Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/6bef22-f345-4603-a1e9-5cc2ef099aee/1/TNgap5W-osn_Rfol75raxYUJNcQ.roa
File: TNgap5W-osn_Rfol75raxYUJNcQ.roa (raw, json)
Hash identifier: v9eCsfXIr5Y/Gysizic1m9zP115asEh2Yiu1o/todaA=
Subject key identifier: 4C:D8:1A:A7:95:BE:A2:C9:FF:45:FA:25:EF:9A:DA:C5:85:09:35:C4
Certificate issuer: /CN=92933e013644db9c9ee9b91df72e1338db8e2097
Certificate serial: 019663B41D2AAF48C4657B4749B6FDD6B871
Authority key identifier: 92:93:3E:01:36:44:DB:9C:9E:E9:B9:1D:F7:2E:13:38:DB:8E:20:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpM-ATZE25ye6bkd9y4TONuOIJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/6bef22-f345-4603-a1e9-5cc2ef099aee/1/TNgap5W-osn_Rfol75raxYUJNcQ.roa
Signing time: Wed 23 Apr 2025 17:31:10 +0000
ROA not before: Wed 23 Apr 2025 17:31:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205499
IP address blocks: 88.135.78.0/23 maxlen: 24
88.135.78.0/24 maxlen: 24
88.135.79.0/24 maxlen: 24
178.251.16.0/22 maxlen: 22
178.251.16.0/24 maxlen: 24
178.251.17.0/24 maxlen: 24
178.251.18.0/24 maxlen: 24
178.251.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/6bef22-f345-4603-a1e9-5cc2ef099aee/1/kpM-ATZE25ye6bkd9y4TONuOIJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/6bef22-f345-4603-a1e9-5cc2ef099aee/1/kpM-ATZE25ye6bkd9y4TONuOIJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/kpM-ATZE25ye6bkd9y4TONuOIJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:63:b4:1d:2a:af:48:c4:65:7b:47:49:b6:fd:d6:b8:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92933e013644db9c9ee9b91df72e1338db8e2097
Validity
Not Before: Apr 23 17:31:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4cd81aa795bea2c9ff45fa25ef9adac5850935c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a9:f0:44:f3:e8:24:29:2e:ac:52:35:db:3c:
ba:3d:ff:d1:91:d7:9a:28:cd:61:05:01:f7:b7:53:
00:89:69:50:a5:7f:66:99:bf:b4:bd:da:7f:a3:e5:
42:0c:28:23:7d:3b:fb:4e:50:50:9b:83:e1:ab:e9:
15:fb:06:cf:c4:1b:80:c9:67:c6:4d:57:22:9d:4a:
c2:1b:e6:3d:ad:2f:bc:85:c5:ca:a8:48:85:c6:3d:
4f:ad:13:53:03:84:5a:00:5a:07:5c:3d:7c:3e:b0:
97:15:5c:9e:00:e4:06:34:42:a1:e4:66:49:16:c0:
ba:6a:53:c3:ff:40:ef:7b:c6:ab:a6:f0:d4:ad:9e:
17:bc:05:29:0d:39:0f:f5:1c:7c:0e:17:37:90:ed:
6c:97:6f:f6:14:a2:55:38:72:b5:99:2f:2e:7d:b9:
b1:08:1c:af:a7:ac:e2:b1:c5:02:c1:e5:b9:2d:25:
59:ba:d9:a6:f6:2c:3d:cc:cb:37:d2:cb:d3:db:8b:
40:24:4c:af:34:3b:ec:41:f7:e3:89:9a:50:47:0c:
ce:17:15:78:29:86:1a:f4:41:32:fc:ee:2d:49:7c:
8b:5a:ba:c7:53:53:38:b9:12:7d:3b:16:96:08:09:
82:46:a8:92:0d:a3:e0:31:0b:f6:e4:e3:20:3d:81:
d8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D8:1A:A7:95:BE:A2:C9:FF:45:FA:25:EF:9A:DA:C5:85:09:35:C4
X509v3 Authority Key Identifier:
keyid:92:93:3E:01:36:44:DB:9C:9E:E9:B9:1D:F7:2E:13:38:DB:8E:20:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpM-ATZE25ye6bkd9y4TONuOIJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6bef22-f345-4603-a1e9-5cc2ef099aee/1/TNgap5W-osn_Rfol75raxYUJNcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6bef22-f345-4603-a1e9-5cc2ef099aee/1/kpM-ATZE25ye6bkd9y4TONuOIJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.78.0/23
178.251.16.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:ef:73:74:12:19:74:9c:44:17:e0:bf:4f:fd:3c:2f:db:55:
cb:e2:8c:ec:ba:c7:00:22:cc:d2:b4:3c:cc:d4:f5:f7:9d:ce:
36:54:d5:f5:26:a0:2e:3e:f1:8e:cd:fa:9e:1c:ef:c2:1e:94:
66:42:aa:f7:73:f2:ff:63:22:d1:44:47:fc:60:4c:e5:d9:98:
a8:eb:8f:bf:32:d6:eb:eb:75:6d:b2:a5:a6:be:a1:18:a3:d6:
88:1b:96:41:65:00:df:57:dd:25:f3:0a:da:e1:a2:dc:37:e6:
7f:0a:80:d3:2f:7b:a0:b1:22:5a:63:71:58:fd:63:64:0b:81:
0a:46:c4:b7:16:1b:06:11:0a:6c:bb:9f:b1:fc:8e:86:70:25:
a0:63:f2:d6:40:ea:58:61:30:56:3a:33:84:e4:91:e6:32:69:
ac:b4:e2:08:76:8b:cf:db:a1:a9:b9:ff:52:77:94:a2:3d:4d:
69:a8:52:5a:a0:42:71:e1:bc:e6:be:a4:01:5b:f0:05:49:2d:
57:f1:78:79:51:c5:8d:7d:c0:17:8a:56:96:49:7a:b8:8b:00:
fb:99:4f:05:4b:77:8d:84:28:1f:d0:3b:bc:28:3a:86:a2:ee:
8d:90:70:a0:d6:68:44:5f:96:71:96:95:e8:3c:e7:21:b5:7d:
61:58:2a:96
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZZjtB0qr0jEZXtHSbb91rhxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyOTMzZTAxMzY0NGRiOWM5ZWU5YjkxZGY3MmUxMzM4ZGI4
ZTIwOTcwHhcNMjUwNDIzMTczMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2Q4MWFhNzk1YmVhMmM5ZmY0NWZhMjVlZjlhZGFjNTg1MDkzNWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1anwRPPoJCkurFI12zy6Pf/Rkdea
KM1hBQH3t1MAiWlQpX9mmb+0vdp/o+VCDCgjfTv7TlBQm4Phq+kV+wbPxBuAyWfG
TVcinUrCG+Y9rS+8hcXKqEiFxj1PrRNTA4RaAFoHXD18PrCXFVyeAOQGNEKh5GZJ
FsC6alPD/0Dve8arpvDUrZ4XvAUpDTkP9Rx8Dhc3kO1sl2/2FKJVOHK1mS8ufbmx
CByvp6ziscUCweW5LSVZutmm9iw9zMs30svT24tAJEyvNDvsQffjiZpQRwzOFxV4
KYYa9EEy/O4tSXyLWrrHU1M4uRJ9OxaWCAmCRqiSDaPgMQv25OMgPYHYNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEzYGqeVvqLJ/0X6Je+a2sWFCTXEMB8GA1UdIwQY
MBaAFJKTPgE2RNucnum5HfcuEzjbjiCXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3BNLUFUWkUyNXllNmJrZDl5NFRPTnVPSUpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy82YmVmMjItZjM0NS00NjAzLWExZTkt
NWNjMmVmMDk5YWVlLzEvVE5nYXA1Vy1vc25fUmZvbDc1cmF4WVVKTmNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy82YmVmMjItZjM0NS00NjAzLWExZTktNWNjMmVmMDk5YWVl
LzEva3BNLUFUWkUyNXllNmJrZDl5NFRPTnVPSUpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWIdOAwQC
svsQMA0GCSqGSIb3DQEBCwUAA4IBAQBb73N0Ehl0nEQX4L9P/Twv21XL4ozsuscA
IszStDzM1PX3nc42VNX1JqAuPvGOzfqeHO/CHpRmQqr3c/L/YyLRREf8YEzl2Zio
64+/Mtbr63VtsqWmvqEYo9aIG5ZBZQDfV90l8wra4aLcN+Z/CoDTL3ugsSJaY3FY
/WNkC4EKRsS3FhsGEQpsu5+x/I6GcCWgY/LWQOpYYTBWOjOE5JHmMmmstOIIdovP
26Gpuf9Sd5SiPU1pqFJaoEJx4bzmvqQBW/AFSS1X8Xh5UcWNfcAXilaWSXq4iwD7
mU8FS3eNhCgf0Du8KDqGou6NkHCg1mhEX5ZxlpXoPOchtX1hWCqW
-----END CERTIFICATE-----
Generated at Fri May 2 09:33:13 2025 by rpki-client