Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/bTj1jsPbovrPNDKGlH2gFdMG6m8.roa
File: bTj1jsPbovrPNDKGlH2gFdMG6m8.roa (raw, json)
Hash identifier: 8C6MqvxN5C5hfTJy30e+9KO/XCfQ8O7cc4PWFCc/8Sc=
Subject key identifier: 6D:38:F5:8E:C3:DB:A2:FA:CF:34:32:86:94:7D:A0:15:D3:06:EA:6F
Certificate issuer: /CN=5688b42175d6214a31a5407db8b6c95f1ec60d4e
Certificate serial: 0198502DCA6EFCA5029051C3DC848F280C39
Authority key identifier: 56:88:B4:21:75:D6:21:4A:31:A5:40:7D:B8:B6:C9:5F:1E:C6:0D:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Voi0IXXWIUoxpUB9uLbJXx7GDU4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/bTj1jsPbovrPNDKGlH2gFdMG6m8.roa
Signing time: Mon 28 Jul 2025 08:37:14 +0000
ROA not before: Mon 28 Jul 2025 08:37:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212077
IP address blocks: 195.234.80.0/24 maxlen: 24
2a13:7b40:1::/48 maxlen: 48
2a13:7b40:2::/48 maxlen: 48
2a13:7b40:3::/48 maxlen: 48
2a13:7b40:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/Voi0IXXWIUoxpUB9uLbJXx7GDU4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/Voi0IXXWIUoxpUB9uLbJXx7GDU4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Voi0IXXWIUoxpUB9uLbJXx7GDU4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 17:44:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:50:2d:ca:6e:fc:a5:02:90:51:c3:dc:84:8f:28:0c:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5688b42175d6214a31a5407db8b6c95f1ec60d4e
Validity
Not Before: Jul 28 08:37:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d38f58ec3dba2facf343286947da015d306ea6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a2:c1:2d:3a:09:5e:ff:28:23:1c:b0:a8:ef:
16:41:f0:c4:3a:5c:e3:d1:12:1e:b3:ec:50:0c:5e:
17:83:54:d4:27:20:8f:27:22:98:4c:55:ff:e5:61:
2a:de:17:9d:95:48:51:1e:b9:15:da:1f:4c:49:36:
17:82:30:97:10:bc:0c:e0:31:be:ee:94:4f:b1:7c:
11:a9:0d:3a:77:23:3a:ff:07:d0:5a:96:dc:b2:31:
69:3b:4f:69:b5:3b:dd:98:34:aa:59:b6:55:92:65:
89:4e:8f:5b:59:53:1f:56:ca:64:17:24:4d:28:5e:
da:a2:38:c0:f2:3e:a1:bd:22:e9:a7:75:24:5d:3d:
51:e4:51:04:0f:57:01:c5:4b:43:59:0d:07:89:b0:
04:31:72:99:03:80:9a:ef:41:93:b0:a2:04:46:9e:
c1:0c:db:e5:2a:c3:54:5e:fd:d2:56:8c:dc:9b:22:
0c:1c:f3:b4:91:e0:28:94:e5:df:f6:9c:b7:5d:e3:
04:17:9b:82:43:e9:dc:aa:49:8f:fb:03:df:84:93:
d1:61:a0:88:db:79:31:80:7b:8d:34:c9:53:55:01:
95:35:56:96:3c:e0:6d:12:c0:6f:33:25:f7:64:33:
6f:d4:d9:a3:45:73:cb:df:98:0c:8a:32:17:f2:ae:
f1:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:38:F5:8E:C3:DB:A2:FA:CF:34:32:86:94:7D:A0:15:D3:06:EA:6F
X509v3 Authority Key Identifier:
keyid:56:88:B4:21:75:D6:21:4A:31:A5:40:7D:B8:B6:C9:5F:1E:C6:0D:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Voi0IXXWIUoxpUB9uLbJXx7GDU4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/bTj1jsPbovrPNDKGlH2gFdMG6m8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/83d6fa-461d-4a56-a844-9f942bc12a7e/1/Voi0IXXWIUoxpUB9uLbJXx7GDU4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.80.0/24
IPv6:
2a13:7b40:1::-2a13:7b40:3:ffff:ffff:ffff:ffff:ffff
2a13:7b40:11::/48
Signature Algorithm: sha256WithRSAEncryption
19:9a:15:4e:bb:ac:41:28:60:a7:c6:2b:33:be:d0:73:16:85:
09:11:3b:07:2b:dc:53:93:52:b9:05:ca:a9:1d:50:52:f5:66:
4e:b5:1a:bf:3a:b4:c3:76:3d:32:23:71:c6:5f:fe:60:24:77:
08:07:4c:de:01:d5:ce:8c:ec:39:93:92:16:87:3c:51:e3:be:
0e:1d:7d:1f:90:1e:60:3e:0f:87:65:fd:df:54:ec:00:c0:4c:
68:90:a1:ca:ae:fc:d3:3f:29:09:8e:8e:32:e0:31:cf:7c:47:
06:61:4d:4b:ea:52:ab:51:7c:23:c1:09:4a:38:9a:89:11:49:
db:9d:0f:4a:e2:ef:71:89:2a:a7:a8:85:15:fb:22:9e:8f:99:
f1:80:4e:a8:d0:b5:83:bc:46:c5:25:d9:5c:b9:3e:ab:b1:34:
60:a6:59:e7:07:8b:c1:08:46:82:c2:58:39:7e:87:c8:d2:5d:
c3:ca:de:71:57:31:b0:16:d0:63:b5:f7:f6:18:df:d7:b8:9b:
a1:b4:44:c5:c6:ec:11:56:7a:d5:03:63:1d:46:95:31:53:92:
2a:c4:fe:ec:75:af:cb:a6:4f:23:61:cb:f2:b3:3b:ee:43:78:
91:7f:8e:03:5a:43:c3:9f:87:69:bd:2d:c2:31:e4:0b:a3:3e:
72:26:31:ab
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZhQLcpu/KUCkFHD3ISPKAw5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ODhiNDIxNzVkNjIxNGEzMWE1NDA3ZGI4YjZjOTVmMWVj
NjBkNGUwHhcNMjUwNzI4MDgzNzE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDM4ZjU4ZWMzZGJhMmZhY2YzNDMyODY5NDdkYTAxNWQzMDZlYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqLBLToJXv8oIxywqO8WQfDEOlzj
0RIes+xQDF4Xg1TUJyCPJyKYTFX/5WEq3hedlUhRHrkV2h9MSTYXgjCXELwM4DG+
7pRPsXwRqQ06dyM6/wfQWpbcsjFpO09ptTvdmDSqWbZVkmWJTo9bWVMfVspkFyRN
KF7aojjA8j6hvSLpp3UkXT1R5FEED1cBxUtDWQ0HibAEMXKZA4Ca70GTsKIERp7B
DNvlKsNUXv3SVozcmyIMHPO0keAolOXf9py3XeMEF5uCQ+ncqkmP+wPfhJPRYaCI
23kxgHuNNMlTVQGVNVaWPOBtEsBvMyX3ZDNv1NmjRXPL35gMijIX8q7xmwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFG049Y7D26L6zzQyhpR9oBXTBupvMB8GA1UdIwQY
MBaAFFaItCF11iFKMaVAfbi2yV8exg1OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm9pMElYWFdJVW94cFVCOXVMYkpYeDdHRFU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84M2Q2ZmEtNDYxZC00YTU2LWE4NDQt
OWY5NDJiYzEyYTdlLzEvYlRqMWpzUGJvdnJQTkRLR2xIMmdGZE1HNm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84M2Q2ZmEtNDYxZC00YTU2LWE4NDQtOWY5NDJiYzEyYTdl
LzEvVm9pMElYWFdJVW94cFVCOXVMYkpYeDdHRFU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAMBAIAATAGAwQAw+pQMCME
AgACMB0wEgMHACoTe0AAAQMHAioTe0AAAAMHACoTe0AAETANBgkqhkiG9w0BAQsF
AAOCAQEAGZoVTrusQShgp8YrM77QcxaFCRE7ByvcU5NSuQXKqR1QUvVmTrUavzq0
w3Y9MiNxxl/+YCR3CAdM3gHVzozsOZOSFoc8UeO+Dh19H5AeYD4Ph2X931TsAMBM
aJChyq780z8pCY6OMuAxz3xHBmFNS+pSq1F8I8EJSjiaiRFJ250PSuLvcYkqp6iF
Ffsino+Z8YBOqNC1g7xGxSXZXLk+q7E0YKZZ5weLwQhGgsJYOX6HyNJdw8recVcx
sBbQY7X39hjf17ibobRExcbsEVZ61QNjHUaVMVOSKsT+7HWvy6ZPI2HL8rM77kN4
kX+OA1pDw5+Hab0twjHkC6M+ciYxqw==
-----END CERTIFICATE-----
Generated at Wed Aug 6 00:39:25 2025 by rpki-client