Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/2R9OObFNaEDkANSZ-coBJRfRpcg.roa
File: 2R9OObFNaEDkANSZ-coBJRfRpcg.roa (raw, json)
Hash identifier: PuD3VMT0jUQBkYxsd7Ldnl6ZWhsJPerlMMUp2zMDWgw=
Subject key identifier: D9:1F:4E:39:B1:4D:68:40:E4:00:D4:99:F9:CA:01:25:17:D1:A5:C8
Certificate issuer: /CN=6991c56f11a7171c6153239769f557beba10182d
Certificate serial: 0197F44763CCA138353F43BFF2F68AE65546
Authority key identifier: 69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/2R9OObFNaEDkANSZ-coBJRfRpcg.roa
Signing time: Thu 10 Jul 2025 12:20:08 +0000
ROA not before: Thu 10 Jul 2025 12:20:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200736
IP address blocks: 95.164.124.0/22 maxlen: 24
95.164.176.0/20 maxlen: 24
95.164.208.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 14:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f4:47:63:cc:a1:38:35:3f:43:bf:f2:f6:8a:e6:55:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6991c56f11a7171c6153239769f557beba10182d
Validity
Not Before: Jul 10 12:20:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d91f4e39b14d6840e400d499f9ca012517d1a5c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:55:5b:16:cf:67:82:94:bd:b6:87:8c:54:b3:
af:5a:9a:3b:bf:4b:a7:d7:3c:57:fa:79:b9:fa:0f:
24:44:2b:fd:16:fc:a2:d3:51:f5:5c:fd:9d:28:9b:
d7:89:88:e0:e7:a2:26:aa:bc:3f:f8:7d:fd:13:e4:
2b:0e:a5:19:47:37:de:59:e9:8c:5c:48:1e:f5:27:
61:4e:e9:64:4d:43:c8:76:87:55:76:cc:6b:8f:76:
43:9f:6f:9c:f2:b1:d7:c7:56:5f:35:61:c5:d3:41:
cb:1f:88:3d:ba:0d:f4:71:95:6b:66:00:38:fb:d9:
d3:c6:da:a3:5e:3b:4b:94:bf:75:da:11:40:da:d3:
c3:36:8a:b9:10:c4:55:7a:2e:1f:59:53:9f:03:28:
6d:0b:2f:e5:06:55:b5:c3:9e:35:72:1b:89:a2:15:
60:ea:b8:89:4c:59:1a:20:c1:53:de:a5:16:d4:3e:
42:10:e3:ca:8d:c2:13:ec:2a:89:fc:03:1d:5e:7b:
8d:3f:fb:10:d1:f8:9b:5f:32:e5:4e:db:2f:e5:85:
ee:40:47:00:5f:6a:62:9b:90:33:f1:c5:f1:d4:7f:
bc:ca:28:ed:b2:94:4e:3f:3c:01:77:3f:a9:44:58:
d0:16:12:9d:a4:6c:e2:0f:22:15:28:7e:2a:a6:cb:
2d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:1F:4E:39:B1:4D:68:40:E4:00:D4:99:F9:CA:01:25:17:D1:A5:C8
X509v3 Authority Key Identifier:
keyid:69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/2R9OObFNaEDkANSZ-coBJRfRpcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.124.0/22
95.164.176.0/20
95.164.208.0/20
Signature Algorithm: sha256WithRSAEncryption
4d:b6:c3:87:f6:2d:f4:4e:1a:b6:5c:6f:f1:35:f9:45:e5:62:
ac:4a:50:43:3e:b0:36:39:ae:77:f7:c0:45:69:b3:c0:87:af:
66:01:72:84:48:1a:5a:88:52:75:a9:31:c2:90:52:5a:d3:6e:
b3:80:24:13:fe:5e:8a:16:f9:5c:cf:6c:30:2a:40:34:ce:bf:
b8:13:30:34:72:c3:f0:a3:45:a3:1c:64:cf:38:1b:91:fd:74:
8f:6d:08:1f:ff:b3:96:9d:59:09:55:1a:46:91:7d:89:b5:3f:
a2:68:53:58:fc:3c:ab:05:a2:05:ee:02:1e:65:91:f2:99:d5:
09:9c:f6:83:99:cf:a1:74:69:87:2c:6b:0e:f7:e0:a3:d6:56:
b2:b2:d8:86:44:0d:53:61:95:be:d9:59:2f:c3:52:15:10:96:
0b:96:6f:4f:94:53:08:11:94:13:1d:75:07:11:c4:d6:5c:82:
9f:b3:30:47:93:c5:9c:e2:6b:cc:ea:fb:4a:10:e3:3c:d2:8a:
36:ed:9b:0b:a1:97:24:3e:2d:b7:a7:64:ac:f0:c0:d2:2d:52:
9c:e1:dd:de:97:3e:e1:a0:2a:b3:a7:be:f1:25:73:da:c4:1f:
b3:46:02:0d:0c:45:46:a8:f3:fa:82:78:1b:36:5b:7d:ea:a5:
89:47:4f:fe
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZf0R2PMoTg1P0O/8vaK5lVGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OTFjNTZmMTFhNzE3MWM2MTUzMjM5NzY5ZjU1N2JlYmEx
MDE4MmQwHhcNMjUwNzEwMTIyMDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTFmNGUzOWIxNGQ2ODQwZTQwMGQ0OTlmOWNhMDEyNTE3ZDFhNWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulVbFs9ngpS9toeMVLOvWpo7v0un
1zxX+nm5+g8kRCv9Fvyi01H1XP2dKJvXiYjg56Imqrw/+H39E+QrDqUZRzfeWemM
XEge9SdhTulkTUPIdodVdsxrj3ZDn2+c8rHXx1ZfNWHF00HLH4g9ug30cZVrZgA4
+9nTxtqjXjtLlL912hFA2tPDNoq5EMRVei4fWVOfAyhtCy/lBlW1w541chuJohVg
6riJTFkaIMFT3qUW1D5CEOPKjcIT7CqJ/AMdXnuNP/sQ0fibXzLlTtsv5YXuQEcA
X2pim5Az8cXx1H+8yijtspROPzwBdz+pRFjQFhKdpGziDyIVKH4qpsstfQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNkfTjmxTWhA5ADUmfnKASUX0aXIMB8GA1UdIwQY
MBaAFGmRxW8RpxccYVMjl2n1V766EBgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYt
NjVkMTU2NzM0MGZkLzEvMlI5T09iRk5hRURrQU5TWi1jb0JKUmZScGNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYtNjVkMTU2NzM0MGZk
LzEvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCX6R8AwQE
X6SwAwQEX6TQMA0GCSqGSIb3DQEBCwUAA4IBAQBNtsOH9i30Thq2XG/xNflF5WKs
SlBDPrA2Oa5398BFabPAh69mAXKESBpaiFJ1qTHCkFJa026zgCQT/l6KFvlcz2ww
KkA0zr+4EzA0csPwo0WjHGTPOBuR/XSPbQgf/7OWnVkJVRpGkX2JtT+iaFNY/Dyr
BaIF7gIeZZHymdUJnPaDmc+hdGmHLGsO9+Cj1laystiGRA1TYZW+2Vkvw1IVEJYL
lm9PlFMIEZQTHXUHEcTWXIKfszBHk8Wc4mvM6vtKEOM80oo27ZsLoZckPi23p2Ss
8MDSLVKc4d3elz7hoCqzp77xJXPaxB+zRgINDEVGqPP6gngbNlt96qWJR0/+
-----END CERTIFICATE-----
Generated at Thu Jul 24 21:00:34 2025 by rpki-client