
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/BawaJAc9dep6w62S6XOVCTT46GE.roa
File: BawaJAc9dep6w62S6XOVCTT46GE.roa (raw, json)
Hash identifier: LIUGVgCBf0nC6TIRISGURgwXFH1iSzmodcreS5pKjRk=
Subject key identifier: 05:AC:1A:24:07:3D:75:EA:7A:C3:AD:92:E9:73:95:09:34:F8:E8:61
Certificate issuer: /CN=070483d3d62f19c0835746dcb721c8832c3b7926
Certificate serial: 01986EBD2FC9297944E5B9A1E028A0B9CBC0
Authority key identifier: 07:04:83:D3:D6:2F:19:C0:83:57:46:DC:B7:21:C8:83:2C:3B:79:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BwSD09YvGcCDV0bctyHIgyw7eSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/BawaJAc9dep6w62S6XOVCTT46GE.roa
Signing time: Sun 03 Aug 2025 07:02:29 +0000
ROA not before: Sun 03 Aug 2025 07:02:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 45.85.204.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/BwSD09YvGcCDV0bctyHIgyw7eSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/BwSD09YvGcCDV0bctyHIgyw7eSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/BwSD09YvGcCDV0bctyHIgyw7eSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:6e:bd:2f:c9:29:79:44:e5:b9:a1:e0:28:a0:b9:cb:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=070483d3d62f19c0835746dcb721c8832c3b7926
Validity
Not Before: Aug 3 07:02:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05ac1a24073d75ea7ac3ad92e973950934f8e861
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c5:8c:5d:73:31:5f:47:5c:97:08:d8:15:b8:
2e:80:f1:51:d3:bb:99:37:1a:4d:b5:74:7a:f2:d8:
fb:df:c1:8f:7e:1f:6a:80:a5:b2:9f:64:52:dc:a3:
9c:aa:af:58:db:16:a4:56:12:4a:15:b4:66:ec:bd:
ca:2d:7c:06:3b:0d:7c:18:bf:97:c2:01:a5:9a:5f:
57:48:c0:b7:e6:5c:ed:d1:f0:d0:ce:0b:82:d9:16:
07:0b:6e:6f:0e:9b:87:04:5f:32:10:de:ac:60:45:
6e:7c:6c:f6:7f:b0:f8:31:fc:47:e9:ca:77:50:16:
46:02:fb:da:ab:de:28:93:d0:be:fa:53:68:e2:f2:
af:07:2e:1a:a8:ca:0a:fe:72:a9:40:8d:cd:bb:a3:
78:b3:13:18:f5:27:5f:4e:bc:1f:cb:38:01:43:85:
fa:49:6d:6e:fa:e5:23:ff:09:2c:3c:08:e8:05:40:
ae:02:c6:ff:e8:28:c7:fd:4e:48:1c:2c:d2:dd:bf:
a7:f7:4f:27:74:09:20:f5:b7:5a:9d:fd:08:da:48:
a3:aa:d4:08:dd:e1:7c:06:d2:38:91:76:2d:ee:b9:
40:db:62:e8:ce:89:a1:66:73:da:4b:9f:9e:30:c8:
63:c1:ec:26:35:71:da:ff:ab:2a:af:37:69:48:29:
a2:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:AC:1A:24:07:3D:75:EA:7A:C3:AD:92:E9:73:95:09:34:F8:E8:61
X509v3 Authority Key Identifier:
keyid:07:04:83:D3:D6:2F:19:C0:83:57:46:DC:B7:21:C8:83:2C:3B:79:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BwSD09YvGcCDV0bctyHIgyw7eSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/BawaJAc9dep6w62S6XOVCTT46GE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/6451c1-2bcd-4463-a700-d442c4f9e9bd/1/BwSD09YvGcCDV0bctyHIgyw7eSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.204.0/22
Signature Algorithm: sha256WithRSAEncryption
37:d9:a6:09:e9:71:92:45:81:9c:67:5c:c3:42:0c:b6:bd:41:
24:2f:2c:f1:d4:04:93:86:a5:a3:25:0e:4f:70:47:68:92:b3:
2d:14:2a:aa:94:f8:65:9f:03:31:a3:16:57:0d:95:d3:b0:08:
1f:79:ae:47:7d:b1:fd:77:59:1e:58:5c:7b:b8:e6:ab:ac:8c:
20:e7:b9:a4:2b:23:9a:e6:2e:de:45:6a:13:7a:21:96:ff:f6:
7c:c3:1f:3a:d3:d3:7e:81:35:65:11:1b:6a:ae:df:dd:e0:91:
5a:a0:b2:99:86:ef:01:aa:c5:fd:6d:e1:fd:ff:5d:a3:e7:07:
5b:93:8d:de:65:73:ec:1c:03:32:04:61:69:73:18:03:09:f3:
14:42:77:be:92:95:5c:4c:13:fc:9b:67:43:b9:83:09:99:21:
1a:27:8c:4b:aa:d5:04:cd:df:99:4d:9d:a2:1c:4e:f1:b4:36:
5b:fb:d6:cf:a4:fd:b7:7b:67:be:fd:37:6e:f7:c4:56:c1:79:
96:b2:58:77:98:50:29:23:a9:19:39:5d:89:3f:83:11:9e:2e:
92:ec:f4:50:e9:84:22:b0:b4:88:47:90:10:b7:f8:f8:a1:0f:
22:9a:4a:7f:00:b4:e3:00:66:18:da:23:f1:f2:bb:30:54:1c:
cb:74:2b:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZhuvS/JKXlE5bmh4CigucvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3MDQ4M2QzZDYyZjE5YzA4MzU3NDZkY2I3MjFjODgzMmMz
Yjc5MjYwHhcNMjUwODAzMDcwMjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWFjMWEyNDA3M2Q3NWVhN2FjM2FkOTJlOTczOTUwOTM0ZjhlODYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsWMXXMxX0dclwjYFbgugPFR07uZ
NxpNtXR68tj738GPfh9qgKWyn2RS3KOcqq9Y2xakVhJKFbRm7L3KLXwGOw18GL+X
wgGlml9XSMC35lzt0fDQzguC2RYHC25vDpuHBF8yEN6sYEVufGz2f7D4MfxH6cp3
UBZGAvvaq94ok9C++lNo4vKvBy4aqMoK/nKpQI3Nu6N4sxMY9SdfTrwfyzgBQ4X6
SW1u+uUj/wksPAjoBUCuAsb/6CjH/U5IHCzS3b+n908ndAkg9bdanf0I2kijqtQI
3eF8BtI4kXYt7rlA22LozomhZnPaS5+eMMhjwewmNXHa/6sqrzdpSCmiaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAWsGiQHPXXqesOtkulzlQk0+OhhMB8GA1UdIwQY
MBaAFAcEg9PWLxnAg1dG3LchyIMsO3kmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQndTRDA5WXZHY0NEVjBiY3R5SElneXc3ZVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS82NDUxYzEtMmJjZC00NDYzLWE3MDAt
ZDQ0MmM0ZjllOWJkLzEvQmF3YUpBYzlkZXA2dzYyUzZYT1ZDVFQ0NkdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS82NDUxYzEtMmJjZC00NDYzLWE3MDAtZDQ0MmM0ZjllOWJk
LzEvQndTRDA5WXZHY0NEVjBiY3R5SElneXc3ZVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVXMMA0G
CSqGSIb3DQEBCwUAA4IBAQA32aYJ6XGSRYGcZ1zDQgy2vUEkLyzx1ASThqWjJQ5P
cEdokrMtFCqqlPhlnwMxoxZXDZXTsAgfea5HfbH9d1keWFx7uOarrIwg57mkKyOa
5i7eRWoTeiGW//Z8wx8609N+gTVlERtqrt/d4JFaoLKZhu8BqsX9beH9/12j5wdb
k43eZXPsHAMyBGFpcxgDCfMUQne+kpVcTBP8m2dDuYMJmSEaJ4xLqtUEzd+ZTZ2i
HE7xtDZb+9bPpP23e2e+/Tdu98RWwXmWslh3mFApI6kZOV2JP4MRni6S7PRQ6YQi
sLSIR5AQt/j4oQ8imkp/ALTjAGYY2iPx8rswVBzLdCtg
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:41:17 2025 by rpki-client