Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/EXivR_Wvv2aOO3jHO658CAON0No.roa
File: EXivR_Wvv2aOO3jHO658CAON0No.roa (raw, json)
Hash identifier: fh34cv2WRgihe99oCLRpx5puteDZpUePtPBBSbNg/Qg=
Subject key identifier: 11:78:AF:47:F5:AF:BF:66:8E:3B:78:C7:3B:AE:7C:08:03:8D:D0:DA
Certificate issuer: /CN=448ca39537597cfae60ae0421db8e098b4e26130
Certificate serial: 0196B52FD7F6D594874670699500215B70C0
Authority key identifier: 44:8C:A3:95:37:59:7C:FA:E6:0A:E0:42:1D:B8:E0:98:B4:E2:61:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RIyjlTdZfPrmCuBCHbjgmLTiYTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/EXivR_Wvv2aOO3jHO658CAON0No.roa
Signing time: Fri 09 May 2025 13:15:33 +0000
ROA not before: Fri 09 May 2025 13:15:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51758
IP address blocks: 95.215.184.0/21 maxlen: 24
95.215.185.0/24 maxlen: 24
95.215.189.0/24 maxlen: 24
185.206.232.0/22 maxlen: 24
2a00:51c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/RIyjlTdZfPrmCuBCHbjgmLTiYTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/RIyjlTdZfPrmCuBCHbjgmLTiYTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/RIyjlTdZfPrmCuBCHbjgmLTiYTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b5:2f:d7:f6:d5:94:87:46:70:69:95:00:21:5b:70:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=448ca39537597cfae60ae0421db8e098b4e26130
Validity
Not Before: May 9 13:15:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1178af47f5afbf668e3b78c73bae7c08038dd0da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:32:de:51:67:d6:a7:08:54:14:53:b1:ac:20:
6b:91:6b:4d:af:d8:d1:ef:98:79:42:ff:b3:a1:99:
82:35:bf:f7:8b:53:87:e5:38:5e:d8:d2:d7:57:a8:
b5:36:85:0f:1a:58:3f:f4:8a:0f:35:b4:56:3a:a2:
c2:32:6d:bb:25:c0:52:6a:4e:be:22:9d:66:02:04:
3c:89:4c:2a:e3:61:9a:e0:0d:34:89:97:85:c8:b5:
a3:d5:22:71:b4:36:21:25:a4:3f:38:22:f0:c0:9a:
bc:54:76:46:e2:1a:5f:d9:a4:1e:49:ff:e0:86:69:
83:e9:99:12:ff:de:0e:fb:03:48:aa:92:54:cd:e8:
6f:22:ab:b6:2d:4f:98:a2:d1:b1:ec:cc:0c:68:6b:
bd:96:30:b6:0a:43:14:30:e6:75:e1:c2:dd:1a:92:
e8:f8:aa:fd:2d:65:22:65:eb:31:fd:49:aa:b4:b8:
eb:ab:5c:82:12:e2:79:41:f9:66:74:e7:30:db:b7:
41:2a:45:3f:f1:d3:ec:fe:1b:2d:7d:da:81:b8:a7:
2f:98:69:40:6d:62:67:b5:86:52:c7:0c:54:36:7b:
6c:63:fd:e7:f3:66:64:72:8f:dc:27:f8:36:8c:b1:
1a:6e:3e:21:be:5f:d9:88:14:93:9d:47:73:9d:36:
d5:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:78:AF:47:F5:AF:BF:66:8E:3B:78:C7:3B:AE:7C:08:03:8D:D0:DA
X509v3 Authority Key Identifier:
keyid:44:8C:A3:95:37:59:7C:FA:E6:0A:E0:42:1D:B8:E0:98:B4:E2:61:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RIyjlTdZfPrmCuBCHbjgmLTiYTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/EXivR_Wvv2aOO3jHO658CAON0No.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/db0519-4e5a-4b75-88fd-bbc239e897eb/1/RIyjlTdZfPrmCuBCHbjgmLTiYTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.184.0/21
185.206.232.0/22
IPv6:
2a00:51c0::/32
Signature Algorithm: sha256WithRSAEncryption
74:47:fa:3a:56:24:75:00:d1:1f:b1:11:65:7f:3a:06:c1:9f:
7c:af:34:40:2f:38:3d:87:de:9b:3f:72:09:53:c4:ff:5a:f4:
c6:cf:5c:20:34:5c:79:1d:8f:6d:d4:39:f4:85:aa:7f:8d:9d:
63:e1:6f:4b:73:b8:78:82:7b:cf:c8:84:49:3f:2e:e6:d3:c8:
c7:1f:85:6c:a3:ce:82:28:7a:b9:46:61:6e:dd:68:3b:f4:c2:
70:9a:52:14:8c:10:1a:b2:4e:02:29:55:30:2c:63:e2:39:b2:
76:d3:2c:cf:60:81:04:3c:77:32:8d:38:3f:c1:88:3a:37:07:
fc:45:e4:f2:64:da:72:c1:da:10:a2:77:48:4f:64:5c:c0:4a:
a8:dc:83:10:9c:ef:6f:dc:c8:53:1d:47:13:39:07:50:2f:41:
30:81:63:c5:0a:fe:f1:54:13:94:c1:50:21:1d:be:b7:73:89:
f0:10:cb:79:76:0e:f3:1f:ab:1e:5b:fd:ba:7c:e3:ac:56:92:
17:30:d2:12:7f:ef:da:e3:ec:e8:ec:a5:df:75:e6:5f:23:ef:
7f:75:57:d7:53:b9:e3:a1:6c:19:62:a9:7d:f5:9e:f7:34:4a:
84:e3:90:08:ec:19:99:ff:d5:24:1d:b6:2b:d0:2b:40:70:d4:
55:b8:e2:33
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZa1L9f21ZSHRnBplQAhW3DAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0OGNhMzk1Mzc1OTdjZmFlNjBhZTA0MjFkYjhlMDk4YjRl
MjYxMzAwHhcNMjUwNTA5MTMxNTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTc4YWY0N2Y1YWZiZjY2OGUzYjc4YzczYmFlN2MwODAzOGRkMGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozLeUWfWpwhUFFOxrCBrkWtNr9jR
75h5Qv+zoZmCNb/3i1OH5The2NLXV6i1NoUPGlg/9IoPNbRWOqLCMm27JcBSak6+
Ip1mAgQ8iUwq42Ga4A00iZeFyLWj1SJxtDYhJaQ/OCLwwJq8VHZG4hpf2aQeSf/g
hmmD6ZkS/94O+wNIqpJUzehvIqu2LU+YotGx7MwMaGu9ljC2CkMUMOZ14cLdGpLo
+Kr9LWUiZesx/UmqtLjrq1yCEuJ5QflmdOcw27dBKkU/8dPs/hstfdqBuKcvmGlA
bWJntYZSxwxUNntsY/3n82Zkco/cJ/g2jLEabj4hvl/ZiBSTnUdznTbVqwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBF4r0f1r79mjjt4xzuufAgDjdDaMB8GA1UdIwQY
MBaAFESMo5U3WXz65grgQh244Ji04mEwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkl5amxUZFpmUHJtQ3VCQ0hiamdtTFRpWVRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kYjA1MTktNGU1YS00Yjc1LTg4ZmQt
YmJjMjM5ZTg5N2ViLzEvRVhpdlJfV3Z2MmFPTzNqSE82NThDQU9OME5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kYjA1MTktNGU1YS00Yjc1LTg4ZmQtYmJjMjM5ZTg5N2Vi
LzEvUkl5amxUZFpmUHJtQ3VCQ0hiamdtTFRpWVRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDX9e4AwQC
uc7oMA0EAgACMAcDBQAqAFHAMA0GCSqGSIb3DQEBCwUAA4IBAQB0R/o6ViR1ANEf
sRFlfzoGwZ98rzRALzg9h96bP3IJU8T/WvTGz1wgNFx5HY9t1Dn0hap/jZ1j4W9L
c7h4gnvPyIRJPy7m08jHH4Vso86CKHq5RmFu3Wg79MJwmlIUjBAask4CKVUwLGPi
ObJ20yzPYIEEPHcyjTg/wYg6Nwf8ReTyZNpywdoQondIT2RcwEqo3IMQnO9v3MhT
HUcTOQdQL0EwgWPFCv7xVBOUwVAhHb63c4nwEMt5dg7zH6seW/26fOOsVpIXMNIS
f+/a4+zo7KXfdeZfI+9/dVfXU7njoWwZYql99Z73NEqE45AI7BmZ/9UkHbYr0CtA
cNRVuOIz
-----END CERTIFICATE-----
Generated at Sun Jun 8 02:35:28 2025 by rpki-client