Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/Wrs6edZF_FheJS0JSp4oL-e56WQ.roa
File: Wrs6edZF_FheJS0JSp4oL-e56WQ.roa (raw, json)
Hash identifier: vV9mNOx2NnPdDR1+6XQLcqlbWprm1qsghkqsjFpy7rE=
Subject key identifier: 5A:BB:3A:79:D6:45:FC:58:5E:25:2D:09:4A:9E:28:2F:E7:B9:E9:64
Certificate issuer: /CN=3076e9855f9bca3017a10137b443ee8c528ca952
Certificate serial: 0194266C01C3CD25FCFD674047ACB182F361
Authority key identifier: 30:76:E9:85:5F:9B:CA:30:17:A1:01:37:B4:43:EE:8C:52:8C:A9:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHbphV-byjAXoQE3tEPujFKMqVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/Wrs6edZF_FheJS0JSp4oL-e56WQ.roa
Signing time: Thu 02 Jan 2025 09:49:59 +0000
ROA not before: Thu 02 Jan 2025 09:49:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206539
IP address blocks: 95.169.64.0/21 maxlen: 21
95.169.72.0/22 maxlen: 22
95.169.76.0/22 maxlen: 22
95.169.84.0/22 maxlen: 22
95.169.88.0/22 maxlen: 24
95.169.92.0/22 maxlen: 22
2a0b:5580::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/MHbphV-byjAXoQE3tEPujFKMqVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/MHbphV-byjAXoQE3tEPujFKMqVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MHbphV-byjAXoQE3tEPujFKMqVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:01:c3:cd:25:fc:fd:67:40:47:ac:b1:82:f3:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3076e9855f9bca3017a10137b443ee8c528ca952
Validity
Not Before: Jan 2 09:49:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5abb3a79d645fc585e252d094a9e282fe7b9e964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:fe:8b:9d:9d:2d:19:ac:bd:bb:61:fd:42:e7:
d2:fc:ef:12:ff:15:cb:c0:d4:56:09:5e:b6:fb:65:
81:45:18:07:0d:70:14:b1:c9:4e:ff:f1:54:6a:42:
a2:77:c9:a8:8b:1e:ca:36:9f:8d:98:aa:99:fd:47:
53:65:98:23:a1:ac:b6:a4:3c:58:e2:d4:19:12:f8:
79:1d:ef:11:4f:e1:fd:0f:3b:34:a6:0b:88:0b:96:
89:4c:94:ef:65:ea:6b:e6:08:d4:97:ee:3c:35:e9:
7c:51:47:4e:c3:54:dc:81:62:7e:c6:fe:89:fe:e0:
74:93:b5:3e:82:d5:93:5f:e2:eb:b3:63:92:29:64:
50:2e:a5:a3:4a:98:d6:ab:d6:b5:a8:3b:92:ac:d8:
e7:b7:a5:97:69:66:ac:88:2f:eb:66:47:73:ec:8b:
f6:ce:82:ed:50:c6:e1:9e:bd:0a:58:ad:cd:ce:23:
b1:a8:22:51:b1:1f:ff:5c:ac:cd:23:2d:d0:d1:3e:
8d:47:a1:6d:3a:42:e8:55:28:a4:28:a7:bc:bf:27:
a2:6f:fd:26:ce:d7:87:e5:4e:2d:79:91:da:95:e9:
56:21:84:70:98:3c:81:69:a5:12:90:8e:f4:ab:30:
17:da:1d:a9:3b:a2:0f:5b:f0:15:fd:c8:de:b0:fe:
03:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:BB:3A:79:D6:45:FC:58:5E:25:2D:09:4A:9E:28:2F:E7:B9:E9:64
X509v3 Authority Key Identifier:
keyid:30:76:E9:85:5F:9B:CA:30:17:A1:01:37:B4:43:EE:8C:52:8C:A9:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHbphV-byjAXoQE3tEPujFKMqVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/Wrs6edZF_FheJS0JSp4oL-e56WQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/MHbphV-byjAXoQE3tEPujFKMqVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.64.0/20
95.169.84.0-95.169.95.255
IPv6:
2a0b:5580::/29
Signature Algorithm: sha256WithRSAEncryption
44:d8:6f:ec:1e:90:06:8a:90:92:c7:b2:b3:10:ed:96:06:b4:
44:55:ca:ee:68:3d:0c:98:eb:5c:8f:30:6f:b1:0a:71:29:08:
bd:00:83:7a:94:e9:2e:16:4a:88:ba:81:72:61:5c:e3:d5:44:
c6:be:c0:9f:76:da:24:41:3a:1b:65:df:0e:bf:96:51:60:2b:
a3:ae:ae:4b:9f:19:49:b6:51:92:8d:a5:09:df:31:da:f9:41:
c4:79:58:ac:f4:28:9d:9e:fe:a4:2c:f1:5b:10:a0:fd:a0:ce:
05:07:9b:05:fe:c2:8e:6a:24:f0:08:4b:29:b4:d6:48:87:c3:
de:b2:b1:a0:c5:b5:30:4c:b8:ac:53:8e:7a:bb:aa:9b:0d:05:
78:c4:ec:e4:97:76:23:da:c4:29:fd:4d:6a:8d:8f:a4:39:1f:
5b:9a:2f:4e:2c:15:70:8c:0d:90:a0:a8:f9:ac:36:9e:ee:af:
41:77:ef:b1:d7:40:cf:5b:aa:e1:f2:8a:af:62:81:fb:b7:85:
32:9d:3a:17:a9:ca:0f:4a:1c:8e:ba:3c:9f:bc:08:79:35:62:
84:dc:82:32:01:ab:ce:7a:a1:90:fa:82:69:c0:b2:81:cb:a1:
bc:e2:5d:86:b9:03:de:d0:93:70:7b:55:3c:95:79:24:56:86:
5e:91:e6:20
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQmbAHDzSX8/WdAR6yxgvNhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNzZlOTg1NWY5YmNhMzAxN2ExMDEzN2I0NDNlZThjNTI4
Y2E5NTIwHhcNMjUwMTAyMDk0OTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWJiM2E3OWQ2NDVmYzU4NWUyNTJkMDk0YTllMjgyZmU3YjllOTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmf6LnZ0tGay9u2H9QufS/O8S/xXL
wNRWCV62+2WBRRgHDXAUsclO//FUakKid8moix7KNp+NmKqZ/UdTZZgjoay2pDxY
4tQZEvh5He8RT+H9Dzs0pguIC5aJTJTvZepr5gjUl+48Nel8UUdOw1TcgWJ+xv6J
/uB0k7U+gtWTX+Lrs2OSKWRQLqWjSpjWq9a1qDuSrNjnt6WXaWasiC/rZkdz7Iv2
zoLtUMbhnr0KWK3NziOxqCJRsR//XKzNIy3Q0T6NR6FtOkLoVSikKKe8vyeib/0m
zteH5U4teZHalelWIYRwmDyBaaUSkI70qzAX2h2pO6IPW/AV/cjesP4DIwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFFq7OnnWRfxYXiUtCUqeKC/nuelkMB8GA1UdIwQY
MBaAFDB26YVfm8owF6EBN7RD7oxSjKlSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhicGhWLWJ5akFYb1FFM3RFUHVqRktNcVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lMjUyNjktY2ZjOS00ODQ4LWIxZTUt
N2Y3ODZiYjM0MzQ0LzEvV3JzNmVkWkZfRmhlSlMwSlNwNG9MLWU1NldRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lMjUyNjktY2ZjOS00ODQ4LWIxZTUtN2Y3ODZiYjM0MzQ0
LzEvTUhicGhWLWJ5akFYb1FFM3RFUHVqRktNcVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQEX6lAMAwD
BAJfqVQDBAVfqUAwDQQCAAIwBwMFAyoLVYAwDQYJKoZIhvcNAQELBQADggEBAETY
b+wekAaKkJLHsrMQ7ZYGtERVyu5oPQyY61yPMG+xCnEpCL0Ag3qU6S4WSoi6gXJh
XOPVRMa+wJ922iRBOhtl3w6/llFgK6OurkufGUm2UZKNpQnfMdr5QcR5WKz0KJ2e
/qQs8VsQoP2gzgUHmwX+wo5qJPAISym01kiHw96ysaDFtTBMuKxTjnq7qpsNBXjE
7OSXdiPaxCn9TWqNj6Q5H1uaL04sFXCMDZCgqPmsNp7ur0F377HXQM9bquHyiq9i
gfu3hTKdOhepyg9KHI66PJ+8CHk1YoTcgjIBq856oZD6gmnAsoHLobziXYa5A97Q
k3B7VTyVeSRWhl6R5iA=
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:39:02 2025 by rpki-client