Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/IqmCKhj0YirWDztKQKxV-Tkp8wA.roa
File: IqmCKhj0YirWDztKQKxV-Tkp8wA.roa (raw, json)
Hash identifier: PBdp+ZbHGedan6tJHhjQF/VqDVDnpQuJLH8duAyClhY=
Subject key identifier: 22:A9:82:2A:18:F4:62:2A:D6:0F:3B:4A:40:AC:55:F9:39:29:F3:00
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 0199A8F04539C5B9B72B5AFCF5EC4B793352
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/IqmCKhj0YirWDztKQKxV-Tkp8wA.roa
Signing time: Fri 03 Oct 2025 07:19:02 +0000
ROA not before: Fri 03 Oct 2025 07:19:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 95.155.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 Oct 2025 14:36:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a8:f0:45:39:c5:b9:b7:2b:5a:fc:f5:ec:4b:79:33:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Oct 3 07:19:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22a9822a18f4622ad60f3b4a40ac55f93929f300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1b:16:f9:b9:0a:f9:93:cd:32:00:47:a6:a5:
ab:5a:8b:16:c6:dd:21:a7:14:56:c3:0c:d7:4d:5d:
c1:61:14:9d:a6:88:c5:f9:27:ee:89:65:ba:5f:a5:
4f:ce:f3:9f:4d:d7:7e:b2:69:c9:08:09:73:c8:b1:
71:c0:52:0a:54:0c:8d:8f:62:56:f9:da:6f:3d:c9:
d4:3c:f6:84:e1:58:91:6a:4f:a0:a4:fa:aa:c4:f9:
54:00:14:59:0b:9d:ea:e0:bd:18:0a:24:d3:06:3a:
51:8d:f6:ce:e4:c7:f8:d2:9f:d1:df:80:18:69:a9:
87:ce:01:4c:0c:b7:fd:88:5b:06:b1:18:bd:f8:54:
ef:30:46:cf:57:25:a4:eb:23:88:3c:79:34:50:7f:
fe:53:3f:c2:07:ed:18:ca:b1:3c:ad:df:00:01:0e:
4d:a6:e7:8f:79:81:6b:6a:35:72:e9:a8:26:a6:cf:
dc:41:19:f6:9f:d0:ab:48:ed:bf:ed:76:46:b4:d1:
4b:84:a6:a5:7e:8f:ee:05:a4:53:c5:cc:bd:0d:b9:
2a:ac:63:4c:85:4d:d1:f4:d3:35:ea:85:d1:72:e8:
21:82:2f:d8:c4:13:a6:2e:72:4e:3d:f3:e6:0e:ff:
8a:d0:cf:d6:94:d9:10:b1:da:02:c1:59:65:fe:eb:
c1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:A9:82:2A:18:F4:62:2A:D6:0F:3B:4A:40:AC:55:F9:39:29:F3:00
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/IqmCKhj0YirWDztKQKxV-Tkp8wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.155.150.0/24
Signature Algorithm: sha256WithRSAEncryption
63:28:52:01:66:c5:cc:85:78:51:b3:3a:74:28:8a:0c:b5:da:
b1:c4:bb:46:4e:ce:d4:62:eb:4f:0c:0c:f6:d4:b6:7b:84:32:
51:e6:9f:a8:7a:ee:33:aa:2b:47:1c:d6:85:88:03:19:a8:f3:
ed:ad:3a:4a:89:a5:8e:f4:92:b3:3f:af:0f:8a:bb:de:61:cb:
d1:11:f5:3d:51:33:47:84:10:f9:bf:62:2f:b0:48:ff:6d:ff:
06:8d:59:49:ea:f2:26:3e:47:ef:c5:59:6a:42:c0:f7:a6:07:
2e:fe:78:78:d7:8f:aa:9c:76:49:e8:6e:c2:1c:1f:29:84:ff:
eb:4d:e0:81:bd:44:a4:35:98:bb:6f:e3:c0:38:9e:84:9a:24:
c3:ae:b5:c1:fb:1b:09:9e:9f:48:d8:e7:57:d5:fa:bf:45:03:
fe:e0:e2:9a:30:b3:b2:ca:3d:24:f0:18:4d:3a:67:f2:08:04:
2e:94:e9:15:85:84:f6:2b:a8:37:be:cc:53:d6:8b:f5:d4:4a:
0d:75:f6:08:52:17:09:bd:c3:d1:5f:98:d8:3a:90:ad:8e:dd:
dd:0b:d1:04:e8:b3:bf:c4:c6:1e:e7:49:8c:c9:8b:1e:1b:4c:
ed:1e:67:1e:09:ee:51:68:09:0a:ca:aa:a7:47:31:3f:9d:c4:
6c:14:f6:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmo8EU5xbm3K1r89exLeTNSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjUxMDAzMDcxOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmE5ODIyYTE4ZjQ2MjJhZDYwZjNiNGE0MGFjNTVmOTM5MjlmMzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hsW+bkK+ZPNMgBHpqWrWosWxt0h
pxRWwwzXTV3BYRSdpojF+SfuiWW6X6VPzvOfTdd+smnJCAlzyLFxwFIKVAyNj2JW
+dpvPcnUPPaE4ViRak+gpPqqxPlUABRZC53q4L0YCiTTBjpRjfbO5Mf40p/R34AY
aamHzgFMDLf9iFsGsRi9+FTvMEbPVyWk6yOIPHk0UH/+Uz/CB+0YyrE8rd8AAQ5N
puePeYFrajVy6agmps/cQRn2n9CrSO2/7XZGtNFLhKalfo/uBaRTxcy9DbkqrGNM
hU3R9NM16oXRcughgi/YxBOmLnJOPfPmDv+K0M/WlNkQsdoCwVll/uvBPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCKpgioY9GIq1g87SkCsVfk5KfMAMB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvSXFtQ0toajBZaXJXRHp0S1FLeFYtVGtwOHdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX5uWMA0G
CSqGSIb3DQEBCwUAA4IBAQBjKFIBZsXMhXhRszp0KIoMtdqxxLtGTs7UYutPDAz2
1LZ7hDJR5p+oeu4zqitHHNaFiAMZqPPtrTpKiaWO9JKzP68PirveYcvREfU9UTNH
hBD5v2IvsEj/bf8GjVlJ6vImPkfvxVlqQsD3pgcu/nh414+qnHZJ6G7CHB8phP/r
TeCBvUSkNZi7b+PAOJ6EmiTDrrXB+xsJnp9I2OdX1fq/RQP+4OKaMLOyyj0k8BhN
OmfyCAQulOkVhYT2K6g3vsxT1ov11EoNdfYIUhcJvcPRX5jYOpCtjt3dC9EE6LO/
xMYe50mMyYseG0ztHmceCe5RaAkKyqqnRzE/ncRsFPYl
-----END CERTIFICATE-----
Generated at Mon Oct 13 22:06:44 2025 by rpki-client