Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/SQq8_rpvdfY7BXFUyrphnnlL84o.roa
File: SQq8_rpvdfY7BXFUyrphnnlL84o.roa (raw, json)
Hash identifier: vSJi9Ykpxa0TPPtAkLzqMYrT9acxNfMsWIZzD/ELaTo=
Subject key identifier: 49:0A:BC:FE:BA:6F:75:F6:3B:05:71:54:CA:BA:61:9E:79:4B:F3:8A
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 0198E7487D1ED6736E5F59873F11CAE394FC
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/SQq8_rpvdfY7BXFUyrphnnlL84o.roa
Signing time: Tue 26 Aug 2025 16:49:04 +0000
ROA not before: Tue 26 Aug 2025 16:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30058
IP address blocks: 95.155.132.0/24 maxlen: 24
95.155.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 22:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e7:48:7d:1e:d6:73:6e:5f:59:87:3f:11:ca:e3:94:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Aug 26 16:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=490abcfeba6f75f63b057154caba619e794bf38a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c6:88:2b:6e:2b:c3:e6:b1:99:99:8b:d8:71:
68:1a:ca:e1:67:fa:43:7a:b9:dc:3f:e9:c0:00:fd:
0e:fa:a1:db:a2:c9:df:fa:54:ad:a5:52:37:0e:a1:
c2:e3:98:6b:d0:16:30:bd:4f:fa:ad:26:8c:d2:84:
ae:58:4e:77:b6:6f:b5:06:2f:73:69:42:7a:80:d3:
ba:e1:56:a5:3a:71:e3:67:70:e3:8c:a6:05:71:ca:
a1:0c:db:a7:c7:d7:a4:e9:fb:28:47:94:79:f1:2a:
2c:12:b3:e1:bf:59:4f:70:f4:9a:de:e9:6f:d8:0d:
c9:a5:9f:d7:e4:28:e4:5f:58:ec:25:79:d0:dc:ad:
e7:11:54:55:15:3e:83:c5:fd:64:4d:4c:2f:c4:f3:
c6:9f:ce:d2:cb:14:0c:c6:5a:73:57:da:19:89:cc:
eb:e5:08:3a:d9:fc:4e:bc:52:fa:3d:93:fd:28:47:
3b:1b:89:86:62:3e:24:ec:6d:7e:b2:5f:80:2b:eb:
5b:48:29:b9:7c:37:01:69:f5:4f:21:5e:b6:fe:42:
08:b0:f6:03:e5:3a:2b:ed:15:5b:68:fe:d4:2d:f1:
71:c4:71:97:3f:b6:f5:e4:de:92:85:be:34:11:fe:
8a:49:4d:b6:20:ad:45:8c:d5:2c:39:c6:ea:b9:96:
1b:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:0A:BC:FE:BA:6F:75:F6:3B:05:71:54:CA:BA:61:9E:79:4B:F3:8A
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/SQq8_rpvdfY7BXFUyrphnnlL84o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.155.132.0/24
95.155.144.0/24
Signature Algorithm: sha256WithRSAEncryption
28:c5:54:63:77:a6:19:34:dc:f4:15:18:8e:1f:41:70:99:7f:
1d:9c:89:ef:10:02:38:45:d5:e8:1e:fc:1c:35:32:5f:3d:26:
67:c5:61:8b:fc:96:0c:4e:69:08:ca:99:f7:6f:57:09:a4:66:
2e:0a:37:43:40:54:08:00:23:14:ef:db:08:cf:64:0f:9b:17:
7c:de:41:4c:82:dc:43:d0:f3:a1:17:3d:60:78:ce:9a:8b:a2:
10:37:d8:74:49:f7:db:04:04:4a:9f:81:60:39:5b:22:89:ab:
67:82:ba:5a:a2:f9:f9:99:1b:ef:b9:a0:74:96:92:19:ab:40:
b2:da:8b:1c:43:a4:5f:f8:ac:cc:e8:25:15:8d:4f:fc:bb:51:
f4:0b:4b:74:0d:0e:8f:7d:14:82:1e:e2:5a:bd:db:34:77:09:
76:91:1b:06:1a:87:07:b1:97:bb:52:fb:e9:44:37:73:1f:1e:
4d:13:01:89:6f:ea:f6:82:06:e0:48:d1:99:4b:84:ab:0a:cd:
b7:ba:aa:fb:11:9b:f6:19:88:3e:2b:23:84:f7:c0:91:70:f0:
62:86:0a:ae:7a:5c:3a:5e:03:82:d0:4a:5e:62:b6:c6:9f:5f:
1c:4c:08:b9:40:18:f5:40:48:9e:23:d7:ff:57:8a:15:e1:14:
95:fd:60:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZjnSH0e1nNuX1mHPxHK45T8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjUwODI2MTY0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTBhYmNmZWJhNmY3NWY2M2IwNTcxNTRjYWJhNjE5ZTc5NGJmMzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsaIK24rw+axmZmL2HFoGsrhZ/pD
erncP+nAAP0O+qHbosnf+lStpVI3DqHC45hr0BYwvU/6rSaM0oSuWE53tm+1Bi9z
aUJ6gNO64ValOnHjZ3DjjKYFccqhDNunx9ek6fsoR5R58SosErPhv1lPcPSa3ulv
2A3JpZ/X5CjkX1jsJXnQ3K3nEVRVFT6Dxf1kTUwvxPPGn87SyxQMxlpzV9oZiczr
5Qg62fxOvFL6PZP9KEc7G4mGYj4k7G1+sl+AK+tbSCm5fDcBafVPIV62/kIIsPYD
5Tor7RVbaP7ULfFxxHGXP7b15N6Shb40Ef6KSU22IK1FjNUsOcbquZYbHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEkKvP66b3X2OwVxVMq6YZ55S/OKMB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvU1FxOF9ycHZkZlk3QlhGVXlycGhubmxMODRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX5uEAwQA
X5uQMA0GCSqGSIb3DQEBCwUAA4IBAQAoxVRjd6YZNNz0FRiOH0FwmX8dnInvEAI4
RdXoHvwcNTJfPSZnxWGL/JYMTmkIypn3b1cJpGYuCjdDQFQIACMU79sIz2QPmxd8
3kFMgtxD0POhFz1geM6ai6IQN9h0SffbBARKn4FgOVsiiatngrpaovn5mRvvuaB0
lpIZq0Cy2oscQ6Rf+KzM6CUVjU/8u1H0C0t0DQ6PfRSCHuJavds0dwl2kRsGGocH
sZe7UvvpRDdzHx5NEwGJb+r2ggbgSNGZS4SrCs23uqr7EZv2GYg+KyOE98CRcPBi
hgquelw6XgOC0EpeYrbGn18cTAi5QBj1QEieI9f/V4oV4RSV/WD6
-----END CERTIFICATE-----
Generated at Sun Sep 7 06:25:45 2025 by rpki-client