Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/1813ba-506e-444e-9ca4-f093e17b27ef/1/aQYXwN1hIPnjjCzzBaRpPeGmHJY.roa
File: aQYXwN1hIPnjjCzzBaRpPeGmHJY.roa (raw, json)
Hash identifier: cRP6ljm3HcbCmhQ/DifjNEtuIJrF64sc54A2KruH5EI=
Subject key identifier: 69:06:17:C0:DD:61:20:F9:E3:8C:2C:F3:05:A4:69:3D:E1:A6:1C:96
Certificate issuer: /CN=9367965e2834f1893cfa8631a484071e6a2d45b7
Certificate serial: 0198850D18382C7D64F7B90509BE5FC21ED9
Authority key identifier: 93:67:96:5E:28:34:F1:89:3C:FA:86:31:A4:84:07:1E:6A:2D:45:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2eWXig08Yk8-oYxpIQHHmotRbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/1813ba-506e-444e-9ca4-f093e17b27ef/1/aQYXwN1hIPnjjCzzBaRpPeGmHJY.roa
Signing time: Thu 07 Aug 2025 15:01:24 +0000
ROA not before: Thu 07 Aug 2025 15:01:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47542
IP address blocks: 95.142.204.0/23 maxlen: 23
95.142.207.0/24 maxlen: 24
2a00:bdc0:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/1813ba-506e-444e-9ca4-f093e17b27ef/1/k2eWXig08Yk8-oYxpIQHHmotRbc.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/1813ba-506e-444e-9ca4-f093e17b27ef/1/k2eWXig08Yk8-oYxpIQHHmotRbc.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2eWXig08Yk8-oYxpIQHHmotRbc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:85:0d:18:38:2c:7d:64:f7:b9:05:09:be:5f:c2:1e:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9367965e2834f1893cfa8631a484071e6a2d45b7
Validity
Not Before: Aug 7 15:01:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=690617c0dd6120f9e38c2cf305a4693de1a61c96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:85:01:e0:99:19:9e:58:8a:9e:2b:13:21:5c:
d5:68:18:6f:c4:b2:3d:67:70:17:f3:6a:50:5b:60:
b4:cf:cc:2f:b9:6c:3b:49:4e:5f:4f:73:26:99:76:
00:93:7a:22:5c:8e:d6:5a:89:c8:2b:7c:da:2c:37:
b7:80:70:2b:4e:a2:f2:c2:17:76:75:3c:8b:ae:90:
00:98:3e:a5:5f:fe:c3:01:80:49:37:f0:53:94:e5:
15:0f:04:9e:a4:fa:b9:c3:6a:d2:e5:e8:6f:40:b8:
3d:0b:13:cb:c9:42:e5:8b:c6:3b:6d:9d:20:58:7b:
00:6a:5b:99:16:7a:d7:9e:d3:d7:13:a6:00:f2:12:
be:a8:78:63:cd:cc:02:69:63:ab:ea:8b:a8:9b:07:
e3:70:52:d9:f6:c2:c7:1a:6e:ad:29:d7:0c:68:5d:
2f:6c:16:8d:bb:f3:0c:5b:ab:23:6f:e2:24:02:27:
ac:f1:50:32:ec:1e:86:c9:b9:a9:af:8a:69:e8:a7:
d5:40:04:07:6a:d8:23:24:0e:bf:18:b5:18:79:ce:
ab:7c:ca:ea:fe:69:ad:c0:1f:08:01:6b:0f:d2:bd:
9d:a6:c7:0d:28:13:34:04:36:43:de:aa:81:cd:24:
88:60:4e:8e:ca:01:c1:0f:d3:05:dd:1c:c3:eb:38:
0c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:06:17:C0:DD:61:20:F9:E3:8C:2C:F3:05:A4:69:3D:E1:A6:1C:96
X509v3 Authority Key Identifier:
keyid:93:67:96:5E:28:34:F1:89:3C:FA:86:31:A4:84:07:1E:6A:2D:45:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2eWXig08Yk8-oYxpIQHHmotRbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/1813ba-506e-444e-9ca4-f093e17b27ef/1/aQYXwN1hIPnjjCzzBaRpPeGmHJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/1813ba-506e-444e-9ca4-f093e17b27ef/1/k2eWXig08Yk8-oYxpIQHHmotRbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.142.204.0/23
95.142.207.0/24
IPv6:
2a00:bdc0:f000::/36
Signature Algorithm: sha256WithRSAEncryption
a0:17:69:a3:d1:a2:52:49:59:d8:0f:d1:7d:c7:b8:d2:15:7c:
e5:93:64:55:82:49:91:24:6b:80:6f:d9:5c:8c:3d:d2:75:18:
8d:21:18:54:dd:f2:c2:38:8f:8f:4a:0e:c2:ac:90:d9:ac:46:
8c:de:17:a5:d6:09:59:56:26:65:34:fd:09:d1:b2:33:9d:c8:
55:d9:36:76:8a:5d:f2:70:44:e4:9e:1d:93:23:24:3a:ce:a4:
69:c0:e0:e1:98:17:50:f7:2f:19:b8:64:ff:3f:b9:61:5e:90:
17:bc:11:6b:d3:72:d6:44:ae:26:ed:a9:ab:e5:43:f1:e4:58:
3a:71:00:95:95:e1:af:28:5e:27:79:f1:f9:ea:62:9a:e5:61:
8b:33:6d:e4:26:a0:aa:11:bd:7f:68:b4:99:95:40:94:15:4d:
28:5f:c1:1c:eb:df:61:2c:a1:fc:3c:af:b4:2f:73:f5:6b:11:
3e:9d:46:7b:f1:be:90:30:80:4d:dc:20:c5:35:55:f7:b7:ea:
8d:70:1e:bd:57:3f:72:67:3b:a2:d6:d4:9c:c2:49:4d:a9:ef:
c9:2d:2a:97:2b:27:8a:f6:e6:14:62:98:cf:dc:dd:17:4e:55:
32:30:30:6f:2f:0c:2f:77:af:17:ae:cb:d7:bb:e6:c1:54:a2:
62:60:4f:32
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZiFDRg4LH1k97kFCb5fwh7ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc5NjVlMjgzNGYxODkzY2ZhODYzMWE0ODQwNzFlNmEy
ZDQ1YjcwHhcNMjUwODA3MTUwMTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTA2MTdjMGRkNjEyMGY5ZTM4YzJjZjMwNWE0NjkzZGUxYTYxYzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyIUB4JkZnliKnisTIVzVaBhvxLI9
Z3AX82pQW2C0z8wvuWw7SU5fT3MmmXYAk3oiXI7WWonIK3zaLDe3gHArTqLywhd2
dTyLrpAAmD6lX/7DAYBJN/BTlOUVDwSepPq5w2rS5ehvQLg9CxPLyULli8Y7bZ0g
WHsAaluZFnrXntPXE6YA8hK+qHhjzcwCaWOr6ouomwfjcFLZ9sLHGm6tKdcMaF0v
bBaNu/MMW6sjb+IkAies8VAy7B6Gybmpr4pp6KfVQAQHatgjJA6/GLUYec6rfMrq
/mmtwB8IAWsP0r2dpscNKBM0BDZD3qqBzSSIYE6OygHBD9MF3RzD6zgMbwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGkGF8DdYSD544ws8wWkaT3hphyWMB8GA1UdIwQY
MBaAFJNnll4oNPGJPPqGMaSEBx5qLUW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJlV1hpZzA4WWs4LW9ZeHBJUUhIbW90UmJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8xODEzYmEtNTA2ZS00NDRlLTljYTQt
ZjA5M2UxN2IyN2VmLzEvYVFZWHdOMWhJUG5qakN6ekJhUnBQZUdtSEpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8xODEzYmEtNTA2ZS00NDRlLTljYTQtZjA5M2UxN2IyN2Vm
LzEvazJlV1hpZzA4WWs4LW9ZeHBJUUhIbW90UmJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQBX47MAwQA
X47PMA4EAgACMAgDBgQqAL3A8DANBgkqhkiG9w0BAQsFAAOCAQEAoBdpo9GiUklZ
2A/Rfce40hV85ZNkVYJJkSRrgG/ZXIw90nUYjSEYVN3ywjiPj0oOwqyQ2axGjN4X
pdYJWVYmZTT9CdGyM53IVdk2dopd8nBE5J4dkyMkOs6kacDg4ZgXUPcvGbhk/z+5
YV6QF7wRa9Ny1kSuJu2pq+VD8eRYOnEAlZXhryheJ3nx+epimuVhizNt5CagqhG9
f2i0mZVAlBVNKF/BHOvfYSyh/DyvtC9z9WsRPp1Ge/G+kDCATdwgxTVV97fqjXAe
vVc/cmc7otbUnMJJTanvyS0qlysnivbmFGKYz9zdF05VMjAwby8ML3evF67L17vm
wVSiYmBPMg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:19:33 2025 by rpki-client