
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/34471f-0baf-433b-b86a-acd742fe0986/1/bXVS5mI2QC2X8Npqw2zgeMvzZio.roa
File: bXVS5mI2QC2X8Npqw2zgeMvzZio.roa (raw, json)
Hash identifier: YihnpRgvmynX6iNjPt2Vld1lT9ag6tArhPWgTRWMFzI=
Subject key identifier: 6D:75:52:E6:62:36:40:2D:97:F0:DA:6A:C3:6C:E0:78:CB:F3:66:2A
Certificate issuer: /CN=174f8cb77c4d069d34abbf513d695ea99a3e7f1a
Certificate serial: 019F12EE52DA632C693F9371678DB54805B3
Authority key identifier: 17:4F:8C:B7:7C:4D:06:9D:34:AB:BF:51:3D:69:5E:A9:9A:3E:7F:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F0-Mt3xNBp00q79RPWleqZo-fxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/34471f-0baf-433b-b86a-acd742fe0986/1/bXVS5mI2QC2X8Npqw2zgeMvzZio.roa
Signing time: Mon 29 Jun 2026 10:30:36 +0000
ROA not before: Mon 29 Jun 2026 10:30:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198857
IP address blocks: 91.223.250.0/24 maxlen: 24
194.113.248.0/24 maxlen: 24
194.116.154.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/34471f-0baf-433b-b86a-acd742fe0986/1/F0-Mt3xNBp00q79RPWleqZo-fxo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/34471f-0baf-433b-b86a-acd742fe0986/1/F0-Mt3xNBp00q79RPWleqZo-fxo.mft
rsync://rpki.ripe.net/repository/DEFAULT/F0-Mt3xNBp00q79RPWleqZo-fxo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 20:30:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:12:ee:52:da:63:2c:69:3f:93:71:67:8d:b5:48:05:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=174f8cb77c4d069d34abbf513d695ea99a3e7f1a
Validity
Not Before: Jun 29 10:30:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6d7552e66236402d97f0da6ac36ce078cbf3662a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a9:2d:8e:b8:11:11:08:21:16:3e:6f:39:a9:
09:af:6e:78:df:d3:03:93:b9:db:41:22:55:f6:a1:
cc:cb:9b:3f:c7:a2:77:f0:42:a3:54:31:d0:54:85:
0c:33:ef:51:c8:b4:ed:e2:3d:2f:89:b3:44:47:4c:
16:82:be:65:5d:32:a6:e6:f3:c4:86:8c:9d:83:d1:
82:0b:7e:54:b1:0e:87:88:f2:3e:82:16:c9:da:b7:
f0:31:da:1c:ef:2e:e8:2f:03:90:15:b2:08:87:01:
52:9d:93:ca:70:a8:d4:f1:e6:b1:d0:4e:7c:3c:1c:
ff:09:14:3d:c8:cb:6f:0e:f1:d5:c2:87:37:cb:9c:
d0:ed:7c:f2:86:4e:bb:bb:db:ee:53:c0:20:df:ae:
f6:77:ce:f7:93:f7:2a:94:88:b8:93:f2:ee:97:31:
69:54:e3:0b:0a:22:07:e7:9a:5e:74:ed:0a:d0:f7:
ad:95:03:39:d0:46:be:19:d5:60:dc:5c:e7:bf:41:
56:99:50:a7:52:02:e4:94:a0:fc:7f:dd:44:f1:f7:
0f:c3:aa:4b:91:64:97:88:35:8a:f7:30:ff:cd:9c:
43:dd:60:ba:6a:f9:c9:be:c2:27:1b:49:6f:72:b7:
19:5d:36:76:95:c0:47:54:48:33:86:59:d6:74:20:
de:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:75:52:E6:62:36:40:2D:97:F0:DA:6A:C3:6C:E0:78:CB:F3:66:2A
X509v3 Authority Key Identifier:
keyid:17:4F:8C:B7:7C:4D:06:9D:34:AB:BF:51:3D:69:5E:A9:9A:3E:7F:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F0-Mt3xNBp00q79RPWleqZo-fxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/34471f-0baf-433b-b86a-acd742fe0986/1/bXVS5mI2QC2X8Npqw2zgeMvzZio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/34471f-0baf-433b-b86a-acd742fe0986/1/F0-Mt3xNBp00q79RPWleqZo-fxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.250.0/24
194.113.248.0/24
194.116.154.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:a0:da:6f:98:0c:ae:de:7c:c0:f7:53:29:44:19:e5:c4:ca:
18:60:83:e3:01:de:1a:23:cb:11:c4:04:36:8c:56:5a:7c:8c:
c1:2b:51:72:53:7f:0f:50:03:0a:6d:bc:90:bb:8b:c7:de:bf:
73:d1:d1:fa:78:e9:75:d3:ed:2b:04:c8:33:e6:a8:12:4b:28:
36:b3:fe:af:47:a8:45:d3:fc:d4:d8:52:ba:a0:02:44:75:57:
52:c5:01:fd:7d:85:26:ac:df:f2:d1:c1:e3:16:69:7b:ac:3f:
d9:b0:b4:17:cb:f7:05:21:d3:bf:a1:ae:5a:97:ed:8f:7c:65:
34:52:03:ea:3f:41:3f:59:fe:26:87:37:fe:4a:fc:5a:ff:31:
c5:0e:50:33:46:d5:a2:ca:bb:0b:c5:8d:63:55:6f:ce:25:7b:
1c:59:83:1b:24:7c:d9:c9:5c:42:e3:fc:1e:c9:be:77:18:90:
1b:74:a4:ff:b6:af:e9:2f:96:f5:d9:da:cc:1a:d2:db:cb:c1:
24:05:c3:f5:45:c0:4f:f0:e7:dc:bf:a9:fe:c4:cf:9a:89:95:
1f:6b:6b:c5:aa:d7:10:39:45:fc:9c:8b:7c:e3:22:86:fe:3b:
48:61:d6:c8:ae:11:d3:bc:47:8f:bb:6e:0a:18:f2:22:12:f5:
2e:d9:89:55
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ8S7lLaYyxpP5NxZ421SAWzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NGY4Y2I3N2M0ZDA2OWQzNGFiYmY1MTNkNjk1ZWE5OWEz
ZTdmMWEwHhcNMjYwNjI5MTAzMDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDc1NTJlNjYyMzY0MDJkOTdmMGRhNmFjMzZjZTA3OGNiZjM2NjJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqktjrgREQghFj5vOakJr25439MD
k7nbQSJV9qHMy5s/x6J38EKjVDHQVIUMM+9RyLTt4j0vibNER0wWgr5lXTKm5vPE
hoydg9GCC35UsQ6HiPI+ghbJ2rfwMdoc7y7oLwOQFbIIhwFSnZPKcKjU8eax0E58
PBz/CRQ9yMtvDvHVwoc3y5zQ7Xzyhk67u9vuU8Ag3672d873k/cqlIi4k/LulzFp
VOMLCiIH55pedO0K0PetlQM50Ea+GdVg3Fznv0FWmVCnUgLklKD8f91E8fcPw6pL
kWSXiDWK9zD/zZxD3WC6avnJvsInG0lvcrcZXTZ2lcBHVEgzhlnWdCDe6wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG11UuZiNkAtl/DaasNs4HjL82YqMB8GA1UdIwQY
MBaAFBdPjLd8TQadNKu/UT1pXqmaPn8aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjAtTXQzeE5CcDAwcTc5UlBXbGVxWm8tZnhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zNDQ3MWYtMGJhZi00MzNiLWI4NmEt
YWNkNzQyZmUwOTg2LzEvYlhWUzVtSTJRQzJYOE5wcXcyemdlTXZ6WmlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zNDQ3MWYtMGJhZi00MzNiLWI4NmEtYWNkNzQyZmUwOTg2
LzEvRjAtTXQzeE5CcDAwcTc5UlBXbGVxWm8tZnhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9/6AwQA
wnH4AwQBwnSaMA0GCSqGSIb3DQEBCwUAA4IBAQCroNpvmAyu3nzA91MpRBnlxMoY
YIPjAd4aI8sRxAQ2jFZafIzBK1FyU38PUAMKbbyQu4vH3r9z0dH6eOl10+0rBMgz
5qgSSyg2s/6vR6hF0/zU2FK6oAJEdVdSxQH9fYUmrN/y0cHjFml7rD/ZsLQXy/cF
IdO/oa5al+2PfGU0UgPqP0E/Wf4mhzf+Svxa/zHFDlAzRtWiyrsLxY1jVW/OJXsc
WYMbJHzZyVxC4/weyb53GJAbdKT/tq/pL5b12drMGtLby8EkBcP1RcBP8Ofcv6n+
xM+aiZUfa2vFqtcQOUX8nIt84yKG/jtIYdbIrhHTvEePu24KGPIiEvUu2YlV
-----END CERTIFICATE-----
Generated at Wed Jul 1 04:19:43 2026 by rpki-client