Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/tSQQLL0kf6kwJJyAahpRS-4QjTQ.roa
File: tSQQLL0kf6kwJJyAahpRS-4QjTQ.roa (raw, json)
Hash identifier: ROWhC0CwWY3GF+PkYJD3Eyf1AgXDuZrPy+fBil3clUQ=
Subject key identifier: B5:24:10:2C:BD:24:7F:A9:30:24:9C:80:6A:1A:51:4B:EE:10:8D:34
Certificate issuer: /CN=191ee3af820563494647551a5206ef0c45cf95c9
Certificate serial: 019426D9D7C31FADABC8B1E0F377B227AD64
Authority key identifier: 19:1E:E3:AF:82:05:63:49:46:47:55:1A:52:06:EF:0C:45:CF:95:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GR7jr4IFY0lGR1UaUgbvDEXPlck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/tSQQLL0kf6kwJJyAahpRS-4QjTQ.roa
Signing time: Thu 02 Jan 2025 11:49:58 +0000
ROA not before: Thu 02 Jan 2025 11:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197081
IP address blocks: 95.131.16.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/GR7jr4IFY0lGR1UaUgbvDEXPlck.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/GR7jr4IFY0lGR1UaUgbvDEXPlck.mft
rsync://rpki.ripe.net/repository/DEFAULT/GR7jr4IFY0lGR1UaUgbvDEXPlck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:d7:c3:1f:ad:ab:c8:b1:e0:f3:77:b2:27:ad:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=191ee3af820563494647551a5206ef0c45cf95c9
Validity
Not Before: Jan 2 11:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b524102cbd247fa930249c806a1a514bee108d34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:77:56:72:fd:83:cd:8f:18:32:66:d4:4d:2b:
f0:67:ba:10:c8:ad:9c:12:18:c2:0f:e0:e9:86:cc:
98:f7:a8:ad:39:7b:68:f4:f8:08:2c:1a:84:7b:b9:
a4:f3:e5:47:fa:45:21:ed:52:99:05:57:4c:80:28:
e1:e2:ac:1f:53:4d:ea:b4:33:60:ad:a2:2a:a1:96:
df:f7:93:72:3a:70:2b:65:73:e4:12:70:ef:8d:3c:
50:a2:58:c2:52:a2:12:f2:c6:5b:5c:17:53:56:22:
69:7c:22:e8:ed:f3:bc:ee:aa:da:30:ae:bf:8f:d4:
45:9d:47:07:bc:7f:6a:47:a4:2b:5a:9b:40:3f:0e:
36:12:f4:5c:d8:42:83:7f:15:7f:76:e8:90:3d:7a:
a1:a8:c6:26:35:5c:b8:46:93:fe:68:03:98:3f:df:
f5:0c:94:71:35:d9:87:a9:c3:88:8d:1d:dd:7c:37:
20:a6:9b:de:2f:9c:97:e4:3f:97:eb:7f:3a:4d:3c:
2c:ea:c8:1f:0f:95:7d:fd:4c:c1:31:86:2c:eb:6a:
dc:e3:07:32:53:32:09:8f:31:0e:90:8d:a9:0d:84:
58:0f:c4:96:cf:10:74:ef:90:58:55:49:47:51:05:
da:4a:ab:f1:4d:74:63:2a:14:56:7d:77:9e:58:b8:
c8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:24:10:2C:BD:24:7F:A9:30:24:9C:80:6A:1A:51:4B:EE:10:8D:34
X509v3 Authority Key Identifier:
keyid:19:1E:E3:AF:82:05:63:49:46:47:55:1A:52:06:EF:0C:45:CF:95:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GR7jr4IFY0lGR1UaUgbvDEXPlck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/tSQQLL0kf6kwJJyAahpRS-4QjTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/a3df81-2096-493d-b106-46d6cea20342/1/GR7jr4IFY0lGR1UaUgbvDEXPlck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.131.16.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:35:22:d7:da:5c:92:9a:96:86:2d:52:9f:7b:b7:78:9f:29:
d1:cd:6d:7f:68:9b:0b:2d:41:c5:50:eb:48:d1:f3:fe:52:5b:
18:81:92:5e:0f:94:9b:5e:6d:56:a7:0f:62:11:29:3a:48:af:
f1:9a:b6:76:5e:e6:ec:f1:44:ac:96:6f:18:37:63:70:a2:cf:
f2:25:b5:c9:eb:de:9e:98:61:5d:ca:2a:86:11:9e:8b:1c:cb:
db:9b:07:ef:26:25:df:67:30:9e:d1:18:d0:1a:ff:eb:57:f5:
72:eb:9d:d5:20:68:80:8b:a3:88:89:b6:42:9e:0b:57:c0:77:
85:b1:cf:0f:b6:5f:1e:ba:d2:e0:db:b2:42:37:3a:26:03:ea:
4b:1d:2f:49:b0:9f:71:b0:dc:30:d7:e9:16:da:b2:d4:53:62:
fa:2f:d2:f5:c9:80:d8:97:ee:8e:72:74:1b:e7:63:ed:b5:c7:
6e:88:7a:ae:31:ea:6c:5a:37:e0:94:f4:e4:f6:53:e4:50:9f:
a0:8f:43:3c:ba:a5:6a:36:96:33:11:e4:6e:62:4f:04:f7:c1:
a1:51:75:9a:bc:73:26:9d:46:64:fc:0e:c9:fe:33:5c:9f:b5:
0c:3a:4b:02:bd:e4:d6:35:2d:40:9c:f1:64:cb:2f:a8:ef:ce:
4f:bb:1f:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQm2dfDH62ryLHg83eyJ61kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MWVlM2FmODIwNTYzNDk0NjQ3NTUxYTUyMDZlZjBjNDVj
Zjk1YzkwHhcNMjUwMTAyMTE0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTI0MTAyY2JkMjQ3ZmE5MzAyNDljODA2YTFhNTE0YmVlMTA4ZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnndWcv2DzY8YMmbUTSvwZ7oQyK2c
EhjCD+DphsyY96itOXto9PgILBqEe7mk8+VH+kUh7VKZBVdMgCjh4qwfU03qtDNg
raIqoZbf95NyOnArZXPkEnDvjTxQoljCUqIS8sZbXBdTViJpfCLo7fO87qraMK6/
j9RFnUcHvH9qR6QrWptAPw42EvRc2EKDfxV/duiQPXqhqMYmNVy4RpP+aAOYP9/1
DJRxNdmHqcOIjR3dfDcgppveL5yX5D+X6386TTws6sgfD5V9/UzBMYYs62rc4wcy
UzIJjzEOkI2pDYRYD8SWzxB075BYVUlHUQXaSqvxTXRjKhRWfXeeWLjIoQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLUkECy9JH+pMCScgGoaUUvuEI00MB8GA1UdIwQY
MBaAFBke46+CBWNJRkdVGlIG7wxFz5XJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1I3anI0SUZZMGxHUjFVYVVnYnZERVhQbGNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hM2RmODEtMjA5Ni00OTNkLWIxMDYt
NDZkNmNlYTIwMzQyLzEvdFNRUUxMMGtmNmt3Skp5QWFocFJTLTRRalRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hM2RmODEtMjA5Ni00OTNkLWIxMDYtNDZkNmNlYTIwMzQy
LzEvR1I3anI0SUZZMGxHUjFVYVVnYnZERVhQbGNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBX4MQMA0G
CSqGSIb3DQEBCwUAA4IBAQAbNSLX2lySmpaGLVKfe7d4nynRzW1/aJsLLUHFUOtI
0fP+UlsYgZJeD5SbXm1Wpw9iESk6SK/xmrZ2Xubs8USslm8YN2Nwos/yJbXJ696e
mGFdyiqGEZ6LHMvbmwfvJiXfZzCe0RjQGv/rV/Vy653VIGiAi6OIibZCngtXwHeF
sc8Ptl8eutLg27JCNzomA+pLHS9JsJ9xsNww1+kW2rLUU2L6L9L1yYDYl+6OcnQb
52PttcduiHquMepsWjfglPTk9lPkUJ+gj0M8uqVqNpYzEeRuYk8E98GhUXWavHMm
nUZk/A7J/jNcn7UMOksCveTWNS1AnPFkyy+o785Pux8l
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:34:30 2025 by rpki-client