Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/BSJwseKs8IstwvoydvzKDO4yjpk.roa
File: BSJwseKs8IstwvoydvzKDO4yjpk.roa (raw, json)
Hash identifier: 6WIA++2azmJG3DLJYorfCdBV6cXv3FDFWjwIcVYK2xA=
Subject key identifier: 05:22:70:B1:E2:AC:F0:8B:2D:C2:FA:32:76:FC:CA:0C:EE:32:8E:99
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019CDF70B471CEE608ED652E068FAFF9232F
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/BSJwseKs8IstwvoydvzKDO4yjpk.roa
Signing time: Thu 12 Mar 2026 00:27:11 +0000
ROA not before: Thu 12 Mar 2026 00:27:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 5.182.184.0/24 maxlen: 24
5.182.196.0/24 maxlen: 24
5.182.197.0/24 maxlen: 24
79.98.183.0/24 maxlen: 24
92.249.30.0/24 maxlen: 24
103.111.32.0/24 maxlen: 24
103.130.179.0/24 maxlen: 24
103.210.13.0/24 maxlen: 24
147.78.207.0/24 maxlen: 24
149.126.13.0/24 maxlen: 24
185.52.138.0/24 maxlen: 24
185.187.213.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.205.207.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
185.230.120.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
185.230.123.0/24 maxlen: 24
192.145.69.0/24 maxlen: 24
212.60.13.0/24 maxlen: 24
2a0a:8f40:1c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 21 Mar 2026 20:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:df:70:b4:71:ce:e6:08:ed:65:2e:06:8f:af:f9:23:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Mar 12 00:27:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=052270b1e2acf08b2dc2fa3276fcca0cee328e99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8c:9d:d4:60:3c:de:58:56:d7:71:c1:cf:7a:
39:cb:22:35:d4:ec:ec:54:b5:36:4d:4a:f1:a3:6b:
da:6d:7f:e8:e4:7e:b7:73:2a:24:28:e3:68:09:06:
99:9c:5c:53:98:91:78:dd:4b:9f:5a:9f:f6:7e:79:
13:64:f3:f2:87:48:0e:b7:e5:d5:a6:ad:fe:21:af:
92:e3:f9:4d:70:c8:d1:01:fc:08:8b:ba:c2:c3:49:
c6:6f:04:4f:98:16:d4:07:f3:16:e6:62:0a:05:2a:
cc:e4:1c:3f:b1:18:77:03:1e:59:15:4a:f9:25:16:
82:2f:80:10:2a:da:f1:e3:b5:0e:99:17:cb:72:40:
4b:09:3e:9a:dc:f1:00:13:47:97:0c:de:4b:2c:36:
aa:cf:14:4c:f8:8f:ba:bb:f3:49:73:f6:03:42:fb:
b7:19:65:c1:9b:33:6b:37:ca:b0:84:11:b6:4a:a8:
a8:31:f1:c8:30:e9:67:d1:c0:e8:2b:5c:8f:ca:37:
1d:89:03:1a:7a:28:b6:28:5f:f6:a6:a7:29:5e:65:
be:45:39:20:31:47:ca:3f:d2:6a:b8:eb:4f:5f:89:
63:9b:39:09:c1:32:d1:c5:12:d5:85:33:d9:a6:ba:
02:a0:01:ec:a3:c7:34:52:f2:19:28:2c:26:80:3b:
7b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:22:70:B1:E2:AC:F0:8B:2D:C2:FA:32:76:FC:CA:0C:EE:32:8E:99
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/BSJwseKs8IstwvoydvzKDO4yjpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.184.0/24
5.182.196.0/23
79.98.183.0/24
92.249.30.0/24
103.111.32.0/24
103.130.179.0/24
103.210.13.0/24
147.78.207.0/24
149.126.13.0/24
185.52.138.0/24
185.187.213.0-185.187.215.255
185.205.207.0/24
185.208.153.0-185.208.154.255
185.230.120.0/23
185.230.123.0/24
192.145.69.0/24
212.60.13.0/24
IPv6:
2a0a:8f40:1c::/48
Signature Algorithm: sha256WithRSAEncryption
78:d0:42:ad:bc:da:d9:fb:81:d4:e8:be:b7:fd:69:e2:e1:b5:
19:f1:2b:36:09:f2:c4:3a:3a:7a:1e:13:ab:7d:3d:96:73:d4:
cb:47:86:c9:3b:6b:42:79:01:50:b4:17:82:62:ff:a7:2f:0b:
b5:64:59:36:b3:cb:ee:99:fc:de:0e:38:25:01:75:24:c4:36:
52:77:32:b6:3e:73:ab:0f:b4:2d:f9:88:23:af:b2:3e:ff:85:
4e:3f:33:40:5d:0b:0b:c5:a1:a2:2a:3f:17:89:e2:00:7e:22:
cc:c8:19:fe:cb:37:2b:25:f3:7e:b4:15:42:a0:dd:32:81:83:
49:8e:17:13:89:5f:20:c0:80:51:a7:f9:1b:e3:70:08:89:a1:
7c:8f:4f:14:c7:10:82:a4:e4:00:31:4e:31:53:1c:4f:00:d4:
5b:c7:1d:fd:f6:e6:02:52:7b:c4:92:a4:2b:0c:af:80:63:5e:
0a:a1:90:4e:ae:43:0c:6e:06:77:6d:a1:f8:bb:36:85:46:01:
22:cc:26:83:67:67:28:2c:fe:4c:0d:d2:04:8e:6f:47:88:93:
f4:51:b2:7b:ed:15:c8:4e:b4:da:45:94:af:31:0e:76:d4:f7:
fa:1c:13:85:cb:5f:e1:b6:8b:30:c7:5a:ca:c5:55:eb:db:9e:
5d:0f:e1:42
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAZzfcLRxzuYI7WUuBo+v+SMvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjYwMzEyMDAyNzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTIyNzBiMWUyYWNmMDhiMmRjMmZhMzI3NmZjY2EwY2VlMzI4ZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIyd1GA83lhW13HBz3o5yyI11Ozs
VLU2TUrxo2vabX/o5H63cyokKONoCQaZnFxTmJF43UufWp/2fnkTZPPyh0gOt+XV
pq3+Ia+S4/lNcMjRAfwIi7rCw0nGbwRPmBbUB/MW5mIKBSrM5Bw/sRh3Ax5ZFUr5
JRaCL4AQKtrx47UOmRfLckBLCT6a3PEAE0eXDN5LLDaqzxRM+I+6u/NJc/YDQvu3
GWXBmzNrN8qwhBG2SqioMfHIMOln0cDoK1yPyjcdiQMaeii2KF/2pqcpXmW+RTkg
MUfKP9JquOtPX4ljmzkJwTLRxRLVhTPZproCoAHso8c0UvIZKCwmgDt7fwIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFAUicLHirPCLLcL6Mnb8ygzuMo6ZMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvQlNKd3NlS3M4SXN0d3ZveWR2ektETzR5anBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzB8BAIAATB2AwQABba4
AwQBBbbEAwQAT2K3AwQAXPkeAwQAZ28gAwQAZ4KzAwQAZ9INAwQAk07PAwQAlX4N
AwQAuTSKMAwDBAC5u9UDBAO5u9ADBAC5zc8wDAMEALnQmQMEALnQmgMEAbnmeAME
ALnmewMEAMCRRQMEANQ8DTAPBAIAAjAJAwcAKgqPQAAcMA0GCSqGSIb3DQEBCwUA
A4IBAQB40EKtvNrZ+4HU6L63/Wni4bUZ8Ss2CfLEOjp6HhOrfT2Wc9TLR4bJO2tC
eQFQtBeCYv+nLwu1ZFk2s8vumfzeDjglAXUkxDZSdzK2PnOrD7Qt+Ygjr7I+/4VO
PzNAXQsLxaGiKj8XieIAfiLMyBn+yzcrJfN+tBVCoN0ygYNJjhcTiV8gwIBRp/kb
43AIiaF8j08UxxCCpOQAMU4xUxxPANRbxx399uYCUnvEkqQrDK+AY14KoZBOrkMM
bgZ3baH4uzaFRgEizCaDZ2coLP5MDdIEjm9HiJP0UbJ77RXITrTaRZSvMQ521Pf6
HBOFy1/htoswx1rKxVXr255dD+FC
-----END CERTIFICATE-----
Generated at Sat Mar 21 06:49:43 2026 by rpki-client