Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/TyGFpcN2gocBVos29uPKtVy5s8s.roa
File: TyGFpcN2gocBVos29uPKtVy5s8s.roa (raw, json)
Hash identifier: W6G55Mz4dTzwL+X9OddKJL08EIGJnJKVBGTRaI1CHpk=
Subject key identifier: 4F:21:85:A5:C3:76:82:87:01:56:8B:36:F6:E3:CA:B5:5C:B9:B3:CB
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019EB0CF8B8AA3E1E1053FB71B5E99F483B1
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/TyGFpcN2gocBVos29uPKtVy5s8s.roa
Signing time: Wed 10 Jun 2026 09:14:12 +0000
ROA not before: Wed 10 Jun 2026 09:14:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 137409
IP address blocks: 45.8.70.0/24 maxlen: 24
45.67.97.0/24 maxlen: 24
45.130.202.0/23 maxlen: 24
45.133.4.0/24 maxlen: 24
45.133.5.0/24 maxlen: 24
45.133.6.0/24 maxlen: 24
45.133.7.0/24 maxlen: 24
89.34.126.0/23 maxlen: 24
185.165.45.0/24 maxlen: 24
185.245.7.0/24 maxlen: 24
188.213.202.0/24 maxlen: 24
194.5.82.0/24 maxlen: 24
194.5.83.0/24 maxlen: 24
194.61.40.0/24 maxlen: 24
194.61.41.0/24 maxlen: 24
203.25.124.0/24 maxlen: 24
204.75.229.0/24 maxlen: 24
220.158.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 00:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b0:cf:8b:8a:a3:e1:e1:05:3f:b7:1b:5e:99:f4:83:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jun 10 09:14:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4f2185a5c376828701568b36f6e3cab55cb9b3cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:de:a6:5b:3c:b9:83:8b:bd:5c:35:76:20:37:
e3:45:fa:4d:64:45:ce:1f:9e:00:c9:06:95:0c:ae:
c0:47:cc:1a:b2:d3:e5:86:65:55:44:78:b3:13:64:
16:8b:9f:77:7d:e6:4f:1b:4b:92:fd:f7:ac:34:c6:
fc:20:89:db:a9:e9:4c:ef:a6:c0:13:a3:00:54:fe:
49:ee:3d:4d:5b:b9:b5:35:ff:d5:f4:4e:f5:6f:65:
9e:b1:c1:0a:c5:64:18:0e:ea:c4:b3:6d:e7:60:dc:
57:96:08:04:98:23:6a:bf:39:94:ad:43:ae:ec:ca:
27:81:2b:e6:2c:01:f1:68:16:c3:67:76:1c:9d:ff:
7d:45:e9:39:8f:6d:55:42:f6:e3:c4:9a:98:8c:d5:
11:f5:4d:2f:8a:ec:bc:0b:0b:4b:a7:32:06:ea:b4:
fb:f4:11:3b:64:54:65:09:df:19:49:28:d1:12:97:
8b:72:d9:50:3d:61:6c:b6:38:df:04:8b:9e:f9:59:
c1:88:e7:3f:c3:09:a2:85:96:d6:ce:89:bd:82:1b:
8a:98:82:81:36:b0:2b:c4:a0:4c:5b:64:f8:76:0d:
c7:18:bd:2d:7e:db:08:33:6c:15:37:20:87:29:ed:
62:b1:33:1c:6c:07:0c:20:87:3f:02:3d:1c:ef:44:
36:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:21:85:A5:C3:76:82:87:01:56:8B:36:F6:E3:CA:B5:5C:B9:B3:CB
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/TyGFpcN2gocBVos29uPKtVy5s8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.70.0/24
45.67.97.0/24
45.130.202.0/23
45.133.4.0/22
89.34.126.0/23
185.165.45.0/24
185.245.7.0/24
188.213.202.0/24
194.5.82.0/23
194.61.40.0/23
203.25.124.0/24
204.75.229.0/24
220.158.199.0/24
Signature Algorithm: sha256WithRSAEncryption
41:ce:b6:cc:c3:e0:4a:c9:47:fe:67:41:25:4e:bd:a5:f2:d1:
23:83:36:29:71:23:73:44:c3:bd:55:e5:d3:0f:5d:07:07:7d:
a0:94:ee:f7:f1:f6:12:47:b7:5f:3d:65:fe:8e:ce:98:ff:c0:
11:e6:01:06:99:4e:2b:06:9b:72:85:2e:66:aa:c3:cf:9b:5b:
3a:82:09:18:8f:72:33:02:9a:ea:88:cc:42:0a:40:18:e4:b9:
be:69:11:1c:85:ae:d3:cc:c0:01:9c:5a:57:93:0d:d0:f6:0f:
21:a2:d0:30:bd:35:ac:a6:fa:5f:c5:44:49:12:13:18:3a:e7:
e1:4a:78:a3:15:79:50:65:db:e6:37:20:e0:ea:b3:49:2d:07:
c6:84:69:62:03:b5:40:2a:9d:93:9e:f8:5c:c0:91:8b:0f:2a:
aa:67:ac:b8:8e:e0:45:9d:1f:17:2a:db:09:94:03:d1:b9:85:
53:17:19:5a:b6:ff:5e:d3:4a:41:55:6d:b5:f9:99:c1:f5:f5:
07:54:39:05:3d:83:55:68:60:0c:7c:10:fb:fb:ee:3c:75:90:
bc:d6:33:de:f0:4d:06:ab:37:4c:79:30:78:1c:32:67:87:d7:
e2:50:72:b2:54:2e:74:22:ce:a9:2a:3a:2e:6c:cf:07:4d:cc:
a4:2c:1d:97
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZ6wz4uKo+HhBT+3G16Z9IOxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjYwNjEwMDkxNDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjIxODVhNWMzNzY4Mjg3MDE1NjhiMzZmNmUzY2FiNTVjYjliM2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqt6mWzy5g4u9XDV2IDfjRfpNZEXO
H54AyQaVDK7AR8wastPlhmVVRHizE2QWi593feZPG0uS/fesNMb8IInbqelM76bA
E6MAVP5J7j1NW7m1Nf/V9E71b2WescEKxWQYDurEs23nYNxXlggEmCNqvzmUrUOu
7MongSvmLAHxaBbDZ3Ycnf99Rek5j21VQvbjxJqYjNUR9U0viuy8CwtLpzIG6rT7
9BE7ZFRlCd8ZSSjREpeLctlQPWFstjjfBIue+VnBiOc/wwmihZbWzom9ghuKmIKB
NrArxKBMW2T4dg3HGL0tftsIM2wVNyCHKe1isTMcbAcMIIc/Aj0c70Q2BQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFE8hhaXDdoKHAVaLNvbjyrVcubPLMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvVHlHRnBjTjJnb2NCVm9zMjl1UEt0Vnk1czhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALQhGAwQA
LUNhAwQBLYLKAwQCLYUEAwQBWSJ+AwQAuaUtAwQAufUHAwQAvNXKAwQBwgVSAwQB
wj0oAwQAyxl8AwQAzEvlAwQA3J7HMA0GCSqGSIb3DQEBCwUAA4IBAQBBzrbMw+BK
yUf+Z0ElTr2l8tEjgzYpcSNzRMO9VeXTD10HB32glO738fYSR7dfPWX+js6Y/8AR
5gEGmU4rBptyhS5mqsPPm1s6ggkYj3IzAprqiMxCCkAY5Lm+aREcha7TzMABnFpX
kw3Q9g8hotAwvTWspvpfxURJEhMYOufhSnijFXlQZdvmNyDg6rNJLQfGhGliA7VA
Kp2TnvhcwJGLDyqqZ6y4juBFnR8XKtsJlAPRuYVTFxlatv9e00pBVW21+ZnB9fUH
VDkFPYNVaGAMfBD7++48dZC81jPe8E0GqzdMeTB4HDJnh9fiUHKyVC50Is6pKjou
bM8HTcykLB2X
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:51:25 2026 by rpki-client