Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/1pzVXPbgxEX73Fvhek9cnU4DDFk.roa
File: 1pzVXPbgxEX73Fvhek9cnU4DDFk.roa (raw, json)
Hash identifier: KBcYXTx3hKne/Dhm3KPhvSNiNaQ1ottkjjUhssYyunQ=
Subject key identifier: D6:9C:D5:5C:F6:E0:C4:45:FB:DC:5B:E1:7A:4F:5C:9D:4E:03:0C:59
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 01952D35E982ED18737B74C4A61F8A2D86AF
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/1pzVXPbgxEX73Fvhek9cnU4DDFk.roa
Signing time: Sat 22 Feb 2025 10:31:02 +0000
ROA not before: Sat 22 Feb 2025 10:31:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202391
IP address blocks: 95.38.144.0/22 maxlen: 22
95.38.148.0/22 maxlen: 22
95.38.192.0/24 maxlen: 24
95.38.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.mft
rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2d:35:e9:82:ed:18:73:7b:74:c4:a6:1f:8a:2d:86:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Feb 22 10:31:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d69cd55cf6e0c445fbdc5be17a4f5c9d4e030c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:57:5e:5d:5a:e9:6f:48:e5:3c:69:15:20:4f:
ff:24:0b:6d:31:22:12:33:a3:db:5f:d9:8d:97:13:
b8:d3:5c:51:61:37:88:cf:71:09:92:1c:89:49:1a:
47:05:ac:59:fc:ee:12:ac:94:c0:2c:8b:15:5a:32:
ad:4c:9d:d2:23:1f:96:a2:a9:57:54:95:69:e9:bf:
50:e4:bb:e8:b2:fe:a0:6e:fc:2c:95:85:18:a2:f0:
43:1d:3e:24:57:64:d3:a0:0d:9c:94:34:57:f4:88:
19:2c:83:ca:c6:fe:a6:9b:5c:44:46:bf:cb:fe:a1:
7f:e5:7d:90:d7:9d:b9:aa:5b:b7:33:23:10:ab:8c:
28:d6:96:8a:3d:54:30:54:7f:d2:45:c5:fc:85:88:
bb:55:e6:fc:50:ca:f6:42:ff:93:9c:10:99:8d:93:
72:69:5d:80:02:b5:d6:af:8e:bf:b1:43:ca:57:0e:
77:f9:fb:98:c1:2e:cd:18:06:86:55:e5:40:f2:df:
98:a0:15:01:b0:a3:7a:f8:44:9b:3c:0a:f1:b2:55:
8d:d7:fa:a1:d6:ea:45:cc:c1:58:24:36:5e:10:e0:
b6:9d:bf:90:b7:0f:db:22:c8:14:a9:83:84:15:e6:
a5:35:11:5e:89:7b:6c:86:3b:29:e7:dc:9c:f4:5e:
75:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:9C:D5:5C:F6:E0:C4:45:FB:DC:5B:E1:7A:4F:5C:9D:4E:03:0C:59
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/1pzVXPbgxEX73Fvhek9cnU4DDFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.144.0/21
95.38.192.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:6e:45:48:b7:f2:bf:55:08:eb:d2:11:7c:6a:f0:78:5c:0c:
c5:2c:32:3a:38:95:51:4c:6f:b2:35:5d:f4:b0:e5:83:13:27:
18:a2:7a:78:0a:df:87:40:37:8f:33:83:32:ba:52:d3:8a:eb:
b3:fc:19:62:6d:78:f9:ec:0b:23:af:27:96:17:cd:f4:38:fd:
39:4d:ed:6a:68:5f:94:8f:30:d6:9b:b8:51:f7:20:db:87:5c:
5a:3b:fa:b2:d8:45:c4:be:7c:8d:3f:3e:bf:80:23:c4:fd:94:
be:96:9b:bd:c0:c5:ff:1f:e6:02:ec:34:b5:9b:41:8c:26:ac:
44:ce:ca:1f:52:a9:77:5e:fe:24:bf:5e:ec:8e:d6:c0:db:43:
9d:76:74:c9:c3:94:0a:9c:fe:cc:de:56:bb:40:32:db:89:46:
63:6d:7c:ec:43:e2:2e:91:40:9e:f6:e8:31:a4:98:ef:92:a1:
01:0a:47:57:54:5f:9c:2d:a1:f2:01:cb:e1:0e:3a:0b:ea:91:
93:cc:e1:f1:f1:ca:1a:07:b2:82:0d:11:ec:80:59:dc:d5:05:
ac:9f:09:80:2d:7d:00:87:f8:27:9e:3b:f8:b4:3a:4a:a3:6c:
60:d9:61:0d:ae:ad:d2:f2:59:6d:0b:1c:a4:be:4b:e3:f4:9b:
21:f0:72:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUtNemC7Rhze3TEph+KLYavMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjUwMjIyMTAzMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjljZDU1Y2Y2ZTBjNDQ1ZmJkYzViZTE3YTRmNWM5ZDRlMDMwYzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVdeXVrpb0jlPGkVIE//JAttMSIS
M6PbX9mNlxO401xRYTeIz3EJkhyJSRpHBaxZ/O4SrJTALIsVWjKtTJ3SIx+WoqlX
VJVp6b9Q5Lvosv6gbvwslYUYovBDHT4kV2TToA2clDRX9IgZLIPKxv6mm1xERr/L
/qF/5X2Q1525qlu3MyMQq4wo1paKPVQwVH/SRcX8hYi7Veb8UMr2Qv+TnBCZjZNy
aV2AArXWr46/sUPKVw53+fuYwS7NGAaGVeVA8t+YoBUBsKN6+ESbPArxslWN1/qh
1upFzMFYJDZeEOC2nb+Qtw/bIsgUqYOEFealNRFeiXtshjsp59yc9F51PQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNac1Vz24MRF+9xb4XpPXJ1OAwxZMB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEvMXB6VlhQYmd4RVg3M0Z2aGVrOWNuVTREREZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXyaQAwQB
XybAMA0GCSqGSIb3DQEBCwUAA4IBAQBcbkVIt/K/VQjr0hF8avB4XAzFLDI6OJVR
TG+yNV30sOWDEycYonp4Ct+HQDePM4MyulLTiuuz/BlibXj57AsjryeWF830OP05
Te1qaF+UjzDWm7hR9yDbh1xaO/qy2EXEvnyNPz6/gCPE/ZS+lpu9wMX/H+YC7DS1
m0GMJqxEzsofUql3Xv4kv17sjtbA20OddnTJw5QKnP7M3la7QDLbiUZjbXzsQ+Iu
kUCe9ugxpJjvkqEBCkdXVF+cLaHyAcvhDjoL6pGTzOHx8coaB7KCDRHsgFnc1QWs
nwmALX0Ah/gnnjv4tDpKo2xg2WENrq3S8lltCxykvkvj9Jsh8HI7
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:31:31 2025 by rpki-client