Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/BUn9VhicX5lnszohZN-B_W7zFEI.roa
File: BUn9VhicX5lnszohZN-B_W7zFEI.roa (raw, json)
Hash identifier: sw98I/lp9w4TPvzfatfd4Z7hM9xvkDPTUdNratN07GQ=
Subject key identifier: 05:49:FD:56:18:9C:5F:99:67:B3:3A:21:64:DF:81:FD:6E:F3:14:42
Certificate issuer: /CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Certificate serial: 0197EB385CB52F004D9B08B67FEC8BDA5F91
Authority key identifier: 20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/BUn9VhicX5lnszohZN-B_W7zFEI.roa
Signing time: Tue 08 Jul 2025 18:07:08 +0000
ROA not before: Tue 08 Jul 2025 18:07:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 95.170.15.0/24 maxlen: 24
95.170.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:eb:38:5c:b5:2f:00:4d:9b:08:b6:7f:ec:8b:da:5f:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Validity
Not Before: Jul 8 18:07:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0549fd56189c5f9967b33a2164df81fd6ef31442
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:92:73:93:67:84:84:25:be:18:b6:fa:c2:ab:
a0:2c:dd:65:e4:05:8e:0a:16:8a:e1:57:0d:fa:1c:
f1:0e:fa:8b:71:46:e0:8e:bf:81:ed:1d:94:fc:ad:
8a:33:7b:a4:52:4b:b2:34:a5:c8:35:e9:8f:e3:19:
ae:c8:af:0e:1e:25:35:a7:7e:fa:bc:be:6c:4b:82:
4d:44:16:0f:e6:45:b4:3e:2f:f8:79:96:24:81:92:
6e:11:01:eb:42:00:da:e3:4e:a0:c3:f7:b6:1c:4a:
ba:bc:18:26:a9:96:72:47:5b:4c:37:01:f4:93:c2:
29:8a:6d:9d:db:a2:e7:fc:73:9f:5d:54:4c:13:b5:
8c:fa:fd:53:13:df:54:69:94:9f:a1:85:b6:12:b6:
3a:ec:7f:9d:d0:e3:c8:69:64:cd:32:11:a5:cf:98:
cb:d3:1e:32:06:4d:da:84:df:97:17:3d:dc:d9:14:
37:96:af:be:e0:3d:12:8d:a0:01:2f:df:63:a7:e3:
b8:a4:ca:de:a3:af:71:45:a3:6f:1d:53:62:52:3a:
1f:d6:3b:9a:f1:ce:de:cb:52:6d:40:5c:8b:f0:1c:
7c:7d:9f:58:d8:07:ea:ad:61:9e:18:bf:2e:17:a4:
69:0d:ac:ee:10:8e:c8:77:f9:07:53:f1:3e:ca:c5:
ce:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:49:FD:56:18:9C:5F:99:67:B3:3A:21:64:DF:81:FD:6E:F3:14:42
X509v3 Authority Key Identifier:
keyid:20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/BUn9VhicX5lnszohZN-B_W7zFEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.170.15.0-95.170.16.255
Signature Algorithm: sha256WithRSAEncryption
55:71:8c:8c:8a:4d:b4:ed:38:48:b4:57:38:09:c9:65:bf:fc:
be:87:45:57:3a:e1:40:92:50:0c:bc:99:37:0f:71:b4:d1:65:
10:06:2a:fb:f4:0c:f9:38:8f:66:3c:a8:55:0e:65:4f:45:8e:
54:2a:34:e0:03:f1:dd:c7:7f:7b:5c:67:f3:5f:8a:8d:38:2d:
86:9b:6f:c5:7a:54:80:58:6c:d8:cf:c8:0e:e9:0d:a0:e5:c4:
e1:a8:e1:14:ba:a2:e1:d8:d5:9f:51:6c:d1:30:1e:17:1a:fd:
25:f1:8c:03:55:e8:92:33:12:fd:44:8f:da:ec:21:85:cb:d1:
7f:b7:cc:08:42:f2:c4:46:8d:f8:0d:30:0a:2b:3d:d6:54:40:
ce:55:51:51:48:f0:4f:c4:34:66:4f:9a:a9:4c:87:78:bf:5c:
96:4d:13:0a:85:fd:38:fa:86:82:76:39:e5:73:8a:19:da:16:
1e:4d:37:ea:88:d5:2a:c1:fd:12:08:8e:d4:33:13:8d:ad:c3:
3b:ee:86:07:d1:2d:db:2d:71:36:75:5b:1d:15:57:ac:cd:a6:
03:25:cb:55:05:21:27:86:ff:59:ed:a8:82:b7:e3:62:a9:b4:
64:39:5a:84:5e:9b:be:fd:7b:e6:f2:49:08:88:91:24:a1:58:
a3:fb:ec:62
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZfrOFy1LwBNmwi2f+yL2l+RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTQyNWEzMmI2MmQzOTgxOGM0Y2JiMDA4MTA3NTY4NmZj
NGM4ZTgwHhcNMjUwNzA4MTgwNzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTQ5ZmQ1NjE4OWM1Zjk5NjdiMzNhMjE2NGRmODFmZDZlZjMxNDQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZJzk2eEhCW+GLb6wqugLN1l5AWO
ChaK4VcN+hzxDvqLcUbgjr+B7R2U/K2KM3ukUkuyNKXINemP4xmuyK8OHiU1p376
vL5sS4JNRBYP5kW0Pi/4eZYkgZJuEQHrQgDa406gw/e2HEq6vBgmqZZyR1tMNwH0
k8Ipim2d26Ln/HOfXVRME7WM+v1TE99UaZSfoYW2ErY67H+d0OPIaWTNMhGlz5jL
0x4yBk3ahN+XFz3c2RQ3lq++4D0SjaABL99jp+O4pMreo69xRaNvHVNiUjof1jua
8c7ey1JtQFyL8Bx8fZ9Y2AfqrWGeGL8uF6RpDazuEI7Id/kHU/E+ysXOVwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAVJ/VYYnF+ZZ7M6IWTfgf1u8xRCMB8GA1UdIwQY
MBaAFCDkJaMrYtOYGMTLsAgQdWhvxMjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGIt
ZWNkMjk2NWNiN2U3LzEvQlVuOVZoaWNYNWxuc3pvaFpOLUJfVzd6RkVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGItZWNkMjk2NWNiN2U3
LzEvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABfqg8D
BABfqhAwDQYJKoZIhvcNAQELBQADggEBAFVxjIyKTbTtOEi0VzgJyWW//L6HRVc6
4UCSUAy8mTcPcbTRZRAGKvv0DPk4j2Y8qFUOZU9FjlQqNOAD8d3Hf3tcZ/Nfio04
LYabb8V6VIBYbNjPyA7pDaDlxOGo4RS6ouHY1Z9RbNEwHhca/SXxjANV6JIzEv1E
j9rsIYXL0X+3zAhC8sRGjfgNMAorPdZUQM5VUVFI8E/ENGZPmqlMh3i/XJZNEwqF
/Tj6hoJ2OeVzihnaFh5NN+qI1SrB/RIIjtQzE42twzvuhgfRLdstcTZ1Wx0VV6zN
pgMly1UFISeG/1ntqIK342KptGQ5WoRem779e+bySQiIkSShWKP77GI=
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:07:55 2025 by rpki-client