Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/sdNhn-Zwnr-YG7tK9d0-6rM1f-U.roa
File: sdNhn-Zwnr-YG7tK9d0-6rM1f-U.roa (raw, json)
Hash identifier: rAWsDvzqXFPmTOX068GUpdMXRJhdTsuNmQhJKfNIeUo=
Subject key identifier: B1:D3:61:9F:E6:70:9E:BF:98:1B:BB:4A:F5:DD:3E:EA:B3:35:7F:E5
Certificate issuer: /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Certificate serial: 01965C310F5552583B303230C9F3E21A3C2B
Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/sdNhn-Zwnr-YG7tK9d0-6rM1f-U.roa
Signing time: Tue 22 Apr 2025 06:30:41 +0000
ROA not before: Tue 22 Apr 2025 06:30:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200373
IP address blocks: 95.141.242.0/24 maxlen: 24
2a09:dc00::/29 maxlen: 32
2a0a:1f40::/29 maxlen: 32
2a0a:1f40::/32 maxlen: 32
2a0a:1f41::/32 maxlen: 32
2a0a:da40::/29 maxlen: 29
2a13:3f80::/32 maxlen: 32
2a13:3f83::/32 maxlen: 32
2a13:3f84::/32 maxlen: 32
2a13:3f85::/32 maxlen: 32
2a13:3f86::/32 maxlen: 32
2a13:3f87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 12:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5c:31:0f:55:52:58:3b:30:32:30:c9:f3:e2:1a:3c:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5
Validity
Not Before: Apr 22 06:30:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1d3619fe6709ebf981bbb4af5dd3eeab3357fe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e3:c8:da:ae:3d:57:fb:37:4d:df:14:2e:9e:
eb:8d:4b:d5:12:79:0c:1e:00:3f:2f:3f:48:c9:0d:
0c:7d:e4:ee:3a:1b:c7:2d:2c:2e:b6:00:06:bb:ce:
5c:86:bd:c4:cc:8f:10:ae:86:67:16:9f:af:0d:5c:
ed:62:0d:b3:2b:20:c6:6c:f2:81:3d:09:ed:e9:ab:
eb:b7:96:b3:93:b7:88:1b:87:e9:80:6a:d0:51:4a:
01:7f:26:ec:98:b8:23:84:d1:2c:1b:37:d8:0e:db:
56:d3:15:26:07:4f:c5:ec:54:1b:5e:97:50:8b:d5:
8b:b7:4f:19:5f:27:1d:92:2b:6c:3f:69:04:6e:f3:
77:81:8c:1e:cc:3a:5e:41:79:9c:1e:2c:8d:5a:e5:
8b:b9:6d:4a:a8:2d:22:90:ad:73:5a:20:0a:36:44:
8c:fe:06:0f:16:03:35:a1:9f:6b:aa:0b:ee:64:a2:
54:80:6c:82:03:71:a2:27:79:48:f9:96:87:a0:b3:
12:c7:6d:cc:f1:88:5d:bb:b3:d9:fc:f1:c1:a2:2b:
66:fa:f3:e7:f4:95:ab:85:35:8b:df:aa:2b:df:67:
ba:ec:d8:35:a8:20:88:4b:35:8c:3d:e5:02:5c:47:
f9:f1:ba:19:56:a4:75:46:9a:3f:a1:53:f1:e4:c6:
c0:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D3:61:9F:E6:70:9E:BF:98:1B:BB:4A:F5:DD:3E:EA:B3:35:7F:E5
X509v3 Authority Key Identifier:
keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/sdNhn-Zwnr-YG7tK9d0-6rM1f-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.141.242.0/24
IPv6:
2a09:dc00::/29
2a0a:1f40::/29
2a0a:da40::/29
2a13:3f80::/32
2a13:3f83::-2a13:3f87:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
39:9a:7e:a7:bd:b6:53:11:66:46:a9:f2:54:be:fd:ec:ad:17:
33:83:cc:1c:0c:b6:60:7d:c9:6d:e7:71:5c:e4:43:a6:5e:00:
a8:c4:67:09:8f:2b:53:d4:96:ec:8a:38:da:82:66:27:22:06:
69:13:7d:27:eb:46:f6:c9:43:49:a4:30:43:7f:d2:79:32:fe:
d6:fc:ce:16:07:04:b6:ec:97:d7:a9:de:82:21:f6:a5:00:60:
44:56:73:6c:b8:93:0a:07:62:88:1b:91:27:c1:ec:02:c6:01:
3d:96:00:fc:26:f9:72:f2:c9:0b:8f:15:34:84:83:7a:03:59:
b2:7e:ea:f4:54:0c:c9:df:f5:94:d9:8c:c0:75:26:a2:7f:b8:
c5:80:db:0e:92:4a:68:01:5c:6d:dc:e1:84:2a:c1:3e:76:14:
6f:60:90:8f:f4:06:8d:80:da:1b:04:c0:20:5d:76:79:fe:0a:
b1:61:b5:87:6b:27:5c:c7:ac:68:67:2b:f1:56:7c:48:e5:f3:
ff:f1:50:77:6c:0d:35:8f:8c:12:ba:a9:53:ae:44:ca:13:da:
b8:ce:60:d4:42:35:80:10:80:f0:41:e7:2c:8c:39:02:70:80:
a4:a6:5f:f8:aa:71:02:59:77:10:c3:bd:1d:5b:03:fe:02:d6:
6c:05:2f:c3
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZZcMQ9VUlg7MDIwyfPiGjwrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl
NjFiZDUwHhcNMjUwNDIyMDYzMDQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWQzNjE5ZmU2NzA5ZWJmOTgxYmJiNGFmNWRkM2VlYWIzMzU3ZmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+PI2q49V/s3Td8ULp7rjUvVEnkM
HgA/Lz9IyQ0MfeTuOhvHLSwutgAGu85chr3EzI8QroZnFp+vDVztYg2zKyDGbPKB
PQnt6avrt5azk7eIG4fpgGrQUUoBfybsmLgjhNEsGzfYDttW0xUmB0/F7FQbXpdQ
i9WLt08ZXycdkitsP2kEbvN3gYwezDpeQXmcHiyNWuWLuW1KqC0ikK1zWiAKNkSM
/gYPFgM1oZ9rqgvuZKJUgGyCA3GiJ3lI+ZaHoLMSx23M8Yhdu7PZ/PHBoitm+vPn
9JWrhTWL36or32e67Ng1qCCISzWMPeUCXEf58boZVqR1Rpo/oVPx5MbA2wIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFLHTYZ/mcJ6/mBu7SvXdPuqzNX/lMB8GA1UdIwQY
MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt
MDg4MzVkZmY2YzRmLzEvc2ROaG4tWnduci1ZRzd0SzlkMC02ck0xZi1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm
LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAMBAIAATAGAwQAX43yMDIE
AgACMCwDBQMqCdwAAwUDKgofQAMFAyoK2kADBQAqEz+AMA4DBQAqEz+DAwUDKhM/
gDANBgkqhkiG9w0BAQsFAAOCAQEAOZp+p722UxFmRqnyVL797K0XM4PMHAy2YH3J
bedxXORDpl4AqMRnCY8rU9SW7Io42oJmJyIGaRN9J+tG9slDSaQwQ3/SeTL+1vzO
FgcEtuyX16negiH2pQBgRFZzbLiTCgdiiBuRJ8HsAsYBPZYA/Cb5cvLJC48VNISD
egNZsn7q9FQMyd/1lNmMwHUmon+4xYDbDpJKaAFcbdzhhCrBPnYUb2CQj/QGjYDa
GwTAIF12ef4KsWG1h2snXMesaGcr8VZ8SOXz//FQd2wNNY+MErqpU65EyhPauM5g
1EI1gBCA8EHnLIw5AnCApKZf+KpxAll3EMO9HVsD/gLWbAUvww==
-----END CERTIFICATE-----
Generated at Sun Apr 27 20:20:59 2025 by rpki-client