Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TM2Hnk0r_eqA2ruXCUwXRUIIhMw.roa
File: TM2Hnk0r_eqA2ruXCUwXRUIIhMw.roa (raw, json)
Hash identifier: HGfqml2P91lFy9NmvTXHZM9zM7dvb4nk9pKxbwulQQY=
Subject key identifier: 4C:CD:87:9E:4D:2B:FD:EA:80:DA:BB:97:09:4C:17:45:42:08:84:CC
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01988582F8A6F557FB6A089DCE974718A1E2
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TM2Hnk0r_eqA2ruXCUwXRUIIhMw.roa
Signing time: Thu 07 Aug 2025 17:10:09 +0000
ROA not before: Thu 07 Aug 2025 17:10:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204104
IP address blocks: 31.58.237.0/24 maxlen: 24
94.183.162.0/24 maxlen: 24
94.183.169.0/24 maxlen: 24
217.60.199.0/24 maxlen: 24
217.60.237.0/24 maxlen: 24
217.60.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:85:82:f8:a6:f5:57:fb:6a:08:9d:ce:97:47:18:a1:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Aug 7 17:10:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ccd879e4d2bfdea80dabb97094c1745420884cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:59:56:fb:18:59:9b:e5:41:a7:28:77:d4:1f:
bc:f5:c0:39:1c:dc:20:9c:7d:c2:53:bc:81:0f:9c:
a8:a7:8a:63:59:05:69:f4:9f:0a:d8:c5:43:35:a2:
90:59:35:a5:b9:95:13:49:a6:65:ff:37:ca:65:f0:
6e:db:bb:ef:36:34:5b:7a:94:20:4e:f5:7d:ef:a2:
cf:9f:68:fd:64:4e:a2:16:00:78:09:3a:24:39:c8:
7e:dd:57:99:7d:f7:ec:e9:07:12:1f:60:73:15:04:
19:63:b8:6c:7d:d0:35:ba:18:a7:5c:4c:e5:f8:53:
81:5b:9a:41:df:c9:5f:11:0f:b7:2d:41:82:ec:c7:
a3:e2:3e:aa:59:5f:72:d0:05:a9:79:8f:82:4e:d2:
14:cc:ae:2d:14:ed:55:e7:fe:47:7b:f5:27:85:2b:
50:41:94:35:16:87:41:1e:86:35:93:da:85:1e:d4:
1b:77:f7:37:84:38:c9:c9:d0:63:4b:73:97:32:3f:
bc:e0:cd:2d:f8:f5:21:84:c1:41:24:0b:b7:d9:ba:
3d:46:f6:a3:49:ac:f1:09:01:78:9f:5a:98:47:54:
5c:1c:70:98:70:63:bb:c5:64:06:f4:5e:1a:99:e3:
03:51:98:17:a4:67:2d:05:af:40:4b:c2:8d:90:aa:
66:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:CD:87:9E:4D:2B:FD:EA:80:DA:BB:97:09:4C:17:45:42:08:84:CC
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TM2Hnk0r_eqA2ruXCUwXRUIIhMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.237.0/24
94.183.162.0/24
94.183.169.0/24
217.60.199.0/24
217.60.237.0-217.60.238.255
Signature Algorithm: sha256WithRSAEncryption
2f:60:23:b0:23:32:f6:76:13:b5:bb:ac:40:f4:4b:31:5e:15:
1c:a2:3e:6b:6d:55:21:92:f6:7a:c5:86:6b:a9:10:af:a9:cf:
d6:fc:62:ae:ae:d6:d2:17:c9:5c:4a:0b:de:70:37:dd:ca:a5:
09:8e:96:2f:3d:b0:c1:f2:4c:cf:fa:9a:4d:f0:7b:93:ea:1c:
24:07:c4:86:ca:8b:e2:5a:ac:7d:7b:b7:ad:aa:fc:1a:f1:0c:
fd:71:95:ee:1d:b3:d9:92:14:e1:8f:a4:e9:1e:2e:44:b8:9a:
b8:aa:84:b6:49:79:88:ab:0a:c1:d7:00:6f:60:a3:16:4c:24:
1d:3d:05:f6:af:5f:17:1a:96:60:20:a0:34:14:13:8f:48:cd:
63:50:ef:60:1f:1e:67:b3:65:23:bb:18:47:88:e7:c4:6a:13:
a7:2d:2c:8b:51:b4:3b:c7:70:00:8b:bd:04:cc:63:c8:72:9b:
21:4f:8b:b9:de:c0:d8:37:95:f7:b3:da:e6:0a:f5:52:f1:73:
46:30:34:0a:d2:34:6b:3a:b4:1a:1f:e5:17:ea:96:21:c7:50:
dc:96:9f:ae:30:49:75:0d:54:52:75:ec:53:30:9f:d1:22:37:
46:e3:c8:ea:88:ec:b4:f9:45:37:bf:83:a1:63:58:4d:9e:43:
f5:d0:59:42
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZiFgvim9Vf7agidzpdHGKHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwODA3MTcxMDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2NkODc5ZTRkMmJmZGVhODBkYWJiOTcwOTRjMTc0NTQyMDg4NGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVlW+xhZm+VBpyh31B+89cA5HNwg
nH3CU7yBD5yop4pjWQVp9J8K2MVDNaKQWTWluZUTSaZl/zfKZfBu27vvNjRbepQg
TvV976LPn2j9ZE6iFgB4CTokOch+3VeZfffs6QcSH2BzFQQZY7hsfdA1uhinXEzl
+FOBW5pB38lfEQ+3LUGC7Mej4j6qWV9y0AWpeY+CTtIUzK4tFO1V5/5He/UnhStQ
QZQ1FodBHoY1k9qFHtQbd/c3hDjJydBjS3OXMj+84M0t+PUhhMFBJAu32bo9Rvaj
SazxCQF4n1qYR1RcHHCYcGO7xWQG9F4ameMDUZgXpGctBa9AS8KNkKpmHQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEzNh55NK/3qgNq7lwlMF0VCCITMMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVE0ySG5rMHJfZXFBMnJ1WENVd1hSVUlJaE13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAHzrtAwQA
XreiAwQAXrepAwQA2TzHMAwDBADZPO0DBADZPO4wDQYJKoZIhvcNAQELBQADggEB
AC9gI7AjMvZ2E7W7rED0SzFeFRyiPmttVSGS9nrFhmupEK+pz9b8Yq6u1tIXyVxK
C95wN93KpQmOli89sMHyTM/6mk3we5PqHCQHxIbKi+JarH17t62q/BrxDP1xle4d
s9mSFOGPpOkeLkS4mriqhLZJeYirCsHXAG9goxZMJB09BfavXxcalmAgoDQUE49I
zWNQ72AfHmezZSO7GEeI58RqE6ctLItRtDvHcACLvQTMY8hymyFPi7newNg3lfez
2uYK9VLxc0YwNArSNGs6tBof5RfqliHHUNyWn64wSXUNVFJ17FMwn9EiN0bjyOqI
7LT5RTe/g6FjWE2eQ/XQWUI=
-----END CERTIFICATE-----
Generated at Sat Aug 9 14:34:06 2025 by rpki-client