Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/ihECHfgu5dDrZdiN8oiW46lzoxI.roa
File: ihECHfgu5dDrZdiN8oiW46lzoxI.roa (raw, json)
Hash identifier: bQ96mW5B18QRjKhxCTD1amxvGa7WSvg+fA8xs+WbPnk=
Subject key identifier: 8A:11:02:1D:F8:2E:E5:D0:EB:65:D8:8D:F2:88:96:E3:A9:73:A3:12
Certificate issuer: /CN=e1584910124af776e30e5acf055d6bae1761a536
Certificate serial: 01988613DC3826937E79152745C859F2D40E
Authority key identifier: E1:58:49:10:12:4A:F7:76:E3:0E:5A:CF:05:5D:6B:AE:17:61:A5:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VhJEBJK93bjDlrPBV1rrhdhpTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/ihECHfgu5dDrZdiN8oiW46lzoxI.roa
Signing time: Thu 07 Aug 2025 19:48:25 +0000
ROA not before: Thu 07 Aug 2025 19:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51844
IP address blocks: 95.128.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/4VhJEBJK93bjDlrPBV1rrhdhpTY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/4VhJEBJK93bjDlrPBV1rrhdhpTY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4VhJEBJK93bjDlrPBV1rrhdhpTY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 Aug 2025 07:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:86:13:dc:38:26:93:7e:79:15:27:45:c8:59:f2:d4:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1584910124af776e30e5acf055d6bae1761a536
Validity
Not Before: Aug 7 19:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a11021df82ee5d0eb65d88df28896e3a973a312
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8a:4e:88:7a:e5:d1:a8:cd:2c:55:0b:28:b7:
a3:25:a8:bf:3c:b9:97:02:27:09:86:74:46:3e:74:
34:46:c0:20:24:48:d5:00:d7:6a:b3:b1:67:ca:69:
b9:77:ea:21:07:a9:9d:de:a0:69:0c:76:00:bd:2b:
77:cd:cf:cb:16:55:f1:10:47:b9:a3:70:df:7f:15:
f0:cd:a6:b1:c7:79:40:9c:41:58:39:83:58:73:4c:
64:ad:89:8d:4b:3b:3c:b0:e4:ac:ed:27:98:66:5d:
49:20:92:be:ef:64:f0:75:d2:c6:ed:64:58:15:02:
29:bf:73:6a:84:61:d9:42:a3:ff:6e:4d:ad:76:c9:
49:01:cc:79:80:09:0a:3a:c3:c4:79:ac:45:d1:2d:
ed:38:0c:72:8a:37:45:15:16:aa:c8:7c:87:c0:e7:
58:69:72:00:8b:7e:78:c4:aa:02:0a:8a:a5:a0:f3:
23:3f:ff:fb:7b:67:ef:02:f0:38:28:3c:79:b3:b7:
b3:b5:c6:df:59:3a:c4:04:f9:aa:5a:f4:a9:69:74:
71:36:67:bd:3b:77:46:a3:da:ee:d9:67:cf:71:55:
39:61:40:17:49:51:63:76:e6:e1:ce:66:ef:29:47:
93:4f:11:ba:81:2f:99:80:a5:de:96:05:9c:f0:0a:
9a:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:11:02:1D:F8:2E:E5:D0:EB:65:D8:8D:F2:88:96:E3:A9:73:A3:12
X509v3 Authority Key Identifier:
keyid:E1:58:49:10:12:4A:F7:76:E3:0E:5A:CF:05:5D:6B:AE:17:61:A5:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VhJEBJK93bjDlrPBV1rrhdhpTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/ihECHfgu5dDrZdiN8oiW46lzoxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/7215e0-9ab8-4a13-a605-31ab32ff7c68/1/4VhJEBJK93bjDlrPBV1rrhdhpTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.158.0/24
Signature Algorithm: sha256WithRSAEncryption
97:3c:83:fc:86:66:67:8f:a8:2e:15:01:92:1d:71:2f:8b:79:
06:f9:c9:de:18:46:92:20:14:28:48:69:63:8c:5c:77:e1:f3:
e5:df:20:a7:3b:4f:71:4b:88:2b:d4:b7:bf:a3:6c:d3:5d:ec:
7a:ad:fa:de:97:3d:32:91:88:3d:08:1a:74:cf:d9:1a:82:d8:
ed:c4:cf:5d:0d:79:0b:a5:bd:b1:c6:23:3f:77:d2:b1:b5:36:
67:0e:31:f1:54:8b:17:e7:23:f1:5f:70:cf:a3:f2:7f:16:b7:
7c:a9:ff:06:b7:39:60:7b:ff:33:6f:1a:91:d0:e6:b7:80:66:
91:38:af:32:d6:05:15:2c:7c:54:a4:b8:56:fe:eb:ab:07:6d:
c4:a0:5d:e0:c1:0b:4d:9a:62:b9:87:8d:bf:e4:d6:9a:13:91:
d1:0d:95:37:77:79:9d:a0:18:68:74:4d:ab:57:38:d4:e1:43:
1d:76:0b:14:26:d3:58:10:00:db:a9:e1:fc:31:9e:5e:19:37:
55:ad:98:9a:c2:85:64:39:98:3b:18:ad:e6:d3:55:57:c0:6f:
3d:e1:5e:fd:a0:d8:7a:20:0c:50:08:f1:a1:59:af:b2:18:1c:
a2:a2:cc:c0:57:7e:f5:08:0c:2f:be:ec:3a:c7:6e:f2:d3:90:
4e:fc:ea:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZiGE9w4JpN+eRUnRchZ8tQOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTg0OTEwMTI0YWY3NzZlMzBlNWFjZjA1NWQ2YmFlMTc2
MWE1MzYwHhcNMjUwODA3MTk0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTExMDIxZGY4MmVlNWQwZWI2NWQ4OGRmMjg4OTZlM2E5NzNhMzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYpOiHrl0ajNLFULKLejJai/PLmX
AicJhnRGPnQ0RsAgJEjVANdqs7Fnymm5d+ohB6md3qBpDHYAvSt3zc/LFlXxEEe5
o3DffxXwzaaxx3lAnEFYOYNYc0xkrYmNSzs8sOSs7SeYZl1JIJK+72TwddLG7WRY
FQIpv3NqhGHZQqP/bk2tdslJAcx5gAkKOsPEeaxF0S3tOAxyijdFFRaqyHyHwOdY
aXIAi354xKoCCoqloPMjP//7e2fvAvA4KDx5s7eztcbfWTrEBPmqWvSpaXRxNme9
O3dGo9ru2WfPcVU5YUAXSVFjdubhzmbvKUeTTxG6gS+ZgKXelgWc8AqaGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIoRAh34LuXQ62XYjfKIluOpc6MSMB8GA1UdIwQY
MBaAFOFYSRASSvd24w5azwVda64XYaU2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZoSkVCSks5M2JqRGxyUEJWMXJyaGRocFRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83MjE1ZTAtOWFiOC00YTEzLWE2MDUt
MzFhYjMyZmY3YzY4LzEvaWhFQ0hmZ3U1ZERyWmRpTjhvaVc0Nmx6b3hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83MjE1ZTAtOWFiOC00YTEzLWE2MDUtMzFhYjMyZmY3YzY4
LzEvNFZoSkVCSks5M2JqRGxyUEJWMXJyaGRocFRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4CeMA0G
CSqGSIb3DQEBCwUAA4IBAQCXPIP8hmZnj6guFQGSHXEvi3kG+cneGEaSIBQoSGlj
jFx34fPl3yCnO09xS4gr1Le/o2zTXex6rfrelz0ykYg9CBp0z9kagtjtxM9dDXkL
pb2xxiM/d9KxtTZnDjHxVIsX5yPxX3DPo/J/Frd8qf8Gtzlge/8zbxqR0Oa3gGaR
OK8y1gUVLHxUpLhW/uurB23EoF3gwQtNmmK5h42/5NaaE5HRDZU3d3mdoBhodE2r
VzjU4UMddgsUJtNYEADbqeH8MZ5eGTdVrZiawoVkOZg7GK3m01VXwG894V79oNh6
IAxQCPGhWa+yGByioszAV371CAwvvuw6x27y05BO/OrP
-----END CERTIFICATE-----
Generated at Wed Aug 13 11:30:24 2025 by rpki-client