Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/1b4e57-5eb4-4b9d-bc26-70749e7a4d94/1/1qnlJEQNpHnPn_lNZ4CHHpUTAqE.roa
File: 1qnlJEQNpHnPn_lNZ4CHHpUTAqE.roa (raw, json)
Hash identifier: Vr0tQvsEhdsTIIzQr8GlHNrOORTAaoDkwB4jUIzgLLo=
Subject key identifier: D6:A9:E5:24:44:0D:A4:79:CF:9F:F9:4D:67:80:87:1E:95:13:02:A1
Certificate issuer: /CN=0c52dd05f68aa1a324ad5bc12476c5b9a61ebc00
Certificate serial: 0195C87C4F33ACD18AB3888BBAA05C1694C4
Authority key identifier: 0C:52:DD:05:F6:8A:A1:A3:24:AD:5B:C1:24:76:C5:B9:A6:1E:BC:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFLdBfaKoaMkrVvBJHbFuaYevAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/1b4e57-5eb4-4b9d-bc26-70749e7a4d94/1/1qnlJEQNpHnPn_lNZ4CHHpUTAqE.roa
Signing time: Mon 24 Mar 2025 14:09:04 +0000
ROA not before: Mon 24 Mar 2025 14:09:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8455
IP address blocks: 195.95.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/1b4e57-5eb4-4b9d-bc26-70749e7a4d94/1/DFLdBfaKoaMkrVvBJHbFuaYevAA.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/1b4e57-5eb4-4b9d-bc26-70749e7a4d94/1/DFLdBfaKoaMkrVvBJHbFuaYevAA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DFLdBfaKoaMkrVvBJHbFuaYevAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c8:7c:4f:33:ac:d1:8a:b3:88:8b:ba:a0:5c:16:94:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c52dd05f68aa1a324ad5bc12476c5b9a61ebc00
Validity
Not Before: Mar 24 14:09:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6a9e524440da479cf9ff94d6780871e951302a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:76:e6:23:d1:0c:42:09:f3:e1:7d:a3:8d:81:
0e:23:99:0d:24:f8:b5:79:55:d3:f8:c5:40:c6:d9:
6f:86:5d:54:15:09:48:c5:64:72:36:4a:94:9a:e0:
23:0f:3f:c1:97:34:7f:9c:26:99:6b:8a:8d:bd:51:
7a:b2:63:ea:a1:3e:e9:23:bc:c6:de:6a:41:92:9c:
00:ee:98:d0:6e:47:ed:20:1b:4d:4d:45:97:c4:46:
7e:de:01:0b:30:ea:3b:bc:e2:a2:3d:be:ab:fd:bb:
1d:34:78:08:e4:0f:c4:2d:4a:95:3a:08:a7:f2:b0:
39:c4:3b:d5:ea:49:28:c3:53:e6:00:8f:80:40:a6:
19:fa:18:a3:fe:23:4b:fd:14:80:ee:df:59:08:e1:
26:4d:20:33:11:0f:0e:43:c0:ed:e0:b0:b3:7a:3c:
8d:0d:d0:77:27:63:fd:62:ef:d3:a7:db:01:35:1b:
13:d6:c4:3c:48:a0:2b:6c:e7:1c:4c:5a:73:0e:ca:
05:dc:5d:5f:28:9c:c8:13:ac:37:8f:7a:09:ec:54:
ed:64:13:16:13:88:ad:ed:87:f4:7d:c4:c0:e7:e2:
70:d1:de:87:f9:dc:f0:9c:ec:75:2b:8a:ef:f3:8c:
17:81:1a:af:c7:91:4a:33:d0:7c:cc:74:20:06:41:
ee:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A9:E5:24:44:0D:A4:79:CF:9F:F9:4D:67:80:87:1E:95:13:02:A1
X509v3 Authority Key Identifier:
keyid:0C:52:DD:05:F6:8A:A1:A3:24:AD:5B:C1:24:76:C5:B9:A6:1E:BC:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFLdBfaKoaMkrVvBJHbFuaYevAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1b4e57-5eb4-4b9d-bc26-70749e7a4d94/1/1qnlJEQNpHnPn_lNZ4CHHpUTAqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/1b4e57-5eb4-4b9d-bc26-70749e7a4d94/1/DFLdBfaKoaMkrVvBJHbFuaYevAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.95.246.0/24
Signature Algorithm: sha256WithRSAEncryption
28:67:a2:a4:39:72:56:ae:53:ed:bf:d1:fb:67:e0:f8:81:a5:
eb:e2:59:db:2b:84:3d:23:c7:0a:ed:15:bd:50:d2:cc:c2:11:
a5:10:93:e1:37:17:12:55:a1:9f:f2:dd:53:5f:46:27:b8:60:
7c:10:74:c9:e2:07:b3:be:10:ce:e6:e1:ba:9b:c3:bc:f4:45:
10:5f:a1:b9:2c:d0:cc:18:f5:82:c2:e1:cd:de:93:4a:ef:c5:
4f:a6:a1:a3:35:07:19:af:75:5c:a8:61:06:2e:c2:9f:ce:df:
5a:03:59:3d:84:1f:bc:36:5d:8f:95:17:f9:0f:fd:a8:ba:64:
91:3f:90:46:2b:3d:04:56:da:85:35:19:92:95:99:9d:ce:13:
f3:b0:d0:c6:44:66:b0:ab:05:0c:59:02:c9:40:eb:6a:86:c9:
c9:30:f2:b6:86:02:79:65:9f:20:f9:3f:a8:be:73:b2:da:14:
fb:2f:b0:09:c9:8a:44:c5:fc:eb:16:66:b3:40:b1:38:56:03:
78:c6:f2:86:e9:d3:be:0d:86:e3:2e:16:78:83:04:88:18:c9:
46:54:00:db:b2:15:66:60:92:ad:7e:4a:be:47:82:a1:38:3b:
97:ab:82:2c:6b:0b:7d:3c:5a:b5:69:bf:65:52:65:6a:47:b0:
0d:00:61:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXIfE8zrNGKs4iLuqBcFpTEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTJkZDA1ZjY4YWExYTMyNGFkNWJjMTI0NzZjNWI5YTYx
ZWJjMDAwHhcNMjUwMzI0MTQwOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmE5ZTUyNDQ0MGRhNDc5Y2Y5ZmY5NGQ2NzgwODcxZTk1MTMwMmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr3bmI9EMQgnz4X2jjYEOI5kNJPi1
eVXT+MVAxtlvhl1UFQlIxWRyNkqUmuAjDz/BlzR/nCaZa4qNvVF6smPqoT7pI7zG
3mpBkpwA7pjQbkftIBtNTUWXxEZ+3gELMOo7vOKiPb6r/bsdNHgI5A/ELUqVOgin
8rA5xDvV6kkow1PmAI+AQKYZ+hij/iNL/RSA7t9ZCOEmTSAzEQ8OQ8Dt4LCzejyN
DdB3J2P9Yu/Tp9sBNRsT1sQ8SKArbOccTFpzDsoF3F1fKJzIE6w3j3oJ7FTtZBMW
E4it7Yf0fcTA5+Jw0d6H+dzwnOx1K4rv84wXgRqvx5FKM9B8zHQgBkHuOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNap5SREDaR5z5/5TWeAhx6VEwKhMB8GA1UdIwQY
MBaAFAxS3QX2iqGjJK1bwSR2xbmmHrwAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZMZEJmYUtvYU1rclZ2QkpIYkZ1YVlldkFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xYjRlNTctNWViNC00YjlkLWJjMjYt
NzA3NDllN2E0ZDk0LzEvMXFubEpFUU5wSG5Qbl9sTlo0Q0hIcFVUQXFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xYjRlNTctNWViNC00YjlkLWJjMjYtNzA3NDllN2E0ZDk0
LzEvREZMZEJmYUtvYU1rclZ2QkpIYkZ1YVlldkFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1/2MA0G
CSqGSIb3DQEBCwUAA4IBAQAoZ6KkOXJWrlPtv9H7Z+D4gaXr4lnbK4Q9I8cK7RW9
UNLMwhGlEJPhNxcSVaGf8t1TX0YnuGB8EHTJ4gezvhDO5uG6m8O89EUQX6G5LNDM
GPWCwuHN3pNK78VPpqGjNQcZr3VcqGEGLsKfzt9aA1k9hB+8Nl2PlRf5D/2oumSR
P5BGKz0EVtqFNRmSlZmdzhPzsNDGRGawqwUMWQLJQOtqhsnJMPK2hgJ5ZZ8g+T+o
vnOy2hT7L7AJyYpExfzrFmazQLE4VgN4xvKG6dO+DYbjLhZ4gwSIGMlGVADbshVm
YJKtfkq+R4KhODuXq4Isawt9PFq1ab9lUmVqR7ANAGH0
-----END CERTIFICATE-----
Generated at Wed Apr 16 04:57:26 2025 by rpki-client