Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/TJJ2U91WlKqGeZt7nkWsm3Qiqbw.roa
File: TJJ2U91WlKqGeZt7nkWsm3Qiqbw.roa (raw, json)
Hash identifier: mdQvHtkTOzsjnfxeJ0oy7NE/x0tTyj79BbRzG/ybGaQ=
Subject key identifier: 4C:92:76:53:DD:56:94:AA:86:79:9B:7B:9E:45:AC:9B:74:22:A9:BC
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0199570DA31492469860634FBD3A638970F2
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/TJJ2U91WlKqGeZt7nkWsm3Qiqbw.roa
Signing time: Wed 17 Sep 2025 09:42:15 +0000
ROA not before: Wed 17 Sep 2025 09:42:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 89.45.34.0/24 maxlen: 24
93.114.187.0/24 maxlen: 24
188.215.72.0/24 maxlen: 24
188.215.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:57:0d:a3:14:92:46:98:60:63:4f:bd:3a:63:89:70:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Sep 17 09:42:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c927653dd5694aa86799b7b9e45ac9b7422a9bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d1:82:7a:9e:21:fc:9c:8f:2a:4d:79:1f:44:
26:48:bc:b2:65:21:2f:5a:3a:05:70:8b:d2:dd:f4:
d7:65:78:66:1c:a7:c4:2b:19:67:f1:84:bb:3a:8d:
e4:bf:06:32:23:6b:67:69:44:5f:e6:e2:c2:ee:c4:
a7:ce:cd:da:4b:0f:36:48:04:e2:27:38:e4:23:38:
92:d8:05:d9:03:20:ee:b0:27:da:eb:45:db:21:80:
9d:1e:73:81:b6:77:2e:66:c1:9a:25:72:ce:6d:7a:
59:76:a8:c0:ef:0f:5a:6c:0b:e2:5b:9a:6b:eb:31:
11:84:48:25:04:fa:af:74:18:c9:7b:6a:e4:14:6b:
46:30:61:3a:41:c5:03:a8:8a:63:d1:1e:83:6f:26:
49:d7:e1:64:c2:ea:e1:f5:6d:9e:2a:4d:bd:ff:19:
3c:c9:17:c7:38:01:04:8f:b8:04:50:a8:91:56:ea:
dd:c4:b9:71:1a:e4:fb:39:2c:75:d5:68:ff:87:91:
d0:23:ba:46:19:91:84:cd:97:75:8e:c1:b8:02:06:
12:41:76:6d:cf:a0:46:4f:0d:b6:d1:f2:85:9f:27:
c2:e6:b2:83:38:42:88:42:4a:9f:fb:64:16:db:41:
73:5f:7c:e1:d6:f3:11:a7:86:72:0d:85:72:fb:7d:
f3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:92:76:53:DD:56:94:AA:86:79:9B:7B:9E:45:AC:9B:74:22:A9:BC
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/TJJ2U91WlKqGeZt7nkWsm3Qiqbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.34.0/24
93.114.187.0/24
188.215.72.0/24
188.215.95.0/24
Signature Algorithm: sha256WithRSAEncryption
d1:5e:6d:5b:e9:8b:9f:9e:fa:f7:3d:1b:c9:eb:03:b7:77:58:
6b:92:f3:bb:44:9d:7d:e0:ff:f8:11:ef:bc:3f:d4:98:69:3e:
52:9d:27:64:2a:4e:51:54:5c:45:ce:6f:6b:b0:fe:cb:30:36:
5a:2b:7a:05:da:9a:53:7f:bc:0a:7c:7a:8d:2c:57:a9:87:14:
f9:e9:b4:69:67:4f:28:3a:aa:68:63:ec:9c:da:96:9c:f4:61:
17:c9:c5:22:7c:fc:3b:54:03:df:7d:9b:78:34:ec:4b:12:6d:
21:b4:8f:71:6d:ea:4f:15:41:4c:b4:68:6a:14:58:ca:9d:48:
f0:24:fa:a0:09:74:dc:e4:62:f2:8f:d3:49:aa:93:4e:c8:f6:
ea:0c:fc:8d:1d:ab:43:6a:46:f7:14:f4:d9:c9:86:fc:b3:9b:
a2:e8:20:6e:94:3d:90:24:77:14:86:49:b1:90:af:89:eb:34:
ee:79:06:bb:4f:d5:a3:13:cd:bb:94:77:0d:45:62:cf:5f:69:
17:fc:25:14:31:4f:5b:ae:e2:65:dc:df:a0:b9:63:38:9f:c7:
2c:95:d4:b3:38:eb:44:22:74:d4:36:84:75:9d:d5:f9:ab:0f:
ce:17:e2:df:04:18:44:30:10:73:37:cb:3b:c5:33:c9:82:f9:
1f:97:bd:22
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZlXDaMUkkaYYGNPvTpjiXDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjUwOTE3MDk0MjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzkyNzY1M2RkNTY5NGFhODY3OTliN2I5ZTQ1YWM5Yjc0MjJhOWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdGCep4h/JyPKk15H0QmSLyyZSEv
WjoFcIvS3fTXZXhmHKfEKxln8YS7Oo3kvwYyI2tnaURf5uLC7sSnzs3aSw82SATi
JzjkIziS2AXZAyDusCfa60XbIYCdHnOBtncuZsGaJXLObXpZdqjA7w9abAviW5pr
6zERhEglBPqvdBjJe2rkFGtGMGE6QcUDqIpj0R6DbyZJ1+Fkwurh9W2eKk29/xk8
yRfHOAEEj7gEUKiRVurdxLlxGuT7OSx11Wj/h5HQI7pGGZGEzZd1jsG4AgYSQXZt
z6BGTw220fKFnyfC5rKDOEKIQkqf+2QW20FzX3zh1vMRp4ZyDYVy+33zoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEySdlPdVpSqhnmbe55FrJt0Iqm8MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvVEpKMlU5MVdsS3FHZVp0N25rV3NtM1FpcWJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWS0iAwQA
XXK7AwQAvNdIAwQAvNdfMA0GCSqGSIb3DQEBCwUAA4IBAQDRXm1b6Yufnvr3PRvJ
6wO3d1hrkvO7RJ194P/4Ee+8P9SYaT5SnSdkKk5RVFxFzm9rsP7LMDZaK3oF2ppT
f7wKfHqNLFephxT56bRpZ08oOqpoY+yc2pac9GEXycUifPw7VAPffZt4NOxLEm0h
tI9xbepPFUFMtGhqFFjKnUjwJPqgCXTc5GLyj9NJqpNOyPbqDPyNHatDakb3FPTZ
yYb8s5ui6CBulD2QJHcUhkmxkK+J6zTueQa7T9WjE827lHcNRWLPX2kX/CUUMU9b
ruJl3N+guWM4n8csldSzOOtEInTUNoR1ndX5qw/OF+LfBBhEMBBzN8s7xTPJgvkf
l70i
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:08:59 2025 by rpki-client