Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/cxoHocYfpOLbmWm9vZdeuztX1mM.roa
File: cxoHocYfpOLbmWm9vZdeuztX1mM.roa (raw, json)
Hash identifier: n6b1cBbTDRO9vvH+MGVzzJhRTNkNJBd2SHTwJhIHGMM=
Subject key identifier: 73:1A:07:A1:C6:1F:A4:E2:DB:99:69:BD:BD:97:5E:BB:3B:57:D6:63
Certificate issuer: /CN=6991c56f11a7171c6153239769f557beba10182d
Certificate serial: 0197F4467A6FED7DF31D0E2221A3D484AA5B
Authority key identifier: 69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/cxoHocYfpOLbmWm9vZdeuztX1mM.roa
Signing time: Thu 10 Jul 2025 12:19:08 +0000
ROA not before: Thu 10 Jul 2025 12:19:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 95.164.0.0/22 maxlen: 24
95.164.4.0/22 maxlen: 24
95.164.8.0/22 maxlen: 24
95.164.16.0/22 maxlen: 32
95.164.21.0/24 maxlen: 24
95.164.22.0/23 maxlen: 24
95.164.32.0/21 maxlen: 24
95.164.44.0/22 maxlen: 24
95.164.51.0/24 maxlen: 24
95.164.60.0/22 maxlen: 24
95.164.68.0/23 maxlen: 24
95.164.84.0/22 maxlen: 24
95.164.88.0/23 maxlen: 24
95.164.112.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 14:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f4:46:7a:6f:ed:7d:f3:1d:0e:22:21:a3:d4:84:aa:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6991c56f11a7171c6153239769f557beba10182d
Validity
Not Before: Jul 10 12:19:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=731a07a1c61fa4e2db9969bdbd975ebb3b57d663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:83:7e:d5:99:2f:f3:2e:78:a6:09:f8:7b:6a:
9a:27:f7:f9:69:6a:71:2a:24:6d:ac:83:48:36:4a:
55:08:a9:00:61:bb:c2:ca:a6:21:9a:41:81:7d:b9:
bf:05:19:93:24:d7:bf:b0:8e:30:fb:2d:9f:87:40:
18:af:b1:f4:24:a4:00:b3:c8:86:dc:b1:c2:69:cb:
f8:83:ad:4e:38:ca:32:2f:cb:b6:d4:c8:80:b4:cc:
24:27:2c:ed:36:0a:ae:52:bc:02:66:87:f0:e7:65:
cc:3e:f5:84:ef:d3:d4:24:da:67:c3:76:d3:77:29:
83:f2:2e:56:96:71:ca:d0:03:c4:d1:c1:dc:e9:45:
30:9d:61:f6:d5:07:13:79:da:62:9f:14:1d:bb:f7:
5c:3d:bf:47:87:f1:54:7d:4e:9d:e8:b6:08:d0:0d:
1d:4a:4b:cd:21:8e:aa:cd:fe:82:4c:9d:8a:f5:31:
43:32:28:04:93:ef:36:89:55:f7:5f:3d:15:9e:e0:
93:b7:f0:db:d9:cb:79:f7:48:d0:58:a5:7c:23:33:
3b:56:4a:9d:27:89:46:a8:66:3d:e6:01:5b:1c:29:
0e:dc:90:8c:76:1f:18:b2:ca:a1:6e:b2:d3:9a:1f:
a8:21:d3:0f:f9:1a:fd:ff:7c:f0:d6:3f:01:df:3a:
85:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:1A:07:A1:C6:1F:A4:E2:DB:99:69:BD:BD:97:5E:BB:3B:57:D6:63
X509v3 Authority Key Identifier:
keyid:69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/cxoHocYfpOLbmWm9vZdeuztX1mM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.0.0-95.164.11.255
95.164.16.0/22
95.164.21.0-95.164.23.255
95.164.32.0/21
95.164.44.0/22
95.164.51.0/24
95.164.60.0/22
95.164.68.0/23
95.164.84.0-95.164.89.255
95.164.112.0/21
Signature Algorithm: sha256WithRSAEncryption
bf:e9:1b:45:28:60:97:de:91:01:ad:bf:39:8f:2b:af:7d:cb:
aa:29:be:ac:31:e4:e7:29:e0:1d:c6:ec:b5:d7:d1:a4:dc:f2:
28:25:62:5a:a3:30:fc:56:e3:59:eb:2e:af:65:aa:27:0d:b4:
3e:7f:c0:78:8a:53:77:c7:97:e4:d0:b6:ff:59:48:9c:8e:6e:
6a:88:0a:87:e3:20:89:df:a2:f1:e5:70:12:4a:6f:69:04:87:
31:10:5f:8d:3c:c7:1a:bf:a9:07:58:d7:a0:01:c8:fe:6f:5e:
b7:2e:8a:55:71:08:04:56:6e:97:c4:e1:6a:19:ca:d6:88:1f:
5b:50:57:38:90:a8:2c:61:fe:8c:2e:a1:13:1b:bb:9b:c7:49:
5f:8c:bc:4f:f0:97:f6:a6:9d:95:3f:17:7c:3c:8a:0a:4b:fc:
14:d6:ad:fb:46:04:61:a7:9d:c4:2c:c8:77:d3:a7:c4:bf:6a:
52:fa:36:2c:e0:48:40:65:83:cf:fe:e8:29:fa:bc:bb:c5:3f:
3f:de:7c:2d:e0:1f:1e:76:a3:e0:9a:aa:61:56:dd:d3:ae:17:
a5:52:2d:18:aa:10:c4:d9:df:f8:94:9e:0a:2c:b6:e0:77:82:
c2:62:9a:0c:7d:68:fd:7c:40:59:11:34:e5:24:10:44:cd:a9:
50:5a:06:4a
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZf0Rnpv7X3zHQ4iIaPUhKpbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OTFjNTZmMTFhNzE3MWM2MTUzMjM5NzY5ZjU1N2JlYmEx
MDE4MmQwHhcNMjUwNzEwMTIxOTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzFhMDdhMWM2MWZhNGUyZGI5OTY5YmRiZDk3NWViYjNiNTdkNjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoN+1Zkv8y54pgn4e2qaJ/f5aWpx
KiRtrININkpVCKkAYbvCyqYhmkGBfbm/BRmTJNe/sI4w+y2fh0AYr7H0JKQAs8iG
3LHCacv4g61OOMoyL8u21MiAtMwkJyztNgquUrwCZofw52XMPvWE79PUJNpnw3bT
dymD8i5WlnHK0APE0cHc6UUwnWH21QcTedpinxQdu/dcPb9Hh/FUfU6d6LYI0A0d
SkvNIY6qzf6CTJ2K9TFDMigEk+82iVX3Xz0VnuCTt/Db2ct590jQWKV8IzM7Vkqd
J4lGqGY95gFbHCkO3JCMdh8YssqhbrLTmh+oIdMP+Rr9/3zw1j8B3zqFbwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFHMaB6HGH6Ti25lpvb2XXrs7V9ZjMB8GA1UdIwQY
MBaAFGmRxW8RpxccYVMjl2n1V766EBgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYt
NjVkMTU2NzM0MGZkLzEvY3hvSG9jWWZwT0xibVdtOXZaZGV1enRYMW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYtNjVkMTU2NzM0MGZk
LzEvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBZBAIAATBTMAsDAwJfpAME
Al+kCAMEAl+kEDAMAwQAX6QVAwQDX6QQAwQDX6QgAwQCX6QsAwQAX6QzAwQCX6Q8
AwQBX6REMAwDBAJfpFQDBAFfpFgDBANfpHAwDQYJKoZIhvcNAQELBQADggEBAL/p
G0UoYJfekQGtvzmPK699y6opvqwx5Ocp4B3G7LXX0aTc8iglYlqjMPxW41nrLq9l
qicNtD5/wHiKU3fHl+TQtv9ZSJyObmqICofjIInfovHlcBJKb2kEhzEQX408xxq/
qQdY16AByP5vXrcuilVxCARWbpfE4WoZytaIH1tQVziQqCxh/owuoRMbu5vHSV+M
vE/wl/amnZU/F3w8igpL/BTWrftGBGGnncQsyHfTp8S/alL6NizgSEBlg8/+6Cn6
vLvFPz/efC3gHx52o+CaqmFW3dOuF6VSLRiqEMTZ3/iUngostuB3gsJimgx9aP18
QFkRNOUkEETNqVBaBko=
-----END CERTIFICATE-----
Generated at Thu Jul 24 21:01:54 2025 by rpki-client