Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-a67q2QvnzGHgiVEw3fVDK6nLOA.roa
File: 1-a67q2QvnzGHgiVEw3fVDK6nLOA.roa (raw, json)
Hash identifier: pusaDoOGrFnHTQswRbYyQpTylH6m6rPHWivJ/EEuAOs=
Subject key identifier: F9:AE:BB:AB:64:2F:9F:31:87:82:25:44:C3:77:D5:0C:AE:A7:2C:E0
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0198EC18CF0AE3C1934C5234AA5492A17044
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-a67q2QvnzGHgiVEw3fVDK6nLOA.roa
Signing time: Wed 27 Aug 2025 15:15:05 +0000
ROA not before: Wed 27 Aug 2025 15:15:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204532
IP address blocks: 95.47.168.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ec:18:cf:0a:e3:c1:93:4c:52:34:aa:54:92:a1:70:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Aug 27 15:15:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9aebbab642f9f3187822544c377d50caea72ce0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:7c:3e:c5:7f:17:09:93:e0:fe:0c:1f:94:7b:
97:3c:49:38:49:c2:7e:20:fd:15:0d:cf:25:2c:98:
9f:d7:a6:39:ac:1d:78:ae:de:b5:e3:53:d5:f8:a5:
0f:73:c8:6d:6c:e3:ab:e4:56:d5:3a:e9:48:04:e9:
e2:0a:25:49:4b:1c:58:b8:28:a3:61:25:6a:25:06:
40:27:ab:1d:7c:41:ef:23:74:3d:82:7a:ad:38:dd:
14:3c:ef:a9:a7:29:8b:79:19:f5:82:e2:7c:d1:8a:
a6:68:00:a8:02:c0:fa:9b:90:3a:96:03:72:69:16:
63:9a:c8:6c:b5:ab:32:3b:42:88:72:5e:0f:37:05:
89:9c:e5:a0:34:8f:f0:42:03:96:b9:ad:a5:67:e1:
2e:04:ef:a1:8e:18:ca:23:ed:8a:63:6f:82:dc:5e:
1d:59:97:1c:dd:34:a6:58:c3:ce:11:c0:e8:b1:07:
d0:db:02:8d:ba:1b:81:5f:c2:3b:66:eb:cc:fc:bf:
d6:74:a7:54:c7:d0:a4:25:6d:c0:68:b3:2f:5f:5d:
51:7f:f4:ce:6e:f5:c3:02:26:61:dd:9e:68:48:02:
73:fb:44:82:71:dd:ba:79:af:ff:5d:8e:96:6a:6e:
38:82:ee:5f:dc:43:1b:b3:cd:2a:42:4d:45:d5:75:
5a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:AE:BB:AB:64:2F:9F:31:87:82:25:44:C3:77:D5:0C:AE:A7:2C:E0
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/1-a67q2QvnzGHgiVEw3fVDK6nLOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.168.0/23
Signature Algorithm: sha256WithRSAEncryption
84:07:a3:65:22:cb:03:bf:51:8a:2a:a7:d8:ea:73:59:fb:70:
fb:f5:bc:f8:a2:93:c2:80:a0:20:2c:dd:77:fd:56:53:79:b6:
e1:e8:cb:22:83:02:1f:8a:d2:b9:a3:61:ba:fd:64:28:51:1f:
6f:29:b8:cc:03:87:8a:85:dd:3f:e9:f5:b3:5f:40:47:9d:8c:
58:3b:60:6a:eb:aa:87:05:c0:eb:27:63:57:b9:4b:5e:ca:48:
6d:65:70:9f:37:f8:de:a2:67:88:85:c8:b3:f4:30:16:87:59:
64:dc:d7:a8:18:09:17:a0:c5:ff:4e:f7:fe:e4:3b:ca:e1:5c:
d2:b2:ee:61:7d:97:59:5b:d3:a4:03:fa:bb:2a:fc:da:5c:81:
29:93:b1:96:d0:15:67:bb:3f:63:9a:14:8e:f9:bd:8a:b7:e3:
d9:59:9c:b2:51:0e:6d:c6:ab:69:a4:8f:0e:d1:0b:e0:c6:b0:
d6:2c:31:42:52:ae:3f:e3:50:8b:44:be:a7:a4:b0:e7:1e:b8:
e2:a1:91:d4:f9:aa:c5:2a:82:57:a3:66:2a:34:6b:be:b0:4a:
4a:f8:a8:8d:eb:c3:f5:33:05:69:f8:74:9d:30:87:93:72:b4:
2f:df:b4:a4:4e:8a:4f:b9:ae:f2:85:6f:e4:2f:4f:fc:46:c6:
54:5a:69:e1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZjsGM8K48GTTFI0qlSSoXBEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwODI3MTUxNTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWFlYmJhYjY0MmY5ZjMxODc4MjI1NDRjMzc3ZDUwY2FlYTcyY2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqnw+xX8XCZPg/gwflHuXPEk4ScJ+
IP0VDc8lLJif16Y5rB14rt6141PV+KUPc8htbOOr5FbVOulIBOniCiVJSxxYuCij
YSVqJQZAJ6sdfEHvI3Q9gnqtON0UPO+ppymLeRn1guJ80YqmaACoAsD6m5A6lgNy
aRZjmshstasyO0KIcl4PNwWJnOWgNI/wQgOWua2lZ+EuBO+hjhjKI+2KY2+C3F4d
WZcc3TSmWMPOEcDosQfQ2wKNuhuBX8I7ZuvM/L/WdKdUx9CkJW3AaLMvX11Rf/TO
bvXDAiZh3Z5oSAJz+0SCcd26ea//XY6Wam44gu5f3EMbs80qQk1F1XVaPwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPmuu6tkL58xh4IlRMN31QyupyzgMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvMS1hNjdxMlF2bnpHSGdpVkV3M2ZWREs2bkxPQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJl
ZC8xL2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAV8vqDAN
BgkqhkiG9w0BAQsFAAOCAQEAhAejZSLLA79Riiqn2OpzWftw+/W8+KKTwoCgICzd
d/1WU3m24ejLIoMCH4rSuaNhuv1kKFEfbym4zAOHioXdP+n1s19AR52MWDtgauuq
hwXA6ydjV7lLXspIbWVwnzf43qJniIXIs/QwFodZZNzXqBgJF6DF/073/uQ7yuFc
0rLuYX2XWVvTpAP6uyr82lyBKZOxltAVZ7s/Y5oUjvm9irfj2VmcslEObcaraaSP
DtEL4Maw1iwxQlKuP+NQi0S+p6Sw5x644qGR1PmqxSqCV6NmKjRrvrBKSviojevD
9TMFafh0nTCHk3K0L9+0pE6KT7mu8oVv5C9P/EbGVFpp4Q==
-----END CERTIFICATE-----
Generated at Sun Sep 7 14:48:34 2025 by rpki-client