Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/tLYzkh1BF-tCSd6mxGxyzygsbR4.roa
File: tLYzkh1BF-tCSd6mxGxyzygsbR4.roa (raw, json)
Hash identifier: h8GnmhIYy53LscGvoe8iZQsO+S2ED0tqpDH/o5FtGHA=
Subject key identifier: B4:B6:33:92:1D:41:17:EB:42:49:DE:A6:C4:6C:72:CF:28:2C:6D:1E
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 019753718488C3957576635242C21BDA75DB
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/tLYzkh1BF-tCSd6mxGxyzygsbR4.roa
Signing time: Mon 09 Jun 2025 06:47:17 +0000
ROA not before: Mon 09 Jun 2025 06:47:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61002
IP address blocks: 185.170.11.0/24 maxlen: 24
188.211.164.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:53:71:84:88:c3:95:75:76:63:52:42:c2:1b:da:75:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Jun 9 06:47:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4b633921d4117eb4249dea6c46c72cf282c6d1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5a:3b:86:68:03:1b:c5:29:20:a8:7d:63:dd:
76:c1:e7:8f:c5:c3:34:c6:90:e2:d0:f7:d2:5e:fe:
9a:4d:fb:b7:a4:bc:27:60:e4:b2:7a:eb:f8:33:53:
44:59:93:06:26:15:51:d1:da:c4:e4:f1:7d:05:59:
f3:54:3b:85:d2:6a:ed:a4:8e:3c:9a:c1:a3:36:4c:
bb:25:5f:63:db:9b:2e:ff:be:20:d2:39:49:93:d5:
67:8b:e5:b9:16:2e:c5:95:78:cc:ac:2b:92:54:9b:
00:ee:2e:47:d3:62:ce:97:7c:65:07:46:53:19:50:
de:df:19:0c:c1:2e:44:ca:7a:32:7a:64:5a:db:3e:
2f:7c:e2:28:8b:43:c8:bb:74:a2:3c:d2:6f:7d:d8:
61:94:0c:6f:fd:cd:de:79:9d:88:66:22:69:ee:7e:
53:8d:80:74:9f:ef:b3:26:c7:be:cb:be:65:e4:a8:
90:76:f2:e5:8a:01:38:c0:27:0a:67:0a:61:03:cf:
7e:b9:2e:8a:65:9a:d3:a2:e1:3f:c7:0f:a9:a3:21:
c7:a5:3c:5a:50:d8:ff:f6:37:90:eb:d2:41:de:ed:
77:13:2d:86:dc:1b:c2:1a:87:59:df:b6:7f:5b:3e:
a7:3c:cf:ef:a8:09:ca:31:51:32:e6:11:42:fb:af:
08:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B6:33:92:1D:41:17:EB:42:49:DE:A6:C4:6C:72:CF:28:2C:6D:1E
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/tLYzkh1BF-tCSd6mxGxyzygsbR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.11.0/24
188.211.164.0/23
Signature Algorithm: sha256WithRSAEncryption
73:7b:82:77:88:8d:16:74:e7:7c:9c:d1:db:af:36:21:98:b7:
db:01:7b:a8:c6:58:81:51:be:07:38:5e:bd:6f:13:8e:c6:c8:
84:10:54:7d:fd:4d:49:cb:00:af:6c:b5:b8:8d:a3:e0:9a:45:
c1:67:63:b6:5f:59:bf:52:d2:66:66:52:8d:6c:e0:8d:dd:83:
7d:ff:13:b7:b5:e8:e4:1e:52:01:69:98:f5:94:19:5c:13:3e:
9e:fa:a3:14:51:db:de:03:d6:63:83:93:08:3a:00:f1:ee:dd:
7d:2f:97:1e:51:0b:3f:4e:23:8d:e8:0f:a3:c4:d2:c2:95:c7:
c5:43:62:8a:33:c2:e3:1c:e2:b3:17:da:0a:46:59:b9:6e:be:
81:e9:8b:67:b1:55:27:05:68:84:f9:b0:7c:28:a3:ff:a6:69:
ca:b7:13:71:6a:2b:dd:01:64:06:3b:c5:d1:41:da:11:3f:ef:
24:3c:68:b4:d0:26:9b:54:0e:57:47:32:cd:56:1a:c6:29:7a:
d7:d8:20:10:b0:83:61:d5:5c:58:02:14:03:d1:4d:7e:f3:c8:
71:a1:ef:fe:60:31:1b:ed:43:16:b8:7e:84:a8:ee:7d:ca:78:
b9:ff:f9:84:94:4c:85:40:f5:9c:76:f2:64:61:8a:cc:b4:ae:
7e:6c:0c:a5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZdTcYSIw5V1dmNSQsIb2nXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjUwNjA5MDY0NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGI2MzM5MjFkNDExN2ViNDI0OWRlYTZjNDZjNzJjZjI4MmM2ZDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1o7hmgDG8UpIKh9Y912weePxcM0
xpDi0PfSXv6aTfu3pLwnYOSyeuv4M1NEWZMGJhVR0drE5PF9BVnzVDuF0mrtpI48
msGjNky7JV9j25su/74g0jlJk9Vni+W5Fi7FlXjMrCuSVJsA7i5H02LOl3xlB0ZT
GVDe3xkMwS5EynoyemRa2z4vfOIoi0PIu3SiPNJvfdhhlAxv/c3eeZ2IZiJp7n5T
jYB0n++zJse+y75l5KiQdvLligE4wCcKZwphA89+uS6KZZrTouE/xw+poyHHpTxa
UNj/9jeQ69JB3u13Ey2G3BvCGodZ37Z/Wz6nPM/vqAnKMVEy5hFC+68IRQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLS2M5IdQRfrQknepsRscs8oLG0eMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvdExZemtoMUJGLXRDU2Q2bXhHeHl6eWdzYlI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuaoLAwQB
vNOkMA0GCSqGSIb3DQEBCwUAA4IBAQBze4J3iI0WdOd8nNHbrzYhmLfbAXuoxliB
Ub4HOF69bxOOxsiEEFR9/U1JywCvbLW4jaPgmkXBZ2O2X1m/UtJmZlKNbOCN3YN9
/xO3tejkHlIBaZj1lBlcEz6e+qMUUdveA9Zjg5MIOgDx7t19L5ceUQs/TiON6A+j
xNLClcfFQ2KKM8LjHOKzF9oKRlm5br6B6YtnsVUnBWiE+bB8KKP/pmnKtxNxaivd
AWQGO8XRQdoRP+8kPGi00CabVA5XRzLNVhrGKXrX2CAQsINh1VxYAhQD0U1+88hx
oe/+YDEb7UMWuH6EqO59yni5//mElEyFQPWcdvJkYYrMtK5+bAyl
-----END CERTIFICATE-----
Generated at Wed Jun 18 23:57:34 2025 by rpki-client