Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/iLiQdmyWfTSKLtGAKTv8i9pD7b8.roa
File: iLiQdmyWfTSKLtGAKTv8i9pD7b8.roa (raw, json)
Hash identifier: Kr8U4lUGZbLkZ8pUjbEG8aEkHuf+c7USfKgTZhieF7c=
Subject key identifier: 88:B8:90:76:6C:96:7D:34:8A:2E:D1:80:29:3B:FC:8B:DA:43:ED:BF
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0197304B5D21160B710239FA224261CE39EE
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/iLiQdmyWfTSKLtGAKTv8i9pD7b8.roa
Signing time: Mon 02 Jun 2025 10:58:54 +0000
ROA not before: Mon 02 Jun 2025 10:58:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209439
IP address blocks: 95.111.128.0/19 maxlen: 24
149.232.189.0/24 maxlen: 24
2a00:8b80::/32 maxlen: 32
2a09:3dc0::/30 maxlen: 30
2a09:3dc4::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:30:4b:5d:21:16:0b:71:02:39:fa:22:42:61:ce:39:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Jun 2 10:58:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88b890766c967d348a2ed180293bfc8bda43edbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:02:4f:22:c6:48:63:45:70:e9:e2:23:e4:5b:
41:06:07:3b:27:82:15:99:64:93:07:fd:aa:49:4e:
5a:f1:db:24:3e:03:de:15:2e:ea:0f:b8:f8:99:71:
c5:f7:f5:b3:aa:f7:0f:8e:ca:b3:12:0b:87:5b:3f:
81:7f:49:1a:47:f0:f9:49:39:ea:65:42:c3:a0:60:
76:dd:71:92:77:e9:9a:82:af:3e:24:58:45:db:1d:
71:55:4e:1d:77:30:ef:d3:47:42:18:9f:04:ef:4e:
62:0d:c3:0b:3f:ed:6b:91:3d:d2:2d:c6:13:84:35:
18:58:08:19:b7:e2:91:f0:eb:12:0b:60:86:bf:15:
a8:b0:2d:59:38:c2:a8:16:bd:ad:17:b2:b6:19:aa:
6a:56:3e:7d:52:ef:1c:4c:80:25:83:d8:e7:cc:ac:
f2:79:f0:55:24:f4:54:67:2c:81:bd:b1:6b:31:43:
6a:7c:16:ae:c5:56:5a:3e:4c:fa:b1:3e:a0:83:97:
f6:11:ea:89:9e:17:6c:6d:0f:36:f8:d0:0c:b8:98:
7b:a0:84:ea:16:04:82:f8:1b:ae:f6:36:24:fc:b0:
fb:a7:92:4e:dd:34:f6:bf:f6:9a:0c:b5:b7:ed:8d:
d6:52:ce:82:89:88:7e:d9:1e:f7:2e:34:71:4d:fe:
2e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:B8:90:76:6C:96:7D:34:8A:2E:D1:80:29:3B:FC:8B:DA:43:ED:BF
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/iLiQdmyWfTSKLtGAKTv8i9pD7b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.111.128.0/19
149.232.189.0/24
IPv6:
2a00:8b80::/32
2a09:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
7f:15:21:8a:a1:cb:df:1f:ba:8a:62:fe:b6:51:24:6a:1b:e5:
46:3e:66:42:ab:38:3f:7d:36:de:9b:0c:1d:69:89:88:7b:4c:
70:4b:34:3c:5e:55:01:3f:dc:7c:b0:a0:77:81:a8:f7:a5:39:
22:f7:65:57:98:44:73:2d:5c:2e:47:72:5f:30:3d:f1:c4:37:
a1:67:b1:2f:40:64:2e:e1:ee:a4:f8:c0:58:db:24:dc:bf:2e:
c5:bf:8e:ca:02:6e:21:80:e0:27:d0:81:b3:c2:46:d2:12:03:
ae:1d:98:d3:83:3d:86:76:ab:19:3d:03:d0:f8:6b:67:f2:bf:
23:f2:6b:c5:9f:60:6b:eb:d6:05:ae:b9:13:85:7d:77:05:f7:
11:57:fc:4e:34:3a:78:05:d3:f2:4f:df:8e:27:e7:99:e8:ee:
4f:2f:49:88:94:bc:e1:d5:22:0b:d4:fe:62:a5:33:ba:00:47:
7e:92:d0:7f:02:15:a8:69:1d:cc:03:69:7c:75:ec:32:a5:1e:
42:e1:e3:51:81:68:7d:44:bf:94:1f:e4:82:98:5d:1c:9c:55:
e8:f5:11:c0:92:e5:b8:cf:1c:a5:9f:8a:dd:67:c1:24:1d:c4:
35:16:b8:9e:11:9d:7c:7b:09:09:f0:72:a7:53:4c:50:09:70:
d0:1a:42:7a
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZcwS10hFgtxAjn6IkJhzjnuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjUwNjAyMTA1ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGI4OTA3NjZjOTY3ZDM0OGEyZWQxODAyOTNiZmM4YmRhNDNlZGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AJPIsZIY0Vw6eIj5FtBBgc7J4IV
mWSTB/2qSU5a8dskPgPeFS7qD7j4mXHF9/WzqvcPjsqzEguHWz+Bf0kaR/D5STnq
ZULDoGB23XGSd+magq8+JFhF2x1xVU4ddzDv00dCGJ8E705iDcMLP+1rkT3SLcYT
hDUYWAgZt+KR8OsSC2CGvxWosC1ZOMKoFr2tF7K2GapqVj59Uu8cTIAlg9jnzKzy
efBVJPRUZyyBvbFrMUNqfBauxVZaPkz6sT6gg5f2EeqJnhdsbQ82+NAMuJh7oITq
FgSC+Buu9jYk/LD7p5JO3TT2v/aaDLW37Y3WUs6CiYh+2R73LjRxTf4ubQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFIi4kHZsln00ii7RgCk7/IvaQ+2/MB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvaUxpUWRteVdmVFNLTHRHQUtUdjhpOXBEN2I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQFX2+AAwQA
lei9MBQEAgACMA4DBQAqAIuAAwUDKgk9wDANBgkqhkiG9w0BAQsFAAOCAQEAfxUh
iqHL3x+6imL+tlEkahvlRj5mQqs4P3023psMHWmJiHtMcEs0PF5VAT/cfLCgd4Go
96U5IvdlV5hEcy1cLkdyXzA98cQ3oWexL0BkLuHupPjAWNsk3L8uxb+OygJuIYDg
J9CBs8JG0hIDrh2Y04M9hnarGT0D0PhrZ/K/I/JrxZ9ga+vWBa65E4V9dwX3EVf8
TjQ6eAXT8k/fjifnmejuTy9JiJS84dUiC9T+YqUzugBHfpLQfwIVqGkdzANpfHXs
MqUeQuHjUYFofUS/lB/kgphdHJxV6PURwJLluM8cpZ+K3WfBJB3ENRa4nhGdfHsJ
CfByp1NMUAlw0BpCeg==
-----END CERTIFICATE-----
Generated at Fri Jun 6 15:41:40 2025 by rpki-client