Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/TX1N0CzJ3W1Ykk25d0oHzwkR0-4.roa
File: TX1N0CzJ3W1Ykk25d0oHzwkR0-4.roa (raw, json)
Hash identifier: MxqRIGxVGjg3D0aAw8mzVyR2wqpd2cRw8iVz5C0dAmQ=
Subject key identifier: 4D:7D:4D:D0:2C:C9:DD:6D:58:92:4D:B9:77:4A:07:CF:09:11:D3:EE
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01963E5D183AFCEAC11A97485259ED371D14
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/TX1N0CzJ3W1Ykk25d0oHzwkR0-4.roa
Signing time: Wed 16 Apr 2025 11:30:10 +0000
ROA not before: Wed 16 Apr 2025 11:30:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42979
IP address blocks: 85.254.1.0/24 maxlen: 24
2a02:610:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3e:5d:18:3a:fc:ea:c1:1a:97:48:52:59:ed:37:1d:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Apr 16 11:30:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d7d4dd02cc9dd6d58924db9774a07cf0911d3ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:1f:cf:66:97:b7:31:e2:53:43:d4:78:1c:b9:
26:8f:fd:04:53:b6:bb:a3:b6:64:44:31:56:b4:d0:
b8:90:b0:e9:f0:29:fa:50:74:57:2a:58:64:6d:af:
77:c7:d6:49:09:3f:15:9f:67:46:8a:7f:07:dc:2e:
d5:b7:8d:77:d5:83:28:20:38:91:de:b6:d3:d3:ed:
48:7d:8e:20:0d:7b:54:f3:50:08:1b:d6:7b:aa:3b:
57:97:f4:77:6c:dc:c3:2a:82:83:48:a2:73:8b:30:
59:ed:d3:57:ab:ca:09:39:43:91:46:29:23:12:23:
4b:8f:13:ee:02:a0:46:cd:67:0e:54:2e:ab:4e:6c:
6c:9f:e3:8a:ea:79:87:f9:e0:57:5d:e1:b7:8b:b7:
ee:91:5d:24:db:f6:97:42:f8:ca:f4:bb:95:3f:ca:
ed:19:e1:ec:b7:d0:cf:de:8b:f9:da:6a:81:14:d2:
80:80:77:5d:ca:91:5d:75:03:86:91:b0:0d:29:cf:
78:0c:40:d8:48:75:c0:25:38:d7:86:ab:85:e6:47:
80:af:bb:60:a9:d8:7a:aa:be:b5:a0:35:75:3a:d4:
3e:b7:06:ae:9c:67:07:ce:d4:17:d3:f2:c0:96:50:
31:c7:71:51:20:5e:ab:3e:d4:08:7c:87:8c:e7:9f:
50:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:7D:4D:D0:2C:C9:DD:6D:58:92:4D:B9:77:4A:07:CF:09:11:D3:EE
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/TX1N0CzJ3W1Ykk25d0oHzwkR0-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.1.0/24
IPv6:
2a02:610:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
76:a4:de:12:d6:70:cb:ca:03:c8:c9:a6:d8:a6:ef:14:81:c6:
36:9b:be:3a:d0:8e:03:ad:42:eb:da:68:0c:98:79:55:02:ff:
4f:12:46:65:bb:80:5f:4d:4d:8b:66:a5:93:4f:d7:86:6a:a5:
d8:c5:cf:09:ac:e5:69:1d:c2:2c:b3:54:3a:68:9f:ef:be:6d:
cc:25:fb:47:43:5d:7e:81:0c:c9:92:d7:d1:fc:58:2a:da:9c:
59:a0:a8:ed:0a:b7:5d:69:9b:ec:3f:b7:a1:00:73:4e:b3:b8:
b2:47:d5:ca:35:84:71:85:1b:cc:e9:d0:11:8d:c5:fb:d9:3c:
89:4a:30:f9:e6:e5:6b:e8:6f:d4:72:46:db:f0:a7:84:48:0f:
ae:c3:46:59:40:76:66:12:f0:f4:aa:a3:30:5b:b1:eb:32:84:
ad:8d:a6:f2:38:4c:01:e8:05:9f:33:9d:8a:fd:23:e8:34:97:
ce:16:52:60:66:99:c6:42:fa:31:be:13:ab:bb:1f:4a:b1:47:
87:83:d9:0d:99:29:37:4d:23:61:5c:e7:75:1b:54:86:66:39:
ed:52:9f:aa:1b:6a:3b:6b:41:4e:01:d3:a9:f9:94:f3:62:a9:
7b:23:c5:f8:31:c8:d4:b2:3b:16:ce:51:ad:78:8f:d3:64:8d:
7a:15:9a:48
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZY+XRg6/OrBGpdIUlntNx0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwNDE2MTEzMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDdkNGRkMDJjYzlkZDZkNTg5MjRkYjk3NzRhMDdjZjA5MTFkM2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1B/PZpe3MeJTQ9R4HLkmj/0EU7a7
o7ZkRDFWtNC4kLDp8Cn6UHRXKlhkba93x9ZJCT8Vn2dGin8H3C7Vt4131YMoIDiR
3rbT0+1IfY4gDXtU81AIG9Z7qjtXl/R3bNzDKoKDSKJzizBZ7dNXq8oJOUORRikj
EiNLjxPuAqBGzWcOVC6rTmxsn+OK6nmH+eBXXeG3i7fukV0k2/aXQvjK9LuVP8rt
GeHst9DP3ov52mqBFNKAgHddypFddQOGkbANKc94DEDYSHXAJTjXhquF5keAr7tg
qdh6qr61oDV1OtQ+twaunGcHztQX0/LAllAxx3FRIF6rPtQIfIeM559QUQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFE19TdAsyd1tWJJNuXdKB88JEdPuMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvVFgxTjBDekozVzFZa2syNWQwb0h6d2tSMC00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAVf4BMA8E
AgACMAkDBwAqAgYQ//8wDQYJKoZIhvcNAQELBQADggEBAHak3hLWcMvKA8jJptim
7xSBxjabvjrQjgOtQuvaaAyYeVUC/08SRmW7gF9NTYtmpZNP14ZqpdjFzwms5Wkd
wiyzVDpon+++bcwl+0dDXX6BDMmS19H8WCranFmgqO0Kt11pm+w/t6EAc06zuLJH
1co1hHGFG8zp0BGNxfvZPIlKMPnm5Wvob9RyRtvwp4RID67DRllAdmYS8PSqozBb
sesyhK2NpvI4TAHoBZ8znYr9I+g0l84WUmBmmcZC+jG+E6u7H0qxR4eD2Q2ZKTdN
I2Fc53UbVIZmOe1Sn6obajtrQU4B06n5lPNiqXsjxfgxyNSyOxbOUa14j9NkjXoV
mkg=
-----END CERTIFICATE-----
Generated at Tue Apr 29 10:18:54 2025 by rpki-client