Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/BTPHSzbZ-aPWl4H37PV4oX4J3NU.roa
File: BTPHSzbZ-aPWl4H37PV4oX4J3NU.roa (raw, json)
Hash identifier: kBEf8L2+C5w8D072BqIGmK/EZ+vvUDllcPVru31YOQU=
Subject key identifier: 05:33:C7:4B:36:D9:F9:A3:D6:97:81:F7:EC:F5:78:A1:7E:09:DC:D5
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01986C95212B45354DB2F7AA1875965BD8D2
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/BTPHSzbZ-aPWl4H37PV4oX4J3NU.roa
Signing time: Sat 02 Aug 2025 20:59:29 +0000
ROA not before: Sat 02 Aug 2025 20:59:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.20.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.144.100.0/24 maxlen: 32
185.144.102.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
185.227.240.0/24 maxlen: 32
185.227.241.0/24 maxlen: 32
185.227.242.0/24 maxlen: 32
185.227.243.0/24 maxlen: 32
193.201.208.0/24 maxlen: 32
193.201.209.0/24 maxlen: 32
193.201.210.0/24 maxlen: 32
193.201.211.0/24 maxlen: 32
194.36.100.0/24 maxlen: 32
194.36.102.0/24 maxlen: 32
194.36.103.0/24 maxlen: 32
194.124.64.0/24 maxlen: 32
194.124.65.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
194.124.67.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
195.85.69.0/24 maxlen: 32
195.85.70.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 08:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:6c:95:21:2b:45:35:4d:b2:f7:aa:18:75:96:5b:d8:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Aug 2 20:59:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0533c74b36d9f9a3d69781f7ecf578a17e09dcd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c2:de:19:f0:ac:23:cd:33:c6:bf:da:8d:25:
95:6f:c0:dc:67:a7:70:9b:a6:84:a1:5f:3b:fa:43:
d0:41:c8:01:e4:b2:67:22:50:24:5c:dd:61:fd:72:
44:71:09:8f:4c:6e:7f:5d:8a:e1:e9:cd:61:b7:c7:
c5:07:08:3a:c8:29:90:96:a7:f3:fe:a9:45:24:0c:
6d:73:a6:8d:9d:79:44:d2:2a:d8:57:c1:ff:7d:7f:
f2:e2:f7:69:cf:f2:c0:10:f3:ae:bc:28:71:d8:c6:
2b:6e:5c:c5:c7:d9:6d:2e:4c:7c:65:80:78:93:16:
a4:39:0e:5a:0b:6e:10:8d:05:23:67:68:ae:12:82:
4a:12:d2:77:cd:54:22:4c:90:49:86:4e:1a:52:44:
4f:8c:a9:f6:82:0b:6b:00:bc:a0:21:6e:b8:da:17:
97:db:47:67:11:0a:1e:b6:3a:d8:09:76:b9:27:ac:
2b:f0:8d:9e:52:5e:b2:9e:e0:34:c2:e9:6e:6f:a4:
6c:0a:41:e6:97:20:f6:ab:fc:e1:79:ba:e4:7e:83:
44:95:99:c1:d0:46:58:4f:74:a4:58:cb:4e:e6:59:
ee:c5:33:d0:e3:5f:d4:f9:e5:9e:a4:25:dc:b8:d7:
00:6b:c0:b6:22:b6:ca:ea:50:df:6c:78:fd:c4:8e:
bb:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:33:C7:4B:36:D9:F9:A3:D6:97:81:F7:EC:F5:78:A1:7E:09:DC:D5
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/BTPHSzbZ-aPWl4H37PV4oX4J3NU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/24
45.136.2.0/23
128.0.119.0/24
185.117.20.0/24
185.117.23.0/24
185.144.100.0/24
185.144.102.0/24
185.211.48.0-185.211.50.255
185.227.240.0/22
193.201.208.0/22
194.36.100.0/24
194.36.102.0/23
194.124.64.0/22
195.85.68.0-195.85.70.255
Signature Algorithm: sha256WithRSAEncryption
98:4b:d0:36:f3:b4:00:39:85:8f:29:af:19:b6:ce:d2:a4:e8:
90:b8:58:06:ca:2a:95:c0:d6:90:19:58:a6:65:aa:dc:ac:08:
b8:ca:b6:3d:5c:ea:3d:e6:34:6c:6b:31:0d:1e:eb:d6:c7:eb:
0c:06:4d:f8:c1:c9:88:c9:63:3b:54:18:7f:da:5e:fb:1d:b9:
1a:34:48:63:a2:9b:df:4f:37:15:db:81:df:9d:13:46:93:bd:
eb:cd:4a:03:12:f1:f4:d2:62:b8:b3:b4:21:d5:ac:28:fa:6f:
9a:79:40:60:0a:fb:0b:e7:6a:eb:54:a4:41:36:09:fe:02:35:
55:a8:c7:a6:49:ba:bb:aa:c0:2e:e9:8c:b9:9c:c7:97:5d:fd:
93:cc:2f:97:be:b5:cf:d8:ce:a5:6b:23:f6:53:e8:de:08:3f:
14:77:d1:db:a4:18:e2:e9:ed:25:2e:43:cb:30:7a:87:8c:5d:
3f:6b:ad:ce:e1:af:e2:6f:f4:c9:b5:4d:09:b0:af:97:d6:70:
af:ad:72:74:bc:5c:3f:7c:cf:e1:cc:16:a3:d8:24:28:9a:43:
08:12:f4:42:11:e4:cc:8c:0b:72:de:12:8a:97:8d:e7:3f:c3:
11:22:be:e5:b7:34:f1:07:59:ef:87:42:81:a7:a3:64:91:b9:
e1:c9:c8:fb
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZhslSErRTVNsveqGHWWW9jSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwODAyMjA1OTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTMzYzc0YjM2ZDlmOWEzZDY5NzgxZjdlY2Y1NzhhMTdlMDlkY2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusLeGfCsI80zxr/ajSWVb8DcZ6dw
m6aEoV87+kPQQcgB5LJnIlAkXN1h/XJEcQmPTG5/XYrh6c1ht8fFBwg6yCmQlqfz
/qlFJAxtc6aNnXlE0irYV8H/fX/y4vdpz/LAEPOuvChx2MYrblzFx9ltLkx8ZYB4
kxakOQ5aC24QjQUjZ2iuEoJKEtJ3zVQiTJBJhk4aUkRPjKn2ggtrALygIW642heX
20dnEQoetjrYCXa5J6wr8I2eUl6ynuA0wulub6RsCkHmlyD2q/zhebrkfoNElZnB
0EZYT3SkWMtO5lnuxTPQ41/U+eWepCXcuNcAa8C2IrbK6lDfbHj9xI67DwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFAUzx0s22fmj1peB9+z1eKF+CdzVMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvQlRQSFN6YlotYVBXbDRIMzdQVjRvWDRKM05VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQALYgAAwQB
LYgCAwQAgAB3AwQAuXUUAwQAuXUXAwQAuZBkAwQAuZBmMAwDBAS50zADBAC50zID
BAK54/ADBALBydADBADCJGQDBAHCJGYDBALCfEAwDAMEAsNVRAMEAMNVRjANBgkq
hkiG9w0BAQsFAAOCAQEAmEvQNvO0ADmFjymvGbbO0qTokLhYBsoqlcDWkBlYpmWq
3KwIuMq2PVzqPeY0bGsxDR7r1sfrDAZN+MHJiMljO1QYf9pe+x25GjRIY6Kb3083
FduB350TRpO9681KAxLx9NJiuLO0IdWsKPpvmnlAYAr7C+dq61SkQTYJ/gI1VajH
pkm6u6rALumMuZzHl139k8wvl761z9jOpWsj9lPo3gg/FHfR26QY4untJS5DyzB6
h4xdP2utzuGv4m/0ybVNCbCvl9Zwr61ydLxcP3zP4cwWo9gkKJpDCBL0QhHkzIwL
ct4SipeN5z/DESK+5bc08QdZ74dCgaejZJG54cnI+w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:05:35 2025 by rpki-client