Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/ce4a4e-b1a3-45f4-a27c-e1aca01062ff/1/BzQdBmIbyF6srfLktxhc6qg79ec.roa
File: BzQdBmIbyF6srfLktxhc6qg79ec.roa (raw, json)
Hash identifier: H3iHKo9W+PVcnPUcadk8PCSHKjUzykftyfuq0bLuwdg=
Subject key identifier: 07:34:1D:06:62:1B:C8:5E:AC:AD:F2:E4:B7:18:5C:EA:A8:3B:F5:E7
Certificate issuer: /CN=04560bea392eaf69208ab705ef405cf78684176b
Certificate serial: 0198E80516191A508C8416EB11B21FE86158
Authority key identifier: 04:56:0B:EA:39:2E:AF:69:20:8A:B7:05:EF:40:5C:F7:86:84:17:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BFYL6jkur2kgircF70Bc94aEF2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/ce4a4e-b1a3-45f4-a27c-e1aca01062ff/1/BzQdBmIbyF6srfLktxhc6qg79ec.roa
Signing time: Tue 26 Aug 2025 20:15:04 +0000
ROA not before: Tue 26 Aug 2025 20:15:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395363
IP address blocks: 185.173.184.0/23 maxlen: 23
185.173.184.0/24 maxlen: 24
185.173.185.0/24 maxlen: 24
185.173.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/ce4a4e-b1a3-45f4-a27c-e1aca01062ff/1/BFYL6jkur2kgircF70Bc94aEF2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/ce4a4e-b1a3-45f4-a27c-e1aca01062ff/1/BFYL6jkur2kgircF70Bc94aEF2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/BFYL6jkur2kgircF70Bc94aEF2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 14:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e8:05:16:19:1a:50:8c:84:16:eb:11:b2:1f:e8:61:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04560bea392eaf69208ab705ef405cf78684176b
Validity
Not Before: Aug 26 20:15:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07341d06621bc85eacadf2e4b7185ceaa83bf5e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:91:f8:88:64:35:28:ca:2f:84:c1:5a:96:ad:
66:32:4a:52:dd:66:74:04:ac:6e:53:06:d8:7f:19:
41:8d:d2:d6:9a:f6:89:49:96:f7:02:4c:4b:ac:82:
a4:95:2e:51:e8:6e:76:a9:80:08:b3:cf:9f:bd:7f:
da:7c:13:7f:36:5e:e7:89:42:f7:65:9d:e5:63:8b:
c0:18:8d:86:98:b5:19:66:89:77:f6:81:5c:6c:ab:
84:90:3c:0a:a3:e7:30:b4:c8:d2:39:b5:19:c8:7a:
85:44:28:57:da:cd:61:ce:9c:a5:ef:64:a9:18:cc:
ec:34:f3:0c:cf:a0:93:9e:ee:0a:83:66:57:d9:53:
82:4b:45:3b:8a:10:e0:4a:32:c8:24:80:d7:67:2a:
61:13:e5:32:ba:74:1e:17:f0:9d:d2:15:96:7e:a8:
65:33:4d:f2:67:a2:fc:76:7f:95:19:28:06:79:8c:
d4:ef:c3:b0:5d:5f:ce:9d:a5:2e:31:27:8f:10:1b:
71:53:dd:d8:75:97:a4:63:d5:ba:8d:5e:ab:70:60:
2b:41:3f:a4:cd:29:c4:8d:4d:7e:80:50:9c:be:7c:
f0:15:66:c6:f3:0e:a2:39:11:bd:1f:66:30:f3:cc:
17:3b:62:c8:bd:da:fe:0a:10:fd:fc:a1:2d:79:43:
65:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:34:1D:06:62:1B:C8:5E:AC:AD:F2:E4:B7:18:5C:EA:A8:3B:F5:E7
X509v3 Authority Key Identifier:
keyid:04:56:0B:EA:39:2E:AF:69:20:8A:B7:05:EF:40:5C:F7:86:84:17:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BFYL6jkur2kgircF70Bc94aEF2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ce4a4e-b1a3-45f4-a27c-e1aca01062ff/1/BzQdBmIbyF6srfLktxhc6qg79ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ce4a4e-b1a3-45f4-a27c-e1aca01062ff/1/BFYL6jkur2kgircF70Bc94aEF2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.184.0-185.173.186.255
Signature Algorithm: sha256WithRSAEncryption
76:39:41:f2:a1:7c:cc:64:24:99:ff:de:9a:95:7d:bf:23:69:
84:50:8a:b9:dc:13:47:1d:37:6e:db:a7:dd:b1:5f:58:ef:66:
77:ba:53:f0:57:3a:67:a4:7d:90:bf:d7:20:0d:bf:2a:e3:6d:
b8:41:52:d4:d8:7f:cf:aa:77:1e:4a:a3:c8:37:37:c9:23:a6:
3b:74:2f:09:d7:a9:5a:da:41:2b:67:18:c1:b9:c2:ea:51:5e:
83:05:d2:b8:15:0b:62:c5:3e:a6:51:7b:b3:44:4b:2a:c4:e7:
50:65:24:ef:5c:40:e0:1f:b8:9c:f1:46:75:b9:8c:15:ec:e3:
7d:a7:69:30:b8:07:46:1a:be:8c:1c:1e:44:2e:d7:c1:8c:0a:
48:18:cd:6b:8a:c8:a4:63:b2:c1:4e:d5:45:21:cd:b2:b0:31:
ab:f9:1d:f4:13:b1:1c:b7:29:3c:be:3b:e1:5a:60:02:42:28:
4d:d9:cc:82:4c:7b:34:f8:1f:d2:87:07:66:ca:d3:69:28:6f:
8a:08:c3:00:40:fc:88:66:ed:f6:fe:da:6c:2a:de:ac:a8:74:
98:b6:cb:1e:95:33:b6:b3:ae:b9:40:ca:04:f5:1c:35:e0:79:
c5:21:bf:25:d7:c4:16:f3:d6:83:6e:ce:5f:0e:40:b4:09:73:
b6:50:66:95
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZjoBRYZGlCMhBbrEbIf6GFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NTYwYmVhMzkyZWFmNjkyMDhhYjcwNWVmNDA1Y2Y3ODY4
NDE3NmIwHhcNMjUwODI2MjAxNTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzM0MWQwNjYyMWJjODVlYWNhZGYyZTRiNzE4NWNlYWE4M2JmNWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5H4iGQ1KMovhMFalq1mMkpS3WZ0
BKxuUwbYfxlBjdLWmvaJSZb3AkxLrIKklS5R6G52qYAIs8+fvX/afBN/Nl7niUL3
ZZ3lY4vAGI2GmLUZZol39oFcbKuEkDwKo+cwtMjSObUZyHqFRChX2s1hzpyl72Sp
GMzsNPMMz6CTnu4Kg2ZX2VOCS0U7ihDgSjLIJIDXZyphE+UyunQeF/Cd0hWWfqhl
M03yZ6L8dn+VGSgGeYzU78OwXV/OnaUuMSePEBtxU93YdZekY9W6jV6rcGArQT+k
zSnEjU1+gFCcvnzwFWbG8w6iORG9H2Yw88wXO2LIvdr+ChD9/KEteUNlLQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAc0HQZiG8herK3y5LcYXOqoO/XnMB8GA1UdIwQY
MBaAFARWC+o5Lq9pIIq3Be9AXPeGhBdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkZZTDZqa3VyMmtnaXJjRjcwQmM5NGFFRjJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9jZTRhNGUtYjFhMy00NWY0LWEyN2Mt
ZTFhY2EwMTA2MmZmLzEvQnpRZEJtSWJ5RjZzcmZMa3R4aGM2cWc3OWVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9jZTRhNGUtYjFhMy00NWY0LWEyN2MtZTFhY2EwMTA2MmZm
LzEvQkZZTDZqa3VyMmtnaXJjRjcwQmM5NGFFRjJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5rbgD
BAC5rbowDQYJKoZIhvcNAQELBQADggEBAHY5QfKhfMxkJJn/3pqVfb8jaYRQirnc
E0cdN27bp92xX1jvZne6U/BXOmekfZC/1yANvyrjbbhBUtTYf8+qdx5Ko8g3N8kj
pjt0LwnXqVraQStnGMG5wupRXoMF0rgVC2LFPqZRe7NESyrE51BlJO9cQOAfuJzx
RnW5jBXs432naTC4B0YavowcHkQu18GMCkgYzWuKyKRjssFO1UUhzbKwMav5HfQT
sRy3KTy+O+FaYAJCKE3ZzIJMezT4H9KHB2bK02kob4oIwwBA/Ihm7fb+2mwq3qyo
dJi2yx6VM7azrrlAygT1HDXgecUhvyXXxBbz1oNuzl8OQLQJc7ZQZpU=
-----END CERTIFICATE-----
Generated at Wed Sep 17 22:50:24 2025 by rpki-client