Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BRDZdZqvvlTsFIN1wdcb255eNEY.roa
File: BRDZdZqvvlTsFIN1wdcb255eNEY.roa (raw, json)
Hash identifier: VAuPTjbc9RGe1mqdIWXBye9tyfO0ZOK/5udWJ68j6Z8=
Subject key identifier: 05:10:D9:75:9A:AF:BE:54:EC:14:83:75:C1:D7:1B:DB:9E:5E:34:46
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019ECF98BE1F9F20DC4488508855D6ADA738
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BRDZdZqvvlTsFIN1wdcb255eNEY.roa
Signing time: Tue 16 Jun 2026 08:42:34 +0000
ROA not before: Tue 16 Jun 2026 08:42:34 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 45.8.23.0/24 maxlen: 24
45.90.17.0/24 maxlen: 24
45.131.134.0/24 maxlen: 24
45.131.135.0/24 maxlen: 24
185.108.204.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.199.158.0/24 maxlen: 24
185.199.159.0/24 maxlen: 24
185.206.249.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.152.0/24 maxlen: 24
185.210.154.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.214.102.0/24 maxlen: 24
185.214.103.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.221.20.0/24 maxlen: 24
185.222.28.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.1.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.225.3.0/24 maxlen: 24
185.225.21.0/24 maxlen: 24
185.225.22.0/24 maxlen: 24
185.226.104.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.72.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.230.53.0/24 maxlen: 24
185.230.67.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
185.234.22.0/24 maxlen: 24
185.240.120.0/23 maxlen: 24
185.246.112.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.113.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
193.58.144.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.146.0/24 maxlen: 24
194.5.65.0/24 maxlen: 24
194.5.67.0/24 maxlen: 24
194.76.169.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Jun 2026 02:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:cf:98:be:1f:9f:20:dc:44:88:50:88:55:d6:ad:a7:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jun 16 08:42:34 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0510d9759aafbe54ec148375c1d71bdb9e5e3446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c8:e7:9b:42:2a:76:c6:6f:7c:23:87:73:c6:
c1:c8:77:7c:78:aa:62:d8:ad:17:d5:0c:2f:2c:d7:
0f:5a:44:17:f5:ab:3a:2d:45:bd:7a:bc:29:67:eb:
39:fd:86:58:aa:aa:94:79:fd:9e:11:de:c2:4d:dc:
6d:12:f7:92:21:56:9a:a1:c9:74:30:0c:62:6d:45:
1f:68:f5:14:ae:f9:67:a6:4c:2d:07:52:f8:88:63:
1c:8f:c6:ac:2a:2b:33:06:e3:b2:44:df:e5:6e:d2:
ce:e6:b5:b0:37:bc:ea:89:df:50:66:1e:62:0a:6a:
42:fd:09:e2:44:f4:dc:9d:ab:c9:86:dd:76:f4:65:
d0:56:6b:35:6d:b7:26:33:a6:14:c5:b3:4d:cd:3d:
f1:ff:d6:af:55:c8:6b:78:cd:68:4f:60:db:51:2e:
56:f3:e2:8c:79:7f:75:98:1b:b1:9e:95:ac:71:2a:
e5:75:78:5d:0f:fc:be:13:63:07:93:12:cd:3e:de:
fb:88:bf:88:38:b8:b5:d1:1a:bb:77:4f:5e:89:64:
cd:fa:a7:0c:57:0c:11:77:a4:6e:8a:a1:6a:28:fc:
a1:23:da:71:96:73:70:ea:46:c1:97:47:18:c8:3b:
8d:38:e1:d5:0d:a1:45:d3:78:93:77:1c:28:e3:d5:
da:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:10:D9:75:9A:AF:BE:54:EC:14:83:75:C1:D7:1B:DB:9E:5E:34:46
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/BRDZdZqvvlTsFIN1wdcb255eNEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.23.0/24
45.90.17.0/24
45.131.134.0/23
185.108.204.0/24
185.126.82.0/24
185.199.54.0/24
185.199.158.0/23
185.206.249.0/24
185.206.251.0/24
185.209.38.0/24
185.209.73.0-185.209.75.255
185.210.152.0/24
185.210.154.0/24
185.210.233.0/24
185.210.235.0/24
185.214.102.0/23
185.214.108.0/24
185.218.20.0/24
185.218.101.0/24
185.220.248.0/22
185.221.20.0/24
185.222.28.0/23
185.223.80.0/24
185.223.155.0/24
185.225.0.0/22
185.225.21.0-185.225.22.255
185.226.104.0/24
185.226.107.0/24
185.227.144.0/24
185.227.146.0/23
185.228.72.0/24
185.228.75.0/24
185.230.53.0/24
185.230.67.0/24
185.232.206.0/24
185.234.22.0/24
185.240.120.0/23
185.246.112.0/24
193.8.112.0-193.8.114.255
193.58.144.0/24
193.58.146.0/23
194.5.65.0/24
194.5.67.0/24
194.76.169.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
49:39:7f:18:e6:d4:af:3f:32:b2:02:6a:d1:48:0e:75:da:ed:
8e:4c:a6:02:a1:fe:d7:4e:37:ea:8d:9a:61:a5:b5:ad:af:c5:
78:3a:0a:fb:45:76:8e:c0:d9:3b:5e:1f:0c:b0:42:ff:7c:0a:
36:d1:f5:c9:1c:b5:5a:ae:c1:7c:15:ad:02:bf:af:1a:1d:60:
3a:e1:24:c6:3f:39:ae:69:b6:da:b7:f2:9a:a7:56:cd:64:3c:
0c:e9:84:8c:56:11:a3:ea:d3:8f:3d:f9:c9:3d:64:0f:73:ed:
b2:49:85:6b:34:93:2b:30:08:90:c4:b2:71:b1:58:ac:07:bb:
31:b6:e5:db:65:a4:9c:37:0c:25:89:0c:37:7a:df:17:33:af:
27:bb:12:06:f8:15:37:d7:e1:6e:8d:9c:90:92:f2:0c:f7:a8:
97:e4:b4:30:5d:71:87:0e:ec:78:2c:95:7e:41:93:b0:12:a8:
09:c3:88:42:e5:6a:11:32:d8:1b:2a:f0:63:29:2f:0c:88:f1:
a7:b5:0c:94:22:55:8f:af:85:b2:6c:89:8a:0c:66:2e:01:9f:
4f:62:35:cf:85:9d:2f:f8:33:9d:72:39:d5:4e:3d:ff:ac:57:
07:49:b7:62:15:e6:67:08:66:ce:69:99:03:22:72:ce:12:2c:
3d:0b:fc:5c
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgISAZ7PmL4fnyDcRIhQiFXWrac4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjYwNjE2MDg0MjM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTEwZDk3NTlhYWZiZTU0ZWMxNDgzNzVjMWQ3MWJkYjllNWUzNDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMjnm0IqdsZvfCOHc8bByHd8eKpi
2K0X1QwvLNcPWkQX9as6LUW9erwpZ+s5/YZYqqqUef2eEd7CTdxtEveSIVaaocl0
MAxibUUfaPUUrvlnpkwtB1L4iGMcj8asKiszBuOyRN/lbtLO5rWwN7zqid9QZh5i
CmpC/QniRPTcnavJht129GXQVms1bbcmM6YUxbNNzT3x/9avVchreM1oT2DbUS5W
8+KMeX91mBuxnpWscSrldXhdD/y+E2MHkxLNPt77iL+IOLi10Rq7d09eiWTN+qcM
VwwRd6RuiqFqKPyhI9pxlnNw6kbBl0cYyDuNOOHVDaFF03iTdxwo49XaIwIDAQAB
o4IDMzCCAy8wHQYDVR0OBBYEFAUQ2XWar75U7BSDdcHXG9ueXjRGMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvQlJEWmRacXZ2bFRzRklOMXdkY2IyNTVlTkVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRwYIKwYBBQUHAQcBAf8EggE2MIIBMjCCAS4EAgABMIIB
JgMEAC0IFwMEAC1aEQMEAS2DhgMEALlszAMEALl+UgMEALnHNgMEAbnHngMEALnO
+QMEALnO+wMEALnRJjAMAwQAudFJAwQCudFIAwQAudKYAwQAudKaAwQAudLpAwQA
udLrAwQBudZmAwQAudZsAwQAudoUAwQAudplAwQCudz4AwQAud0UAwQBud4cAwQA
ud9QAwQAud+bAwQCueEAMAwDBAC54RUDBAC54RYDBAC54mgDBAC54msDBAC545AD
BAG545IDBAC55EgDBAC55EsDBAC55jUDBAC55kMDBAC56M4DBAC56hYDBAG58HgD
BAC59nAwDAMEBMEIcAMEAMEIcgMEAME6kAMEAcE6kgMEAMIFQQMEAMIFQwMEAMJM
qQMEAMJ8RTANBgkqhkiG9w0BAQsFAAOCAQEASTl/GObUrz8ysgJq0UgOddrtjkym
AqH+10436o2aYaW1ra/FeDoK+0V2jsDZO14fDLBC/3wKNtH1yRy1Wq7BfBWtAr+v
Gh1gOuEkxj85rmm22rfymqdWzWQ8DOmEjFYRo+rTjz35yT1kD3PtskmFazSTKzAI
kMSycbFYrAe7Mbbl22WknDcMJYkMN3rfFzOvJ7sSBvgVN9fhbo2ckJLyDPeol+S0
MF1xhw7seCyVfkGTsBKoCcOIQuVqETLYGyrwYykvDIjxp7UMlCJVj6+FsmyJigxm
LgGfT2I1z4WdL/gznXI51U49/6xXB0m3YhXmZwhmzmmZAyJyzhIsPQv8XA==
-----END CERTIFICATE-----
Generated at Thu Jun 18 11:51:25 2026 by rpki-client