Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/BEDotW58dYr2IkiSMhZSaCy78tU.roa
File: BEDotW58dYr2IkiSMhZSaCy78tU.roa (raw, json)
Hash identifier: XyNzheZYLo9o54ao6bWUNrKJS5W5TlIfmYW8SbTPE9U=
Subject key identifier: 04:40:E8:B5:6E:7C:75:8A:F6:22:48:92:32:16:52:68:2C:BB:F2:D5
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 0198747177BA00D39EE4724D40BD4D3A9AE2
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/BEDotW58dYr2IkiSMhZSaCy78tU.roa
Signing time: Mon 04 Aug 2025 09:37:29 +0000
ROA not before: Mon 04 Aug 2025 09:37:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198193
IP address blocks: 5.61.208.0/23 maxlen: 23
5.181.96.0/23 maxlen: 23
5.187.36.0/23 maxlen: 23
31.214.155.0/24 maxlen: 24
37.252.98.0/24 maxlen: 24
37.252.100.0/24 maxlen: 24
37.252.101.0/24 maxlen: 24
46.251.250.0/24 maxlen: 24
46.253.139.0/24 maxlen: 24
89.32.64.0/24 maxlen: 24
89.32.65.0/24 maxlen: 24
89.32.66.0/24 maxlen: 24
89.32.67.0/24 maxlen: 24
158.255.239.0/24 maxlen: 24
162.33.200.0/22 maxlen: 22
162.33.204.0/22 maxlen: 22
162.33.204.0/24 maxlen: 24
162.33.205.0/24 maxlen: 24
162.33.206.0/24 maxlen: 24
162.33.207.0/24 maxlen: 24
185.66.172.0/24 maxlen: 24
185.66.174.0/24 maxlen: 24
185.75.22.0/23 maxlen: 23
185.86.208.0/23 maxlen: 23
185.88.202.0/23 maxlen: 23
185.193.241.0/24 maxlen: 24
185.206.121.0/24 maxlen: 24
185.212.114.0/24 maxlen: 24
185.225.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.mft
rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 23:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:71:77:ba:00:d3:9e:e4:72:4d:40:bd:4d:3a:9a:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Aug 4 09:37:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0440e8b56e7c758af6224892321652682cbbf2d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:cf:73:07:c7:10:69:61:1a:ed:34:7a:bf:48:
5b:2d:bd:71:30:21:64:c6:87:85:73:40:a7:74:61:
4f:dd:b4:1c:72:bd:34:46:f5:34:16:30:20:f1:15:
be:0e:14:fd:59:30:b9:d9:a3:65:78:22:78:d8:6a:
92:b7:56:5e:49:86:fd:5b:d1:82:7e:4d:e3:3e:74:
68:1d:82:bc:78:d7:1b:90:44:f2:a6:63:89:7e:52:
b4:be:ff:c0:11:6d:ea:10:cb:97:e2:c6:e8:fe:56:
8e:dd:4d:ac:4c:03:f1:ea:b2:4d:e5:d0:39:ab:97:
ec:0c:a9:b3:74:c0:54:ea:15:ff:ca:51:4f:2c:94:
6e:8a:24:51:6e:46:43:54:9b:dd:74:57:a3:76:ee:
e2:39:02:3e:de:8b:7a:9e:89:67:61:1f:f9:2c:cb:
38:67:d0:51:f1:9f:0d:97:3c:72:34:eb:b9:d2:a1:
e0:64:cc:a9:fb:65:ba:cc:0c:ec:da:0f:f3:53:20:
d8:72:e7:21:83:2e:11:29:cf:24:0b:53:64:ce:e7:
7c:91:91:26:91:62:2a:a5:4f:73:9f:47:15:37:43:
f2:f4:b3:ff:e8:2b:b3:0e:af:68:ed:df:aa:dc:2a:
4e:2a:ca:1b:72:2f:83:84:08:be:6f:47:6e:a3:b6:
7a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:40:E8:B5:6E:7C:75:8A:F6:22:48:92:32:16:52:68:2C:BB:F2:D5
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/BEDotW58dYr2IkiSMhZSaCy78tU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.208.0/23
5.181.96.0/23
5.187.36.0/23
31.214.155.0/24
37.252.98.0/24
37.252.100.0/23
46.251.250.0/24
46.253.139.0/24
89.32.64.0/22
158.255.239.0/24
162.33.200.0/21
185.66.172.0/24
185.66.174.0/24
185.75.22.0/23
185.86.208.0/23
185.88.202.0/23
185.193.241.0/24
185.206.121.0/24
185.212.114.0/24
185.225.8.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:67:da:20:66:cb:f3:fe:68:c2:cb:98:59:e5:89:ad:19:77:
af:66:e9:3c:94:03:eb:05:27:f5:23:91:f1:d9:6b:33:7d:73:
60:68:68:00:ef:f0:b4:24:d0:ce:f7:aa:ec:c2:60:10:79:00:
41:b4:33:95:69:d6:7e:f8:00:bc:e1:fa:8f:49:b7:e3:df:07:
d9:79:d9:55:1e:7a:df:5e:c5:e6:f3:e1:07:9c:0b:3b:7a:d4:
ef:f6:a2:bd:45:5a:a1:bb:36:13:c7:3e:40:a1:c7:73:5e:80:
bd:ef:40:a1:4e:89:e5:7f:9f:6a:4a:90:46:14:06:b7:46:1e:
e0:28:bb:57:f1:39:98:c3:20:7d:fd:8f:82:a0:8f:7e:e6:73:
0d:d3:23:41:97:c8:9e:62:64:65:d8:cb:17:19:a3:5e:8b:2b:
10:53:a0:42:53:5e:e8:5b:2d:42:f8:ad:2d:d0:48:9a:5f:d6:
61:3c:71:e7:fa:9e:fc:f8:8c:5c:22:f6:e4:44:d9:53:b6:b1:
87:a5:65:74:e6:32:de:c7:2f:65:a8:d0:ae:f9:f7:78:e0:98:
63:38:b1:41:14:f7:47:5b:88:a4:5f:d1:b2:da:5d:2f:c0:f8:
8a:1a:4d:49:dc:ec:c4:c6:27:bd:a5:b1:bf:62:f8:3f:da:70:
a2:0c:49:88
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZh0cXe6ANOe5HJNQL1NOpriMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjUwODA0MDkzNzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDQwZThiNTZlN2M3NThhZjYyMjQ4OTIzMjE2NTI2ODJjYmJmMmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj89zB8cQaWEa7TR6v0hbLb1xMCFk
xoeFc0CndGFP3bQccr00RvU0FjAg8RW+DhT9WTC52aNleCJ42GqSt1ZeSYb9W9GC
fk3jPnRoHYK8eNcbkETypmOJflK0vv/AEW3qEMuX4sbo/laO3U2sTAPx6rJN5dA5
q5fsDKmzdMBU6hX/ylFPLJRuiiRRbkZDVJvddFejdu7iOQI+3ot6nolnYR/5LMs4
Z9BR8Z8NlzxyNOu50qHgZMyp+2W6zAzs2g/zUyDYcuchgy4RKc8kC1Nkzud8kZEm
kWIqpU9zn0cVN0Py9LP/6CuzDq9o7d+q3CpOKsobci+DhAi+b0duo7Z6ewIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFARA6LVufHWK9iJIkjIWUmgsu/LVMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvQkVEb3RXNThkWXIySWtpU01oWlNhQ3k3OHRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQBBT3Q
AwQBBbVgAwQBBbskAwQAH9abAwQAJfxiAwQBJfxkAwQALvv6AwQALv2LAwQCWSBA
AwQAnv/vAwQDoiHIAwQAuUKsAwQAuUKuAwQBuUsWAwQBuVbQAwQBuVjKAwQAucHx
AwQAuc55AwQAudRyAwQAueEIMA0GCSqGSIb3DQEBCwUAA4IBAQBLZ9ogZsvz/mjC
y5hZ5YmtGXevZuk8lAPrBSf1I5Hx2WszfXNgaGgA7/C0JNDO96rswmAQeQBBtDOV
adZ++AC84fqPSbfj3wfZedlVHnrfXsXm8+EHnAs7etTv9qK9RVqhuzYTxz5Aocdz
XoC970ChTonlf59qSpBGFAa3Rh7gKLtX8TmYwyB9/Y+CoI9+5nMN0yNBl8ieYmRl
2MsXGaNeiysQU6BCU17oWy1C+K0t0EiaX9ZhPHHn+p78+IxcIvbkRNlTtrGHpWV0
5jLexy9lqNCu+fd44JhjOLFBFPdHW4ikX9Gy2l0vwPiKGk1J3OzExie9pbG/Yvg/
2nCiDEmI
-----END CERTIFICATE-----
Generated at Wed Aug 6 09:27:49 2025 by rpki-client