Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/rNKOMqYKhpjAqpr3R2TiL_oeU2U.roa
File: rNKOMqYKhpjAqpr3R2TiL_oeU2U.roa (raw, json)
Hash identifier: iQNu3wUdgJiuQXCSvl4BX8FRJSXOi63FQZi9nuO4RJA=
Subject key identifier: AC:D2:8E:32:A6:0A:86:98:C0:AA:9A:F7:47:64:E2:2F:FA:1E:53:65
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 0197CF03319E667F7C41491B1F59D3BCB364
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/rNKOMqYKhpjAqpr3R2TiL_oeU2U.roa
Signing time: Thu 03 Jul 2025 06:39:42 +0000
ROA not before: Thu 03 Jul 2025 06:39:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 95.155.128.0/24 maxlen: 24
95.155.129.0/24 maxlen: 24
95.155.130.0/24 maxlen: 24
95.155.131.0/24 maxlen: 24
95.155.132.0/24 maxlen: 24
95.155.133.0/24 maxlen: 24
95.155.134.0/24 maxlen: 24
95.155.144.0/24 maxlen: 24
95.155.145.0/24 maxlen: 24
95.155.146.0/24 maxlen: 24
95.155.147.0/24 maxlen: 24
95.155.148.0/24 maxlen: 24
95.155.149.0/24 maxlen: 24
95.155.150.0/24 maxlen: 24
95.155.151.0/24 maxlen: 24
95.155.152.0/24 maxlen: 24
95.155.153.0/24 maxlen: 24
95.155.154.0/24 maxlen: 24
95.155.155.0/24 maxlen: 24
95.155.156.0/24 maxlen: 24
95.155.157.0/24 maxlen: 24
95.155.158.0/24 maxlen: 24
95.155.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 11:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cf:03:31:9e:66:7f:7c:41:49:1b:1f:59:d3:bc:b3:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Jul 3 06:39:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=acd28e32a60a8698c0aa9af74764e22ffa1e5365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:cf:ee:d5:74:30:54:ec:e1:70:99:46:e6:af:
6e:5e:51:35:99:db:58:b6:a1:2d:54:c9:11:e7:69:
12:0f:6d:dd:eb:f0:c5:67:c9:b6:4c:7f:23:9e:42:
f1:56:6d:f7:ea:8c:54:36:0a:a5:b2:60:9d:20:15:
3b:42:dc:28:91:0c:15:b2:c4:8e:20:9f:8d:88:9d:
f4:f9:43:74:0f:75:d3:ee:25:6a:9b:05:f0:ed:7f:
00:0a:47:1f:e9:ce:59:76:68:30:5d:92:cf:2e:47:
fb:4b:a0:50:b2:a4:05:d4:0f:ed:6b:ec:ab:04:55:
03:97:f3:57:a4:9c:e9:f1:bc:c2:88:6b:cc:bb:89:
2c:9a:f9:1c:8b:fc:57:e9:f7:4e:ef:82:c0:86:b8:
40:47:7e:88:b2:7a:3d:48:4b:54:8a:ee:a9:14:9e:
5b:27:7d:66:79:c8:4a:c4:da:3f:0b:68:23:06:01:
76:6e:94:89:1e:78:d7:32:23:f3:eb:01:81:a8:9e:
39:a8:75:16:72:03:17:5c:6a:94:e9:a9:43:75:e2:
c5:a9:79:0d:7b:62:dd:c7:ed:b7:c2:1a:be:45:4b:
62:89:dd:71:2f:83:3c:f4:fe:3a:00:75:59:c9:d5:
54:ac:33:50:b8:b4:87:a7:b2:a3:e7:a0:aa:20:1f:
27:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:D2:8E:32:A6:0A:86:98:C0:AA:9A:F7:47:64:E2:2F:FA:1E:53:65
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/rNKOMqYKhpjAqpr3R2TiL_oeU2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.155.128.0-95.155.134.255
95.155.144.0/20
Signature Algorithm: sha256WithRSAEncryption
2a:cc:22:99:b8:5f:3f:d6:90:f5:dd:b7:b8:8a:45:4f:d1:65:
81:2d:a2:12:38:78:3f:5b:c1:50:99:6a:dc:50:a5:4a:0e:fb:
b2:cc:32:b8:09:34:39:f9:dd:70:18:a4:d8:d0:a3:ee:4f:e3:
bb:a9:8e:95:e8:2f:33:04:bc:ef:d3:c4:ac:ce:d5:cc:52:51:
21:bf:b2:c8:ee:5a:3b:f2:0d:62:36:16:87:6b:dc:a1:2a:b1:
0a:7f:b0:51:55:62:39:51:3f:f1:cf:ce:79:4f:c2:05:69:50:
a0:53:e1:83:fe:6f:d6:1c:19:5f:6b:bb:dc:73:3e:bb:f8:61:
50:e5:d4:0d:b3:44:7e:36:7a:b4:f5:74:94:53:7c:6d:54:03:
0f:d1:08:d2:7e:4f:e8:33:ab:92:1d:7b:2b:07:40:8f:49:1e:
e3:55:49:a4:7e:23:f5:3f:44:e6:1e:dc:b3:ce:1a:58:bb:a3:
bf:96:a4:30:86:58:2d:8e:95:3f:3b:9c:29:12:d2:62:9f:7c:
76:54:c1:e5:61:67:00:1b:53:73:aa:d6:f2:e8:7f:8f:6f:34:
fa:f5:e1:83:b0:5c:25:50:bd:5b:b9:64:59:f7:36:ae:40:78:
cf:97:8b:52:27:df:38:ba:e4:ae:43:fe:cc:24:f5:24:26:99:
21:3f:2b:db
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZfPAzGeZn98QUkbH1nTvLNkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjUwNzAzMDYzOTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2QyOGUzMmE2MGE4Njk4YzBhYTlhZjc0NzY0ZTIyZmZhMWU1MzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApM/u1XQwVOzhcJlG5q9uXlE1mdtY
tqEtVMkR52kSD23d6/DFZ8m2TH8jnkLxVm336oxUNgqlsmCdIBU7QtwokQwVssSO
IJ+NiJ30+UN0D3XT7iVqmwXw7X8ACkcf6c5ZdmgwXZLPLkf7S6BQsqQF1A/ta+yr
BFUDl/NXpJzp8bzCiGvMu4ksmvkci/xX6fdO74LAhrhAR36Isno9SEtUiu6pFJ5b
J31mechKxNo/C2gjBgF2bpSJHnjXMiPz6wGBqJ45qHUWcgMXXGqU6alDdeLFqXkN
e2Ldx+23whq+RUtiid1xL4M89P46AHVZydVUrDNQuLSHp7Kj56CqIB8n3wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKzSjjKmCoaYwKqa90dk4i/6HlNlMB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvck5LT01xWUtocGpBcXByM1IyVGlMX29lVTJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAdfm4AD
BABfm4YDBARfm5AwDQYJKoZIhvcNAQELBQADggEBACrMIpm4Xz/WkPXdt7iKRU/R
ZYEtohI4eD9bwVCZatxQpUoO+7LMMrgJNDn53XAYpNjQo+5P47upjpXoLzMEvO/T
xKzO1cxSUSG/ssjuWjvyDWI2Fodr3KEqsQp/sFFVYjlRP/HPznlPwgVpUKBT4YP+
b9YcGV9ru9xzPrv4YVDl1A2zRH42erT1dJRTfG1UAw/RCNJ+T+gzq5IdeysHQI9J
HuNVSaR+I/U/ROYe3LPOGli7o7+WpDCGWC2OlT87nCkS0mKffHZUweVhZwAbU3Oq
1vLof49vNPr14YOwXCVQvVu5ZFn3Nq5AeM+Xi1In3zi65K5D/swk9SQmmSE/K9s=
-----END CERTIFICATE-----
Generated at Sat Jul 5 20:58:20 2025 by rpki-client