Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/tnqGyUlZUIVyWTllZ-_bB828PWE.roa
File: tnqGyUlZUIVyWTllZ-_bB828PWE.roa (raw, json)
Hash identifier: fXRkBAYqJVFHa94R+YOh351qEN51xxFSQ+gJUqt3hVw=
Subject key identifier: B6:7A:86:C9:49:59:50:85:72:59:39:65:67:EF:DB:07:CD:BC:3D:61
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01975642F531033755EC0CD4FDA43A43FFA6
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/tnqGyUlZUIVyWTllZ-_bB828PWE.roa
Signing time: Mon 09 Jun 2025 19:55:18 +0000
ROA not before: Mon 09 Jun 2025 19:55:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 45.149.24.0/24 maxlen: 24
89.21.86.0/24 maxlen: 24
89.251.18.0/24 maxlen: 24
89.251.31.0/24 maxlen: 24
91.210.145.0/24 maxlen: 24
109.122.43.0/24 maxlen: 24
194.61.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 04:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:56:42:f5:31:03:37:55:ec:0c:d4:fd:a4:3a:43:ff:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 9 19:55:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b67a86c9495950857259396567efdb07cdbc3d61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:8e:61:c0:d5:d5:10:5d:fa:d3:55:23:51:c9:
87:a9:b4:11:28:5a:54:c7:d7:75:cb:1d:24:7f:99:
77:a5:a2:18:14:53:58:70:d3:ba:41:bb:2d:0e:cb:
c9:43:0b:dc:31:2d:a7:05:b7:58:d7:ae:a4:4f:c9:
62:24:06:43:4f:c2:85:c0:38:5d:58:2e:41:bd:d2:
87:22:09:34:e1:33:7e:57:e4:d6:90:79:26:3a:b0:
1c:a9:71:e8:38:06:bb:da:61:3e:7d:08:1e:0c:18:
7c:2c:9f:ae:6d:71:2e:19:8f:ee:c5:bc:b5:cf:d3:
3c:ed:03:e4:11:e8:55:85:e0:90:54:e3:68:18:fc:
73:3c:35:98:12:ff:9f:a1:09:a4:85:9f:01:f1:75:
6b:bc:fb:75:c0:47:b0:8c:42:c9:32:61:3d:a3:02:
e9:73:e9:92:2a:5e:0d:65:d0:cb:a5:b3:e0:0b:09:
dd:48:6f:d3:37:80:7b:44:0e:84:4a:5d:ae:c1:a2:
5f:9f:a6:40:94:72:e7:bb:99:a4:b7:67:cf:1e:e6:
9c:64:70:e6:10:00:cb:77:9e:7d:c3:38:d5:95:cb:
e2:42:4f:bd:33:fb:ca:60:03:ff:70:cf:03:c8:8e:
cb:c5:ed:30:20:60:11:78:02:6a:89:10:dc:82:30:
7a:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:7A:86:C9:49:59:50:85:72:59:39:65:67:EF:DB:07:CD:BC:3D:61
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/tnqGyUlZUIVyWTllZ-_bB828PWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.24.0/24
89.21.86.0/24
89.251.18.0/24
89.251.31.0/24
91.210.145.0/24
109.122.43.0/24
194.61.75.0/24
Signature Algorithm: sha256WithRSAEncryption
93:ea:c6:c4:d3:8b:a0:e7:0c:19:5e:9c:95:07:47:41:cd:1b:
ee:7f:48:8c:fe:f8:cd:ef:25:cb:9a:08:22:3a:eb:34:f7:22:
1c:b1:b0:0e:c0:6a:70:97:51:85:bd:54:49:87:78:63:95:66:
c8:20:1c:29:bb:e1:c3:bc:65:4d:80:52:c6:b3:21:ce:72:1c:
c0:cb:5d:0f:30:14:dd:1f:f3:88:a0:b1:6c:4e:4e:5a:7a:78:
dc:09:d4:25:b8:ed:94:29:09:6f:af:7f:53:bb:8a:88:f1:0d:
00:2a:66:61:84:a7:a8:99:69:91:99:77:9f:ad:d7:02:69:83:
72:a1:ab:59:d3:96:57:f7:14:11:9c:86:cc:eb:52:31:b2:e4:
1f:21:14:12:75:d8:43:9d:88:72:f4:9e:71:eb:95:32:f5:9c:
50:45:e9:bd:b2:90:e0:ad:b8:01:c4:57:1a:df:b9:11:74:6c:
0b:05:ab:97:29:93:93:36:8c:54:db:90:90:4f:16:90:6b:b1:
a2:d5:67:f3:a8:08:b3:44:6b:0e:f1:bc:b6:50:08:c6:7b:6a:
7f:30:c3:b2:b0:88:63:68:ac:9d:f5:b6:00:e4:65:bf:af:10:
6e:98:f1:59:31:4a:37:21:88:66:7e:6f:7c:93:43:be:71:a7:
84:bf:af:bf
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZdWQvUxAzdV7AzU/aQ6Q/+mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwNjA5MTk1NTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjdhODZjOTQ5NTk1MDg1NzI1OTM5NjU2N2VmZGIwN2NkYmMzZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxo5hwNXVEF3601UjUcmHqbQRKFpU
x9d1yx0kf5l3paIYFFNYcNO6QbstDsvJQwvcMS2nBbdY166kT8liJAZDT8KFwDhd
WC5BvdKHIgk04TN+V+TWkHkmOrAcqXHoOAa72mE+fQgeDBh8LJ+ubXEuGY/uxby1
z9M87QPkEehVheCQVONoGPxzPDWYEv+foQmkhZ8B8XVrvPt1wEewjELJMmE9owLp
c+mSKl4NZdDLpbPgCwndSG/TN4B7RA6ESl2uwaJfn6ZAlHLnu5mkt2fPHuacZHDm
EADLd559wzjVlcviQk+9M/vKYAP/cM8DyI7Lxe0wIGAReAJqiRDcgjB6EQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLZ6hslJWVCFclk5ZWfv2wfNvD1hMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvdG5xR3lVbFpVSVZ5V1RsbFotX2JCODI4UFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZUYAwQA
WRVWAwQAWfsSAwQAWfsfAwQAW9KRAwQAbXorAwQAwj1LMA0GCSqGSIb3DQEBCwUA
A4IBAQCT6sbE04ug5wwZXpyVB0dBzRvuf0iM/vjN7yXLmggiOus09yIcsbAOwGpw
l1GFvVRJh3hjlWbIIBwpu+HDvGVNgFLGsyHOchzAy10PMBTdH/OIoLFsTk5aenjc
CdQluO2UKQlvr39Tu4qI8Q0AKmZhhKeomWmRmXefrdcCaYNyoatZ05ZX9xQRnIbM
61IxsuQfIRQSddhDnYhy9J5x65Uy9ZxQRem9spDgrbgBxFca37kRdGwLBauXKZOT
NoxU25CQTxaQa7Gi1WfzqAizRGsO8by2UAjGe2p/MMOysIhjaKyd9bYA5GW/rxBu
mPFZMUo3IYhmfm98k0O+caeEv6+/
-----END CERTIFICATE-----
Generated at Sun Jun 15 12:19:12 2025 by rpki-client