Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/TNN64hg2xM1m_ZScXVo2c8V3OUw.roa
File: TNN64hg2xM1m_ZScXVo2c8V3OUw.roa (raw, json)
Hash identifier: UDSrY4tv6dTkxdJ4wfXECnYSfEbKK3HQ4a6MViYBsHk=
Subject key identifier: 4C:D3:7A:E2:18:36:C4:CD:66:FD:94:9C:5D:5A:36:73:C5:77:39:4C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0198460B0B25D5887C82093B7D8CCEBA3B4E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/TNN64hg2xM1m_ZScXVo2c8V3OUw.roa
Signing time: Sat 26 Jul 2025 09:23:05 +0000
ROA not before: Sat 26 Jul 2025 09:23:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213702
IP address blocks: 80.253.249.0/24 maxlen: 24
84.21.189.0/24 maxlen: 24
85.209.129.0/24 maxlen: 24
195.66.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 Aug 2025 23:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:46:0b:0b:25:d5:88:7c:82:09:3b:7d:8c:ce:ba:3b:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 26 09:23:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4cd37ae21836c4cd66fd949c5d5a3673c577394c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0f:fb:3e:f6:fa:19:4c:4f:c9:10:1f:9a:f5:
e1:e4:c6:ac:a6:de:44:f9:15:a3:da:d4:da:eb:4a:
6a:96:89:68:ea:f8:51:11:74:81:7f:85:76:96:3a:
fe:a5:4b:5a:69:d2:fd:88:8a:23:bc:e6:e5:6f:61:
3e:66:53:40:d9:0a:86:6f:4d:84:b7:91:89:ce:a3:
16:48:f8:c2:fe:81:d4:81:11:8e:68:2a:84:75:77:
cb:77:63:46:ad:2c:53:b3:a0:79:90:10:b4:39:21:
5d:dd:36:c5:d6:b6:8d:ab:24:80:91:4f:6e:13:9a:
9d:52:a0:5c:81:37:cc:51:f0:d9:7f:03:1e:ea:93:
20:23:8e:40:d3:e6:3d:8f:d3:26:79:a1:c6:6c:0f:
cb:fb:da:18:37:01:c4:ef:e3:27:90:7c:6f:9c:c3:
bd:db:63:59:42:18:06:2b:ad:8c:96:85:60:b3:4c:
cf:85:b5:8c:c5:cc:a1:52:d2:a5:83:07:5d:a1:9d:
07:00:55:6a:0a:25:67:b4:d5:df:90:e5:cb:b6:4e:
72:ae:b0:d8:35:bf:70:a5:69:3c:37:0e:fd:79:bd:
d5:70:4e:83:56:c3:9c:d6:31:ba:71:b4:c7:4b:b8:
66:46:2d:12:22:66:d8:a6:16:21:13:dc:6f:32:c3:
5a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D3:7A:E2:18:36:C4:CD:66:FD:94:9C:5D:5A:36:73:C5:77:39:4C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/TNN64hg2xM1m_ZScXVo2c8V3OUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.253.249.0/24
84.21.189.0/24
85.209.129.0/24
195.66.27.0/24
Signature Algorithm: sha256WithRSAEncryption
07:6f:05:a9:7c:ec:be:14:3a:ba:a5:52:39:56:31:52:a1:4a:
0f:49:e7:1c:44:12:8f:41:fc:ef:ce:11:f9:c3:a3:a0:ad:a3:
1c:87:3e:52:a4:78:e7:80:66:ea:94:7f:76:c6:a9:2d:2e:53:
77:c0:58:44:15:03:11:2f:5a:e7:6e:df:12:5d:c2:6d:cc:58:
73:72:d9:5d:7a:66:56:79:67:1a:bf:6c:36:ae:95:57:67:f2:
04:3d:92:70:59:9b:57:8d:90:bd:d2:1b:e0:8c:24:9a:70:5e:
3d:ad:dc:b6:bc:b3:24:18:80:4e:e2:71:8e:08:ac:6c:45:f0:
b6:22:f5:d9:fd:af:b7:f2:dd:5b:cc:e8:97:e5:61:16:41:89:
cf:fd:c6:aa:10:42:fd:77:79:fe:80:ba:05:42:a8:67:f9:4f:
c3:af:6c:e6:b7:68:70:49:9f:9f:1f:db:7b:21:43:4e:0e:70:
dc:e3:e4:b4:51:a8:c7:c1:ae:b7:61:9c:3f:fa:74:a7:32:16:
19:88:49:7f:58:d2:21:a7:65:b2:93:29:38:62:38:ad:be:85:
4a:c9:c9:4a:88:52:a7:72:f2:fd:16:db:0b:74:dc:a8:a7:e3:
78:8c:a5:99:79:55:4f:96:08:59:cf:b2:ba:a2:5c:ac:78:b3:
74:26:d8:8d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZhGCwsl1Yh8ggk7fYzOujtOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNzI2MDkyMzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2QzN2FlMjE4MzZjNGNkNjZmZDk0OWM1ZDVhMzY3M2M1NzczOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ/7Pvb6GUxPyRAfmvXh5Maspt5E
+RWj2tTa60pqlolo6vhREXSBf4V2ljr+pUtaadL9iIojvOblb2E+ZlNA2QqGb02E
t5GJzqMWSPjC/oHUgRGOaCqEdXfLd2NGrSxTs6B5kBC0OSFd3TbF1raNqySAkU9u
E5qdUqBcgTfMUfDZfwMe6pMgI45A0+Y9j9MmeaHGbA/L+9oYNwHE7+MnkHxvnMO9
22NZQhgGK62MloVgs0zPhbWMxcyhUtKlgwddoZ0HAFVqCiVntNXfkOXLtk5yrrDY
Nb9wpWk8Nw79eb3VcE6DVsOc1jG6cbTHS7hmRi0SImbYphYhE9xvMsNaeQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEzTeuIYNsTNZv2UnF1aNnPFdzlMMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVE5ONjRoZzJ4TTFtX1pTY1hWbzJjOFYzT1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUP35AwQA
VBW9AwQAVdGBAwQAw0IbMA0GCSqGSIb3DQEBCwUAA4IBAQAHbwWpfOy+FDq6pVI5
VjFSoUoPSeccRBKPQfzvzhH5w6OgraMchz5SpHjngGbqlH92xqktLlN3wFhEFQMR
L1rnbt8SXcJtzFhzctldemZWeWcav2w2rpVXZ/IEPZJwWZtXjZC90hvgjCSacF49
rdy2vLMkGIBO4nGOCKxsRfC2IvXZ/a+38t1bzOiX5WEWQYnP/caqEEL9d3n+gLoF
Qqhn+U/Dr2zmt2hwSZ+fH9t7IUNODnDc4+S0UajHwa63YZw/+nSnMhYZiEl/WNIh
p2Wykyk4YjitvoVKyclKiFKncvL9FtsLdNyop+N4jKWZeVVPlghZz7K6olyseLN0
JtiN
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:44:32 2025 by rpki-client