Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/tPUl5UizINBCysqHCo0f-IKbubI.roa
File: tPUl5UizINBCysqHCo0f-IKbubI.roa (raw, json)
Hash identifier: Jy4r4appEJcFdIu8+y5E9vyoW9v68yMxxHxPbtJvcI4=
Subject key identifier: B4:F5:25:E5:48:B3:20:D0:42:CA:CA:87:0A:8D:1F:F8:82:9B:B9:B2
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01994D7D8869E06A97FD56D292FCA80E78F1
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/tPUl5UizINBCysqHCo0f-IKbubI.roa
Signing time: Mon 15 Sep 2025 13:08:16 +0000
ROA not before: Mon 15 Sep 2025 13:08:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210616
IP address blocks: 93.171.184.0/22 maxlen: 24
146.120.52.0/22 maxlen: 24
146.120.116.0/23 maxlen: 24
146.158.96.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4d:7d:88:69:e0:6a:97:fd:56:d2:92:fc:a8:0e:78:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Sep 15 13:08:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4f525e548b320d042caca870a8d1ff8829bb9b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:6c:ba:91:90:b1:01:f3:8c:9c:45:b5:32:f3:
58:d5:bf:bf:64:11:46:3a:e7:02:27:29:f6:ee:b9:
6a:99:68:6a:66:99:78:85:74:5f:56:03:ae:5d:10:
90:87:63:d3:dd:f1:0c:45:ce:2d:e7:41:cf:a5:17:
34:74:02:c6:97:94:1f:9b:95:08:56:9e:d2:b2:2f:
7d:86:2f:84:79:27:40:45:6f:9a:43:f1:0a:37:fb:
6c:08:75:a9:ac:c9:23:7d:93:76:86:28:7b:a5:78:
a7:49:4c:75:90:ee:95:ee:cd:98:80:ec:b1:8a:78:
39:14:2e:51:fd:47:dd:c9:86:58:41:c3:8e:59:16:
7b:4c:33:bf:44:f5:c5:83:f2:d2:2a:2b:ed:26:7c:
d0:9d:5a:7e:7d:06:2f:2b:df:76:1b:ad:0a:f1:4e:
af:ba:10:57:b0:16:fd:61:22:d8:ee:e1:8a:3e:a2:
08:48:ec:85:7e:73:82:49:d9:e9:2f:69:1e:d8:ba:
43:ae:92:ae:9a:90:f9:41:ae:a5:f7:cd:64:07:33:
5f:f8:70:d2:5d:2a:ff:8e:10:1e:89:7c:08:9b:f9:
97:18:de:ce:23:e4:1c:f0:89:9b:6f:82:04:30:b9:
0d:04:08:14:ef:1d:30:31:ef:68:be:72:40:50:ca:
6b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F5:25:E5:48:B3:20:D0:42:CA:CA:87:0A:8D:1F:F8:82:9B:B9:B2
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/tPUl5UizINBCysqHCo0f-IKbubI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.184.0/22
146.120.52.0/22
146.120.116.0/23
146.158.96.0/19
Signature Algorithm: sha256WithRSAEncryption
14:94:45:27:10:d2:22:a0:c8:03:0e:cc:9b:3c:52:26:db:ea:
24:db:60:dd:ab:83:9f:4d:01:b0:4d:68:8b:69:11:4e:09:b0:
b9:d5:28:22:d2:5f:49:9d:07:09:7f:e7:a4:d1:e9:aa:fc:f9:
b2:f4:e5:4e:40:a3:60:88:b7:06:80:33:1f:45:e9:ab:89:b5:
eb:a6:0d:15:6a:6a:ed:0b:1f:e2:33:a5:62:27:11:f1:ac:9e:
03:b2:10:36:a6:30:c5:90:a9:3b:98:f8:70:08:ba:3c:b1:9a:
9c:45:77:01:e5:cb:50:8d:18:f6:af:b3:c3:59:ce:c6:75:6a:
01:ee:17:eb:d7:9f:d1:ee:1c:3f:77:1c:25:7b:e1:20:32:78:
a0:ea:cf:98:43:f2:cd:cc:ec:bf:70:c7:55:01:42:71:a8:a7:
a2:8f:fe:3f:8d:cd:c5:61:d6:c2:db:76:04:06:b2:ca:a8:d0:
31:ab:8a:a8:8b:8c:33:b8:c1:ab:df:5e:49:8f:b5:96:2d:06:
fd:10:78:c3:05:f9:a5:2f:77:74:b4:7b:56:07:73:a1:da:b1:
db:45:63:c4:af:12:7f:f8:a7:b9:f5:20:45:99:e9:2b:11:47:
89:68:38:0c:0f:fa:80:4d:39:3e:c6:07:2a:9a:a9:f2:06:23:
cb:2c:24:02
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZlNfYhp4GqX/VbSkvyoDnjxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwOTE1MTMwODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGY1MjVlNTQ4YjMyMGQwNDJjYWNhODcwYThkMWZmODgyOWJiOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2y6kZCxAfOMnEW1MvNY1b+/ZBFG
OucCJyn27rlqmWhqZpl4hXRfVgOuXRCQh2PT3fEMRc4t50HPpRc0dALGl5Qfm5UI
Vp7Ssi99hi+EeSdARW+aQ/EKN/tsCHWprMkjfZN2hih7pXinSUx1kO6V7s2YgOyx
ing5FC5R/UfdyYZYQcOOWRZ7TDO/RPXFg/LSKivtJnzQnVp+fQYvK992G60K8U6v
uhBXsBb9YSLY7uGKPqIISOyFfnOCSdnpL2ke2LpDrpKumpD5Qa6l981kBzNf+HDS
XSr/jhAeiXwIm/mXGN7OI+Qc8Imbb4IEMLkNBAgU7x0wMe9ovnJAUMprMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLT1JeVIsyDQQsrKhwqNH/iCm7myMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvdFBVbDVVaXpJTkJDeXNxSENvMGYtSUtidWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCXau4AwQC
kng0AwQBknh0AwQFkp5gMA0GCSqGSIb3DQEBCwUAA4IBAQAUlEUnENIioMgDDsyb
PFIm2+ok22Ddq4OfTQGwTWiLaRFOCbC51Sgi0l9JnQcJf+ek0emq/Pmy9OVOQKNg
iLcGgDMfRemribXrpg0VamrtCx/iM6ViJxHxrJ4DshA2pjDFkKk7mPhwCLo8sZqc
RXcB5ctQjRj2r7PDWc7GdWoB7hfr15/R7hw/dxwle+EgMnig6s+YQ/LNzOy/cMdV
AUJxqKeij/4/jc3FYdbC23YEBrLKqNAxq4qoi4wzuMGr315Jj7WWLQb9EHjDBfml
L3d0tHtWB3Oh2rHbRWPErxJ/+Ke59SBFmekrEUeJaDgMD/qATTk+xgcqmqnyBiPL
LCQC
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:42:22 2025 by rpki-client