Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/Bs0O01jXAqadcOrA_652_6vgquk.roa
File: Bs0O01jXAqadcOrA_652_6vgquk.roa (raw, json)
Hash identifier: hEdFCfeLg1JToe8V2oyy+hkNpnht00+5NYTQRgNDOq8=
Subject key identifier: 06:CD:0E:D3:58:D7:02:A6:9D:70:EA:C0:FF:AE:76:FF:AB:E0:AA:E9
Certificate issuer: /CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Certificate serial: 0196F28832460C07D3C9C40793DF09755312
Authority key identifier: D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/Bs0O01jXAqadcOrA_652_6vgquk.roa
Signing time: Wed 21 May 2025 11:08:53 +0000
ROA not before: Wed 21 May 2025 11:08:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50607
IP address blocks: 91.198.97.0/24 maxlen: 24
109.207.105.0/24 maxlen: 24
176.126.56.0/22 maxlen: 24
176.126.56.0/24 maxlen: 24
176.126.57.0/24 maxlen: 24
176.126.59.0/24 maxlen: 24
2001:67c:778::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.mft
rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 02:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f2:88:32:46:0c:07:d3:c9:c4:07:93:df:09:75:53:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d56f07be184cba52f6fdc049e8114d2616c32a
Validity
Not Before: May 21 11:08:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06cd0ed358d702a69d70eac0ffae76ffabe0aae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5f:c4:a9:f0:49:fc:24:5a:d1:7e:50:f8:9f:
1f:8e:2a:ad:4a:1e:92:63:e3:3b:ad:bd:e2:e2:02:
af:39:fc:3c:13:59:9c:09:00:b9:7b:2b:5b:0d:c3:
f4:3b:a3:94:eb:aa:7a:0a:7d:a4:16:0e:da:8f:42:
39:d0:63:ec:4f:2b:5c:3f:a5:c2:ce:a9:f6:7b:60:
5f:c8:df:62:35:48:18:06:2e:ee:d0:9e:cb:ee:42:
91:77:bb:57:f2:0f:6c:68:a2:69:8d:07:71:fe:d0:
3f:87:3e:0d:bd:60:66:c3:81:e7:61:97:f1:c4:bc:
6d:f6:6f:82:24:a7:a8:01:95:14:cc:0d:f6:66:d3:
48:03:6e:15:63:dc:bc:b5:8a:ae:0d:43:0d:51:ba:
02:d4:5d:05:bb:b8:75:ba:13:36:79:bf:b8:1d:9a:
40:63:84:e0:37:c6:30:93:40:fd:1b:41:cc:2a:18:
3f:c7:eb:dd:f2:03:52:0f:33:b4:cf:0d:4f:43:66:
e4:e2:0d:b7:dd:b5:be:ac:d8:e1:90:7d:86:67:1e:
8e:e3:92:77:36:06:e1:39:ad:45:c9:44:38:b1:26:
a6:14:d2:7b:95:20:c8:18:19:80:92:95:72:85:10:
15:07:d3:e2:c5:78:23:81:90:9e:eb:d0:6c:d6:c0:
e2:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:CD:0E:D3:58:D7:02:A6:9D:70:EA:C0:FF:AE:76:FF:AB:E0:AA:E9
X509v3 Authority Key Identifier:
keyid:D3:D5:6F:07:BE:18:4C:BA:52:F6:FD:C0:49:E8:11:4D:26:16:C3:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09VvB74YTLpS9v3ASegRTSYWwyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/Bs0O01jXAqadcOrA_652_6vgquk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/5786ab-067e-440c-b276-1b06d1c704c1/1/09VvB74YTLpS9v3ASegRTSYWwyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.97.0/24
109.207.105.0/24
176.126.56.0/22
IPv6:
2001:67c:778::/48
Signature Algorithm: sha256WithRSAEncryption
c1:cb:2c:39:bd:cc:2d:d7:84:33:f5:57:0c:d2:05:1c:5d:d1:
26:19:0d:1a:a7:da:de:ab:e2:8d:4b:e8:ca:43:ef:f1:85:31:
17:e6:ab:72:2b:cd:ba:06:f8:23:95:37:ed:09:56:a1:14:0c:
e1:41:75:18:3b:c7:b3:14:9c:e5:44:09:ab:70:52:32:9f:cb:
c5:f5:81:5e:d1:c9:b1:8b:aa:17:7b:1a:4f:c5:ca:cf:59:3d:
e5:36:97:5a:a3:1c:c9:f4:f7:72:b4:12:28:45:49:86:09:40:
08:d1:75:71:2b:74:a8:91:8a:3d:58:bb:31:7e:c6:48:6f:80:
14:45:76:05:0a:a1:8e:97:d1:7e:08:2f:5b:5c:74:a6:8b:ad:
bb:26:6e:21:ba:0f:13:2e:06:e6:8e:22:46:30:52:3a:e3:8c:
c3:81:35:4e:f2:2c:52:0e:59:cf:50:86:e1:cd:63:a8:7b:97:
0b:b3:15:2f:e3:d6:f8:51:2a:f5:df:a4:22:44:76:9d:3c:bc:
f8:90:39:a8:26:92:51:67:3c:6e:74:d7:b4:82:e5:9e:ce:83:
6f:92:4d:8f:7c:9b:52:70:8c:fa:e8:a8:00:b8:b7:f0:bb:78:
e4:96:32:43:5c:8b:f0:db:90:09:9d:8b:c2:57:ac:a2:7f:b9:
08:75:0e:51
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZbyiDJGDAfTycQHk98JdVMSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDU2ZjA3YmUxODRjYmE1MmY2ZmRjMDQ5ZTgxMTRkMjYx
NmMzMmEwHhcNMjUwNTIxMTEwODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmNkMGVkMzU4ZDcwMmE2OWQ3MGVhYzBmZmFlNzZmZmFiZTBhYWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAll/EqfBJ/CRa0X5Q+J8fjiqtSh6S
Y+M7rb3i4gKvOfw8E1mcCQC5eytbDcP0O6OU66p6Cn2kFg7aj0I50GPsTytcP6XC
zqn2e2BfyN9iNUgYBi7u0J7L7kKRd7tX8g9saKJpjQdx/tA/hz4NvWBmw4HnYZfx
xLxt9m+CJKeoAZUUzA32ZtNIA24VY9y8tYquDUMNUboC1F0Fu7h1uhM2eb+4HZpA
Y4TgN8Ywk0D9G0HMKhg/x+vd8gNSDzO0zw1PQ2bk4g233bW+rNjhkH2GZx6O45J3
NgbhOa1FyUQ4sSamFNJ7lSDIGBmAkpVyhRAVB9PixXgjgZCe69Bs1sDiUQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAbNDtNY1wKmnXDqwP+udv+r4KrpMB8GA1UdIwQY
MBaAFNPVbwe+GEy6Uvb9wEnoEU0mFsMqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYt
MWIwNmQxYzcwNGMxLzEvQnMwTzAxalhBcWFkY09yQV82NTJfNnZncXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC81Nzg2YWItMDY3ZS00NDBjLWIyNzYtMWIwNmQxYzcwNGMx
LzEvMDlWdkI3NFlUTHBTOXYzQVNlZ1JUU1lXd3lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAW8ZhAwQA
bc9pAwQCsH44MA8EAgACMAkDBwAgAQZ8B3gwDQYJKoZIhvcNAQELBQADggEBAMHL
LDm9zC3XhDP1VwzSBRxd0SYZDRqn2t6r4o1L6MpD7/GFMRfmq3IrzboG+COVN+0J
VqEUDOFBdRg7x7MUnOVECatwUjKfy8X1gV7RybGLqhd7Gk/Fys9ZPeU2l1qjHMn0
93K0EihFSYYJQAjRdXErdKiRij1YuzF+xkhvgBRFdgUKoY6X0X4IL1tcdKaLrbsm
biG6DxMuBuaOIkYwUjrjjMOBNU7yLFIOWc9QhuHNY6h7lwuzFS/j1vhRKvXfpCJE
dp08vPiQOagmklFnPG5017SC5Z7Og2+STY98m1JwjProqAC4t/C7eOSWMkNci/Db
kAmdi8JXrKJ/uQh1DlE=
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:20:11 2025 by rpki-client