Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/bjlAsvg2S1bZSr8udDQEjKQ22as.roa
File: bjlAsvg2S1bZSr8udDQEjKQ22as.roa (raw, json)
Hash identifier: 57G7EQxz9CBSCfl7SBmLTInnDePSGXVef8cb7FuDTho=
Subject key identifier: 6E:39:40:B2:F8:36:4B:56:D9:4A:BF:2E:74:34:04:8C:A4:36:D9:AB
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198BCB8D0FC5375A252FE17D743E87534B7
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/bjlAsvg2S1bZSr8udDQEjKQ22as.roa
Signing time: Mon 18 Aug 2025 10:28:05 +0000
ROA not before: Mon 18 Aug 2025 10:28:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 37.202.194.0/24 maxlen: 24
37.202.201.0/24 maxlen: 24
151.243.7.0/24 maxlen: 24
151.243.228.0/24 maxlen: 24
151.244.54.0/24 maxlen: 24
151.244.167.0/24 maxlen: 24
151.244.180.0/24 maxlen: 24
151.244.224.0/24 maxlen: 24
151.244.235.0/24 maxlen: 24
151.245.128.0/24 maxlen: 24
151.245.129.0/24 maxlen: 24
151.245.131.0/24 maxlen: 24
151.245.132.0/24 maxlen: 24
151.245.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 06:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bc:b8:d0:fc:53:75:a2:52:fe:17:d7:43:e8:75:34:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 18 10:28:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e3940b2f8364b56d94abf2e7434048ca436d9ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:1d:de:f9:4b:17:fa:66:41:05:b9:ed:8b:ae:
48:d6:f3:c6:ee:b5:59:4f:57:74:fe:13:27:2e:4a:
52:63:b2:65:78:75:ad:44:f7:4d:ad:a4:f4:fb:f6:
69:46:06:91:13:03:c5:f5:cd:74:d5:06:d3:8d:71:
75:a1:10:56:73:1b:02:f6:89:3b:9d:1c:c8:2e:d5:
c3:b0:f2:4f:3d:27:8c:d1:f6:b0:3a:03:76:71:68:
63:b0:ee:48:06:ef:b5:00:1c:27:d9:0b:6a:f8:d0:
9b:fc:81:cc:15:47:04:f1:f5:05:2c:45:1f:d4:91:
6d:09:16:f6:d0:d5:84:33:cd:26:9c:51:58:5d:1d:
0d:5c:66:0d:46:6c:3a:6f:9f:7e:0a:83:87:8e:3e:
84:f3:2f:eb:5f:cb:3f:6c:d0:b5:3c:d1:1e:f5:ad:
77:60:df:4d:45:6d:3e:42:41:26:0c:85:a1:f0:08:
e8:cf:b6:56:2a:df:6b:ee:79:40:88:b4:67:dc:8a:
e5:44:87:1f:27:23:3a:cf:de:28:26:ae:44:f2:0e:
3e:a0:19:ec:39:08:bd:e0:ce:1a:9a:e5:ac:b7:86:
dc:f2:a1:cb:4e:ef:bd:e1:13:ea:91:9c:93:21:51:
d2:16:97:96:6c:2a:f1:99:78:b0:8d:7c:82:1b:a8:
d1:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:39:40:B2:F8:36:4B:56:D9:4A:BF:2E:74:34:04:8C:A4:36:D9:AB
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/bjlAsvg2S1bZSr8udDQEjKQ22as.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.194.0/24
37.202.201.0/24
151.243.7.0/24
151.243.228.0/24
151.244.54.0/24
151.244.167.0/24
151.244.180.0/24
151.244.224.0/24
151.244.235.0/24
151.245.128.0/23
151.245.131.0-151.245.133.255
Signature Algorithm: sha256WithRSAEncryption
83:8a:f1:5f:48:79:69:9c:88:95:a3:51:3c:65:25:3e:78:56:
a2:63:48:e2:77:6e:90:51:0d:93:7b:1b:63:ed:5f:86:ec:8c:
6b:e7:9e:49:99:4e:a4:a5:ce:ba:e4:d3:f3:48:20:5c:8f:0c:
c9:8e:1f:fa:0b:7b:59:9c:1c:5a:a1:c4:90:25:c2:1c:5b:1f:
84:73:19:9f:7e:06:d7:70:06:74:ba:4e:7f:1f:a1:3d:9b:45:
93:28:6e:9e:44:dc:60:b7:a1:53:4e:4f:50:41:bc:36:11:82:
24:db:d3:73:49:54:ee:8c:d5:61:78:00:42:f1:84:5f:de:6e:
be:55:74:e1:a4:90:1a:30:f0:a9:62:f8:31:b6:c3:2d:8f:13:
1f:9c:f1:d0:17:8b:06:14:e4:41:b8:ef:36:f1:91:c9:81:ae:
ab:86:23:d4:da:f4:7a:10:11:43:08:ab:7f:12:6c:5a:bf:6a:
37:82:52:86:5f:b9:e3:c9:68:05:8b:ad:2c:57:ac:d0:a8:ca:
ea:90:6b:c0:3d:86:e3:a2:a3:ac:7b:69:8f:c5:53:9f:93:18:
1e:2d:1a:e2:80:c7:8a:47:59:7c:00:93:46:0a:cf:ba:7c:78:
0c:c2:03:9e:65:d6:da:d3:f6:93:39:79:a8:63:dd:20:4e:39:
61:23:50:4d
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZi8uND8U3WiUv4X10PodTS3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODE4MTAyODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTM5NDBiMmY4MzY0YjU2ZDk0YWJmMmU3NDM0MDQ4Y2E0MzZkOWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2B3e+UsX+mZBBbnti65I1vPG7rVZ
T1d0/hMnLkpSY7JleHWtRPdNraT0+/ZpRgaREwPF9c101QbTjXF1oRBWcxsC9ok7
nRzILtXDsPJPPSeM0fawOgN2cWhjsO5IBu+1ABwn2Qtq+NCb/IHMFUcE8fUFLEUf
1JFtCRb20NWEM80mnFFYXR0NXGYNRmw6b59+CoOHjj6E8y/rX8s/bNC1PNEe9a13
YN9NRW0+QkEmDIWh8Ajoz7ZWKt9r7nlAiLRn3IrlRIcfJyM6z94oJq5E8g4+oBns
OQi94M4amuWst4bc8qHLTu+94RPqkZyTIVHSFpeWbCrxmXiwjXyCG6jRGwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFG45QLL4NktW2Uq/LnQ0BIykNtmrMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvYmpsQXN2ZzJTMWJaU3I4dWREUUVqS1EyMmFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAJcrCAwQA
JcrJAwQAl/MHAwQAl/PkAwQAl/Q2AwQAl/SnAwQAl/S0AwQAl/TgAwQAl/TrAwQB
l/WAMAwDBACX9YMDBAGX9YQwDQYJKoZIhvcNAQELBQADggEBAIOK8V9IeWmciJWj
UTxlJT54VqJjSOJ3bpBRDZN7G2PtX4bsjGvnnkmZTqSlzrrk0/NIIFyPDMmOH/oL
e1mcHFqhxJAlwhxbH4RzGZ9+BtdwBnS6Tn8foT2bRZMobp5E3GC3oVNOT1BBvDYR
giTb03NJVO6M1WF4AELxhF/ebr5VdOGkkBow8Kli+DG2wy2PEx+c8dAXiwYU5EG4
7zbxkcmBrquGI9Ta9HoQEUMIq38SbFq/ajeCUoZfuePJaAWLrSxXrNCoyuqQa8A9
huOio6x7aY/FU5+TGB4tGuKAx4pHWXwAk0YKz7p8eAzCA55l1trT9pM5eahj3SBO
OWEjUE0=
-----END CERTIFICATE-----
Generated at Thu Aug 21 11:11:00 2025 by rpki-client