Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/0iNdRUaIe9UxqB2djcTI0YN0318.roa
File: 0iNdRUaIe9UxqB2djcTI0YN0318.roa (raw, json)
Hash identifier: AFJru6gk69ECX/jvIki0wTL1AT8/f6Qdj67BMu2fuFE=
Subject key identifier: D2:23:5D:45:46:88:7B:D5:31:A8:1D:9D:8D:C4:C8:D1:83:74:DF:5F
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 01983B97DD4EB3E6B54966B9E7DEC0EE2F70
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/0iNdRUaIe9UxqB2djcTI0YN0318.roa
Signing time: Thu 24 Jul 2025 08:41:05 +0000
ROA not before: Thu 24 Jul 2025 08:41:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.148.132.0/22 maxlen: 24
95.155.129.0/24 maxlen: 24
95.155.130.0/24 maxlen: 24
95.155.131.0/24 maxlen: 24
95.155.132.0/24 maxlen: 24
95.155.144.0/24 maxlen: 24
95.155.146.0/24 maxlen: 24
95.155.147.0/24 maxlen: 24
95.155.148.0/24 maxlen: 24
95.155.149.0/24 maxlen: 24
95.155.150.0/24 maxlen: 24
95.155.151.0/24 maxlen: 24
95.155.156.0/24 maxlen: 24
95.155.157.0/24 maxlen: 24
95.155.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 22:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3b:97:dd:4e:b3:e6:b5:49:66:b9:e7:de:c0:ee:2f:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Jul 24 08:41:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2235d4546887bd531a81d9d8dc4c8d18374df5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3e:5f:c7:f8:a3:90:39:0c:dd:ac:3c:c6:00:
a3:2d:65:5d:91:a8:85:c9:2e:4e:ad:6d:0f:2b:d1:
33:5c:b2:55:d0:cb:6c:ba:18:67:42:6b:22:07:89:
96:b4:82:44:9c:f6:ac:6a:1e:9d:f7:b4:a6:01:27:
db:14:8d:b2:0b:80:c7:fc:ba:ce:48:ac:7b:bd:c4:
6c:8e:f9:0c:1c:2d:02:fe:b9:98:27:4c:87:13:bb:
86:ad:2f:c3:fc:f6:41:a7:ee:83:75:01:46:46:96:
6e:8c:f1:2b:24:d4:28:0f:c2:22:23:95:cc:bd:1f:
5f:8e:db:0b:43:55:9a:00:dc:29:9e:b3:13:a3:cc:
02:ac:6d:c1:d7:b0:78:97:16:77:41:d2:f1:35:b4:
b8:b1:34:f7:bf:6f:4e:57:c2:4e:fa:1d:ef:d8:d7:
e7:02:e4:4b:9b:e9:90:c1:27:1e:24:b3:7a:6a:4f:
f2:03:bf:9d:e6:d8:0f:6d:2c:00:4c:47:b4:2d:1b:
7f:44:09:c2:d6:b5:cc:a0:7a:84:c5:d0:ae:00:bc:
7c:d5:21:85:1b:11:bc:cb:b2:96:2e:27:b5:3b:88:
ed:21:95:bc:63:f4:76:1d:b2:b2:03:49:73:aa:c1:
0c:17:80:b0:15:ad:f0:33:64:76:25:89:af:fb:79:
0b:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:23:5D:45:46:88:7B:D5:31:A8:1D:9D:8D:C4:C8:D1:83:74:DF:5F
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/0iNdRUaIe9UxqB2djcTI0YN0318.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.132.0/22
95.155.129.0-95.155.132.255
95.155.144.0/24
95.155.146.0-95.155.151.255
95.155.156.0-95.155.158.255
Signature Algorithm: sha256WithRSAEncryption
23:a7:dd:79:f8:ca:aa:ed:8c:bc:0d:67:ab:84:f2:f9:99:5e:
30:d3:fd:dd:90:00:1e:ab:ff:da:62:f2:6d:71:ad:05:dd:73:
ec:1f:f7:73:39:a5:87:d3:e4:9c:12:6d:91:11:73:47:55:b1:
52:92:9f:73:1a:ba:66:15:3a:ef:c7:24:c8:50:bd:65:2a:27:
7d:15:c4:67:69:75:c1:40:5c:e9:50:5b:ae:52:0c:5d:62:39:
3f:cb:6a:fa:4a:0e:ac:a9:bb:38:fd:36:ae:b2:a8:a1:2a:fc:
dd:4a:3b:9d:ad:2c:a2:f3:60:34:91:ff:bf:f4:2a:75:cf:5a:
d4:81:79:d1:bf:ff:30:e2:3d:74:8d:03:81:48:9a:2a:0d:08:
e5:10:1d:5a:0a:33:f1:17:72:f2:66:66:27:c2:5a:ce:08:89:
92:43:3c:ac:5b:6a:2f:43:ba:a3:b5:4e:af:37:4d:59:de:4c:
45:05:06:10:7d:71:c3:6c:87:a7:bb:35:6c:50:35:be:90:bc:
e0:8f:b7:d4:fd:5c:94:9c:76:ee:09:3d:0e:43:90:53:c1:89:
3c:b4:4d:7a:6b:67:25:29:90:fc:78:b7:47:b0:53:7b:c1:ef:
9a:d0:66:cb:2d:c0:65:37:0c:51:73:b5:5d:25:04:1d:a0:73:
91:18:27:fc
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZg7l91Os+a1SWa5597A7i9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjUwNzI0MDg0MTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjIzNWQ0NTQ2ODg3YmQ1MzFhODFkOWQ4ZGM0YzhkMTgzNzRkZjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvz5fx/ijkDkM3aw8xgCjLWVdkaiF
yS5OrW0PK9EzXLJV0MtsuhhnQmsiB4mWtIJEnPasah6d97SmASfbFI2yC4DH/LrO
SKx7vcRsjvkMHC0C/rmYJ0yHE7uGrS/D/PZBp+6DdQFGRpZujPErJNQoD8IiI5XM
vR9fjtsLQ1WaANwpnrMTo8wCrG3B17B4lxZ3QdLxNbS4sTT3v29OV8JO+h3v2Nfn
AuRLm+mQwSceJLN6ak/yA7+d5tgPbSwATEe0LRt/RAnC1rXMoHqExdCuALx81SGF
GxG8y7KWLie1O4jtIZW8Y/R2HbKyA0lzqsEMF4CwFa3wM2R2JYmv+3kLGQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNIjXUVGiHvVMagdnY3EyNGDdN9fMB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvMGlOZFJVYUllOVV4cUIyZGpjVEkwWU4wMzE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCJZSEMAwD
BABfm4EDBABfm4QDBABfm5AwDAMEAV+bkgMEA1+bkDAMAwQCX5ucAwQAX5ueMA0G
CSqGSIb3DQEBCwUAA4IBAQAjp915+Mqq7Yy8DWerhPL5mV4w0/3dkAAeq//aYvJt
ca0F3XPsH/dzOaWH0+ScEm2REXNHVbFSkp9zGrpmFTrvxyTIUL1lKid9FcRnaXXB
QFzpUFuuUgxdYjk/y2r6Sg6sqbs4/TausqihKvzdSjudrSyi82A0kf+/9Cp1z1rU
gXnRv/8w4j10jQOBSJoqDQjlEB1aCjPxF3LyZmYnwlrOCImSQzysW2ovQ7qjtU6v
N01Z3kxFBQYQfXHDbIenuzVsUDW+kLzgj7fU/VyUnHbuCT0OQ5BTwYk8tE16a2cl
KZD8eLdHsFN7we+a0GbLLcBlNwxRc7VdJQQdoHORGCf8
-----END CERTIFICATE-----
Generated at Wed Aug 6 05:16:37 2025 by rpki-client