Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bwaIEoJ5dUcEb5TwN4n5eOIcwcQ.roa
File: bwaIEoJ5dUcEb5TwN4n5eOIcwcQ.roa (raw, json)
Hash identifier: g/SuzSar8Dr4hFSRjUfHb6ppCIwY8Mkv2DrM+IkQpkg=
Subject key identifier: 6F:06:88:12:82:79:75:47:04:6F:94:F0:37:89:F9:78:E2:1C:C1:C4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019EAB98B3E639DC875C29315E8F3968886B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bwaIEoJ5dUcEb5TwN4n5eOIcwcQ.roa
Signing time: Tue 09 Jun 2026 08:56:11 +0000
ROA not before: Tue 09 Jun 2026 08:56:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205007
IP address blocks: 185.72.11.0/24 maxlen: 24
194.87.0.0/24 maxlen: 24
194.87.85.0/24 maxlen: 24
195.133.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ab:98:b3:e6:39:dc:87:5c:29:31:5e:8f:39:68:88:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jun 9 08:56:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6f06881282797547046f94f03789f978e21cc1c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ca:d5:ca:e1:a5:76:38:f3:f1:36:92:a7:e3:
1e:c1:b5:19:85:a3:95:33:31:dd:04:de:22:81:d5:
44:03:cc:7a:d0:30:53:9c:4d:69:3a:fe:50:9d:e9:
04:f7:a9:d8:0a:a4:d9:7b:35:ef:2b:8a:9f:8c:a9:
43:d6:e6:fc:a1:9d:bb:cc:c7:9b:e4:03:89:fe:c4:
46:ec:b0:c5:75:a2:f0:a1:41:8d:e8:eb:5f:28:12:
bc:f3:94:c0:ae:d0:f7:a3:fa:ba:15:b2:ea:0c:f3:
c3:53:34:ee:5b:3b:22:92:14:f7:d3:2d:67:b9:5b:
a3:b4:46:5d:8e:af:7b:d5:b6:a9:5f:ec:7f:c8:c8:
2b:7e:fe:b7:6f:a2:55:d5:3f:33:33:5e:b9:66:3b:
17:21:33:ab:8a:df:ed:33:0e:c8:72:9c:f3:d8:d1:
ce:99:74:d3:d8:fb:8f:f9:e6:85:a4:60:7f:06:da:
9a:52:ee:95:f3:7a:cc:6f:ca:c9:90:91:c0:19:c8:
dc:51:86:25:3c:5f:f4:ec:00:51:25:d4:d5:82:1d:
95:10:57:41:f4:b9:a6:16:6a:a2:9f:8e:70:c3:9b:
35:6c:9d:6c:85:ae:8e:b8:fa:08:cf:8b:35:6b:33:
cf:98:ad:ad:29:85:d7:0c:e4:a1:1f:12:e3:39:7f:
6b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:06:88:12:82:79:75:47:04:6F:94:F0:37:89:F9:78:E2:1C:C1:C4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/bwaIEoJ5dUcEb5TwN4n5eOIcwcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.11.0/24
194.87.0.0/24
194.87.85.0/24
195.133.18.0/24
Signature Algorithm: sha256WithRSAEncryption
35:26:33:4e:00:00:0b:ea:df:6c:84:cf:4e:30:3f:26:dd:fc:
57:74:c2:13:1f:54:73:61:55:ed:cf:1b:2a:76:a4:49:69:b4:
3a:d5:38:54:d9:8b:11:76:a3:70:bd:44:18:f8:fa:65:52:5c:
32:8e:0f:1c:3c:d9:bf:c5:66:2c:23:79:a8:9d:c7:82:f7:7b:
54:b1:46:7b:bd:87:3e:94:13:52:79:96:db:71:42:30:ca:66:
99:a2:99:e6:e9:34:c0:5f:f5:d4:7a:b1:a3:46:d6:58:85:1a:
5d:ea:0b:06:06:59:d9:5e:ed:c3:a8:c2:b2:8e:11:40:46:79:
2b:70:e6:60:35:90:f4:98:a1:f4:5f:9f:ec:7b:e5:f4:80:c6:
a3:d4:de:b1:92:0f:0e:fa:e6:65:d4:8d:1d:e5:4e:e1:98:71:
cf:78:81:32:9d:e6:97:9e:3d:78:22:9d:51:75:49:92:5e:8f:
f7:03:16:48:17:3c:25:94:7e:1b:b1:5c:68:04:dd:ac:83:6d:
8b:26:bb:06:7b:f6:b3:ed:c0:1f:99:35:5e:e6:be:3c:0c:79:
5f:03:86:a2:1f:a8:45:6c:e8:ee:df:7f:0b:48:67:ac:d0:d0:
2d:4d:f3:81:fb:93:ed:a1:11:5c:8b:a2:6c:b3:96:68:89:98:
55:bc:a3:72
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ6rmLPmOdyHXCkxXo85aIhrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjYwNjA5MDg1NjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjA2ODgxMjgyNzk3NTQ3MDQ2Zjk0ZjAzNzg5Zjk3OGUyMWNjMWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMrVyuGldjjz8TaSp+MewbUZhaOV
MzHdBN4igdVEA8x60DBTnE1pOv5QnekE96nYCqTZezXvK4qfjKlD1ub8oZ27zMeb
5AOJ/sRG7LDFdaLwoUGN6OtfKBK885TArtD3o/q6FbLqDPPDUzTuWzsikhT30y1n
uVujtEZdjq971bapX+x/yMgrfv63b6JV1T8zM165ZjsXITOrit/tMw7Icpzz2NHO
mXTT2PuP+eaFpGB/BtqaUu6V83rMb8rJkJHAGcjcUYYlPF/07ABRJdTVgh2VEFdB
9LmmFmqin45ww5s1bJ1sha6OuPoIz4s1azPPmK2tKYXXDOShHxLjOX9rMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG8GiBKCeXVHBG+U8DeJ+XjiHMHEMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvYndhSUVvSjVkVWNFYjVUd040bjVlT0ljd2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuUgLAwQA
wlcAAwQAwldVAwQAw4USMA0GCSqGSIb3DQEBCwUAA4IBAQA1JjNOAAAL6t9shM9O
MD8m3fxXdMITH1RzYVXtzxsqdqRJabQ61ThU2YsRdqNwvUQY+PplUlwyjg8cPNm/
xWYsI3monceC93tUsUZ7vYc+lBNSeZbbcUIwymaZopnm6TTAX/XUerGjRtZYhRpd
6gsGBlnZXu3DqMKyjhFARnkrcOZgNZD0mKH0X5/se+X0gMaj1N6xkg8O+uZl1I0d
5U7hmHHPeIEyneaXnj14Ip1RdUmSXo/3AxZIFzwllH4bsVxoBN2sg22LJrsGe/az
7cAfmTVe5r48DHlfA4aiH6hFbOju338LSGes0NAtTfOB+5PtoRFci6Jss5ZoiZhV
vKNy
-----END CERTIFICATE-----
Generated at Sat Jun 13 17:30:01 2026 by rpki-client