Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/bng6ShOgaVE2_vQYMevfFJYJ8Sk.roa
File: bng6ShOgaVE2_vQYMevfFJYJ8Sk.roa (raw, json)
Hash identifier: o+G2M7dgXmN23PorkdRSIqlVi011U/iuS/RS0v10mJg=
Subject key identifier: 6E:78:3A:4A:13:A0:69:51:36:FE:F4:18:31:EB:DF:14:96:09:F1:29
Certificate issuer: /CN=b467367967dc763349fd0b50e31f75b823028590
Certificate serial: 019A302FB097C878FED9F917BFCF0C086E06
Authority key identifier: B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/bng6ShOgaVE2_vQYMevfFJYJ8Sk.roa
Signing time: Wed 29 Oct 2025 13:37:03 +0000
ROA not before: Wed 29 Oct 2025 13:37:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201178
IP address blocks: 37.75.8.0/21 maxlen: 24
185.28.0.0/22 maxlen: 24
185.28.0.0/24 maxlen: 24
185.40.72.0/22 maxlen: 24
185.81.236.0/22 maxlen: 24
185.81.236.0/24 maxlen: 24
185.81.237.0/24 maxlen: 24
185.81.238.0/24 maxlen: 24
185.81.239.0/24 maxlen: 24
185.153.248.0/22 maxlen: 24
185.155.148.0/22 maxlen: 24
185.155.148.0/24 maxlen: 24
185.155.149.0/24 maxlen: 24
185.155.150.0/24 maxlen: 24
185.155.151.0/24 maxlen: 24
195.142.0.0/22 maxlen: 24
195.142.104.0/21 maxlen: 24
195.142.105.0/24 maxlen: 24
195.142.108.0/24 maxlen: 24
195.142.132.0/22 maxlen: 24
195.142.152.0/22 maxlen: 24
195.142.184.0/22 maxlen: 24
195.142.192.0/22 maxlen: 24
195.142.192.0/24 maxlen: 24
195.155.96.0/22 maxlen: 24
2a05:8a00::/29 maxlen: 48
2a05:8a00:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 16:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:30:2f:b0:97:c8:78:fe:d9:f9:17:bf:cf:0c:08:6e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b467367967dc763349fd0b50e31f75b823028590
Validity
Not Before: Oct 29 13:37:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e783a4a13a0695136fef41831ebdf149609f129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3f:87:11:a9:6e:83:c7:92:13:97:df:e0:2a:
2c:ea:1c:bf:b5:a8:d1:34:d7:a7:22:5d:79:fe:4e:
4c:a9:1a:30:d4:3a:84:14:ae:5c:93:b1:e2:59:37:
77:88:b7:7c:cb:d0:ee:dd:52:f1:3f:f5:2e:45:60:
aa:5f:1e:7a:23:3f:8d:c1:65:2f:85:76:2b:5b:79:
de:cf:1d:b5:4e:8a:1d:62:55:49:c7:3c:5f:cf:58:
1c:b8:54:57:e9:00:49:90:64:ec:57:99:f7:ed:50:
cb:ec:83:ab:d9:39:1d:59:ac:e0:f5:60:10:16:6b:
92:6c:08:c5:ec:5a:43:e6:07:3a:7f:c6:42:98:ad:
c0:9a:75:2f:e9:28:ba:56:b1:07:79:20:6b:60:af:
01:9e:c4:19:95:15:bf:1a:ef:f1:4f:77:7d:6c:92:
79:6d:8d:a7:3c:f8:ba:36:e1:14:67:4a:91:e7:54:
3d:1e:7e:83:e3:dc:bd:db:df:1b:c2:42:24:8e:e4:
88:21:58:ff:a9:2b:7a:8c:28:2e:22:40:96:c6:93:
bc:ad:6d:b3:25:73:5c:50:ad:52:cf:a2:8b:21:3e:
58:e4:a8:c8:9c:b9:4d:b3:85:7a:05:c8:2a:08:54:
c0:d8:da:9f:ac:0c:b7:1e:2d:87:d4:fc:55:a9:36:
6c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:78:3A:4A:13:A0:69:51:36:FE:F4:18:31:EB:DF:14:96:09:F1:29
X509v3 Authority Key Identifier:
keyid:B4:67:36:79:67:DC:76:33:49:FD:0B:50:E3:1F:75:B8:23:02:85:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tGc2eWfcdjNJ_QtQ4x91uCMChZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/bng6ShOgaVE2_vQYMevfFJYJ8Sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/dfc4f2-ed7d-4610-860c-b81373c40dc9/1/tGc2eWfcdjNJ_QtQ4x91uCMChZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.8.0/21
185.28.0.0/22
185.40.72.0/22
185.81.236.0/22
185.153.248.0/22
185.155.148.0/22
195.142.0.0/22
195.142.104.0/21
195.142.132.0/22
195.142.152.0/22
195.142.184.0/22
195.142.192.0/22
195.155.96.0/22
IPv6:
2a05:8a00::/29
Signature Algorithm: sha256WithRSAEncryption
82:bd:2d:39:2d:49:d3:a7:6b:f7:08:90:7b:67:99:ef:ef:44:
b1:88:55:1d:5d:3c:41:82:f0:f0:85:f6:0d:48:0a:52:1e:d6:
d6:49:76:9e:e4:e7:07:bc:91:84:19:7b:b9:f2:4d:6f:ce:3f:
0b:43:c0:b3:ad:22:80:5f:2c:f7:b3:df:4a:67:2a:01:ae:d2:
21:56:98:26:72:07:b5:9c:a1:17:e0:75:23:4b:87:72:50:45:
5e:b8:c9:e8:4c:15:53:26:c8:85:2b:e3:ba:0e:c0:9d:3a:f4:
93:f9:90:a0:5b:c7:26:0c:a5:0e:98:49:bb:ee:9e:d5:d8:79:
00:f9:1d:af:bb:8f:16:e5:fb:27:83:95:ae:a6:ee:51:e6:58:
47:e6:52:ff:43:2a:44:34:e3:09:64:95:35:59:8f:bd:2a:ad:
f2:49:ac:2b:51:29:2a:00:3a:fc:d0:50:eb:06:33:66:e3:85:
72:66:17:0f:b9:ff:4d:1f:0e:5d:05:bb:62:16:bd:48:dd:5b:
ac:90:64:51:01:da:3d:89:e4:e6:8f:4a:ba:85:73:ba:7d:fd:
a9:57:45:78:fb:59:18:f8:55:eb:72:49:27:58:e6:1a:b2:a7:
73:c1:cf:a6:d6:04:ac:ad:59:3a:3e:84:5d:36:a7:35:12:c2:
2e:cd:88:d7
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZowL7CXyHj+2fkXv88MCG4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NjczNjc5NjdkYzc2MzM0OWZkMGI1MGUzMWY3NWI4MjMw
Mjg1OTAwHhcNMjUxMDI5MTMzNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTc4M2E0YTEzYTA2OTUxMzZmZWY0MTgzMWViZGYxNDk2MDlmMTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzT+HEalug8eSE5ff4Cos6hy/tajR
NNenIl15/k5MqRow1DqEFK5ck7HiWTd3iLd8y9Du3VLxP/UuRWCqXx56Iz+NwWUv
hXYrW3nezx21ToodYlVJxzxfz1gcuFRX6QBJkGTsV5n37VDL7IOr2TkdWazg9WAQ
FmuSbAjF7FpD5gc6f8ZCmK3AmnUv6Si6VrEHeSBrYK8BnsQZlRW/Gu/xT3d9bJJ5
bY2nPPi6NuEUZ0qR51Q9Hn6D49y9298bwkIkjuSIIVj/qSt6jCguIkCWxpO8rW2z
JXNcUK1Sz6KLIT5Y5KjInLlNs4V6BcgqCFTA2NqfrAy3Hi2H1PxVqTZsLwIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFG54OkoToGlRNv70GDHr3xSWCfEpMB8GA1UdIwQY
MBaAFLRnNnln3HYzSf0LUOMfdbgjAoWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMt
YjgxMzczYzQwZGM5LzEvYm5nNlNoT2dhVkUyX3ZRWU1ldmZGSllKOFNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9kZmM0ZjItZWQ3ZC00NjEwLTg2MGMtYjgxMzczYzQwZGM5
LzEvdEdjMmVXZmNkak5KX1F0UTR4OTF1Q01DaFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQDJUsIAwQC
uRwAAwQCuShIAwQCuVHsAwQCuZn4AwQCuZuUAwQCw44AAwQDw45oAwQCw46EAwQC
w46YAwQCw464AwQCw47AAwQCw5tgMA0EAgACMAcDBQMqBYoAMA0GCSqGSIb3DQEB
CwUAA4IBAQCCvS05LUnTp2v3CJB7Z5nv70SxiFUdXTxBgvDwhfYNSApSHtbWSXae
5OcHvJGEGXu58k1vzj8LQ8CzrSKAXyz3s99KZyoBrtIhVpgmcge1nKEX4HUjS4dy
UEVeuMnoTBVTJsiFK+O6DsCdOvST+ZCgW8cmDKUOmEm77p7V2HkA+R2vu48W5fsn
g5Wupu5R5lhH5lL/QypENOMJZJU1WY+9Kq3ySawrUSkqADr80FDrBjNm44VyZhcP
uf9NHw5dBbtiFr1I3VuskGRRAdo9ieTmj0q6hXO6ff2pV0V4+1kY+FXrckknWOYa
sqdzwc+m1gSsrVk6PoRdNqc1EsIuzYjX
-----END CERTIFICATE-----
Generated at Thu Nov 6 00:19:27 2025 by rpki-client