Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/rqVnteOJJHg9WXaawBRHsFTxh4c.roa
File: rqVnteOJJHg9WXaawBRHsFTxh4c.roa (raw, json)
Hash identifier: D24HL5ADp3zixbZMe0BfvplM/ppUth4nvxaq/WkbRjw=
Subject key identifier: AE:A5:67:B5:E3:89:24:78:3D:59:76:9A:C0:14:47:B0:54:F1:87:87
Certificate issuer: /CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Certificate serial: 019579A6A747DC6210FEACA799DB03515EB8
Authority key identifier: 28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/rqVnteOJJHg9WXaawBRHsFTxh4c.roa
Signing time: Sun 09 Mar 2025 06:45:19 +0000
ROA not before: Sun 09 Mar 2025 06:45:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212084
IP address blocks: 95.214.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:79:a6:a7:47:dc:62:10:fe:ac:a7:99:db:03:51:5e:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28107ab6921ef8cb2deca3eb766478cff3e5fc6d
Validity
Not Before: Mar 9 06:45:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aea567b5e38924783d59769ac01447b054f18787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:aa:a4:5d:d4:8a:f5:59:24:7a:1e:59:62:fd:
9f:9b:2f:a4:50:89:cc:47:b1:4e:e5:27:34:6a:d0:
c1:f6:f6:3b:ad:d7:60:be:1f:6f:5d:d3:c8:73:77:
8c:b2:ba:2e:21:90:2f:c9:49:4b:21:eb:7f:5c:86:
2f:bf:ce:82:9d:17:97:f8:43:fd:3f:a9:92:b3:21:
ef:be:13:5a:f6:6b:5a:74:7a:d3:2e:82:7f:fb:ce:
8c:2d:41:11:21:a8:22:2a:d0:cb:aa:3f:83:66:ca:
66:ee:ac:a9:d1:85:98:d9:8c:fc:51:37:f4:87:ff:
33:29:e1:0c:37:0f:7e:cf:e9:fb:21:5e:4a:fe:ad:
6b:fc:f6:49:35:62:45:ab:56:c3:4d:a8:d7:bc:9b:
21:3c:87:0e:81:31:67:cc:54:8c:2f:dc:0e:31:ee:
58:1f:33:7a:3e:85:fc:c7:9e:81:11:e6:d0:cf:14:
ac:bb:c7:b3:02:5b:3a:0a:86:3c:e2:e4:a5:08:64:
cc:d1:ba:37:ca:fd:63:7b:bd:5e:1b:b6:27:51:29:
21:f0:05:97:9a:b2:5f:e5:d1:76:61:34:0c:d4:5a:
f3:13:85:7f:68:01:f9:1e:84:bb:7f:35:c5:4b:02:
54:e2:ee:ee:b8:fd:5b:5d:e9:6f:26:25:02:cb:52:
3c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:A5:67:B5:E3:89:24:78:3D:59:76:9A:C0:14:47:B0:54:F1:87:87
X509v3 Authority Key Identifier:
keyid:28:10:7A:B6:92:1E:F8:CB:2D:EC:A3:EB:76:64:78:CF:F3:E5:FC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/rqVnteOJJHg9WXaawBRHsFTxh4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/08826e-77d0-437b-a1c2-c0fb3ef7640e/1/KBB6tpIe-Mst7KPrdmR4z_Pl_G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.173.0/24
Signature Algorithm: sha256WithRSAEncryption
18:5c:f1:75:32:d2:43:7b:42:28:ca:25:05:6c:95:2d:44:d2:
db:e0:dd:3b:87:35:47:1f:0b:b6:2f:3a:09:b6:88:46:95:d8:
2a:94:ef:4d:61:f0:40:ec:dd:91:d0:ba:b9:d3:36:14:2f:03:
6f:72:4c:e6:6d:03:b8:68:85:70:3c:fc:2f:a3:43:c3:b6:a7:
05:4f:62:b1:40:b4:6b:6a:49:f0:72:08:e9:fe:cf:66:89:03:
9b:c6:f0:03:73:77:e1:94:a1:18:a4:d8:65:39:6c:72:65:e8:
c6:88:e0:3d:d1:ea:8b:f9:33:34:4c:ec:9a:0c:90:b8:2a:d5:
f5:7b:7e:1e:f5:61:d2:1d:55:81:d3:57:ff:51:41:6c:0c:90:
2e:c8:a7:0b:c8:a5:eb:11:45:d9:c2:1f:ce:61:45:db:41:e8:
7f:cb:0b:23:e0:fa:c0:52:22:57:53:aa:ed:48:b7:a9:62:61:
87:5d:43:50:ee:ae:f9:93:ee:d7:f2:11:5d:38:84:d9:b6:36:
90:73:b1:30:b0:53:9d:38:24:11:0b:d9:3a:58:60:99:6f:95:
c4:a2:17:43:d1:27:b0:6e:97:76:47:e7:24:aa:78:2a:79:7c:
c8:45:74:4d:db:c7:dd:c8:e8:f6:5c:53:e9:2c:7e:c1:da:c0:
bc:aa:52:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZV5pqdH3GIQ/qynmdsDUV64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MTA3YWI2OTIxZWY4Y2IyZGVjYTNlYjc2NjQ3OGNmZjNl
NWZjNmQwHhcNMjUwMzA5MDY0NTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWE1NjdiNWUzODkyNDc4M2Q1OTc2OWFjMDE0NDdiMDU0ZjE4Nzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaqkXdSK9Vkkeh5ZYv2fmy+kUInM
R7FO5Sc0atDB9vY7rddgvh9vXdPIc3eMsrouIZAvyUlLIet/XIYvv86CnReX+EP9
P6mSsyHvvhNa9mtadHrTLoJ/+86MLUERIagiKtDLqj+DZspm7qyp0YWY2Yz8UTf0
h/8zKeEMNw9+z+n7IV5K/q1r/PZJNWJFq1bDTajXvJshPIcOgTFnzFSML9wOMe5Y
HzN6PoX8x56BEebQzxSsu8ezAls6CoY84uSlCGTM0bo3yv1je71eG7YnUSkh8AWX
mrJf5dF2YTQM1FrzE4V/aAH5HoS7fzXFSwJU4u7uuP1bXelvJiUCy1I8WwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK6lZ7XjiSR4PVl2msAUR7BU8YeHMB8GA1UdIwQY
MBaAFCgQeraSHvjLLeyj63ZkeM/z5fxtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzIt
YzBmYjNlZjc2NDBlLzEvcnFWbnRlT0pKSGc5V1hhYXdCUkhzRlR4aDRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8wODgyNmUtNzdkMC00MzdiLWExYzItYzBmYjNlZjc2NDBl
LzEvS0JCNnRwSWUtTXN0N0tQcmRtUjR6X1BsX0cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX9atMA0G
CSqGSIb3DQEBCwUAA4IBAQAYXPF1MtJDe0IoyiUFbJUtRNLb4N07hzVHHwu2LzoJ
tohGldgqlO9NYfBA7N2R0Lq50zYULwNvckzmbQO4aIVwPPwvo0PDtqcFT2KxQLRr
aknwcgjp/s9miQObxvADc3fhlKEYpNhlOWxyZejGiOA90eqL+TM0TOyaDJC4KtX1
e34e9WHSHVWB01f/UUFsDJAuyKcLyKXrEUXZwh/OYUXbQeh/ywsj4PrAUiJXU6rt
SLepYmGHXUNQ7q75k+7X8hFdOITZtjaQc7EwsFOdOCQRC9k6WGCZb5XEohdD0Sew
bpd2R+ckqngqeXzIRXRN28fdyOj2XFPpLH7B2sC8qlIa
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:04:45 2025 by rpki-client