Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/BELSfrIDZnzDq_fH1Ee-GybqnK0.roa
File: BELSfrIDZnzDq_fH1Ee-GybqnK0.roa (raw, json)
Hash identifier: zxWZwKanm7kwPuFHnxhlx4lE3BQwFvgy1Ef9DKYe8Bo=
Subject key identifier: 04:42:D2:7E:B2:03:66:7C:C3:AB:F7:C7:D4:47:BE:1B:26:EA:9C:AD
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01994C396C720A75637EDDFDA801657FFF89
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/BELSfrIDZnzDq_fH1Ee-GybqnK0.roa
Signing time: Mon 15 Sep 2025 07:14:15 +0000
ROA not before: Mon 15 Sep 2025 07:14:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 62.171.240.0/22 maxlen: 24
194.238.56.0/22 maxlen: 24
194.238.78.0/24 maxlen: 24
194.238.79.0/24 maxlen: 24
213.18.200.0/21 maxlen: 24
213.18.245.0/24 maxlen: 24
217.177.0.0/21 maxlen: 24
217.177.32.0/24 maxlen: 24
217.177.35.0/24 maxlen: 24
217.177.44.0/22 maxlen: 24
217.177.75.0/24 maxlen: 24
217.179.56.0/22 maxlen: 24
217.179.72.0/22 maxlen: 24
217.179.88.0/24 maxlen: 24
217.179.91.0/24 maxlen: 24
217.180.20.0/24 maxlen: 24
217.180.22.0/23 maxlen: 24
217.180.45.0/24 maxlen: 24
217.180.46.0/24 maxlen: 24
217.181.80.0/21 maxlen: 24
217.181.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 21:38:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4c:39:6c:72:0a:75:63:7e:dd:fd:a8:01:65:7f:ff:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Sep 15 07:14:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0442d27eb203667cc3abf7c7d447be1b26ea9cad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ab:4a:05:f1:b4:f0:ba:6a:a2:93:c1:05:4e:
9b:03:f5:c5:71:91:b0:d5:47:06:9c:57:99:6d:60:
51:85:91:a2:16:35:ed:84:ce:dd:46:b1:80:80:36:
f5:25:75:be:7c:b3:00:da:f8:d2:82:21:86:f3:97:
a5:a0:df:8d:29:90:1f:65:d0:f2:34:e1:32:8f:6b:
f8:08:40:94:f9:89:9b:da:d9:4e:3f:85:8e:d0:b9:
d4:31:53:be:22:6a:ea:a1:96:09:be:a4:6e:40:95:
cc:3e:8d:b2:3a:e4:94:8d:51:51:04:7d:63:c4:cf:
1b:90:26:93:42:77:39:09:d8:36:24:30:15:ac:0f:
3d:fb:d6:2a:cf:a6:5c:43:88:c1:1e:9a:95:bd:a0:
c9:7c:a8:94:44:e6:be:3b:87:d4:bf:63:86:d1:7c:
18:fa:f0:e0:80:67:35:45:bc:13:63:43:40:e3:a6:
e0:a7:da:36:1f:b6:60:35:6c:2d:30:89:17:f6:7e:
c8:76:04:65:dd:01:5e:b4:2a:fa:5c:f8:05:d8:59:
b6:d9:36:04:7b:1a:a5:16:e7:7b:a4:8a:b1:59:86:
d8:53:22:0d:ad:c3:25:b9:91:8f:41:b0:10:ec:d0:
df:b7:1f:c7:b7:bc:5b:6e:1f:2d:f4:ef:71:7c:1f:
7b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:42:D2:7E:B2:03:66:7C:C3:AB:F7:C7:D4:47:BE:1B:26:EA:9C:AD
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/BELSfrIDZnzDq_fH1Ee-GybqnK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.240.0/22
194.238.56.0/22
194.238.78.0/23
213.18.200.0/21
213.18.245.0/24
217.177.0.0/21
217.177.32.0/24
217.177.35.0/24
217.177.44.0/22
217.177.75.0/24
217.179.56.0/22
217.179.72.0/22
217.179.88.0/24
217.179.91.0/24
217.180.20.0/24
217.180.22.0/23
217.180.45.0-217.180.46.255
217.181.80.0-217.181.91.255
Signature Algorithm: sha256WithRSAEncryption
bf:0c:23:53:40:7f:96:61:5d:53:87:5a:40:3c:cc:e4:91:67:
d1:39:d6:88:3d:a3:b4:c8:e1:46:b0:5f:bc:5b:49:62:b6:82:
fc:8b:30:81:5e:50:f8:e3:2c:18:05:39:23:b8:bd:ee:22:23:
99:75:a4:55:fd:33:cd:ed:c9:18:a3:17:44:52:b0:25:65:8d:
57:54:2c:63:74:71:d5:02:63:6d:ec:d1:c9:be:39:b3:22:20:
a4:48:27:8e:52:9a:bb:31:f9:3a:e3:3a:c8:64:d9:67:13:6e:
11:2b:38:52:13:31:0d:2b:e0:0b:77:59:86:1e:91:4f:78:ef:
ba:fe:f3:d9:b9:b2:14:23:ca:a3:d8:4d:ca:3c:bb:e8:bf:de:
24:f5:27:9e:e9:bb:c1:e0:4f:e4:62:5b:69:af:d8:e8:9e:b7:
45:4e:3e:63:15:c0:ab:70:99:76:1b:83:d9:99:23:25:86:14:
ac:a7:ad:3f:ba:33:7c:db:8d:74:f7:96:89:40:05:ce:9f:8a:
6e:2f:d6:e7:bd:fe:de:29:27:7f:a1:6b:73:06:1e:28:1a:cf:
8d:a7:d4:07:d2:a6:22:fb:1a:8c:fa:86:cf:34:91:d9:45:e0:
32:73:da:32:24:2e:29:c0:2b:bd:c6:59:45:21:4a:d5:8a:a6:
6f:57:97:59
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZlMOWxyCnVjft39qAFlf/+JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwOTE1MDcxNDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDQyZDI3ZWIyMDM2NjdjYzNhYmY3YzdkNDQ3YmUxYjI2ZWE5Y2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6tKBfG08LpqopPBBU6bA/XFcZGw
1UcGnFeZbWBRhZGiFjXthM7dRrGAgDb1JXW+fLMA2vjSgiGG85eloN+NKZAfZdDy
NOEyj2v4CECU+Ymb2tlOP4WO0LnUMVO+ImrqoZYJvqRuQJXMPo2yOuSUjVFRBH1j
xM8bkCaTQnc5Cdg2JDAVrA89+9Yqz6ZcQ4jBHpqVvaDJfKiUROa+O4fUv2OG0XwY
+vDggGc1RbwTY0NA46bgp9o2H7ZgNWwtMIkX9n7IdgRl3QFetCr6XPgF2Fm22TYE
exqlFud7pIqxWYbYUyINrcMluZGPQbAQ7NDftx/Ht7xbbh8t9O9xfB97kQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFARC0n6yA2Z8w6v3x9RHvhsm6pytMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvQkVMU2ZySURabnpEcV9mSDFFZS1HeWJxbkswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAj6r
8AMEAsLuOAMEAcLuTgMEA9USyAMEANUS9QMEA9mxAAMEANmxIAMEANmxIwMEAtmx
LAMEANmxSwMEAtmzOAMEAtmzSAMEANmzWAMEANmzWwMEANm0FAMEAdm0FjAMAwQA
2bQtAwQA2bQuMAwDBATZtVADBALZtVgwDQYJKoZIhvcNAQELBQADggEBAL8MI1NA
f5ZhXVOHWkA8zOSRZ9E51og9o7TI4UawX7xbSWK2gvyLMIFeUPjjLBgFOSO4ve4i
I5l1pFX9M83tyRijF0RSsCVljVdULGN0cdUCY23s0cm+ObMiIKRIJ45Smrsx+Trj
Oshk2WcTbhErOFITMQ0r4At3WYYekU9477r+89m5shQjyqPYTco8u+i/3iT1J57p
u8HgT+RiW2mv2Oiet0VOPmMVwKtwmXYbg9mZIyWGFKynrT+6M3zbjXT3lolABc6f
im4v1ue9/t4pJ3+ha3MGHigaz42n1AfSpiL7Goz6hs80kdlF4DJz2jIkLinAK73G
WUUhStWKpm9Xl1k=
-----END CERTIFICATE-----
Generated at Thu Sep 18 05:02:56 2025 by rpki-client