Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/BwN6kYxqgkO3DLOda39xIN312Tg.roa
File: BwN6kYxqgkO3DLOda39xIN312Tg.roa (raw, json)
Hash identifier: LjSvlMUTCNkTz474Nf1Brme5doNRxTInUYmorlMrcUE=
Subject key identifier: 07:03:7A:91:8C:6A:82:43:B7:0C:B3:9D:6B:7F:71:20:DD:F5:D9:38
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 01974F71F626456287C0384D727A0B4F668D
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/BwN6kYxqgkO3DLOda39xIN312Tg.roa
Signing time: Sun 08 Jun 2025 12:09:17 +0000
ROA not before: Sun 08 Jun 2025 12:09:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205090
IP address blocks: 91.200.13.0/24 maxlen: 24
103.71.20.0/24 maxlen: 24
103.71.21.0/24 maxlen: 24
109.69.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Jun 2025 07:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4f:71:f6:26:45:62:87:c0:38:4d:72:7a:0b:4f:66:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Jun 8 12:09:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07037a918c6a8243b70cb39d6b7f7120ddf5d938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2b:9f:da:b5:f4:fa:a7:a8:85:68:3a:02:56:
3c:df:0f:09:f6:2d:c9:e8:3f:03:83:3d:10:bd:35:
73:05:07:ca:0a:fb:c5:9a:9d:86:9d:b4:87:a8:83:
51:65:b6:65:65:16:35:ee:ad:86:e6:3e:6b:32:c5:
c2:8e:6c:09:27:68:16:44:24:63:7b:01:0a:43:e4:
7c:5b:52:54:3d:52:82:63:b4:54:c1:eb:92:e1:01:
12:ff:7a:01:7c:ad:cd:0e:de:cf:b3:2e:6c:2f:1b:
83:70:23:5c:86:ed:fa:5a:2c:75:fc:b4:38:f6:ad:
43:e0:92:f7:8b:a3:a4:9a:fe:45:89:d0:e3:f2:21:
dc:2f:f6:20:e8:e7:5d:5b:9d:6d:5a:60:58:5d:38:
da:d8:f9:de:70:49:e9:43:f4:20:da:06:69:2e:2f:
da:1e:2e:f9:aa:03:e8:aa:57:db:d8:52:21:1f:fd:
e0:24:63:e0:db:e6:e5:c9:a6:17:b0:53:c1:7f:16:
86:20:3c:69:72:b5:06:c4:5b:fd:45:ba:64:a9:ca:
57:8a:51:2e:e5:83:5f:89:b9:b1:bc:6b:7d:47:52:
c7:bb:20:0e:a7:97:1d:89:85:fd:13:73:1d:32:38:
9e:e5:a5:b6:8d:ca:dc:89:00:c1:8e:58:a6:44:96:
e0:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:03:7A:91:8C:6A:82:43:B7:0C:B3:9D:6B:7F:71:20:DD:F5:D9:38
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/BwN6kYxqgkO3DLOda39xIN312Tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.13.0/24
103.71.20.0/23
109.69.62.0/24
Signature Algorithm: sha256WithRSAEncryption
54:b0:4d:09:fa:c2:5d:5c:96:82:56:7c:f7:05:8a:e5:94:b9:
45:62:1e:fd:16:ea:39:71:43:90:b6:a2:f2:83:00:50:ce:c8:
13:45:2c:a3:9e:7a:c2:0b:e4:19:62:7b:68:b5:c1:74:85:5c:
87:a5:81:69:d6:db:fb:21:be:ef:89:81:17:e0:b8:52:23:1b:
a6:46:1c:27:f4:57:ba:82:a9:48:e1:97:de:c4:a0:71:b8:98:
7b:18:c7:9d:0b:f0:d4:74:fb:ed:f0:01:cc:2d:d6:9b:12:21:
bc:e1:5f:49:b1:21:3e:b9:2b:ad:be:2c:0a:b4:3d:0c:65:4b:
aa:bb:8a:c0:52:04:35:6b:bc:e6:6a:24:9a:27:dd:44:5d:8a:
ad:68:3d:9b:01:89:f0:42:d2:19:8b:79:dc:d0:ca:f5:4a:63:
5b:e6:49:13:72:81:19:c7:21:08:2e:b5:ae:c9:a4:16:e6:5f:
4e:95:8c:3b:f9:48:73:ee:9f:23:ff:ba:69:20:fa:22:2a:bb:
ed:e1:1c:f0:ab:c1:3d:54:f0:8e:a0:1f:8e:3f:9f:7a:73:e5:
02:40:11:89:37:16:32:45:57:2f:55:96:ef:81:a5:1c:5f:75:
3f:69:5b:f2:3b:1b:a7:7e:d5:8a:0e:1b:c5:bc:01:ae:c9:f2:
a7:0e:26:51
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZdPcfYmRWKHwDhNcnoLT2aNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUwNjA4MTIwOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzAzN2E5MThjNmE4MjQzYjcwY2IzOWQ2YjdmNzEyMGRkZjVkOTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Cuf2rX0+qeohWg6AlY83w8J9i3J
6D8Dgz0QvTVzBQfKCvvFmp2GnbSHqINRZbZlZRY17q2G5j5rMsXCjmwJJ2gWRCRj
ewEKQ+R8W1JUPVKCY7RUweuS4QES/3oBfK3NDt7Psy5sLxuDcCNchu36Wix1/LQ4
9q1D4JL3i6Okmv5FidDj8iHcL/Yg6OddW51tWmBYXTja2PnecEnpQ/Qg2gZpLi/a
Hi75qgPoqlfb2FIhH/3gJGPg2+blyaYXsFPBfxaGIDxpcrUGxFv9RbpkqcpXilEu
5YNfibmxvGt9R1LHuyAOp5cdiYX9E3MdMjie5aW2jcrciQDBjlimRJbgUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAcDepGMaoJDtwyznWt/cSDd9dk4MB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvQndONmtZeHFna08zRExPZGEzOXhJTjMxMlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW8gNAwQB
Z0cUAwQAbUU+MA0GCSqGSIb3DQEBCwUAA4IBAQBUsE0J+sJdXJaCVnz3BYrllLlF
Yh79Fuo5cUOQtqLygwBQzsgTRSyjnnrCC+QZYntotcF0hVyHpYFp1tv7Ib7viYEX
4LhSIxumRhwn9Fe6gqlI4ZfexKBxuJh7GMedC/DUdPvt8AHMLdabEiG84V9JsSE+
uSutviwKtD0MZUuqu4rAUgQ1a7zmaiSaJ91EXYqtaD2bAYnwQtIZi3nc0Mr1SmNb
5kkTcoEZxyEILrWuyaQW5l9OlYw7+Uhz7p8j/7ppIPoiKrvt4Rzwq8E9VPCOoB+O
P596c+UCQBGJNxYyRVcvVZbvgaUcX3U/aVvyOxunftWKDhvFvAGuyfKnDiZR
-----END CERTIFICATE-----
Generated at Sat Jun 21 14:17:36 2025 by rpki-client