Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/BgM7Z-hf4ZmFOJu6X5CdP5efJ28.roa
File: BgM7Z-hf4ZmFOJu6X5CdP5efJ28.roa (raw, json)
Hash identifier: 0PK12/6KwOapd3jaEkPiUknqIb57oljJN1nirZLOhCY=
Subject key identifier: 06:03:3B:67:E8:5F:E1:99:85:38:9B:BA:5F:90:9D:3F:97:9F:27:6F
Certificate issuer: /CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Certificate serial: 019DF459A60FD6ADED5AE0DF8233AEB91A17
Authority key identifier: C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/BgM7Z-hf4ZmFOJu6X5CdP5efJ28.roa
Signing time: Mon 04 May 2026 18:56:49 +0000
ROA not before: Mon 04 May 2026 18:56:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 210659
IP address blocks: 69.38.204.0/24 maxlen: 24
202.181.204.0/24 maxlen: 24
2a13:d8c4:30::/44 maxlen: 48
2a13:d8c4:70::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.mft
rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 May 2026 14:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f4:59:a6:0f:d6:ad:ed:5a:e0:df:82:33:ae:b9:1a:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6f53c03d2f4e7f07a81ea903ecef01d68c68137
Validity
Not Before: May 4 18:56:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=06033b67e85fe19985389bba5f909d3f979f276f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:06:18:c5:d2:a2:38:d9:aa:6b:9c:cb:65:f7:
2c:0d:5a:39:4f:b0:eb:93:6c:9c:a5:16:ba:76:9b:
63:42:93:2f:1d:81:cc:4b:77:62:0c:b9:6a:50:25:
06:84:61:3a:3c:5a:94:50:8b:95:65:34:9c:c6:05:
7f:30:05:c8:40:21:04:67:9d:04:64:1e:8b:b7:7b:
3f:cf:02:d8:f1:4c:8a:7f:c5:6f:e6:58:2f:63:9a:
18:5b:36:0e:3d:0f:cc:d3:ae:00:c1:28:a4:34:93:
4a:3c:d7:dc:ba:2d:3d:4e:17:ad:6d:7b:08:4b:6c:
de:c3:3a:ab:2a:cb:db:cc:7f:94:b7:2b:9e:b7:46:
fe:e0:4e:24:7d:42:42:10:4c:fc:c2:da:64:e7:ba:
db:c6:2a:91:d6:10:0f:ed:cc:6a:92:7c:de:67:e2:
2c:00:5a:8d:94:d9:e2:cc:3f:61:99:99:0c:48:f0:
9c:56:fc:44:37:32:79:ac:26:1f:a3:26:54:de:76:
51:fd:cd:8f:d9:40:55:af:f2:67:74:4c:6e:c1:b9:
ef:3a:f9:ec:22:d0:b4:4c:9e:83:b6:ff:fd:9b:43:
d5:b0:25:72:2f:08:b2:d7:6a:36:76:7a:68:07:6e:
ce:7a:ae:f0:d9:1d:07:5a:92:65:1e:fb:71:89:58:
fa:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:03:3B:67:E8:5F:E1:99:85:38:9B:BA:5F:90:9D:3F:97:9F:27:6F
X509v3 Authority Key Identifier:
keyid:C6:F5:3C:03:D2:F4:E7:F0:7A:81:EA:90:3E:CE:F0:1D:68:C6:81:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xvU8A9L05_B6geqQPs7wHWjGgTc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/BgM7Z-hf4ZmFOJu6X5CdP5efJ28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/3c227c-4706-4787-9a07-90ea3729c574/1/xvU8A9L05_B6geqQPs7wHWjGgTc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.38.204.0/24
202.181.204.0/24
IPv6:
2a13:d8c4:30::/44
2a13:d8c4:70::/44
Signature Algorithm: sha256WithRSAEncryption
93:79:62:7d:f3:1b:eb:d1:b2:f7:cf:45:e2:70:ac:b1:2e:c7:
7d:b3:b7:11:e1:65:c4:fc:e9:97:c9:64:c6:f6:be:76:6a:e5:
77:11:77:2f:da:ba:03:cc:25:a2:4b:6d:d7:29:2b:08:f0:dc:
ab:1f:65:05:e6:df:bd:5a:68:6d:5b:c3:66:f4:9c:9e:82:ba:
39:67:01:39:aa:fd:a1:4c:2e:88:d7:d3:65:e0:00:40:38:bc:
9f:c1:0e:9e:2c:87:ff:a7:dc:71:55:43:04:a3:74:e9:c7:f8:
42:0d:69:92:f8:95:3c:5c:a4:ba:ef:37:e2:58:4e:6b:a8:ee:
ba:21:f8:2c:92:f3:63:fd:09:93:69:44:1e:5a:36:28:86:84:
6e:8b:22:47:c7:79:29:bb:86:cf:4f:f3:fa:7c:9a:b7:87:fe:
76:b5:d0:f2:6c:71:21:75:02:21:10:29:54:73:7e:cb:a5:3f:
0f:0c:47:ba:7e:f4:50:21:a5:5e:5a:c2:17:f8:5e:5f:26:67:
a6:2e:65:59:a4:20:b5:c5:cb:6a:bc:cf:9d:4e:68:dc:f3:9a:
d5:c5:5e:0f:f4:75:10:24:40:d4:36:ae:f0:28:3a:ec:59:57:
54:df:56:01:48:c9:6a:85:17:20:85:2e:c2:78:c3:78:66:50:
91:b7:b1:a9
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ30WaYP1q3tWuDfgjOuuRoXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZjUzYzAzZDJmNGU3ZjA3YTgxZWE5MDNlY2VmMDFkNjhj
NjgxMzcwHhcNMjYwNTA0MTg1NjQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjAzM2I2N2U4NWZlMTk5ODUzODliYmE1ZjkwOWQzZjk3OWYyNzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQYYxdKiONmqa5zLZfcsDVo5T7Dr
k2ycpRa6dptjQpMvHYHMS3diDLlqUCUGhGE6PFqUUIuVZTScxgV/MAXIQCEEZ50E
ZB6Lt3s/zwLY8UyKf8Vv5lgvY5oYWzYOPQ/M064AwSikNJNKPNfcui09ThetbXsI
S2zewzqrKsvbzH+Utyuet0b+4E4kfUJCEEz8wtpk57rbxiqR1hAP7cxqknzeZ+Is
AFqNlNnizD9hmZkMSPCcVvxENzJ5rCYfoyZU3nZR/c2P2UBVr/JndExuwbnvOvns
ItC0TJ6Dtv/9m0PVsCVyLwiy12o2dnpoB27Oeq7w2R0HWpJlHvtxiVj6KwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAYDO2foX+GZhTibul+QnT+XnydvMB8GA1UdIwQY
MBaAFMb1PAPS9OfweoHqkD7O8B1oxoE3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDct
OTBlYTM3MjljNTc0LzEvQmdNN1otaGY0Wm1GT0p1Nlg1Q2RQNWVmSjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8zYzIyN2MtNDcwNi00Nzg3LTlhMDctOTBlYTM3MjljNTc0
LzEveHZVOEE5TDA1X0I2Z2VxUVBzN3dIV2pHZ1RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQARSbMAwQA
yrXMMBgEAgACMBIDBwQqE9jEADADBwQqE9jEAHAwDQYJKoZIhvcNAQELBQADggEB
AJN5Yn3zG+vRsvfPReJwrLEux32ztxHhZcT86ZfJZMb2vnZq5XcRdy/augPMJaJL
bdcpKwjw3KsfZQXm371aaG1bw2b0nJ6CujlnATmq/aFMLojX02XgAEA4vJ/BDp4s
h/+n3HFVQwSjdOnH+EINaZL4lTxcpLrvN+JYTmuo7roh+CyS82P9CZNpRB5aNiiG
hG6LIkfHeSm7hs9P8/p8mreH/na10PJscSF1AiEQKVRzfsulPw8MR7p+9FAhpV5a
whf4Xl8mZ6YuZVmkILXFy2q8z51OaNzzmtXFXg/0dRAkQNQ2rvAoOuxZV1TfVgFI
yWqFFyCFLsJ4w3hmUJG3sak=
-----END CERTIFICATE-----
Generated at Fri May 8 19:26:48 2026 by rpki-client