Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/05T5QjbJNc87hT4My9l-JdCX1h4.roa
File: 05T5QjbJNc87hT4My9l-JdCX1h4.roa (raw, json)
Hash identifier: iWvw7hOFWKPo65JahFO85oDHfJOnZV1Mm2k2unmLhhE=
Subject key identifier: D3:94:F9:42:36:C9:35:CF:3B:85:3E:0C:CB:D9:7E:25:D0:97:D6:1E
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 01942745D019842903BB0FE95CC4D4527D66
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/05T5QjbJNc87hT4My9l-JdCX1h4.roa
Signing time: Thu 02 Jan 2025 13:47:54 +0000
ROA not before: Thu 02 Jan 2025 13:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206849
IP address blocks: 95.173.166.0/24 maxlen: 24
95.173.167.0/24 maxlen: 24
95.173.173.0/24 maxlen: 24
95.173.174.0/24 maxlen: 24
95.173.175.0/24 maxlen: 24
95.173.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:45:d0:19:84:29:03:bb:0f:e9:5c:c4:d4:52:7d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Jan 2 13:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d394f94236c935cf3b853e0ccbd97e25d097d61e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:35:dc:fa:ba:0d:95:c1:65:f2:46:b4:35:01:
0a:4c:fa:4f:a1:27:d6:37:75:65:d3:7a:7f:72:6c:
9f:a5:d7:ab:3a:6a:fa:79:d5:a3:d3:74:a8:c4:dc:
c5:f5:67:18:dc:5d:ba:c5:b8:39:c8:1c:ce:37:59:
af:5b:e0:7a:fe:f3:3e:26:3c:9e:4f:a0:80:60:66:
a9:22:91:0f:0b:fd:00:ec:a9:d0:d2:f0:b9:06:b6:
d0:33:4e:f9:1f:c8:32:6f:1e:21:b0:12:58:d9:53:
b2:06:12:0b:3e:b7:e6:ae:b7:b4:ef:14:74:8c:52:
67:ae:16:41:f7:31:df:90:e0:f7:4d:e6:ff:6e:4d:
37:bb:bd:c7:0e:e1:da:de:d6:3f:b9:42:e6:ad:dd:
8a:8b:4a:1b:f5:bb:2b:8c:e3:22:3a:1b:03:10:d6:
d9:2a:d3:69:01:3d:59:f3:52:ba:26:0c:73:ae:be:
c1:fe:9e:b5:2a:b5:54:9c:e0:f0:27:75:22:f7:0e:
4d:d3:c0:5a:58:bc:d8:57:48:c3:3f:b1:77:d0:0e:
b4:81:15:f6:7c:15:fb:b0:45:2e:cb:80:67:fe:61:
9b:06:72:4d:20:6a:cd:be:01:70:62:0a:d1:34:13:
cd:97:09:a0:69:30:f9:50:c7:19:96:56:ef:94:fe:
c3:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:94:F9:42:36:C9:35:CF:3B:85:3E:0C:CB:D9:7E:25:D0:97:D6:1E
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/05T5QjbJNc87hT4My9l-JdCX1h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.173.166.0/23
95.173.173.0-95.173.176.255
Signature Algorithm: sha256WithRSAEncryption
54:f9:3b:86:c7:b0:8f:c1:31:8e:e0:6b:04:a0:fe:80:08:7b:
f7:4e:a8:ad:69:bc:58:d7:1d:f7:e0:76:67:73:91:47:ae:50:
ae:39:5f:d7:4e:f4:e8:aa:69:1d:9d:1d:1b:d6:f7:1c:bf:77:
85:bb:11:6b:fa:d3:2c:e0:3d:c7:b8:32:03:62:cb:1e:83:7d:
77:ff:cf:e5:1a:d0:74:d6:ae:f7:94:08:70:ca:c4:09:86:66:
99:22:f1:0f:10:b4:6f:ff:91:7c:4c:f6:4c:5f:ed:c5:96:b9:
5c:93:66:53:a3:b4:2f:b9:55:8d:78:34:b0:a9:b8:09:1a:50:
69:65:d7:bb:e5:69:95:e2:2a:4b:c7:09:c2:a6:56:65:9b:06:
02:ab:16:c6:93:f0:66:e8:3d:80:3a:6d:71:47:c2:97:1c:41:
f7:cc:48:a3:51:d3:1a:d4:53:36:ec:96:15:a3:63:ac:d1:6d:
bc:50:59:d6:64:3e:a8:7d:49:7c:6a:7b:e8:19:07:09:34:26:
95:34:88:4f:bf:e4:1c:83:82:ba:9c:8b:6b:9e:34:06:1d:50:
db:7c:82:1e:80:a9:42:ba:4c:65:5d:a1:8e:a7:ba:22:df:4b:
f1:e9:cf:10:cf:f3:7d:77:44:54:bf:8b:50:6a:5d:d9:4b:88:
f2:c7:10:9a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQnRdAZhCkDuw/pXMTUUn1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjUwMTAyMTM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzk0Zjk0MjM2YzkzNWNmM2I4NTNlMGNjYmQ5N2UyNWQwOTdkNjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTXc+roNlcFl8ka0NQEKTPpPoSfW
N3Vl03p/cmyfpderOmr6edWj03SoxNzF9WcY3F26xbg5yBzON1mvW+B6/vM+Jjye
T6CAYGapIpEPC/0A7KnQ0vC5BrbQM075H8gybx4hsBJY2VOyBhILPrfmrre07xR0
jFJnrhZB9zHfkOD3Teb/bk03u73HDuHa3tY/uULmrd2Ki0ob9bsrjOMiOhsDENbZ
KtNpAT1Z81K6Jgxzrr7B/p61KrVUnODwJ3Ui9w5N08BaWLzYV0jDP7F30A60gRX2
fBX7sEUuy4Bn/mGbBnJNIGrNvgFwYgrRNBPNlwmgaTD5UMcZllbvlP7DCQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNOU+UI2yTXPO4U+DMvZfiXQl9YeMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvMDVUNVFqYkpOYzg3aFQ0TXk5bC1KZENYMWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBX62mMAwD
BABfra0DBABfrbAwDQYJKoZIhvcNAQELBQADggEBAFT5O4bHsI/BMY7gawSg/oAI
e/dOqK1pvFjXHffgdmdzkUeuUK45X9dO9OiqaR2dHRvW9xy/d4W7EWv60yzgPce4
MgNiyx6DfXf/z+Ua0HTWrveUCHDKxAmGZpki8Q8QtG//kXxM9kxf7cWWuVyTZlOj
tC+5VY14NLCpuAkaUGll17vlaZXiKkvHCcKmVmWbBgKrFsaT8GboPYA6bXFHwpcc
QffMSKNR0xrUUzbslhWjY6zRbbxQWdZkPqh9SXxqe+gZBwk0JpU0iE+/5ByDgrqc
i2ueNAYdUNt8gh6AqUK6TGVdoY6nuiLfS/HpzxDP8313RFS/i1BqXdlLiPLHEJo=
-----END CERTIFICATE-----
Generated at Wed Apr 9 05:42:52 2025 by rpki-client