Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/BqgWVwKrUwtqB3EhbXBRr-yliUI.roa
File: BqgWVwKrUwtqB3EhbXBRr-yliUI.roa (raw, json)
Hash identifier: wrHBPbSOTOknzdCwY9I0P0V5ce9Z0KVc/zAbuVfbtfg=
Subject key identifier: 06:A8:16:57:02:AB:53:0B:6A:07:71:21:6D:70:51:AF:EC:A5:89:42
Certificate issuer: /CN=2ba1cfd757f51f2feb74509e9c39be46806be642
Certificate serial: 019EB096C610DBACD0292C64CB6900DB6165
Authority key identifier: 2B:A1:CF:D7:57:F5:1F:2F:EB:74:50:9E:9C:39:BE:46:80:6B:E6:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K6HP11f1Hy_rdFCenDm-RoBr5kI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/BqgWVwKrUwtqB3EhbXBRr-yliUI.roa
Signing time: Wed 10 Jun 2026 08:12:11 +0000
ROA not before: Wed 10 Jun 2026 08:12:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25441
IP address blocks: 62.231.32.0/19 maxlen: 19
78.135.128.0/17 maxlen: 17
78.135.208.0/21 maxlen: 21
78.135.216.0/21 maxlen: 21
78.135.224.0/21 maxlen: 21
78.135.232.0/21 maxlen: 21
78.135.240.0/21 maxlen: 21
78.135.248.0/21 maxlen: 21
83.141.64.0/18 maxlen: 18
85.134.128.0/17 maxlen: 17
85.134.128.0/21 maxlen: 21
85.134.136.0/21 maxlen: 21
85.134.144.0/21 maxlen: 21
85.134.152.0/21 maxlen: 21
85.134.160.0/21 maxlen: 21
85.134.168.0/21 maxlen: 21
85.134.176.0/21 maxlen: 21
85.134.184.0/21 maxlen: 21
85.134.192.0/21 maxlen: 21
85.134.200.0/21 maxlen: 21
85.134.208.0/21 maxlen: 21
85.134.216.0/21 maxlen: 21
85.134.224.0/21 maxlen: 21
85.134.232.0/21 maxlen: 21
85.134.240.0/21 maxlen: 21
85.134.248.0/21 maxlen: 21
87.192.0.0/18 maxlen: 18
87.192.64.0/20 maxlen: 20
87.192.82.0/23 maxlen: 23
87.192.84.0/22 maxlen: 22
87.192.216.0/22 maxlen: 22
87.192.222.0/23 maxlen: 23
87.232.0.0/19 maxlen: 19
87.232.192.0/24 maxlen: 24
87.232.194.0/23 maxlen: 23
87.232.196.0/22 maxlen: 22
87.232.225.0/24 maxlen: 24
87.232.228.0/22 maxlen: 22
89.124.0.0/24 maxlen: 24
89.124.224.0/20 maxlen: 20
89.124.245.0/24 maxlen: 24
89.127.0.0/17 maxlen: 17
89.127.248.0/22 maxlen: 22
89.127.254.0/23 maxlen: 23
185.247.52.0/22 maxlen: 22
2001:4d68::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/K6HP11f1Hy_rdFCenDm-RoBr5kI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/K6HP11f1Hy_rdFCenDm-RoBr5kI.mft
rsync://rpki.ripe.net/repository/DEFAULT/K6HP11f1Hy_rdFCenDm-RoBr5kI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 08:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b0:96:c6:10:db:ac:d0:29:2c:64:cb:69:00:db:61:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ba1cfd757f51f2feb74509e9c39be46806be642
Validity
Not Before: Jun 10 08:12:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=06a8165702ab530b6a0771216d7051afeca58942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:16:24:22:b2:08:72:2f:5c:f4:a5:75:e3:f1:
d6:bb:ff:b1:a1:e5:fc:b0:72:08:a6:57:2b:14:b2:
fb:8b:66:e6:78:10:6f:b7:b5:14:98:c3:11:15:2d:
9f:de:8b:d0:c9:54:a2:35:e2:9c:ea:3a:58:82:f3:
ec:58:8b:f3:08:f3:8f:b6:7e:07:c9:40:c8:f9:91:
f8:af:c6:41:d8:a9:19:4f:7a:c3:65:3b:05:4c:6a:
a2:b4:73:b5:32:63:db:e8:8f:3d:ca:1c:04:ed:d6:
2f:9c:28:3d:5c:a0:8f:dd:0b:af:a4:07:eb:35:6b:
e0:4e:5b:28:b1:39:c8:e9:85:5c:09:f4:ba:1a:d9:
f7:0a:d5:d0:40:b3:a2:d3:46:7a:1b:05:e9:96:32:
71:7e:13:8c:5a:32:87:53:30:b9:bb:d1:fe:49:59:
3c:38:34:84:28:22:d6:94:cb:c9:4a:a5:2e:d1:35:
5f:77:cf:bd:e4:31:03:1f:11:f5:f4:65:90:a0:10:
1f:e5:16:38:2a:84:57:0b:a6:81:07:f5:74:3e:5d:
90:c8:2a:2c:b0:f2:6c:9e:cc:56:40:0f:a4:d9:6e:
f9:30:c0:07:24:fd:d0:17:ce:be:e2:50:25:32:aa:
58:5b:16:14:46:6b:91:0c:85:b6:d5:93:aa:04:45:
07:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:A8:16:57:02:AB:53:0B:6A:07:71:21:6D:70:51:AF:EC:A5:89:42
X509v3 Authority Key Identifier:
keyid:2B:A1:CF:D7:57:F5:1F:2F:EB:74:50:9E:9C:39:BE:46:80:6B:E6:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K6HP11f1Hy_rdFCenDm-RoBr5kI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/BqgWVwKrUwtqB3EhbXBRr-yliUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/745910-86c6-43d1-9765-5789de424a42/1/K6HP11f1Hy_rdFCenDm-RoBr5kI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.231.32.0/19
78.135.128.0/17
83.141.64.0/18
85.134.128.0/17
87.192.0.0-87.192.79.255
87.192.82.0-87.192.87.255
87.192.216.0/22
87.192.222.0/23
87.232.0.0/19
87.232.192.0/24
87.232.194.0-87.232.199.255
87.232.225.0/24
87.232.228.0/22
89.124.0.0/24
89.124.224.0/20
89.124.245.0/24
89.127.0.0/17
89.127.248.0/22
89.127.254.0/23
185.247.52.0/22
IPv6:
2001:4d68::/32
Signature Algorithm: sha256WithRSAEncryption
50:a2:a7:14:4f:b3:2e:96:6c:75:fb:a0:a7:27:f9:1d:33:77:
dd:17:77:14:c8:a6:58:30:06:2d:17:00:37:73:a3:24:6b:98:
1e:5f:0c:d1:40:f2:a9:60:57:0b:8c:70:45:ed:08:6b:17:0c:
58:e3:b6:33:c3:f8:6d:2f:ca:fa:af:d4:ad:8f:7c:a3:a2:5d:
0e:39:4f:c7:61:3d:fd:3a:d1:c2:7d:76:01:fd:19:64:98:f4:
a3:48:30:fa:82:2f:aa:7b:f3:22:ae:b2:8f:11:4c:23:09:3f:
91:bd:86:62:49:1f:1b:1a:d5:a1:7e:7a:0f:26:ba:8c:b4:6d:
5f:96:12:44:39:02:d2:42:2c:2c:05:da:61:d4:1d:e8:6b:c6:
2f:e1:0c:8c:a5:ef:2e:8b:b9:84:e1:60:16:9d:6b:0c:30:94:
94:82:b7:96:df:7a:de:f7:4a:b8:1b:e5:fe:ce:f5:85:01:04:
94:2e:06:b9:73:23:0a:db:da:8c:24:78:70:2e:55:31:34:52:
8b:16:d6:b8:9e:3a:3f:88:9a:56:31:b1:6e:ac:58:75:5b:51:
c9:6f:2e:f3:86:e3:a2:37:8f:76:e1:a6:7a:09:d3:8c:2f:91:
ba:02:48:4c:8e:be:85:9b:68:65:20:45:55:f8:ca:59:c1:c2:
36:07:0c:34
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgISAZ6wlsYQ26zQKSxky2kA22FlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiYTFjZmQ3NTdmNTFmMmZlYjc0NTA5ZTljMzliZTQ2ODA2
YmU2NDIwHhcNMjYwNjEwMDgxMjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmE4MTY1NzAyYWI1MzBiNmEwNzcxMjE2ZDcwNTFhZmVjYTU4OTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhYkIrIIci9c9KV14/HWu/+xoeX8
sHIIplcrFLL7i2bmeBBvt7UUmMMRFS2f3ovQyVSiNeKc6jpYgvPsWIvzCPOPtn4H
yUDI+ZH4r8ZB2KkZT3rDZTsFTGqitHO1MmPb6I89yhwE7dYvnCg9XKCP3QuvpAfr
NWvgTlsosTnI6YVcCfS6Gtn3CtXQQLOi00Z6GwXpljJxfhOMWjKHUzC5u9H+SVk8
ODSEKCLWlMvJSqUu0TVfd8+95DEDHxH19GWQoBAf5RY4KoRXC6aBB/V0Pl2QyCos
sPJsnsxWQA+k2W75MMAHJP3QF86+4lAlMqpYWxYURmuRDIW21ZOqBEUHQQIDAQAB
o4ICpjCCAqIwHQYDVR0OBBYEFAaoFlcCq1MLagdxIW1wUa/spYlCMB8GA1UdIwQY
MBaAFCuhz9dX9R8v63RQnpw5vkaAa+ZCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzZIUDExZjFIeV9yZEZDZW5EbS1Sb0JyNWtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS83NDU5MTAtODZjNi00M2QxLTk3NjUt
NTc4OWRlNDI0YTQyLzEvQnFnV1Z3S3JVd3RxQjNFaGJYQlJyLXlsaVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS83NDU5MTAtODZjNi00M2QxLTk3NjUtNTc4OWRlNDI0YTQy
LzEvSzZIUDExZjFIeV9yZEZDZW5EbS1Sb0JyNWtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBlgQCAAEwgY8DBAU+
5yADBAdOh4ADBAZTjUADBAdVhoAwCwMDBlfAAwQEV8BAMAwDBAFXwFIDBANXwFAD
BAJXwNgDBAFXwN4DBAVX6AADBABX6MAwDAMEAVfowgMEA1fowAMEAFfo4QMEAlfo
5AMEAFl8AAMEBFl84AMEAFl89QMEB1l/AAMEAll/+AMEAVl//gMEArn3NDANBAIA
AjAHAwUAIAFNaDANBgkqhkiG9w0BAQsFAAOCAQEAUKKnFE+zLpZsdfugpyf5HTN3
3Rd3FMimWDAGLRcAN3OjJGuYHl8M0UDyqWBXC4xwRe0IaxcMWOO2M8P4bS/K+q/U
rY98o6JdDjlPx2E9/TrRwn12Af0ZZJj0o0gw+oIvqnvzIq6yjxFMIwk/kb2GYkkf
GxrVoX56Dya6jLRtX5YSRDkC0kIsLAXaYdQd6GvGL+EMjKXvLou5hOFgFp1rDDCU
lIK3lt963vdKuBvl/s71hQEElC4GuXMjCtvajCR4cC5VMTRSixbWuJ46P4iaVjGx
bqxYdVtRyW8u84bjojePduGmegnTjC+RugJITI6+hZtoZSBFVfjKWcHCNgcMNA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 15:01:33 2026 by rpki-client