Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/0iVORbOC1yn1RU9MN-6NZSBLcv4.roa
File: 0iVORbOC1yn1RU9MN-6NZSBLcv4.roa (raw, json)
Hash identifier: aAZ8Vbm4cCzopF3xvPSupzXl+Rmg+Qp1HP2+eIZg+u4=
Subject key identifier: D2:25:4E:45:B3:82:D7:29:F5:45:4F:4C:37:EE:8D:65:20:4B:72:FE
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0194422CC9FB129E1F08F7D60D29BCF38DF5
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/0iVORbOC1yn1RU9MN-6NZSBLcv4.roa
Signing time: Tue 07 Jan 2025 19:10:19 +0000
ROA not before: Tue 07 Jan 2025 19:10:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 95.164.77.0/24 maxlen: 24
95.164.160.0/24 maxlen: 24
95.164.161.0/24 maxlen: 24
95.164.162.0/24 maxlen: 24
95.164.163.0/24 maxlen: 24
95.164.224.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 14:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:42:2c:c9:fb:12:9e:1f:08:f7:d6:0d:29:bc:f3:8d:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jan 7 19:10:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2254e45b382d729f5454f4c37ee8d65204b72fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:52:75:82:8c:bf:ed:ae:12:fa:26:c4:78:df:
59:55:63:7f:00:ad:3c:f8:9f:a1:09:58:39:42:ab:
18:c7:00:f2:2e:65:20:e9:66:32:ef:93:c2:98:55:
9c:94:ee:64:c9:4b:4c:35:96:e7:e6:5d:fc:ef:ef:
b6:27:f7:9c:53:bc:63:9a:b3:b9:98:82:a0:11:18:
f2:ec:7e:00:94:46:8b:ff:b0:b1:1f:55:bf:55:40:
4a:1c:40:dd:93:ce:c8:c0:ad:01:bc:14:e5:3a:e5:
a8:14:4a:bd:f0:a6:fa:20:e8:6d:3c:ea:35:8c:bb:
a6:3c:f3:0e:58:73:22:9f:e7:0d:68:b2:9f:51:cc:
a9:8c:16:b9:b7:eb:39:ca:56:4d:fb:20:8d:2c:bc:
51:ca:bf:6b:f9:3b:d6:80:c5:ff:80:a9:dd:3a:f1:
5f:bd:64:83:71:7d:9b:74:db:f1:d3:2f:f6:81:6a:
7c:99:44:f3:fb:a3:68:c8:58:60:ee:44:bc:cd:65:
fb:5d:ca:15:e7:b3:f8:0b:85:08:05:1b:65:c5:58:
46:a8:f6:bd:84:e3:e0:e5:c4:5b:a5:ef:c6:7f:23:
bb:ce:65:09:e3:78:35:af:c5:1f:7d:33:a5:a3:b8:
a1:64:1e:bb:b4:e6:53:a0:22:0e:38:43:91:21:ad:
89:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:25:4E:45:B3:82:D7:29:F5:45:4F:4C:37:EE:8D:65:20:4B:72:FE
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/0iVORbOC1yn1RU9MN-6NZSBLcv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.77.0/24
95.164.160.0/22
95.164.224.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:cf:5e:af:12:cc:16:01:f4:d5:d6:77:f4:63:b7:13:b8:d4:
e2:38:cf:f4:1f:06:cf:96:50:8e:b0:50:4b:82:81:22:cf:3e:
5a:5d:ab:c3:d6:24:f0:42:bd:04:68:7d:7f:65:97:e9:ad:2f:
59:a4:3e:6a:8a:1f:5f:9d:6d:ae:40:a8:40:2a:11:d2:80:2c:
54:83:ca:0e:af:55:c4:1d:1d:d3:95:7a:5f:94:70:05:bb:0d:
69:c9:a7:6c:b2:8f:7c:a3:32:fa:cb:93:ca:53:4b:9e:c1:d9:
3a:9a:6e:65:a5:50:e0:11:a1:a0:34:de:26:67:3e:25:13:b9:
47:9d:26:d9:0d:c0:9a:f1:2b:62:71:ec:a1:54:95:32:c6:88:
4c:0d:2e:f0:29:38:ce:f5:9f:c6:54:0c:c5:9c:0d:a2:32:4e:
44:c3:e4:27:9c:f7:4e:9f:ad:2b:83:af:af:cc:f7:5d:7b:b2:
0f:a4:9f:02:32:a1:d7:ba:2c:3e:5e:34:64:01:dc:47:9a:a1:
7c:79:c5:a3:8d:8d:ad:8b:03:fc:23:3c:76:f4:76:b3:92:60:
26:3f:22:b9:72:22:ac:61:66:a9:e1:d7:07:59:e3:7f:56:16:
73:e2:b3:98:66:83:13:6e:4e:00:52:35:a1:c8:08:30:0f:18:
c6:6e:a7:b1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZRCLMn7Ep4fCPfWDSm88431MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwMTA3MTkxMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjI1NGU0NWIzODJkNzI5ZjU0NTRmNGMzN2VlOGQ2NTIwNGI3MmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFJ1goy/7a4S+ibEeN9ZVWN/AK08
+J+hCVg5QqsYxwDyLmUg6WYy75PCmFWclO5kyUtMNZbn5l387++2J/ecU7xjmrO5
mIKgERjy7H4AlEaL/7CxH1W/VUBKHEDdk87IwK0BvBTlOuWoFEq98Kb6IOhtPOo1
jLumPPMOWHMin+cNaLKfUcypjBa5t+s5ylZN+yCNLLxRyr9r+TvWgMX/gKndOvFf
vWSDcX2bdNvx0y/2gWp8mUTz+6NoyFhg7kS8zWX7XcoV57P4C4UIBRtlxVhGqPa9
hOPg5cRbpe/GfyO7zmUJ43g1r8UffTOlo7ihZB67tOZToCIOOEORIa2JrQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNIlTkWzgtcp9UVPTDfujWUgS3L+MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvMGlWT1JiT0MxeW4xUlU5TU4tNk5aU0JMY3Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAX6RNAwQC
X6SgAwQCX6TgMA0GCSqGSIb3DQEBCwUAA4IBAQAqz16vEswWAfTV1nf0Y7cTuNTi
OM/0HwbPllCOsFBLgoEizz5aXavD1iTwQr0EaH1/ZZfprS9ZpD5qih9fnW2uQKhA
KhHSgCxUg8oOr1XEHR3TlXpflHAFuw1pyadsso98ozL6y5PKU0uewdk6mm5lpVDg
EaGgNN4mZz4lE7lHnSbZDcCa8SticeyhVJUyxohMDS7wKTjO9Z/GVAzFnA2iMk5E
w+QnnPdOn60rg6+vzPdde7IPpJ8CMqHXuiw+XjRkAdxHmqF8ecWjjY2tiwP8Izx2
9HazkmAmPyK5ciKsYWap4dcHWeN/VhZz4rOYZoMTbk4AUjWhyAgwDxjGbqex
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:49:52 2025 by rpki-client