Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BhAQLl0CnWXz3cQW5MzDId5dnRU.roa
File: BhAQLl0CnWXz3cQW5MzDId5dnRU.roa (raw, json)
Hash identifier: GgI1lTg2blZVkwjGm/0P5w+FF4JKCfup9RjnZ4lKZw8=
Subject key identifier: 06:10:10:2E:5D:02:9D:65:F3:DD:C4:16:E4:CC:C3:21:DE:5D:9D:15
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0198379CE2E7B4CC8539870E3D80DF9CAEE8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BhAQLl0CnWXz3cQW5MzDId5dnRU.roa
Signing time: Wed 23 Jul 2025 14:08:05 +0000
ROA not before: Wed 23 Jul 2025 14:08:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212336
IP address blocks: 77.93.157.0/24 maxlen: 24
79.99.78.0/24 maxlen: 24
89.28.239.0/24 maxlen: 24
109.176.19.0/24 maxlen: 24
213.210.4.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:37:9c:e2:e7:b4:cc:85:39:87:0e:3d:80:df:9c:ae:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 23 14:08:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0610102e5d029d65f3ddc416e4ccc321de5d9d15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c6:75:7c:a3:1b:7b:13:28:d7:93:8f:bc:f1:
6b:df:e4:21:0c:f6:e4:87:11:95:40:96:39:9e:33:
d4:ef:42:7a:2c:d4:99:1b:5d:91:c7:54:18:e4:17:
8c:30:6a:17:fa:01:ff:b6:75:95:d8:08:22:b0:b5:
a5:a4:4d:89:49:5c:6d:ed:b6:92:cb:96:fc:c5:94:
04:92:5a:23:ee:0b:4e:45:55:cc:81:42:be:f7:1e:
6f:d1:f9:4e:8a:aa:12:fe:a0:54:4e:8d:3e:79:c9:
b0:96:7c:33:59:bc:25:14:29:76:bc:64:72:af:a9:
e2:76:19:db:46:a2:30:6f:e0:f9:10:e8:97:07:7e:
13:e3:53:da:cd:f3:02:85:e2:cd:eb:59:98:50:54:
31:9f:8a:7a:3a:86:c9:92:b5:9f:a7:19:17:90:1f:
99:7d:50:5b:17:62:e8:c3:ab:11:35:6e:e4:19:48:
82:f1:74:77:7a:01:2a:16:67:3b:1b:d1:e7:5a:31:
7a:34:fc:1f:10:fb:43:04:95:53:7e:06:b9:27:58:
c1:40:96:c5:4d:7f:87:9e:64:a4:36:75:33:5f:77:
ba:02:e1:c0:b7:29:3a:0e:c7:7a:8c:c8:3e:bb:61:
03:e9:4d:bc:80:a3:ac:e1:6b:10:04:2e:97:5b:4b:
1f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:10:10:2E:5D:02:9D:65:F3:DD:C4:16:E4:CC:C3:21:DE:5D:9D:15
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BhAQLl0CnWXz3cQW5MzDId5dnRU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.157.0/24
79.99.78.0/24
89.28.239.0/24
109.176.19.0/24
213.210.4.0/23
Signature Algorithm: sha256WithRSAEncryption
00:f7:69:8b:76:d2:fd:cc:d5:61:c9:a3:5c:41:f2:20:dc:3d:
49:fe:60:83:dd:b8:a3:8d:9e:72:45:d9:8f:91:39:81:f5:42:
8c:68:4f:5b:2d:24:d3:47:95:53:f5:cb:bf:35:e1:02:89:ca:
37:3b:68:aa:9d:4b:20:63:f1:34:f3:43:dc:1b:ea:7c:56:65:
65:4e:22:16:e4:56:e6:06:02:4d:5a:24:cc:80:c8:57:23:fc:
b1:b0:90:8f:fa:a6:9f:e7:58:3d:c0:b2:b8:51:a1:f8:5a:6d:
fe:ca:02:41:df:b1:c7:d7:3c:5f:13:31:1e:4b:9a:05:df:55:
94:9d:11:42:bb:36:34:0a:80:23:91:94:4f:a5:8c:5e:d3:b2:
f0:4a:af:b5:cc:81:eb:7c:18:c3:91:c2:9f:48:1d:f4:8c:97:
b1:9d:fc:da:0c:e2:69:c6:9a:60:bc:af:43:81:6d:6a:d0:e1:
2d:ee:83:0c:8d:42:3c:46:d6:fa:4e:3c:57:70:0d:73:27:a8:
72:5b:df:5b:88:2e:f6:b1:1d:e1:27:39:42:48:e1:0e:ff:4b:
6d:a3:52:b0:4f:69:db:dc:a9:09:e7:7f:d8:94:b8:63:54:85:
99:ed:f7:ba:56:cd:39:c3:4f:8a:d8:d0:af:6b:27:3b:a9:e0:
75:bd:35:d6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZg3nOLntMyFOYcOPYDfnK7oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNzIzMTQwODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjEwMTAyZTVkMDI5ZDY1ZjNkZGM0MTZlNGNjYzMyMWRlNWQ5ZDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsZ1fKMbexMo15OPvPFr3+QhDPbk
hxGVQJY5njPU70J6LNSZG12Rx1QY5BeMMGoX+gH/tnWV2AgisLWlpE2JSVxt7baS
y5b8xZQEkloj7gtORVXMgUK+9x5v0flOiqoS/qBUTo0+ecmwlnwzWbwlFCl2vGRy
r6nidhnbRqIwb+D5EOiXB34T41PazfMCheLN61mYUFQxn4p6OobJkrWfpxkXkB+Z
fVBbF2Low6sRNW7kGUiC8XR3egEqFmc7G9HnWjF6NPwfEPtDBJVTfga5J1jBQJbF
TX+HnmSkNnUzX3e6AuHAtyk6Dsd6jMg+u2ED6U28gKOs4WsQBC6XW0sfpwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAYQEC5dAp1l893EFuTMwyHeXZ0VMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQmhBUUxsMENuV1h6M2NRVzVNekRJZDVkblJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATV2dAwQA
T2NOAwQAWRzvAwQAbbATAwQB1dIEMA0GCSqGSIb3DQEBCwUAA4IBAQAA92mLdtL9
zNVhyaNcQfIg3D1J/mCD3bijjZ5yRdmPkTmB9UKMaE9bLSTTR5VT9cu/NeECico3
O2iqnUsgY/E080PcG+p8VmVlTiIW5FbmBgJNWiTMgMhXI/yxsJCP+qaf51g9wLK4
UaH4Wm3+ygJB37HH1zxfEzEeS5oF31WUnRFCuzY0CoAjkZRPpYxe07LwSq+1zIHr
fBjDkcKfSB30jJexnfzaDOJpxppgvK9DgW1q0OEt7oMMjUI8Rtb6TjxXcA1zJ6hy
W99biC72sR3hJzlCSOEO/0tto1KwT2nb3KkJ53/YlLhjVIWZ7fe6Vs05w0+K2NCv
ayc7qeB1vTXW
-----END CERTIFICATE-----
Generated at Fri Jul 25 12:47:18 2025 by rpki-client