Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/BqWFQfCpNOawJLR_2bQgKiWus78.roa
File: BqWFQfCpNOawJLR_2bQgKiWus78.roa (raw, json)
Hash identifier: dwDCQUgPm6/+eGPO1V7wb2aMqwp5qzv/WSd8fL7sTv4=
Subject key identifier: 06:A5:85:41:F0:A9:34:E6:B0:24:B4:7F:D9:B4:20:2A:25:AE:B3:BF
Certificate issuer: /CN=e15808f3f921bc8c3eea87c7584c584c1000b051
Certificate serial: 01992DE2864BDBAD3EC7E5CF71FB956987D0
Authority key identifier: E1:58:08:F3:F9:21:BC:8C:3E:EA:87:C7:58:4C:58:4C:10:00:B0:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VgI8_khvIw-6ofHWExYTBAAsFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/BqWFQfCpNOawJLR_2bQgKiWus78.roa
Signing time: Tue 09 Sep 2025 09:50:44 +0000
ROA not before: Tue 09 Sep 2025 09:50:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204860
IP address blocks: 45.158.88.0/22 maxlen: 22
194.180.110.0/24 maxlen: 24
194.180.115.0/24 maxlen: 24
194.180.150.0/24 maxlen: 24
194.180.154.0/24 maxlen: 24
2a0f:2a80::/29 maxlen: 48
2a0f:5880::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/4VgI8_khvIw-6ofHWExYTBAAsFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/4VgI8_khvIw-6ofHWExYTBAAsFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/4VgI8_khvIw-6ofHWExYTBAAsFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Sep 2025 18:34:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2d:e2:86:4b:db:ad:3e:c7:e5:cf:71:fb:95:69:87:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e15808f3f921bc8c3eea87c7584c584c1000b051
Validity
Not Before: Sep 9 09:50:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06a58541f0a934e6b024b47fd9b4202a25aeb3bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ff:ee:c3:6b:53:2a:72:24:09:0a:69:f5:ce:
ed:56:d1:23:43:9b:65:c3:85:11:78:cd:f8:6a:33:
37:dd:8b:dc:b7:36:e3:85:4d:e0:f4:fa:a0:c9:4e:
3a:d8:70:67:42:53:2f:55:ba:04:8a:df:0a:5a:4e:
5f:d0:b9:f3:30:2f:ef:a9:da:ec:c3:e2:70:43:70:
18:d1:bc:92:7b:47:5b:23:bc:2f:01:31:9c:e0:b7:
a0:72:54:a2:f3:17:7c:e0:10:64:68:54:f3:be:24:
54:00:76:9c:39:ea:5c:03:c6:d4:84:15:a1:d6:ba:
a8:d0:fd:ff:01:df:3a:23:34:1e:27:84:35:c4:36:
52:1b:ce:fd:ea:9b:de:87:36:d4:57:20:b9:57:12:
ed:38:13:7c:e2:27:52:0f:88:ce:ab:c3:22:a3:a9:
52:66:70:f7:29:1f:da:81:3e:ac:a2:5d:3f:f0:05:
a8:0c:a0:c0:9b:5a:69:eb:96:af:ec:be:7f:73:b6:
2f:da:eb:53:5a:92:62:02:15:0d:df:cc:71:fd:d6:
b7:6d:5e:1b:dc:9e:a5:6d:b7:4f:64:4c:19:3f:b6:
58:17:39:bf:b9:e0:fe:22:14:ee:6b:10:c7:9e:13:
98:98:ae:ac:31:a8:4c:e4:d7:96:46:82:99:12:02:
8a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A5:85:41:F0:A9:34:E6:B0:24:B4:7F:D9:B4:20:2A:25:AE:B3:BF
X509v3 Authority Key Identifier:
keyid:E1:58:08:F3:F9:21:BC:8C:3E:EA:87:C7:58:4C:58:4C:10:00:B0:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VgI8_khvIw-6ofHWExYTBAAsFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/BqWFQfCpNOawJLR_2bQgKiWus78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/8e8e82-5274-4d2f-8ca0-ab19fcb0ce64/1/4VgI8_khvIw-6ofHWExYTBAAsFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.88.0/22
194.180.110.0/24
194.180.115.0/24
194.180.150.0/24
194.180.154.0/24
IPv6:
2a0f:2a80::/29
2a0f:5880::/29
Signature Algorithm: sha256WithRSAEncryption
16:fc:cc:4f:48:75:5d:f1:0d:a3:a0:a3:bc:35:26:af:dc:99:
a3:50:eb:a3:fa:f9:0b:02:36:23:71:b4:ca:e1:b8:b6:73:27:
b4:26:66:01:2d:40:ce:de:20:38:56:0b:99:48:dc:cd:ae:08:
ae:10:25:52:ac:ec:b6:3b:10:f8:c9:67:eb:1f:cb:b1:66:35:
33:34:e7:28:e4:9c:a3:9d:4e:08:43:b3:77:c3:3a:1b:e8:a1:
91:83:2a:7a:d3:11:ba:9c:99:af:4a:83:28:52:a9:f5:6c:ea:
59:19:26:90:e7:9f:20:76:f1:2e:55:06:42:99:6a:02:45:29:
bc:0c:cd:98:a6:0b:ee:17:37:d1:9e:62:8c:63:9a:fe:59:a0:
a9:ed:d8:08:b3:29:d7:de:95:9b:91:ed:df:48:21:17:b9:9e:
8e:23:cb:3d:a5:99:ce:c0:5d:f2:56:27:cf:f0:49:14:ae:4f:
ee:f6:55:4b:2f:3b:6f:42:b8:ea:e9:db:fc:51:4b:c0:69:12:
13:a2:4a:16:b3:3f:41:46:a5:29:72:dd:11:de:45:ac:66:75:
cf:7f:ff:08:6b:08:b9:a0:bc:2c:de:a6:bc:39:e0:59:a0:61:
b2:8e:fc:96:7c:7b:4f:66:93:ce:6a:9c:13:5b:8b:eb:5b:ad:
71:89:61:de
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZkt4oZL260+x+XPcfuVaYfQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTgwOGYzZjkyMWJjOGMzZWVhODdjNzU4NGM1ODRjMTAw
MGIwNTEwHhcNMjUwOTA5MDk1MDQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmE1ODU0MWYwYTkzNGU2YjAyNGI0N2ZkOWI0MjAyYTI1YWViM2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf/uw2tTKnIkCQpp9c7tVtEjQ5tl
w4UReM34ajM33YvctzbjhU3g9PqgyU462HBnQlMvVboEit8KWk5f0LnzMC/vqdrs
w+JwQ3AY0bySe0dbI7wvATGc4LegclSi8xd84BBkaFTzviRUAHacOepcA8bUhBWh
1rqo0P3/Ad86IzQeJ4Q1xDZSG8796pvehzbUVyC5VxLtOBN84idSD4jOq8Mio6lS
ZnD3KR/agT6sol0/8AWoDKDAm1pp65av7L5/c7Yv2utTWpJiAhUN38xx/da3bV4b
3J6lbbdPZEwZP7ZYFzm/ueD+IhTuaxDHnhOYmK6sMahM5NeWRoKZEgKKQQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFAalhUHwqTTmsCS0f9m0IColrrO/MB8GA1UdIwQY
MBaAFOFYCPP5IbyMPuqHx1hMWEwQALBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZnSThfa2h2SXctNm9mSFdFeFlUQkFBc0ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC84ZThlODItNTI3NC00ZDJmLThjYTAt
YWIxOWZjYjBjZTY0LzEvQnFXRlFmQ3BOT2F3SkxSXzJiUWdLaVd1czc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC84ZThlODItNTI3NC00ZDJmLThjYTAtYWIxOWZjYjBjZTY0
LzEvNFZnSThfa2h2SXctNm9mSFdFeFlUQkFBc0ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCLZ5YAwQA
wrRuAwQAwrRzAwQAwrSWAwQAwrSaMBQEAgACMA4DBQMqDyqAAwUDKg9YgDANBgkq
hkiG9w0BAQsFAAOCAQEAFvzMT0h1XfENo6CjvDUmr9yZo1Dro/r5CwI2I3G0yuG4
tnMntCZmAS1Azt4gOFYLmUjcza4IrhAlUqzstjsQ+Mln6x/LsWY1MzTnKOSco51O
CEOzd8M6G+ihkYMqetMRupyZr0qDKFKp9WzqWRkmkOefIHbxLlUGQplqAkUpvAzN
mKYL7hc30Z5ijGOa/lmgqe3YCLMp196Vm5Ht30ghF7mejiPLPaWZzsBd8lYnz/BJ
FK5P7vZVSy87b0K46unb/FFLwGkSE6JKFrM/QUalKXLdEd5FrGZ1z3//CGsIuaC8
LN6mvDngWaBhso78lnx7T2aTzmqcE1uL61utcYlh3g==
-----END CERTIFICATE-----
Generated at Wed Sep 17 01:29:43 2025 by rpki-client