Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/bkHQOuqvDDjiWoZ_FWNlw3OoyWg.roa
File: bkHQOuqvDDjiWoZ_FWNlw3OoyWg.roa (raw, json)
Hash identifier: 4pB5ThjluE6IXLoMqZ2xaF+3UW/apUpBTyNJgyK3/o0=
Subject key identifier: 6E:41:D0:3A:EA:AF:0C:38:E2:5A:86:7F:15:63:65:C3:73:A8:C9:68
Certificate issuer: /CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Certificate serial: 01974A0430F57B71A0A2C7EE06AD430B1F22
Authority key identifier: 3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/bkHQOuqvDDjiWoZ_FWNlw3OoyWg.roa
Signing time: Sat 07 Jun 2025 10:51:18 +0000
ROA not before: Sat 07 Jun 2025 10:51:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201078
IP address blocks: 185.38.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 21:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4a:04:30:f5:7b:71:a0:a2:c7:ee:06:ad:43:0b:1f:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ee770f47fd903925d80ac58e05e076f3baa110b
Validity
Not Before: Jun 7 10:51:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e41d03aeaaf0c38e25a867f156365c373a8c968
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:d0:a1:75:00:4f:e6:fd:1a:38:c9:65:b5:34:
94:3a:b3:3d:65:65:9e:fa:8f:87:9c:47:42:96:8b:
bc:a4:a5:d6:03:88:c9:19:04:ad:2d:a1:65:f4:29:
81:78:2b:0e:d7:1e:13:c6:98:bd:07:10:b8:31:3c:
53:02:e6:c6:f2:75:71:f2:10:33:4a:9c:77:cf:eb:
29:82:56:12:c5:97:86:12:0d:07:7f:32:fd:3a:b1:
ae:3b:d6:f4:03:08:86:b0:09:87:6c:00:bf:c1:f0:
04:1d:14:2e:54:77:53:19:d0:8f:72:79:e5:81:55:
69:47:bc:dc:56:4f:81:06:63:fa:dd:24:e1:93:43:
29:1f:68:9a:7f:f1:48:07:ba:91:f8:16:76:d3:e1:
cb:4c:83:65:07:e0:37:98:1c:a0:5b:9b:8d:85:15:
e6:6d:02:8d:d9:0e:5d:0e:62:43:bc:51:48:27:c2:
ca:50:e6:ea:a6:d0:aa:df:0d:22:ea:f8:8f:b1:79:
98:02:ee:46:b4:1b:e6:ca:10:bc:db:40:d6:60:85:
c1:b1:d6:23:b4:c3:19:b8:d2:7c:fc:86:4b:11:be:
2e:c5:2f:6a:eb:b7:cc:bb:ad:06:2b:1b:50:ff:ba:
df:30:b1:ce:29:b0:a8:2c:89:88:1b:02:03:32:4a:
bb:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:41:D0:3A:EA:AF:0C:38:E2:5A:86:7F:15:63:65:C3:73:A8:C9:68
X509v3 Authority Key Identifier:
keyid:3E:E7:70:F4:7F:D9:03:92:5D:80:AC:58:E0:5E:07:6F:3B:AA:11:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/bkHQOuqvDDjiWoZ_FWNlw3OoyWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/434344-323e-48f8-ade2-624f83682169/1/Pudw9H_ZA5JdgKxY4F4HbzuqEQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.27.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:11:aa:e6:cc:71:b3:ca:5f:b4:64:99:a1:d6:40:b6:90:d4:
a8:8e:b3:41:77:fd:89:78:a2:94:37:5b:46:9f:59:8e:62:cc:
f9:bf:4d:62:e0:e1:da:37:0c:c7:40:4f:e7:ea:d6:cc:30:02:
82:8f:bf:ae:31:62:79:32:67:81:ca:2f:c4:f7:44:73:cd:1a:
23:ed:37:2d:47:a6:61:e7:88:68:ab:ed:42:a1:5b:bf:5e:ac:
9f:23:c3:a2:25:38:f4:cb:08:ea:13:3a:27:a8:2a:93:6a:45:
db:52:48:3c:59:50:4b:35:9f:c2:1e:cc:53:1a:24:f6:7d:8d:
d4:42:76:65:92:0b:e9:34:2a:19:d6:7b:b0:40:33:48:73:ad:
eb:96:96:1c:3f:3b:cc:6f:0c:42:92:b6:5a:04:32:05:3e:aa:
85:d1:ec:9f:35:87:3c:46:0d:17:59:48:6e:f8:58:47:31:90:
f5:3a:39:99:cf:8f:b6:ce:6e:34:94:27:8a:58:fc:db:10:a3:
16:44:69:8b:1c:f8:1c:9b:1d:5d:07:14:ea:87:d9:ae:4d:31:
64:18:28:d7:53:76:3a:9d:b3:27:d8:16:80:b1:e5:37:9f:53:
fb:1e:4a:c1:d3:9d:f2:95:0b:eb:eb:5d:dc:59:d6:8e:1b:43:
b7:9a:e7:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdKBDD1e3GgosfuBq1DCx8iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZTc3MGY0N2ZkOTAzOTI1ZDgwYWM1OGUwNWUwNzZmM2Jh
YTExMGIwHhcNMjUwNjA3MTA1MTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQxZDAzYWVhYWYwYzM4ZTI1YTg2N2YxNTYzNjVjMzczYThjOTY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstChdQBP5v0aOMlltTSUOrM9ZWWe
+o+HnEdClou8pKXWA4jJGQStLaFl9CmBeCsO1x4Txpi9BxC4MTxTAubG8nVx8hAz
Spx3z+spglYSxZeGEg0HfzL9OrGuO9b0AwiGsAmHbAC/wfAEHRQuVHdTGdCPcnnl
gVVpR7zcVk+BBmP63SThk0MpH2iaf/FIB7qR+BZ20+HLTINlB+A3mBygW5uNhRXm
bQKN2Q5dDmJDvFFIJ8LKUObqptCq3w0i6viPsXmYAu5GtBvmyhC820DWYIXBsdYj
tMMZuNJ8/IZLEb4uxS9q67fMu60GKxtQ/7rfMLHOKbCoLImIGwIDMkq7gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG5B0Drqrww44lqGfxVjZcNzqMloMB8GA1UdIwQY
MBaAFD7ncPR/2QOSXYCsWOBeB287qhELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTIt
NjI0ZjgzNjgyMTY5LzEvYmtIUU91cXZERGppV29aX0ZXTmx3M09veVdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi80MzQzNDQtMzIzZS00OGY4LWFkZTItNjI0ZjgzNjgyMTY5
LzEvUHVkdzlIX1pBNUpkZ0t4WTRGNEhienVxRVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSYbMA0G
CSqGSIb3DQEBCwUAA4IBAQClEarmzHGzyl+0ZJmh1kC2kNSojrNBd/2JeKKUN1tG
n1mOYsz5v01i4OHaNwzHQE/n6tbMMAKCj7+uMWJ5MmeByi/E90RzzRoj7TctR6Zh
54hoq+1CoVu/XqyfI8OiJTj0ywjqEzonqCqTakXbUkg8WVBLNZ/CHsxTGiT2fY3U
QnZlkgvpNCoZ1nuwQDNIc63rlpYcPzvMbwxCkrZaBDIFPqqF0eyfNYc8Rg0XWUhu
+FhHMZD1OjmZz4+2zm40lCeKWPzbEKMWRGmLHPgcmx1dBxTqh9muTTFkGCjXU3Y6
nbMn2BaAseU3n1P7HkrB053ylQvr613cWdaOG0O3mudG
-----END CERTIFICATE-----
Generated at Wed Jun 18 06:35:29 2025 by rpki-client