Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/350455-dd54-4def-8e91-add151666e2a/1/Bp5u105cLnSyMkxh7KOR948iXRI.roa
File: Bp5u105cLnSyMkxh7KOR948iXRI.roa (raw, json)
Hash identifier: dXsxv8eIa/K3JwhNWYfSnstzHLowcvi/gCcrVvFubck=
Subject key identifier: 06:9E:6E:D7:4E:5C:2E:74:B2:32:4C:61:EC:A3:91:F7:8F:22:5D:12
Certificate issuer: /CN=adb2f583f889dd4b134da56db45a3e25580b1b1d
Certificate serial: 01991A34111745AD79BE2AF19E641D2EB558
Authority key identifier: AD:B2:F5:83:F8:89:DD:4B:13:4D:A5:6D:B4:5A:3E:25:58:0B:1B:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rbL1g_iJ3UsTTaVttFo-JVgLGx0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/350455-dd54-4def-8e91-add151666e2a/1/Bp5u105cLnSyMkxh7KOR948iXRI.roa
Signing time: Fri 05 Sep 2025 14:07:23 +0000
ROA not before: Fri 05 Sep 2025 14:07:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8968
IP address blocks: 31.170.42.0/23 maxlen: 23
62.85.224.0/19 maxlen: 19
78.4.0.0/16 maxlen: 16
78.4.0.0/17 maxlen: 17
78.5.0.0/16 maxlen: 16
78.6.0.0/16 maxlen: 16
78.6.27.0/26 maxlen: 26
78.7.0.0/16 maxlen: 16
85.20.0.0/16 maxlen: 16
85.20.128.0/17 maxlen: 17
89.118.0.0/16 maxlen: 16
89.118.109.0/24 maxlen: 24
89.119.0.0/16 maxlen: 16
89.119.128.0/17 maxlen: 17
212.17.192.0/19 maxlen: 19
213.213.0.0/17 maxlen: 17
213.213.64.0/18 maxlen: 18
213.213.83.0/24 maxlen: 24
213.213.96.0/19 maxlen: 19
213.217.128.0/18 maxlen: 18
213.255.0.0/17 maxlen: 17
213.255.9.0/26 maxlen: 26
213.255.9.64/26 maxlen: 26
213.255.10.192/26 maxlen: 26
213.255.14.0/26 maxlen: 26
217.220.0.0/15 maxlen: 15
217.220.128.0/19 maxlen: 19
217.220.160.0/19 maxlen: 19
217.220.192.0/18 maxlen: 18
2a02:4d80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/350455-dd54-4def-8e91-add151666e2a/1/rbL1g_iJ3UsTTaVttFo-JVgLGx0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/350455-dd54-4def-8e91-add151666e2a/1/rbL1g_iJ3UsTTaVttFo-JVgLGx0.mft
rsync://rpki.ripe.net/repository/DEFAULT/rbL1g_iJ3UsTTaVttFo-JVgLGx0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1a:34:11:17:45:ad:79:be:2a:f1:9e:64:1d:2e:b5:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adb2f583f889dd4b134da56db45a3e25580b1b1d
Validity
Not Before: Sep 5 14:07:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=069e6ed74e5c2e74b2324c61eca391f78f225d12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a7:c7:c3:a6:b8:f0:3c:a1:3b:af:68:3a:b1:
8a:df:36:5d:60:87:6c:7e:40:e2:ac:4c:ff:42:69:
57:20:09:09:af:67:40:48:d1:32:b4:fe:41:32:fc:
84:5f:65:b1:4a:48:ed:10:d8:a4:f4:a5:b5:a9:11:
68:9b:bc:74:9f:3a:45:8e:fd:6f:50:ea:86:cb:92:
b7:80:88:a0:16:ca:f6:ba:af:12:a5:d5:29:b2:82:
0e:7a:c6:7c:4d:cd:8b:3a:c9:fc:e9:a3:6f:45:f1:
35:2c:e2:6c:4a:b7:2d:96:d2:07:4c:b5:2d:f4:92:
60:ab:54:4d:d5:10:84:d6:c5:0e:6d:b2:2f:97:c7:
07:f2:30:8b:ee:d3:9b:bd:47:3e:e2:91:27:e9:84:
48:30:00:2e:45:ce:21:0a:c0:93:bd:02:68:4b:53:
74:a6:90:87:7d:78:3e:b7:c8:2a:75:ea:fa:e3:ac:
21:3c:5e:92:41:81:e2:8e:22:a1:2b:9e:13:48:27:
59:d6:eb:f4:2b:b4:53:31:49:ca:77:a7:8a:09:31:
10:e0:97:77:3e:00:f4:45:72:60:f0:dc:c2:0e:6b:
b8:12:13:4f:e5:58:3c:9c:d6:00:a3:49:28:8f:03:
95:c8:27:9e:f8:f8:04:17:c5:4b:5f:49:2b:b5:72:
ad:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:9E:6E:D7:4E:5C:2E:74:B2:32:4C:61:EC:A3:91:F7:8F:22:5D:12
X509v3 Authority Key Identifier:
keyid:AD:B2:F5:83:F8:89:DD:4B:13:4D:A5:6D:B4:5A:3E:25:58:0B:1B:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rbL1g_iJ3UsTTaVttFo-JVgLGx0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/350455-dd54-4def-8e91-add151666e2a/1/Bp5u105cLnSyMkxh7KOR948iXRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/350455-dd54-4def-8e91-add151666e2a/1/rbL1g_iJ3UsTTaVttFo-JVgLGx0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.42.0/23
62.85.224.0/19
78.4.0.0/14
85.20.0.0/16
89.118.0.0/15
212.17.192.0/19
213.213.0.0/17
213.217.128.0/18
213.255.0.0/17
217.220.0.0/15
IPv6:
2a02:4d80::/32
Signature Algorithm: sha256WithRSAEncryption
36:34:78:3f:30:a9:4b:3a:83:b4:10:f0:05:9f:64:7b:1d:0b:
f3:24:bf:03:f2:c9:1a:b2:b0:72:73:35:e1:19:1d:e4:23:18:
ce:36:32:57:31:0b:d2:52:97:a8:9f:e0:a4:09:c4:3f:9b:a1:
ba:e4:67:c8:d6:45:1c:d4:89:5f:ad:e9:cd:17:bd:ba:82:4e:
63:fe:c2:8d:06:55:2c:e6:c8:ee:b0:72:bd:fe:42:57:bd:4a:
3b:b6:37:3a:c1:b8:e4:09:9c:52:db:92:e3:bb:71:f0:40:5c:
3a:34:9b:5b:1f:84:fd:9e:04:9a:5a:31:d5:5e:89:01:a1:77:
52:33:54:54:bb:26:ca:2b:de:a0:a9:51:c0:e7:5d:d3:fd:a0:
fb:25:96:0d:ed:b7:82:be:60:cc:e0:ab:0f:a0:23:1d:79:10:
79:52:d9:d3:08:22:62:3c:e3:45:c8:db:0e:19:3c:0b:67:5a:
7c:e7:e7:a0:fb:c1:38:50:99:e4:09:ec:43:e4:8f:db:38:1e:
fe:02:4a:54:6f:0d:d6:fb:a1:44:b0:82:4f:13:26:9e:92:32:
31:08:17:a3:62:a3:7a:c6:5a:a7:39:82:71:de:47:d3:31:8f:
6e:20:5c:de:62:8c:21:df:35:d3:d1:26:63:66:86:16:e4:9c:
c8:7f:34:af
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZkaNBEXRa15virxnmQdLrVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYjJmNTgzZjg4OWRkNGIxMzRkYTU2ZGI0NWEzZTI1NTgw
YjFiMWQwHhcNMjUwOTA1MTQwNzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjllNmVkNzRlNWMyZTc0YjIzMjRjNjFlY2EzOTFmNzhmMjI1ZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqfHw6a48DyhO69oOrGK3zZdYIds
fkDirEz/QmlXIAkJr2dASNEytP5BMvyEX2WxSkjtENik9KW1qRFom7x0nzpFjv1v
UOqGy5K3gIigFsr2uq8SpdUpsoIOesZ8Tc2LOsn86aNvRfE1LOJsSrctltIHTLUt
9JJgq1RN1RCE1sUObbIvl8cH8jCL7tObvUc+4pEn6YRIMAAuRc4hCsCTvQJoS1N0
ppCHfXg+t8gqder646whPF6SQYHijiKhK54TSCdZ1uv0K7RTMUnKd6eKCTEQ4Jd3
PgD0RXJg8NzCDmu4EhNP5Vg8nNYAo0kojwOVyCee+PgEF8VLX0krtXKtmQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAaebtdOXC50sjJMYeyjkfePIl0SMB8GA1UdIwQY
MBaAFK2y9YP4id1LE02lbbRaPiVYCxsdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmJMMWdfaUozVXNUVGFWdHRGby1KVmdMR3gwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zNTA0NTUtZGQ1NC00ZGVmLThlOTEt
YWRkMTUxNjY2ZTJhLzEvQnA1dTEwNWNMblN5TWt4aDdLT1I5NDhpWFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zNTA0NTUtZGQ1NC00ZGVmLThlOTEtYWRkMTUxNjY2ZTJh
LzEvcmJMMWdfaUozVXNUVGFWdHRGby1KVmdMR3gwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQBH6oqAwQF
PlXgAwMCTgQDAwBVFAMDAVl2AwQF1BHAAwQH1dUAAwQG1dmAAwQH1f8AAwMB2dww
DQQCAAIwBwMFACoCTYAwDQYJKoZIhvcNAQELBQADggEBADY0eD8wqUs6g7QQ8AWf
ZHsdC/MkvwPyyRqysHJzNeEZHeQjGM42MlcxC9JSl6if4KQJxD+bobrkZ8jWRRzU
iV+t6c0XvbqCTmP+wo0GVSzmyO6wcr3+Qle9Sju2NzrBuOQJnFLbkuO7cfBAXDo0
m1sfhP2eBJpaMdVeiQGhd1IzVFS7Jsor3qCpUcDnXdP9oPsllg3tt4K+YMzgqw+g
Ix15EHlS2dMIImI840XI2w4ZPAtnWnzn56D7wThQmeQJ7EPkj9s4Hv4CSlRvDdb7
oUSwgk8TJp6SMjEIF6Nio3rGWqc5gnHeR9Mxj24gXN5ijCHfNdPRJmNmhhbknMh/
NK8=
-----END CERTIFICATE-----
Generated at Mon Sep 8 06:20:09 2025 by rpki-client