Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/oFmlzP6ML3vgrJzYKtoah3Clk-k.roa
File: oFmlzP6ML3vgrJzYKtoah3Clk-k.roa (raw, json)
Hash identifier: w9hGd8N7afhoyUOGmiu3kSdi4CKMYM8sitELfKuLv2k=
Subject key identifier: A0:59:A5:CC:FE:8C:2F:7B:E0:AC:9C:D8:2A:DA:1A:87:70:A5:93:E9
Certificate issuer: /CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Certificate serial: 019875BCDFF5C2ECA17CFAF149574CD0BBFC
Authority key identifier: 20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/oFmlzP6ML3vgrJzYKtoah3Clk-k.roa
Signing time: Mon 04 Aug 2025 15:39:28 +0000
ROA not before: Mon 04 Aug 2025 15:39:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4637
IP address blocks: 95.170.21.0/24 maxlen: 24
95.170.24.0/24 maxlen: 24
95.170.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:75:bc:df:f5:c2:ec:a1:7c:fa:f1:49:57:4c:d0:bb:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Validity
Not Before: Aug 4 15:39:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a059a5ccfe8c2f7be0ac9cd82ada1a8770a593e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b2:bc:a9:76:4f:95:09:e2:45:98:53:86:5c:
8e:81:2a:39:f2:62:e9:c4:e6:7c:65:34:e5:d9:d9:
4b:c3:cc:ac:a6:8e:7c:23:ba:1d:c9:a7:5a:b4:c5:
5f:23:8e:9f:92:dc:66:fe:a1:91:4d:8b:63:6d:5c:
f3:f3:19:d7:f6:1f:4f:6a:fa:00:9a:fb:3d:98:67:
8d:0e:94:3b:dc:db:6a:c1:bf:20:4e:56:ed:6a:37:
68:65:a1:f5:a9:74:89:5e:ad:78:51:f4:8d:eb:85:
c2:14:12:68:46:6a:34:ae:75:5c:87:ed:3f:2d:63:
67:e8:c3:a1:50:6e:cc:4a:fb:f8:6a:dd:3b:79:53:
f4:b5:7d:de:21:dc:9b:6e:94:97:53:a0:f5:42:e8:
b3:2a:a4:49:56:5b:09:83:6e:37:b4:b5:df:5f:4a:
fd:30:61:56:00:c3:18:e6:34:bb:0d:5e:a6:94:24:
a6:74:8f:46:52:2d:57:8c:5a:bf:7f:a1:60:4e:86:
eb:bc:c6:0b:7b:b4:cd:13:c5:d2:1e:af:b2:09:81:
f7:61:32:6e:48:21:08:c2:0c:5a:c7:01:34:b9:86:
f4:f2:b9:8f:f8:2d:8a:20:6b:bd:fe:a8:21:f2:c6:
09:64:74:c4:92:a3:30:3d:97:d5:66:75:d1:9c:5d:
94:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:59:A5:CC:FE:8C:2F:7B:E0:AC:9C:D8:2A:DA:1A:87:70:A5:93:E9
X509v3 Authority Key Identifier:
keyid:20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/oFmlzP6ML3vgrJzYKtoah3Clk-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.170.21.0/24
95.170.24.0/24
95.170.31.0/24
Signature Algorithm: sha256WithRSAEncryption
99:73:d8:38:22:31:f3:14:22:a0:cb:13:f5:42:60:f1:96:4f:
04:dd:9f:ef:eb:46:8f:2a:3e:75:22:08:2f:f3:b6:ac:b4:7a:
c7:92:9e:61:b9:69:d0:50:d1:80:bf:c1:89:84:68:90:b8:0b:
c9:7b:ea:bd:68:f5:13:bb:fc:52:2a:15:a5:18:ae:a9:cc:1c:
1a:17:c5:a2:42:cc:56:13:5e:ca:b1:62:76:5e:95:54:3c:f3:
97:8b:5f:35:e2:1d:0c:e8:96:cc:3b:89:01:d5:6f:73:90:04:
d9:24:fa:9c:0a:07:fc:7e:d7:46:be:b5:7e:ca:5e:39:ab:03:
95:81:33:94:f2:80:be:ae:10:c7:e3:88:29:62:08:e7:28:e7:
b0:48:82:27:c8:23:bc:ad:26:19:86:12:82:dd:ef:93:97:27:
d6:6a:15:4a:b2:d5:e1:d0:86:fa:ba:31:62:c9:f4:d0:10:ad:
b5:ea:0f:06:b4:bd:ea:73:94:8b:27:d5:40:ac:8b:85:02:a5:
d2:09:fd:91:b6:f0:ee:5e:67:12:b1:f5:36:77:3b:a8:84:5e:
10:e3:b8:37:db:e9:1e:08:98:b5:e5:f4:bf:df:65:5b:3b:23:
22:c2:fb:71:90:fe:cd:88:c6:bd:90:d1:1b:57:71:b7:9a:1b:
cf:90:bf:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZh1vN/1wuyhfPrxSVdM0Lv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTQyNWEzMmI2MmQzOTgxOGM0Y2JiMDA4MTA3NTY4NmZj
NGM4ZTgwHhcNMjUwODA0MTUzOTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDU5YTVjY2ZlOGMyZjdiZTBhYzljZDgyYWRhMWE4NzcwYTU5M2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2bK8qXZPlQniRZhThlyOgSo58mLp
xOZ8ZTTl2dlLw8yspo58I7odyadatMVfI46fktxm/qGRTYtjbVzz8xnX9h9PavoA
mvs9mGeNDpQ73Ntqwb8gTlbtajdoZaH1qXSJXq14UfSN64XCFBJoRmo0rnVch+0/
LWNn6MOhUG7MSvv4at07eVP0tX3eIdybbpSXU6D1QuizKqRJVlsJg243tLXfX0r9
MGFWAMMY5jS7DV6mlCSmdI9GUi1XjFq/f6FgTobrvMYLe7TNE8XSHq+yCYH3YTJu
SCEIwgxaxwE0uYb08rmP+C2KIGu9/qgh8sYJZHTEkqMwPZfVZnXRnF2UFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKBZpcz+jC974Kyc2CraGodwpZPpMB8GA1UdIwQY
MBaAFCDkJaMrYtOYGMTLsAgQdWhvxMjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGIt
ZWNkMjk2NWNiN2U3LzEvb0ZtbHpQNk1MM3Znckp6WUt0b2FoM0Nsay1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGItZWNkMjk2NWNiN2U3
LzEvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAX6oVAwQA
X6oYAwQAX6ofMA0GCSqGSIb3DQEBCwUAA4IBAQCZc9g4IjHzFCKgyxP1QmDxlk8E
3Z/v60aPKj51Iggv87astHrHkp5huWnQUNGAv8GJhGiQuAvJe+q9aPUTu/xSKhWl
GK6pzBwaF8WiQsxWE17KsWJ2XpVUPPOXi1814h0M6JbMO4kB1W9zkATZJPqcCgf8
ftdGvrV+yl45qwOVgTOU8oC+rhDH44gpYgjnKOewSIInyCO8rSYZhhKC3e+TlyfW
ahVKstXh0Ib6ujFiyfTQEK216g8GtL3qc5SLJ9VArIuFAqXSCf2RtvDuXmcSsfU2
dzuohF4Q47g32+keCJi15fS/32VbOyMiwvtxkP7NiMa9kNEbV3G3mhvPkL9l
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:50:42 2025 by rpki-client