Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Ta-Jng8bCeWcapI-4Br5-Z9YPK4.roa
File: Ta-Jng8bCeWcapI-4Br5-Z9YPK4.roa (raw, json)
Hash identifier: ZXEMtyYZ68+dYUKGgJwGRiHDozsTZWFiUEvbDn+U6vU=
Subject key identifier: 4D:AF:89:9E:0F:1B:09:E5:9C:6A:92:3E:E0:1A:F9:F9:9F:58:3C:AE
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019724F17BD58659571788F28A99CCAD80E2
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Ta-Jng8bCeWcapI-4Br5-Z9YPK4.roa
Signing time: Sat 31 May 2025 06:04:55 +0000
ROA not before: Sat 31 May 2025 06:04:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 2.58.171.0/24 maxlen: 24
88.151.61.0/24 maxlen: 24
88.209.192.0/24 maxlen: 24
88.209.207.0/24 maxlen: 24
88.209.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 12:45:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:24:f1:7b:d5:86:59:57:17:88:f2:8a:99:cc:ad:80:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 31 06:04:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4daf899e0f1b09e59c6a923ee01af9f99f583cae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:82:2b:0a:57:c7:c6:82:af:dc:e6:e4:9e:2c:
97:7b:1e:85:83:9b:d0:e3:12:cf:91:aa:aa:e0:ab:
b3:15:e2:bf:82:ce:1d:9c:b7:32:af:77:2f:16:31:
5d:df:0b:0f:f2:c4:49:6c:94:7d:4d:8a:c7:23:a2:
73:54:ad:00:b2:72:db:c2:20:ca:49:04:85:49:22:
52:5b:9b:90:27:8d:0d:e9:c7:6f:ec:48:c1:2c:9d:
c1:9f:82:d0:e1:36:b7:f7:2f:08:34:13:e8:7d:d3:
33:2d:4d:d8:b5:89:6d:c9:c8:98:db:39:30:b3:95:
71:4b:cc:30:73:bf:a9:50:8d:d4:0b:95:04:3c:7f:
e7:55:a8:a4:2e:71:a0:e2:9b:3b:ff:f1:79:90:d3:
c8:dd:cc:6a:1a:73:94:f1:63:dd:bf:dc:0d:59:c9:
c3:de:a2:fd:93:bb:02:b7:83:46:21:c7:9a:9d:dd:
a1:cd:d0:d5:2e:f2:86:2e:b0:27:4d:7d:3c:09:3f:
5d:4e:16:b2:4c:57:01:dc:64:a3:71:95:df:59:18:
1e:ce:47:4d:50:42:9c:07:9d:3d:51:55:10:1d:36:
0a:b7:1b:ac:49:4b:7f:28:a9:7c:21:bd:91:e9:02:
77:d1:56:31:ca:f9:7e:e3:0d:ba:2d:0d:4e:a8:d9:
0c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:AF:89:9E:0F:1B:09:E5:9C:6A:92:3E:E0:1A:F9:F9:9F:58:3C:AE
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Ta-Jng8bCeWcapI-4Br5-Z9YPK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.171.0/24
88.151.61.0/24
88.209.192.0/24
88.209.207.0/24
88.209.222.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:9a:a5:37:9b:fd:8d:f8:b0:0f:30:90:7c:82:bd:88:1f:a1:
a3:51:75:ae:a1:4f:29:1f:42:22:87:06:d9:14:ab:1b:d8:ab:
06:18:18:8b:f9:3d:fd:19:76:5f:21:73:47:3a:a5:29:3e:8d:
64:b7:04:95:08:8d:03:27:3f:0e:07:7f:4e:11:91:18:4a:8d:
8f:19:9e:21:f9:38:d3:e4:41:d3:37:9c:ce:ac:ca:a9:53:f1:
40:cb:6e:58:a7:1f:7c:82:80:eb:f9:57:5b:1f:b2:5f:e4:d9:
c3:df:93:57:26:9d:60:3b:b3:9f:f7:cb:a6:bb:e5:b0:38:ce:
c0:8b:25:0e:23:da:5e:70:92:45:0c:40:bd:34:18:27:d7:0e:
a2:92:65:80:d2:a0:57:26:6d:e7:fb:f1:82:29:b2:ca:01:92:
cf:80:ae:85:73:33:e9:6d:3c:fb:ee:b8:0b:65:d4:4a:05:dd:
30:3b:bf:1d:03:29:bd:a7:93:4b:bd:22:54:a2:88:02:b6:ca:
a2:f5:39:c0:33:2d:b7:29:14:55:a4:6c:10:93:74:47:34:85:
b1:4a:6e:32:82:6f:33:48:1e:a6:81:17:80:f8:0d:75:fd:d6:
80:63:d7:6a:0a:46:6b:bf:fb:5c:26:94:3c:b1:05:fd:54:51:
10:f9:54:60
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZck8XvVhllXF4jyipnMrYDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUwNTMxMDYwNDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGFmODk5ZTBmMWIwOWU1OWM2YTkyM2VlMDFhZjlmOTlmNTgzY2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIIrClfHxoKv3ObkniyXex6Fg5vQ
4xLPkaqq4KuzFeK/gs4dnLcyr3cvFjFd3wsP8sRJbJR9TYrHI6JzVK0AsnLbwiDK
SQSFSSJSW5uQJ40N6cdv7EjBLJ3Bn4LQ4Ta39y8INBPofdMzLU3YtYltyciY2zkw
s5VxS8wwc7+pUI3UC5UEPH/nVaikLnGg4ps7//F5kNPI3cxqGnOU8WPdv9wNWcnD
3qL9k7sCt4NGIceand2hzdDVLvKGLrAnTX08CT9dThayTFcB3GSjcZXfWRgezkdN
UEKcB509UVUQHTYKtxusSUt/KKl8Ib2R6QJ30VYxyvl+4w26LQ1OqNkMqwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFE2viZ4PGwnlnGqSPuAa+fmfWDyuMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVGEtSm5nOGJDZVdjYXBJLTRCcjUtWjlZUEs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjqrAwQA
WJc9AwQAWNHAAwQAWNHPAwQAWNHeMA0GCSqGSIb3DQEBCwUAA4IBAQCOmqU3m/2N
+LAPMJB8gr2IH6GjUXWuoU8pH0IihwbZFKsb2KsGGBiL+T39GXZfIXNHOqUpPo1k
twSVCI0DJz8OB39OEZEYSo2PGZ4h+TjT5EHTN5zOrMqpU/FAy25Ypx98goDr+Vdb
H7Jf5NnD35NXJp1gO7Of98umu+WwOM7AiyUOI9pecJJFDEC9NBgn1w6ikmWA0qBX
Jm3n+/GCKbLKAZLPgK6FczPpbTz77rgLZdRKBd0wO78dAym9p5NLvSJUoogCtsqi
9TnAMy23KRRVpGwQk3RHNIWxSm4ygm8zSB6mgReA+A11/daAY9dqCkZrv/tcJpQ8
sQX9VFEQ+VRg
-----END CERTIFICATE-----
Generated at Tue Jun 17 16:19:44 2025 by rpki-client