Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/13b4bc-197e-40a6-b845-9ecd8cc50a88/1/qFfgJqALMCZeCZhx7ODZqfvDELg.roa
File: qFfgJqALMCZeCZhx7ODZqfvDELg.roa (raw, json)
Hash identifier: UEESjyV6TeDM2xk8FawUe+wNRht7+YgAxb+1XHXFnB0=
Subject key identifier: A8:57:E0:26:A0:0B:30:26:5E:09:98:71:EC:E0:D9:A9:FB:C3:10:B8
Certificate issuer: /CN=2791a7b8ee8440522b0b5530c85dce1d73f967b7
Certificate serial: 01975DA2C4E780B4B67EDD5C0B6D11B571D6
Authority key identifier: 27:91:A7:B8:EE:84:40:52:2B:0B:55:30:C8:5D:CE:1D:73:F9:67:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J5GnuO6EQFIrC1UwyF3OHXP5Z7c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/13b4bc-197e-40a6-b845-9ecd8cc50a88/1/qFfgJqALMCZeCZhx7ODZqfvDELg.roa
Signing time: Wed 11 Jun 2025 06:17:17 +0000
ROA not before: Wed 11 Jun 2025 06:17:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 95.128.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/13b4bc-197e-40a6-b845-9ecd8cc50a88/1/J5GnuO6EQFIrC1UwyF3OHXP5Z7c.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/13b4bc-197e-40a6-b845-9ecd8cc50a88/1/J5GnuO6EQFIrC1UwyF3OHXP5Z7c.mft
rsync://rpki.ripe.net/repository/DEFAULT/J5GnuO6EQFIrC1UwyF3OHXP5Z7c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 21:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:a2:c4:e7:80:b4:b6:7e:dd:5c:0b:6d:11:b5:71:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2791a7b8ee8440522b0b5530c85dce1d73f967b7
Validity
Not Before: Jun 11 06:17:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a857e026a00b30265e099871ece0d9a9fbc310b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:b4:2e:10:78:16:5b:b0:e4:4c:38:d8:68:6e:
f5:9e:ed:65:6b:aa:b0:e5:11:a0:0a:08:5d:21:48:
6c:a5:20:7d:99:54:02:34:16:3a:29:72:3b:a3:2f:
5d:32:a1:e0:30:b0:de:72:ca:46:34:97:b2:03:c1:
76:57:1d:06:3f:f8:2f:24:ca:93:cd:cd:34:71:89:
23:c3:4d:96:d2:c6:c8:30:41:0a:eb:ed:d5:f9:da:
27:1b:d7:34:f0:10:1b:9d:97:9d:61:4d:70:97:0a:
8f:f2:9c:4f:58:b2:f3:81:b6:5f:34:6b:a8:4f:b4:
b4:d7:bf:cb:5a:6b:0e:37:96:3d:9a:d7:8c:79:e8:
a7:51:99:c9:8e:ba:6b:a8:bb:00:a0:e4:9f:23:2c:
96:a9:ae:b9:0b:7a:c8:6a:5f:11:5d:4f:77:81:79:
67:07:2e:80:01:10:78:01:56:02:4b:24:1f:cd:73:
74:c4:8c:bd:cf:16:97:e7:2e:b8:5d:d3:d6:95:99:
71:6a:f1:0d:5d:2e:0d:ed:57:2b:9a:59:a5:5b:ab:
dc:f8:36:b4:7b:5c:83:74:56:6a:a3:f4:b2:d3:3e:
2d:2a:57:81:d6:2c:fa:7e:04:82:6b:b3:73:5f:2a:
dd:a3:16:2f:97:4c:6e:24:29:2b:19:74:52:7e:45:
dc:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:57:E0:26:A0:0B:30:26:5E:09:98:71:EC:E0:D9:A9:FB:C3:10:B8
X509v3 Authority Key Identifier:
keyid:27:91:A7:B8:EE:84:40:52:2B:0B:55:30:C8:5D:CE:1D:73:F9:67:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J5GnuO6EQFIrC1UwyF3OHXP5Z7c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/13b4bc-197e-40a6-b845-9ecd8cc50a88/1/qFfgJqALMCZeCZhx7ODZqfvDELg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/13b4bc-197e-40a6-b845-9ecd8cc50a88/1/J5GnuO6EQFIrC1UwyF3OHXP5Z7c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.196.0/24
Signature Algorithm: sha256WithRSAEncryption
07:f3:ad:89:26:4f:d0:b7:41:88:e5:dc:b8:2f:04:b3:1b:ca:
16:90:8b:4a:45:32:72:b2:35:9e:29:6f:ef:bf:fc:23:96:48:
f4:04:8f:96:3f:b7:05:4c:e5:7d:5a:19:8d:81:ed:cf:0d:fb:
3a:84:8e:90:d1:6b:c1:9a:bc:a4:b0:8b:1b:a7:a3:ac:d1:4c:
96:a0:8c:22:c6:f1:ae:c3:ee:9e:3c:6f:82:76:ac:96:18:be:
d7:b0:cc:8a:cc:ae:fc:e4:af:59:63:f3:42:78:3c:41:7b:2d:
0f:73:01:53:63:ef:8e:7f:ea:85:a5:f0:62:75:f5:bd:b2:2e:
08:ef:6e:02:36:2e:6b:7d:c8:17:46:d5:6b:03:e6:89:69:de:
f1:8e:54:b5:3e:01:32:01:f3:c5:c5:de:10:eb:ca:0c:13:96:
26:71:14:fa:7c:86:35:e2:99:2d:bf:38:72:40:85:c9:ef:66:
59:b1:aa:c6:5e:52:04:62:ee:15:99:d4:b8:6f:06:88:77:ca:
b7:52:89:d7:ca:84:01:5b:4f:6e:ea:fb:1e:9d:dc:97:32:62:
df:17:e2:33:fc:a5:69:67:d1:fa:bc:08:e6:45:d4:41:5c:5e:
2c:03:6f:a8:e4:a5:4e:d4:1e:34:f2:cd:2c:8a:bd:a1:c6:7e:
6a:d4:2d:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZddosTngLS2ft1cC20RtXHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OTFhN2I4ZWU4NDQwNTIyYjBiNTUzMGM4NWRjZTFkNzNm
OTY3YjcwHhcNMjUwNjExMDYxNzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODU3ZTAyNmEwMGIzMDI2NWUwOTk4NzFlY2UwZDlhOWZiYzMxMGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLQuEHgWW7DkTDjYaG71nu1la6qw
5RGgCghdIUhspSB9mVQCNBY6KXI7oy9dMqHgMLDecspGNJeyA8F2Vx0GP/gvJMqT
zc00cYkjw02W0sbIMEEK6+3V+donG9c08BAbnZedYU1wlwqP8pxPWLLzgbZfNGuo
T7S017/LWmsON5Y9mteMeeinUZnJjrprqLsAoOSfIyyWqa65C3rIal8RXU93gXln
By6AARB4AVYCSyQfzXN0xIy9zxaX5y64XdPWlZlxavENXS4N7VcrmlmlW6vc+Da0
e1yDdFZqo/Sy0z4tKleB1iz6fgSCa7NzXyrdoxYvl0xuJCkrGXRSfkXc2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKhX4CagCzAmXgmYcezg2an7wxC4MB8GA1UdIwQY
MBaAFCeRp7juhEBSKwtVMMhdzh1z+We3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjVHbnVPNkVRRklyQzFVd3lGM09IWFA1WjdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8xM2I0YmMtMTk3ZS00MGE2LWI4NDUt
OWVjZDhjYzUwYTg4LzEvcUZmZ0pxQUxNQ1plQ1poeDdPRFpxZnZERUxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8xM2I0YmMtMTk3ZS00MGE2LWI4NDUtOWVjZDhjYzUwYTg4
LzEvSjVHbnVPNkVRRklyQzFVd3lGM09IWFA1WjdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4DEMA0G
CSqGSIb3DQEBCwUAA4IBAQAH862JJk/Qt0GI5dy4LwSzG8oWkItKRTJysjWeKW/v
v/wjlkj0BI+WP7cFTOV9WhmNge3PDfs6hI6Q0WvBmryksIsbp6Os0UyWoIwixvGu
w+6ePG+CdqyWGL7XsMyKzK785K9ZY/NCeDxBey0PcwFTY++Of+qFpfBidfW9si4I
724CNi5rfcgXRtVrA+aJad7xjlS1PgEyAfPFxd4Q68oME5YmcRT6fIY14pktvzhy
QIXJ72ZZsarGXlIEYu4VmdS4bwaId8q3UonXyoQBW09u6vsendyXMmLfF+Iz/KVp
Z9H6vAjmRdRBXF4sA2+o5KVO1B408s0sir2hxn5q1C3r
-----END CERTIFICATE-----
Generated at Tue Jun 17 01:04:53 2025 by rpki-client