Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/PGgQA4lq16a2A-WgJ_ri64lGsRE.roa
File: PGgQA4lq16a2A-WgJ_ri64lGsRE.roa (raw, json)
Hash identifier: Q6QSZCDfq8qNTpDtgedLOR/KuDwL2RUnCSAMtaotxEg=
Subject key identifier: 3C:68:10:03:89:6A:D7:A6:B6:03:E5:A0:27:FA:E2:EB:89:46:B1:11
Certificate issuer: /CN=6991c56f11a7171c6153239769f557beba10182d
Certificate serial: 0197F444A5D40BA71453366716EE0BA48A5E
Authority key identifier: 69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/PGgQA4lq16a2A-WgJ_ri64lGsRE.roa
Signing time: Thu 10 Jul 2025 12:17:08 +0000
ROA not before: Thu 10 Jul 2025 12:17:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204487
IP address blocks: 95.164.52.0/24 maxlen: 24
95.164.94.0/24 maxlen: 24
95.164.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 14:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f4:44:a5:d4:0b:a7:14:53:36:67:16:ee:0b:a4:8a:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6991c56f11a7171c6153239769f557beba10182d
Validity
Not Before: Jul 10 12:17:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c681003896ad7a6b603e5a027fae2eb8946b111
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b5:69:99:35:1c:6d:04:1e:d5:a9:e9:2d:aa:
8c:3c:38:3f:9b:58:3a:2a:8b:fd:1f:d2:6d:9e:62:
53:8a:4c:f3:d3:23:65:de:bb:e0:a2:e4:bb:3d:a3:
83:37:96:80:95:1f:3a:54:93:ff:0d:f5:4d:81:8b:
d5:6c:c9:07:a2:7f:ce:ac:54:13:e6:70:ca:d0:64:
16:6a:ed:b5:e1:aa:ba:ae:6a:3a:7c:04:03:92:e7:
c3:67:20:2d:bb:be:ab:87:ab:44:62:d4:34:26:0e:
dc:f5:6d:bd:1f:48:c7:bb:05:52:1a:e0:17:bd:f3:
bf:d6:9c:6a:37:17:9c:4e:80:53:78:e8:86:9f:d7:
3f:20:c5:cb:72:16:08:d7:5c:44:ce:6b:8f:68:29:
a2:55:d2:d9:19:47:fc:50:98:40:46:fc:89:25:10:
72:a4:59:91:c0:ef:87:f7:71:eb:96:72:e4:fb:e8:
cb:4f:76:a4:39:65:b3:3f:9c:0e:74:75:06:5c:d7:
56:f7:ce:b7:2f:f4:27:b3:4b:aa:2f:4b:a9:68:cd:
74:f0:09:95:46:2d:b5:92:08:81:13:d9:d2:d2:4d:
05:44:ca:82:25:58:7f:20:10:2b:37:e9:ec:bc:28:
f8:3d:f9:96:54:d3:b6:d4:e4:4d:89:3e:b6:c2:bb:
8b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:68:10:03:89:6A:D7:A6:B6:03:E5:A0:27:FA:E2:EB:89:46:B1:11
X509v3 Authority Key Identifier:
keyid:69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/PGgQA4lq16a2A-WgJ_ri64lGsRE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.52.0/24
95.164.94.0/24
95.164.122.0/24
Signature Algorithm: sha256WithRSAEncryption
78:8c:45:a7:02:78:94:46:48:94:10:62:a0:62:94:8b:3a:60:
bf:c7:d3:6b:ca:b5:62:44:89:0b:d9:54:17:8d:17:a7:92:1a:
92:56:d9:53:92:5d:c8:36:2b:63:b9:1f:e2:0d:de:27:d5:14:
7a:b9:5c:96:28:7f:26:fe:49:38:4e:4e:f5:51:3d:56:c7:bb:
27:94:b6:0f:cc:ce:17:96:95:62:d1:ed:ec:02:7b:e2:6f:ca:
a8:c1:53:62:74:e9:bc:e4:5f:42:3e:04:f3:b2:2d:db:61:92:
74:9c:10:87:87:80:0d:a4:27:dc:f0:64:ee:c1:57:f1:84:03:
3f:57:c3:e4:b8:8c:1e:ba:3b:01:1b:8c:9a:45:0d:22:e2:9a:
2f:fc:50:af:66:d5:67:2b:7d:9f:4d:5e:ea:9a:cc:24:fe:ba:
94:b4:cc:0a:dc:88:90:aa:b2:a8:89:70:20:bd:17:39:00:40:
6c:4e:c1:6f:82:e4:31:90:91:5b:fa:e3:44:78:96:55:e5:0c:
d5:d7:01:8a:82:e1:af:fa:47:dd:93:44:d9:f8:01:b3:47:59:
38:1a:7c:b2:9b:bf:ab:05:64:db:f6:11:2b:6a:95:30:86:cd:
b0:ef:59:a6:8b:f5:53:6e:02:9b:b8:7c:8e:b4:b6:d7:30:6d:
3d:4b:ae:bf
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZf0RKXUC6cUUzZnFu4LpIpeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OTFjNTZmMTFhNzE3MWM2MTUzMjM5NzY5ZjU1N2JlYmEx
MDE4MmQwHhcNMjUwNzEwMTIxNzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzY4MTAwMzg5NmFkN2E2YjYwM2U1YTAyN2ZhZTJlYjg5NDZiMTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrVpmTUcbQQe1anpLaqMPDg/m1g6
Kov9H9JtnmJTikzz0yNl3rvgouS7PaODN5aAlR86VJP/DfVNgYvVbMkHon/OrFQT
5nDK0GQWau214aq6rmo6fAQDkufDZyAtu76rh6tEYtQ0Jg7c9W29H0jHuwVSGuAX
vfO/1pxqNxecToBTeOiGn9c/IMXLchYI11xEzmuPaCmiVdLZGUf8UJhARvyJJRBy
pFmRwO+H93HrlnLk++jLT3akOWWzP5wOdHUGXNdW9863L/Qns0uqL0upaM108AmV
Ri21kgiBE9nS0k0FRMqCJVh/IBArN+nsvCj4PfmWVNO21ORNiT62wruLCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDxoEAOJatemtgPloCf64uuJRrERMB8GA1UdIwQY
MBaAFGmRxW8RpxccYVMjl2n1V766EBgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYt
NjVkMTU2NzM0MGZkLzEvUEdnUUE0bHExNmEyQS1XZ0pfcmk2NGxHc1JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYtNjVkMTU2NzM0MGZk
LzEvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAX6Q0AwQA
X6ReAwQAX6R6MA0GCSqGSIb3DQEBCwUAA4IBAQB4jEWnAniURkiUEGKgYpSLOmC/
x9NryrViRIkL2VQXjRenkhqSVtlTkl3INitjuR/iDd4n1RR6uVyWKH8m/kk4Tk71
UT1Wx7snlLYPzM4XlpVi0e3sAnvib8qowVNidOm85F9CPgTzsi3bYZJ0nBCHh4AN
pCfc8GTuwVfxhAM/V8PkuIweujsBG4yaRQ0i4pov/FCvZtVnK32fTV7qmswk/rqU
tMwK3IiQqrKoiXAgvRc5AEBsTsFvguQxkJFb+uNEeJZV5QzV1wGKguGv+kfdk0TZ
+AGzR1k4Gnyym7+rBWTb9hErapUwhs2w71mmi/VTbgKbuHyOtLbXMG09S66/
-----END CERTIFICATE-----
Generated at Thu Jul 24 21:01:54 2025 by rpki-client