Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/Bj6SKpV4ITZqGObAbt84p9vUVoA.roa
File: Bj6SKpV4ITZqGObAbt84p9vUVoA.roa (raw, json)
Hash identifier: V/kYOBtoMloCvdGVWE8HL6NIMguaprMvqCLFh+ULBMM=
Subject key identifier: 06:3E:92:2A:95:78:21:36:6A:18:E6:C0:6E:DF:38:A7:DB:D4:56:80
Certificate issuer: /CN=374f6f3e3cb973bac8a43f6c0b806b3d11c9adc3
Certificate serial: 01984D9C4B0501719AA39AC61C0CB6F08463
Authority key identifier: 37:4F:6F:3E:3C:B9:73:BA:C8:A4:3F:6C:0B:80:6B:3D:11:C9:AD:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/Bj6SKpV4ITZqGObAbt84p9vUVoA.roa
Signing time: Sun 27 Jul 2025 20:39:05 +0000
ROA not before: Sun 27 Jul 2025 20:39:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215671
IP address blocks: 5.22.200.0/24 maxlen: 24
5.22.201.0/24 maxlen: 24
2a06:bd40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/N09vPjy5c7rIpD9sC4BrPRHJrcM.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/N09vPjy5c7rIpD9sC4BrPRHJrcM.mft
rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 16:13:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4d:9c:4b:05:01:71:9a:a3:9a:c6:1c:0c:b6:f0:84:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374f6f3e3cb973bac8a43f6c0b806b3d11c9adc3
Validity
Not Before: Jul 27 20:39:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=063e922a957821366a18e6c06edf38a7dbd45680
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:8c:5f:f7:92:6e:5a:61:28:83:c3:83:84:5a:
b5:82:25:68:93:b6:e6:77:4f:b1:2e:64:d7:ac:2f:
70:e4:c7:26:e7:bb:ea:13:09:45:5d:52:96:6c:b8:
22:d0:64:7f:1e:65:47:2d:8c:46:2c:0e:90:61:2d:
02:ef:d0:d9:15:4f:9c:76:96:85:2e:60:f1:6e:57:
0a:a5:14:21:0f:fe:29:f9:3c:73:27:e2:82:2e:e0:
24:8e:53:cf:f0:e9:c8:a0:dc:c1:80:70:db:60:d3:
a1:61:a0:a1:18:47:fb:05:10:b3:62:29:51:d0:dc:
b8:75:44:c7:50:5d:cc:ed:f5:74:de:bf:32:d4:23:
2b:e0:f5:e8:ce:8b:0f:60:91:16:01:44:2a:5e:eb:
fb:03:6f:d6:54:86:e7:53:83:42:75:a6:3c:04:ac:
88:65:26:d0:1f:3d:f3:7b:40:3f:39:4d:26:de:24:
c9:80:23:c3:33:ed:9a:97:05:86:77:cf:7c:f8:3b:
9e:cc:c2:0b:d5:dc:57:a0:85:22:c6:e9:b4:5e:9f:
8b:2b:8c:6d:e8:46:f7:bc:50:1d:cd:6d:fe:48:af:
0c:07:5e:1e:bb:db:7a:7f:71:1d:92:1e:99:a2:11:
f2:dc:84:18:04:99:bb:3f:ba:4d:4f:3c:e3:aa:66:
cd:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:3E:92:2A:95:78:21:36:6A:18:E6:C0:6E:DF:38:A7:DB:D4:56:80
X509v3 Authority Key Identifier:
keyid:37:4F:6F:3E:3C:B9:73:BA:C8:A4:3F:6C:0B:80:6B:3D:11:C9:AD:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/Bj6SKpV4ITZqGObAbt84p9vUVoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/N09vPjy5c7rIpD9sC4BrPRHJrcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.200.0/23
IPv6:
2a06:bd40::/29
Signature Algorithm: sha256WithRSAEncryption
62:34:20:46:03:7b:19:74:11:ae:3c:f7:e8:cd:c2:fe:f2:b4:
44:a4:18:c6:a0:99:dd:74:2a:45:94:35:a1:a3:17:b8:51:2c:
04:21:32:69:ab:1a:5e:df:ff:af:c7:82:05:35:b0:4e:2c:f3:
a1:cd:a0:b1:b5:aa:26:56:49:1b:4f:73:30:48:b0:75:f9:31:
14:f6:13:48:a1:13:80:ad:68:de:96:2a:25:ae:7f:7d:11:96:
1b:f6:c0:b5:55:f6:61:3d:37:5d:63:54:1e:2c:65:9b:99:cb:
45:89:40:a9:05:bf:9e:b4:54:55:a2:94:7b:a5:44:99:98:ec:
5c:92:dd:87:c8:ce:45:29:83:f3:9c:88:d4:6f:07:b3:90:ad:
56:fe:c5:21:10:69:ba:b0:40:39:e7:d0:bf:a6:9d:39:99:19:
a4:9c:d6:7c:23:cc:b0:6f:08:86:c4:15:80:31:1a:bf:56:f0:
40:04:0e:31:f7:23:15:b8:36:3f:53:15:7c:87:53:31:ec:c3:
17:6f:b9:6c:68:2f:60:49:39:a3:11:55:83:20:ac:eb:fc:1c:
df:23:17:0d:48:67:bf:96:8b:d2:18:a6:ef:a0:c6:87:1a:f7:
b4:72:00:75:4d:6c:34:66:1e:2d:74:60:98:5e:2b:73:76:c4:
24:fe:0b:fd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZhNnEsFAXGao5rGHAy28IRjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGY2ZjNlM2NiOTczYmFjOGE0M2Y2YzBiODA2YjNkMTFj
OWFkYzMwHhcNMjUwNzI3MjAzOTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjNlOTIyYTk1NzgyMTM2NmExOGU2YzA2ZWRmMzhhN2RiZDQ1NjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYxf95JuWmEog8ODhFq1giVok7bm
d0+xLmTXrC9w5Mcm57vqEwlFXVKWbLgi0GR/HmVHLYxGLA6QYS0C79DZFU+cdpaF
LmDxblcKpRQhD/4p+TxzJ+KCLuAkjlPP8OnIoNzBgHDbYNOhYaChGEf7BRCzYilR
0Ny4dUTHUF3M7fV03r8y1CMr4PXozosPYJEWAUQqXuv7A2/WVIbnU4NCdaY8BKyI
ZSbQHz3ze0A/OU0m3iTJgCPDM+2alwWGd898+DuezMIL1dxXoIUixum0Xp+LK4xt
6Eb3vFAdzW3+SK8MB14eu9t6f3Edkh6ZohHy3IQYBJm7P7pNTzzjqmbNtQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAY+kiqVeCE2ahjmwG7fOKfb1FaAMB8GA1UdIwQY
MBaAFDdPbz48uXO6yKQ/bAuAaz0Rya3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjA5dlBqeTVjN3JJcEQ5c0M0QnJQUkhKcmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi84ZDExNjctMGM0ZC00ODhmLTlhODMt
YzAxNzdkZmRhODQ3LzEvQmo2U0twVjRJVFpxR09iQWJ0ODRwOXZVVm9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi84ZDExNjctMGM0ZC00ODhmLTlhODMtYzAxNzdkZmRhODQ3
LzEvTjA5dlBqeTVjN3JJcEQ5c0M0QnJQUkhKcmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBBRbIMA0E
AgACMAcDBQMqBr1AMA0GCSqGSIb3DQEBCwUAA4IBAQBiNCBGA3sZdBGuPPfozcL+
8rREpBjGoJnddCpFlDWhoxe4USwEITJpqxpe3/+vx4IFNbBOLPOhzaCxtaomVkkb
T3MwSLB1+TEU9hNIoROArWjeliolrn99EZYb9sC1VfZhPTddY1QeLGWbmctFiUCp
Bb+etFRVopR7pUSZmOxckt2HyM5FKYPznIjUbwezkK1W/sUhEGm6sEA559C/pp05
mRmknNZ8I8ywbwiGxBWAMRq/VvBABA4x9yMVuDY/UxV8h1Mx7MMXb7lsaC9gSTmj
EVWDIKzr/BzfIxcNSGe/lovSGKbvoMaHGve0cgB1TWw0Zh4tdGCYXitzdsQk/gv9
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:10:20 2025 by rpki-client