Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/TtsJ_9irph6KMpr-0Unxq5mv0Pk.roa
File: TtsJ_9irph6KMpr-0Unxq5mv0Pk.roa (raw, json)
Hash identifier: KdfI5XrAnT/kZVbthzfs9Tp5F0pVhQnXMy58T6F38qY=
Subject key identifier: 4E:DB:09:FF:D8:AB:A6:1E:8A:32:9A:FE:D1:49:F1:AB:99:AF:D0:F9
Certificate issuer: /CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Certificate serial: 01981389E0553E77C46F2128450BD702B1A9
Authority key identifier: 6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/TtsJ_9irph6KMpr-0Unxq5mv0Pk.roa
Signing time: Wed 16 Jul 2025 14:00:59 +0000
ROA not before: Wed 16 Jul 2025 14:00:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 145.219.34.0/24 maxlen: 24
145.219.35.0/24 maxlen: 24
145.219.36.0/22 maxlen: 22
145.219.40.0/21 maxlen: 21
145.219.48.0/21 maxlen: 21
145.219.56.0/21 maxlen: 21
145.219.64.0/18 maxlen: 18
145.219.128.0/17 maxlen: 17
193.176.255.0/24 maxlen: 24
2a04:b0c4::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 08:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:13:89:e0:55:3e:77:c4:6f:21:28:45:0b:d7:02:b1:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e6d7bcabfcc308d420053c482a0d59fb1282e30
Validity
Not Before: Jul 16 14:00:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4edb09ffd8aba61e8a329afed149f1ab99afd0f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cf:b6:53:40:a2:cc:ac:61:ed:09:90:ed:ff:
59:94:83:f1:5f:c9:dd:4d:e5:b0:92:73:90:ad:db:
9f:bb:29:dd:cd:7a:f9:f4:63:9f:6d:2d:cf:dd:9e:
30:0a:de:f5:1e:48:84:b7:e1:e8:da:32:b9:88:dc:
8d:1c:33:98:5a:7a:f8:42:ee:a4:a6:7c:0d:67:02:
71:e6:27:2a:54:af:ff:45:0b:a8:de:f8:61:7b:35:
df:51:bb:70:a8:0c:4f:0b:06:27:5a:6b:a1:52:89:
bc:e8:79:6c:7f:8f:e5:4f:f2:5b:f2:c3:de:24:00:
58:90:0b:56:ec:da:d6:38:39:58:be:30:0c:f3:d6:
ba:d5:ae:52:a4:84:47:de:b7:42:a7:75:a5:4b:aa:
45:2f:81:c1:08:c2:cb:57:cd:be:82:bc:fe:b5:5e:
46:45:41:ca:88:73:35:cc:18:cc:c6:2e:22:a7:ad:
b5:5b:ff:71:d9:17:84:66:c2:bd:ab:77:03:9b:6f:
35:af:07:d5:e5:a3:8c:fc:00:87:5a:f8:f4:c9:63:
9a:47:c9:f1:99:2c:5e:76:10:e6:db:8b:02:bb:35:
67:f1:8f:5a:bf:e6:97:c5:04:ce:39:bd:17:63:0b:
93:4a:aa:9f:3b:01:ed:03:a6:b6:ca:5f:93:47:a0:
a4:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:DB:09:FF:D8:AB:A6:1E:8A:32:9A:FE:D1:49:F1:AB:99:AF:D0:F9
X509v3 Authority Key Identifier:
keyid:6E:6D:7B:CA:BF:CC:30:8D:42:00:53:C4:82:A0:D5:9F:B1:28:2E:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bm17yr_MMI1CAFPEgqDVn7EoLjA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/TtsJ_9irph6KMpr-0Unxq5mv0Pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/45c689-afaa-4da3-a942-93194eb6108d/1/bm17yr_MMI1CAFPEgqDVn7EoLjA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.219.34.0-145.219.255.255
193.176.255.0/24
IPv6:
2a04:b0c4::/30
Signature Algorithm: sha256WithRSAEncryption
95:92:7f:e9:56:10:d1:68:3d:63:00:e1:ef:bd:61:67:4a:e9:
f7:ea:a3:b4:46:3c:b3:d7:49:c4:cd:d9:77:85:90:9d:da:8d:
4f:24:d6:5b:d7:50:71:cd:6a:ab:70:d7:8c:3a:5d:02:79:cc:
43:86:c7:61:9d:6f:92:25:05:3a:6a:68:07:a2:b7:7d:17:b0:
ee:9d:43:ed:b0:90:0e:35:31:c9:6b:a5:0a:60:3a:d4:63:18:
2e:cb:89:65:18:1e:ae:35:b3:1a:d5:02:b5:c2:1e:97:f7:e5:
15:97:d2:dc:59:b8:57:36:9f:5d:e6:22:9d:f2:05:af:bb:a3:
2c:6b:46:79:26:3a:95:bb:9b:8b:33:79:dd:9d:82:ae:1d:56:
56:e1:7b:84:23:96:37:af:3c:b4:fd:42:5e:93:45:70:c5:47:
c3:8a:58:65:d1:ba:4a:17:b7:f4:10:0c:f8:c7:8b:aa:91:e8:
64:43:6e:58:7d:06:12:be:d8:c9:02:ca:e3:d2:74:76:f1:19:
4d:1e:0b:2b:ed:51:36:dc:5f:0a:09:71:ac:fd:1c:0d:4c:cf:
16:42:ed:1c:a1:df:e2:33:b8:7a:ec:f7:a5:1c:f8:d1:6c:94:
fa:83:10:96:68:cf:50:92:30:90:0c:1b:17:9d:6d:f0:ef:60:
44:81:4f:e0
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZgTieBVPnfEbyEoRQvXArGpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlNmQ3YmNhYmZjYzMwOGQ0MjAwNTNjNDgyYTBkNTlmYjEy
ODJlMzAwHhcNMjUwNzE2MTQwMDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWRiMDlmZmQ4YWJhNjFlOGEzMjlhZmVkMTQ5ZjFhYjk5YWZkMGY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8+2U0CizKxh7QmQ7f9ZlIPxX8nd
TeWwknOQrdufuyndzXr59GOfbS3P3Z4wCt71HkiEt+Ho2jK5iNyNHDOYWnr4Qu6k
pnwNZwJx5icqVK//RQuo3vhhezXfUbtwqAxPCwYnWmuhUom86Hlsf4/lT/Jb8sPe
JABYkAtW7NrWODlYvjAM89a61a5SpIRH3rdCp3WlS6pFL4HBCMLLV82+grz+tV5G
RUHKiHM1zBjMxi4ip621W/9x2ReEZsK9q3cDm281rwfV5aOM/ACHWvj0yWOaR8nx
mSxedhDm24sCuzVn8Y9av+aXxQTOOb0XYwuTSqqfOwHtA6a2yl+TR6CkdwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFE7bCf/Yq6YeijKa/tFJ8auZr9D5MB8GA1UdIwQY
MBaAFG5te8q/zDCNQgBTxIKg1Z+xKC4wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDIt
OTMxOTRlYjYxMDhkLzEvVHRzSl85aXJwaDZLTXByLTBVbnhxNW12MFBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy80NWM2ODktYWZhYS00ZGEzLWE5NDItOTMxOTRlYjYxMDhk
LzEvYm0xN3lyX01NSTFDQUZQRWdxRFZuN0VvTGpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAZBAIAATATMAsDBAGR2yID
AwKR2AMEAMGw/zANBAIAAjAHAwUCKgSwxDANBgkqhkiG9w0BAQsFAAOCAQEAlZJ/
6VYQ0Wg9YwDh771hZ0rp9+qjtEY8s9dJxM3Zd4WQndqNTyTWW9dQcc1qq3DXjDpd
AnnMQ4bHYZ1vkiUFOmpoB6K3fRew7p1D7bCQDjUxyWulCmA61GMYLsuJZRgerjWz
GtUCtcIel/flFZfS3Fm4VzafXeYinfIFr7ujLGtGeSY6lbubizN53Z2Crh1WVuF7
hCOWN688tP1CXpNFcMVHw4pYZdG6She39BAM+MeLqpHoZENuWH0GEr7YyQLK49J0
dvEZTR4LK+1RNtxfCglxrP0cDUzPFkLtHKHf4jO4euz3pRz40WyU+oMQlmjPUJIw
kAwbF51t8O9gRIFP4A==
-----END CERTIFICATE-----
Generated at Mon Aug 4 14:57:43 2025 by rpki-client