Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/c79187-0d7a-490b-92b0-1b527ce16511/1/bkH9wHIb-OrCqJuyQRHuIXtQk1c.roa
File: bkH9wHIb-OrCqJuyQRHuIXtQk1c.roa (raw, json)
Hash identifier: JMTNFJ1w/NwtHoH0YImfgSSrGbnKKHMXYAPq6CQxkXc=
Subject key identifier: 6E:41:FD:C0:72:1B:F8:EA:C2:A8:9B:B2:41:11:EE:21:7B:50:93:57
Certificate issuer: /CN=a694f005f5977c323ecdbea9c5f8cca369e65c67
Certificate serial: 0196D0C233C5CA66991024AD68CC2B963DF9
Authority key identifier: A6:94:F0:05:F5:97:7C:32:3E:CD:BE:A9:C5:F8:CC:A3:69:E6:5C:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ppTwBfWXfDI-zb6pxfjMo2nmXGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/c79187-0d7a-490b-92b0-1b527ce16511/1/bkH9wHIb-OrCqJuyQRHuIXtQk1c.roa
Signing time: Wed 14 May 2025 21:45:10 +0000
ROA not before: Wed 14 May 2025 21:45:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202499
IP address blocks: 109.205.194.0/24 maxlen: 24
176.106.186.0/23 maxlen: 23
193.142.188.0/22 maxlen: 24
195.216.208.0/23 maxlen: 24
2a0c:9b40::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/c79187-0d7a-490b-92b0-1b527ce16511/1/ppTwBfWXfDI-zb6pxfjMo2nmXGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/c79187-0d7a-490b-92b0-1b527ce16511/1/ppTwBfWXfDI-zb6pxfjMo2nmXGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ppTwBfWXfDI-zb6pxfjMo2nmXGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d0:c2:33:c5:ca:66:99:10:24:ad:68:cc:2b:96:3d:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a694f005f5977c323ecdbea9c5f8cca369e65c67
Validity
Not Before: May 14 21:45:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e41fdc0721bf8eac2a89bb24111ee217b509357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:3f:f7:03:06:c2:fe:cc:ad:d1:eb:fc:c0:ad:
45:ad:03:21:13:57:de:ed:3b:26:36:b9:b7:5e:b2:
59:06:76:eb:e0:d5:c5:7b:3d:dc:4b:a4:0d:21:de:
77:9b:bf:08:8a:58:70:d3:f2:69:ab:fa:02:1d:d9:
6f:19:df:da:a9:d8:75:76:1c:3a:5f:50:8d:98:93:
42:6a:73:f6:fa:37:02:3f:6f:eb:ed:d1:c9:b7:14:
b5:79:6e:53:0e:ea:b7:99:f6:53:a6:e6:c0:d7:0d:
75:10:74:c3:c5:75:8d:1c:81:7a:94:c0:0a:62:c0:
95:0b:6b:6a:ac:80:ff:76:82:64:c2:4a:e3:b8:1c:
94:5e:a7:ef:61:ea:26:9b:71:ea:e4:18:f6:64:3e:
ae:03:28:2b:54:7b:6e:9e:2f:92:4a:9b:52:cc:b0:
02:77:b7:00:02:35:b8:4f:93:95:22:66:c9:01:05:
10:3d:fb:e1:f2:cf:d4:2c:44:e8:aa:be:d4:8c:77:
1e:d9:ef:bb:d9:57:69:ae:a8:06:8d:44:cb:a5:78:
8a:13:21:0d:b7:b5:8a:9b:73:35:58:fe:f0:8e:e1:
6d:ac:f0:1c:04:23:91:bb:4c:6c:46:41:6d:b8:85:
36:42:88:55:24:9b:28:4c:4e:a4:86:c6:04:cb:13:
73:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:41:FD:C0:72:1B:F8:EA:C2:A8:9B:B2:41:11:EE:21:7B:50:93:57
X509v3 Authority Key Identifier:
keyid:A6:94:F0:05:F5:97:7C:32:3E:CD:BE:A9:C5:F8:CC:A3:69:E6:5C:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ppTwBfWXfDI-zb6pxfjMo2nmXGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/c79187-0d7a-490b-92b0-1b527ce16511/1/bkH9wHIb-OrCqJuyQRHuIXtQk1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/c79187-0d7a-490b-92b0-1b527ce16511/1/ppTwBfWXfDI-zb6pxfjMo2nmXGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.194.0/24
176.106.186.0/23
193.142.188.0/22
195.216.208.0/23
IPv6:
2a0c:9b40::/29
Signature Algorithm: sha256WithRSAEncryption
ac:38:0a:5f:02:9b:71:b9:bb:95:a4:bb:25:cb:4a:78:f8:4d:
30:0e:d3:ab:fc:b2:61:cc:3e:0a:09:a9:68:ba:95:74:7a:37:
94:28:c7:a8:ff:c2:61:05:ca:f8:97:8a:00:3f:50:b4:77:68:
29:12:fc:f8:5d:56:80:52:c3:d5:2d:ad:3e:19:47:a4:ed:e1:
c2:e2:c3:d6:d8:b4:f2:62:6f:a5:6e:78:92:c2:f3:91:99:0f:
a8:f7:77:0e:3d:fe:e2:40:63:b2:0d:59:a3:a1:23:15:0c:32:
04:88:b6:c6:b0:09:21:46:2c:c6:13:de:38:af:f1:2e:b7:10:
b1:ec:8b:e8:24:81:62:0a:1c:aa:62:dc:9a:09:63:f6:88:f1:
6e:1b:16:0d:92:4c:5e:93:04:9c:e5:e8:51:30:60:89:b6:03:
a5:7f:31:55:c3:9a:30:cb:7d:c6:93:af:f0:be:bc:13:04:a5:
57:e7:15:4b:d7:d2:5c:5b:f7:0b:0d:2c:49:8c:19:91:72:20:
82:bc:8f:dc:9a:5b:97:64:a5:47:a9:65:5a:28:b1:0d:8c:55:
3f:ea:b0:f2:7d:88:00:2e:71:5b:54:97:aa:da:4b:01:7d:42:
81:61:6b:c6:56:01:05:13:a2:b5:d7:0d:45:f7:6b:e2:ee:f7:
fa:35:3c:ca
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZbQwjPFymaZECStaMwrlj35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2OTRmMDA1ZjU5NzdjMzIzZWNkYmVhOWM1ZjhjY2EzNjll
NjVjNjcwHhcNMjUwNTE0MjE0NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQxZmRjMDcyMWJmOGVhYzJhODliYjI0MTExZWUyMTdiNTA5MzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyz/3AwbC/syt0ev8wK1FrQMhE1fe
7TsmNrm3XrJZBnbr4NXFez3cS6QNId53m78Iilhw0/Jpq/oCHdlvGd/aqdh1dhw6
X1CNmJNCanP2+jcCP2/r7dHJtxS1eW5TDuq3mfZTpubA1w11EHTDxXWNHIF6lMAK
YsCVC2tqrID/doJkwkrjuByUXqfvYeomm3Hq5Bj2ZD6uAygrVHtuni+SSptSzLAC
d7cAAjW4T5OVImbJAQUQPfvh8s/ULEToqr7UjHce2e+72VdprqgGjUTLpXiKEyEN
t7WKm3M1WP7wjuFtrPAcBCORu0xsRkFtuIU2QohVJJsoTE6khsYEyxNz0wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFG5B/cByG/jqwqibskER7iF7UJNXMB8GA1UdIwQY
MBaAFKaU8AX1l3wyPs2+qcX4zKNp5lxnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHBUd0JmV1hmREktemI2cHhmak1vMm5tWEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9jNzkxODctMGQ3YS00OTBiLTkyYjAt
MWI1MjdjZTE2NTExLzEvYmtIOXdISWItT3JDcUp1eVFSSHVJWHRRazFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9jNzkxODctMGQ3YS00OTBiLTkyYjAtMWI1MjdjZTE2NTEx
LzEvcHBUd0JmV1hmREktemI2cHhmak1vMm5tWEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAbc3CAwQB
sGq6AwQCwY68AwQBw9jQMA0EAgACMAcDBQMqDJtAMA0GCSqGSIb3DQEBCwUAA4IB
AQCsOApfAptxubuVpLsly0p4+E0wDtOr/LJhzD4KCaloupV0ejeUKMeo/8JhBcr4
l4oAP1C0d2gpEvz4XVaAUsPVLa0+GUek7eHC4sPW2LTyYm+lbniSwvORmQ+o93cO
Pf7iQGOyDVmjoSMVDDIEiLbGsAkhRizGE944r/EutxCx7IvoJIFiChyqYtyaCWP2
iPFuGxYNkkxekwSc5ehRMGCJtgOlfzFVw5owy33Gk6/wvrwTBKVX5xVL19JcW/cL
DSxJjBmRciCCvI/cmluXZKVHqWVaKLENjFU/6rDyfYgALnFbVJeq2ksBfUKBYWvG
VgEFE6K11w1F92vi7vf6NTzK
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:26:02 2025 by rpki-client