Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1-KqzRG2ufGqmf5yQ7wQzU4Xpuyc.roa
File: 1-KqzRG2ufGqmf5yQ7wQzU4Xpuyc.roa (raw, json)
Hash identifier: l2xJNQYVF3CqUltI0y/hIsNBwR8gaP86h2XHPrc9QSw=
Subject key identifier: F8:AA:B3:44:6D:AE:7C:6A:A6:7F:9C:90:EF:04:33:53:85:E9:BB:27
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 01941F8CC0903CE9256612A36E3316D9CD9F
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1-KqzRG2ufGqmf5yQ7wQzU4Xpuyc.roa
Signing time: Wed 01 Jan 2025 01:48:25 +0000
ROA not before: Wed 01 Jan 2025 01:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206208
IP address blocks: 95.178.39.0/24 maxlen: 24
185.158.52.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:c0:90:3c:e9:25:66:12:a3:6e:33:16:d9:cd:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 01:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8aab3446dae7c6aa67f9c90ef04335385e9bb27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f5:48:93:47:d0:3e:9f:c5:51:e0:07:29:2a:
70:ff:f2:34:e7:59:d5:69:88:a6:8b:72:99:66:4a:
d7:5e:a1:72:1e:43:06:8d:b6:ca:d2:a8:6d:78:e9:
32:5d:7f:d7:d4:67:79:f2:d7:1c:57:84:6f:01:90:
d7:5e:e9:69:7f:27:8e:9f:04:70:2a:33:fd:d5:0f:
95:e1:21:fb:fc:e8:df:49:e7:d6:e0:7c:2b:34:ff:
17:b6:0e:1f:06:75:fa:65:fb:a0:27:88:a5:e2:58:
76:f9:e7:8f:6d:fe:cc:36:62:c0:d2:5d:60:ef:a1:
14:61:8b:48:95:7a:de:d3:8f:d2:02:09:f5:f8:44:
70:72:cf:4e:14:a3:5a:0a:cb:28:4b:cd:2e:27:40:
9e:ce:6c:03:0a:89:0f:06:ed:dd:0e:4f:b0:75:55:
e9:eb:c3:0b:67:b7:c5:fd:a3:b2:c5:5e:30:c2:f2:
0d:05:ff:7b:f7:b0:21:01:07:82:f7:ae:67:97:0b:
4d:9b:86:b3:d0:75:fa:6a:a6:04:6e:9b:7d:f2:b6:
bd:de:ac:ee:ba:ad:b3:38:6a:92:52:b4:bf:fc:6f:
f6:02:ea:8f:53:2f:94:c9:47:7d:31:bc:b7:c0:2a:
03:91:ac:e0:47:ab:a3:4b:54:7f:5a:85:bc:5a:3a:
a2:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:AA:B3:44:6D:AE:7C:6A:A6:7F:9C:90:EF:04:33:53:85:E9:BB:27
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1-KqzRG2ufGqmf5yQ7wQzU4Xpuyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.178.39.0/24
185.158.52.0/22
Signature Algorithm: sha256WithRSAEncryption
6d:3a:11:13:c0:d7:6c:7a:6b:f9:78:34:39:1b:f8:2d:46:94:
23:91:e6:21:19:4a:b1:bd:d8:8a:db:4d:0a:63:6a:cc:37:60:
2d:c4:5d:a8:a1:43:2a:27:33:cd:af:0e:8f:a6:a0:27:7d:0b:
77:6e:b3:d7:93:cf:3f:d8:35:db:a8:ba:9a:fb:b1:95:09:51:
19:d6:14:b3:ed:49:4e:41:ec:34:fd:3c:44:6a:40:05:6f:26:
1c:fb:eb:98:1c:df:66:24:ea:8f:92:fa:3c:3e:fd:8c:66:b2:
3f:d1:3c:f9:1d:97:91:6a:c2:1f:ea:2f:7c:8f:01:e9:44:b6:
7e:66:35:50:78:ad:8e:69:2f:fe:94:b8:c6:2e:3a:e7:66:d1:
64:a2:03:74:3b:d6:b2:b7:8f:39:37:91:b8:90:f9:67:2b:b1:
c5:17:23:48:8e:dd:48:65:c1:52:d6:80:db:89:54:ad:a7:f4:
9e:04:c6:32:a3:1e:7d:69:00:2d:b7:0b:b1:42:b4:13:2c:df:
ed:ca:25:af:59:22:de:ab:0c:0d:3d:00:b7:e1:6e:3a:c8:3e:
56:e0:3e:e1:bc:fa:11:d3:54:92:3f:d2:7e:3e:0e:f6:65:97:
a6:18:9e:a1:5a:dd:cd:7b:c8:ef:f4:f8:c1:38:d1:79:7a:ee:
b4:0a:71:55
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZQfjMCQPOklZhKjbjMW2c2fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwMTAxMDE0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGFhYjM0NDZkYWU3YzZhYTY3ZjljOTBlZjA0MzM1Mzg1ZTliYjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPVIk0fQPp/FUeAHKSpw//I051nV
aYimi3KZZkrXXqFyHkMGjbbK0qhteOkyXX/X1Gd58tccV4RvAZDXXulpfyeOnwRw
KjP91Q+V4SH7/OjfSefW4HwrNP8Xtg4fBnX6ZfugJ4il4lh2+eePbf7MNmLA0l1g
76EUYYtIlXre04/SAgn1+ERwcs9OFKNaCssoS80uJ0CezmwDCokPBu3dDk+wdVXp
68MLZ7fF/aOyxV4wwvINBf9797AhAQeC965nlwtNm4az0HX6aqYEbpt98ra93qzu
uq2zOGqSUrS//G/2AuqPUy+UyUd9Mby3wCoDkazgR6ujS1R/WoW8WjqilQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPiqs0Rtrnxqpn+ckO8EM1OF6bsnMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvMS1LcXpSRzJ1ZkdxbWY1eVE3d1F6VTRYcHV5Yy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzgvYmZmNGFhLTRmMDctNDEyOS04YWQ2LWM3OTE0YWI2NDI3
My8xLzFIWDdDVFRQYWxqY3p2RVFoMTItWGo2TGEzVS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAF+yJwME
ArmeNDANBgkqhkiG9w0BAQsFAAOCAQEAbToRE8DXbHpr+Xg0ORv4LUaUI5HmIRlK
sb3YittNCmNqzDdgLcRdqKFDKiczza8Oj6agJ30Ld26z15PPP9g126i6mvuxlQlR
GdYUs+1JTkHsNP08RGpABW8mHPvrmBzfZiTqj5L6PD79jGayP9E8+R2XkWrCH+ov
fI8B6US2fmY1UHitjmkv/pS4xi4652bRZKIDdDvWsrePOTeRuJD5ZyuxxRcjSI7d
SGXBUtaA24lUraf0ngTGMqMefWkALbcLsUK0Eyzf7colr1ki3qsMDT0At+FuOsg+
VuA+4bz6EdNUkj/Sfj4O9mWXphieoVrdzXvI7/T4wTjReXrutApxVQ==
-----END CERTIFICATE-----
Generated at Wed Apr 16 06:42:13 2025 by rpki-client