Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/hd5E-IfEq2TxeShk5Gaec24hUKw.roa
File: hd5E-IfEq2TxeShk5Gaec24hUKw.roa (raw, json)
Hash identifier: gaGe3UUy/HO5uK3mGo4Jfk2cwdMRK/X0E0rPiNSPI88=
Subject key identifier: 85:DE:44:F8:87:C4:AB:64:F1:79:28:64:E4:66:9E:73:6E:21:50:AC
Certificate issuer: /CN=6991c56f11a7171c6153239769f557beba10182d
Certificate serial: 019899F45A95E8D555B4601C1B439304D699
Authority key identifier: 69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/hd5E-IfEq2TxeShk5Gaec24hUKw.roa
Signing time: Mon 11 Aug 2025 16:26:24 +0000
ROA not before: Mon 11 Aug 2025 16:26:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205905
IP address blocks: 95.164.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:99:f4:5a:95:e8:d5:55:b4:60:1c:1b:43:93:04:d6:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6991c56f11a7171c6153239769f557beba10182d
Validity
Not Before: Aug 11 16:26:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85de44f887c4ab64f1792864e4669e736e2150ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:8b:a9:1f:82:bf:97:ae:f8:1a:47:08:87:ed:
34:df:b7:e8:d3:90:61:19:a4:e5:b0:1f:bc:d2:2e:
83:0f:6e:19:12:23:17:df:59:8d:77:10:af:1f:32:
d7:48:ee:c1:8d:bd:b1:f1:1d:e9:df:ab:6e:2c:15:
80:08:7f:a2:2c:1f:35:d3:f3:7b:35:73:c5:96:73:
dc:be:01:04:39:7f:41:41:eb:15:3a:42:09:14:42:
2a:2f:4e:22:c8:59:bc:38:92:ac:fb:8d:48:2f:c1:
ea:a0:8b:81:bb:29:71:9b:e5:58:37:68:23:0c:e3:
62:5d:d2:80:a9:75:87:46:8c:6a:61:94:a5:98:13:
64:25:b1:40:1a:2f:3c:43:13:cf:e6:6a:58:ad:41:
e7:ea:7b:6f:f9:30:f6:dc:f3:f8:0b:28:63:2c:33:
1a:06:fc:e9:b2:f7:cd:90:ee:f2:74:95:9d:85:a3:
1e:6d:be:5c:59:71:ef:a4:69:ef:07:1b:56:5c:33:
58:6d:68:76:9e:2a:39:18:55:9f:4e:68:d5:f0:e3:
23:f4:86:d8:69:3f:67:9a:a5:c0:e0:ea:7e:e7:0a:
fb:ee:09:fa:5a:20:68:f9:f2:f9:d3:1c:a6:33:30:
a1:ef:8f:14:b2:46:0f:17:15:21:ca:0d:b0:cd:39:
86:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:DE:44:F8:87:C4:AB:64:F1:79:28:64:E4:66:9E:73:6E:21:50:AC
X509v3 Authority Key Identifier:
keyid:69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/hd5E-IfEq2TxeShk5Gaec24hUKw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.20.0/24
Signature Algorithm: sha256WithRSAEncryption
69:04:0b:99:eb:d3:fc:23:45:da:5c:e1:d2:8d:ae:7b:62:68:
48:dc:d5:d0:b8:23:5c:e4:75:7e:70:b5:5f:a7:91:b8:9a:56:
e9:d5:ca:8e:28:dc:1d:73:c6:dd:b8:87:a5:11:35:d5:a4:a8:
58:5d:db:fa:6d:17:88:3e:f3:15:00:06:37:73:e6:12:a6:26:
d6:47:07:37:d9:29:f1:af:10:bb:68:22:12:f9:8e:ce:06:ea:
24:54:2e:09:eb:87:7a:43:cf:dc:bc:85:3a:12:29:cc:d3:d7:
b5:b1:ac:cc:31:d6:5a:6b:0a:bb:10:a9:34:61:c2:47:95:b1:
54:31:5f:d4:39:f8:c8:cf:4b:09:40:b5:7f:e6:09:19:4a:b8:
f2:e8:5d:42:9e:82:ac:65:95:47:7f:f1:b6:42:e2:93:96:13:
b0:92:2c:ca:13:ae:80:5f:f7:34:ee:01:45:ea:6e:43:b1:ba:
d0:53:20:d7:fd:3d:94:7d:e3:e5:1f:0e:b2:90:b6:85:0b:af:
bf:2b:84:22:5a:1d:ec:93:a4:84:79:1e:73:eb:49:0a:82:3f:
ae:ac:55:d7:69:16:85:df:99:72:f2:a9:1f:1a:ae:c6:d5:e1:
2d:9f:0f:1d:1b:37:80:5d:1a:84:32:3f:3b:4f:81:b8:84:08:
ae:c2:ce:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZiZ9FqV6NVVtGAcG0OTBNaZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OTFjNTZmMTFhNzE3MWM2MTUzMjM5NzY5ZjU1N2JlYmEx
MDE4MmQwHhcNMjUwODExMTYyNjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWRlNDRmODg3YzRhYjY0ZjE3OTI4NjRlNDY2OWU3MzZlMjE1MGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoupH4K/l674GkcIh+0037fo05Bh
GaTlsB+80i6DD24ZEiMX31mNdxCvHzLXSO7Bjb2x8R3p36tuLBWACH+iLB810/N7
NXPFlnPcvgEEOX9BQesVOkIJFEIqL04iyFm8OJKs+41IL8HqoIuBuylxm+VYN2gj
DONiXdKAqXWHRoxqYZSlmBNkJbFAGi88QxPP5mpYrUHn6ntv+TD23PP4CyhjLDMa
BvzpsvfNkO7ydJWdhaMebb5cWXHvpGnvBxtWXDNYbWh2nio5GFWfTmjV8OMj9IbY
aT9nmqXA4Op+5wr77gn6WiBo+fL50xymMzCh748UskYPFxUhyg2wzTmGawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIXeRPiHxKtk8XkoZORmnnNuIVCsMB8GA1UdIwQY
MBaAFGmRxW8RpxccYVMjl2n1V766EBgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYt
NjVkMTU2NzM0MGZkLzEvaGQ1RS1JZkVxMlR4ZVNoazVHYWVjMjRoVUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYtNjVkMTU2NzM0MGZk
LzEvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX6QUMA0G
CSqGSIb3DQEBCwUAA4IBAQBpBAuZ69P8I0XaXOHSja57YmhI3NXQuCNc5HV+cLVf
p5G4mlbp1cqOKNwdc8bduIelETXVpKhYXdv6bReIPvMVAAY3c+YSpibWRwc32Snx
rxC7aCIS+Y7OBuokVC4J64d6Q8/cvIU6EinM09e1sazMMdZaawq7EKk0YcJHlbFU
MV/UOfjIz0sJQLV/5gkZSrjy6F1CnoKsZZVHf/G2QuKTlhOwkizKE66AX/c07gFF
6m5DsbrQUyDX/T2UfePlHw6ykLaFC6+/K4QiWh3sk6SEeR5z60kKgj+urFXXaRaF
35ly8qkfGq7G1eEtnw8dGzeAXRqEMj87T4G4hAiuws4H
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:21:33 2025 by rpki-client