3z4uu2aHH82EJHDeC3eNQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG4Ce6xVp36LIbwuHlewgJIGahxtMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvYmdKN3JGV25mb3NodkM0ZVY3Q0FrZ1pxSEcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATd2GAwQA
Td2SAwQAbXiIAwQAsGK7MA0GCSqGSIb3DQEBCwUAA4IBAQCf999fKwCh3XIMDgE5
i0l+Bpc8Cwbv5IczLiH2su1t+zIqcD+sDU1+z3hDmd5f8fSB2cCvUnz/Qlx3I+Wu
C4r8RlD2VpeUrD56np4CQT714ifGbqvGSV4Qb5Qe2DJEfbcwssxpQwSugNynhqE/
5fdjZkYJT/JJ5ALWKB+B5kOLcdmfrn0K01aCfHm7gTejwA6PGHGzXhSYqDQgbNsO
L+H1zMZA4NlT+9C/NG/GW/c5GAAx1a0papvJI7ppZOHwjK+JAmuurUAu3wWViLPk
NitgU0U2yfvLkLcW1qSKqxd6/KM+jgg9kSOkuf4orYBQjSUD1Igv4V/57heDc+Aw
yM/R
-----END CERTIFICATE-----
Generated at Tue Sep 9 23:57:47 2025 by rpki-client