Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/tZ1_4m2w2psAaZQXIhS-9t_wi_8.roa
File: tZ1_4m2w2psAaZQXIhS-9t_wi_8.roa (raw, json)
Hash identifier: rQXyCvnsYyi09/DywprJe+oCNTO4rAkfiQqg26rwwuY=
Subject key identifier: B5:9D:7F:E2:6D:B0:DA:9B:00:69:94:17:22:14:BE:F6:DF:F0:8B:FF
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 0198AAD1BBF1BB3455564F5E11DA2B7989C3
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/tZ1_4m2w2psAaZQXIhS-9t_wi_8.roa
Signing time: Thu 14 Aug 2025 23:02:08 +0000
ROA not before: Thu 14 Aug 2025 23:02:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 138.226.32.0/20 maxlen: 20
138.226.80.0/21 maxlen: 21
138.226.120.0/21 maxlen: 21
138.226.128.0/18 maxlen: 18
158.120.49.0/24 maxlen: 24
158.120.51.0/24 maxlen: 24
158.120.53.0/24 maxlen: 24
158.120.55.0/24 maxlen: 24
158.120.57.0/24 maxlen: 24
158.120.59.0/24 maxlen: 24
158.120.61.0/24 maxlen: 24
158.120.63.0/24 maxlen: 24
192.46.184.0/21 maxlen: 21
192.46.184.0/22 maxlen: 22
192.46.188.0/24 maxlen: 24
192.46.200.0/22 maxlen: 22
192.53.64.0/22 maxlen: 22
192.53.68.0/22 maxlen: 22
192.53.136.0/22 maxlen: 22
192.53.140.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:aa:d1:bb:f1:bb:34:55:56:4f:5e:11:da:2b:79:89:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Aug 14 23:02:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b59d7fe26db0da9b006994172214bef6dff08bff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:3a:0e:5f:07:47:44:11:81:d9:d8:3c:56:01:
33:61:c4:bb:04:c8:5d:b4:e5:c1:92:a7:93:19:3c:
bc:c5:6a:24:f4:c0:c9:b1:c1:eb:23:32:00:53:5d:
b7:5d:4d:18:91:5f:a2:fa:23:37:4d:35:e8:7b:93:
5f:88:da:31:c8:fb:33:d1:50:f7:24:f9:e8:06:0e:
48:4b:c9:bf:06:4c:fd:1f:c8:37:a2:7b:cf:02:76:
3e:4a:a5:ba:1e:31:d7:bd:a8:92:75:94:1e:1f:98:
21:ba:0a:cb:be:d5:7f:63:b4:dc:91:08:5a:79:83:
97:fb:db:f7:15:8a:5e:18:29:26:ea:18:3c:3b:66:
6b:35:3c:5f:ee:a9:c2:3d:c9:f0:77:04:58:3b:cc:
16:a0:be:18:91:5a:85:fa:35:d7:0c:52:fe:5b:83:
c8:15:11:6d:30:bd:26:10:2d:10:12:9a:87:db:9b:
1d:c9:fe:68:0d:ff:ad:47:a3:d0:83:43:f7:31:49:
0a:66:3f:60:ad:97:dc:19:f5:ab:a3:b2:1c:ae:91:
db:b4:f0:47:b4:d2:67:15:e5:ef:a9:6b:00:15:9c:
0f:20:1f:af:2c:6c:34:98:83:89:a6:54:24:92:c2:
a5:37:74:8c:cf:4c:24:7d:ca:e0:39:7c:f9:bd:56:
ad:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:9D:7F:E2:6D:B0:DA:9B:00:69:94:17:22:14:BE:F6:DF:F0:8B:FF
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/tZ1_4m2w2psAaZQXIhS-9t_wi_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.226.32.0/20
138.226.80.0/21
138.226.120.0-138.226.191.255
158.120.49.0/24
158.120.51.0/24
158.120.53.0/24
158.120.55.0/24
158.120.57.0/24
158.120.59.0/24
158.120.61.0/24
158.120.63.0/24
192.46.184.0/21
192.46.200.0/22
192.53.64.0/21
192.53.136.0/21
Signature Algorithm: sha256WithRSAEncryption
4b:97:b1:3c:23:3f:03:10:b9:3b:5f:68:d2:21:cb:69:d9:c2:
46:d9:5e:18:77:0f:3e:d8:b7:01:a7:c7:41:3c:7d:b3:c0:f6:
8b:9e:08:80:16:eb:9f:80:d8:b3:a8:6c:90:88:15:52:0e:99:
5f:06:ad:b6:8c:36:d0:e8:ca:d5:72:7f:3f:ee:ce:3c:c8:e3:
a4:74:10:23:76:a4:45:05:ee:48:87:3a:7c:57:9b:5b:17:3b:
76:1b:86:42:90:20:22:9a:70:5c:63:e1:6e:9f:4c:0f:74:dd:
86:2a:63:12:41:4b:a9:3c:12:42:b4:8c:8e:35:35:a1:45:8d:
54:53:c1:34:0b:6f:4f:be:e1:0e:43:ae:85:bc:d9:c1:cc:a3:
21:21:29:9a:ad:13:66:29:54:03:37:63:86:a2:0f:cf:7c:9c:
6a:1e:9c:c9:fd:2e:c8:cc:81:0e:f0:b9:71:8e:ca:5c:ad:19:
19:ed:ca:87:90:b1:fe:a8:7b:bc:a2:a7:2a:b6:5e:e8:f4:df:
c7:d4:e7:42:1d:ab:e3:17:2d:47:5a:8a:ca:af:f5:0d:b4:f4:
8f:6d:f7:01:ea:e4:bb:e8:ae:13:5e:ba:57:61:45:f5:a5:f4:
d9:5b:1e:0d:c9:87:34:3b:ca:b4:81:51:2d:19:f8:94:27:79:
9e:ac:7a:a3
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZiq0bvxuzRVVk9eEdoreYnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjUwODE0MjMwMjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTlkN2ZlMjZkYjBkYTliMDA2OTk0MTcyMjE0YmVmNmRmZjA4YmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0DoOXwdHRBGB2dg8VgEzYcS7BMhd
tOXBkqeTGTy8xWok9MDJscHrIzIAU123XU0YkV+i+iM3TTXoe5NfiNoxyPsz0VD3
JPnoBg5IS8m/Bkz9H8g3onvPAnY+SqW6HjHXvaiSdZQeH5ghugrLvtV/Y7TckQha
eYOX+9v3FYpeGCkm6hg8O2ZrNTxf7qnCPcnwdwRYO8wWoL4YkVqF+jXXDFL+W4PI
FRFtML0mEC0QEpqH25sdyf5oDf+tR6PQg0P3MUkKZj9grZfcGfWro7IcrpHbtPBH
tNJnFeXvqWsAFZwPIB+vLGw0mIOJplQkksKlN3SMz0wkfcrgOXz5vVatBQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFLWdf+JtsNqbAGmUFyIUvvbf8Iv/MB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEvdFoxXzRtMncycHNBYVpRWEloUy05dF93aV84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQEiuIgAwQD
iuJQMAwDBAOK4ngDBAaK4oADBACeeDEDBACeeDMDBACeeDUDBACeeDcDBACeeDkD
BACeeDsDBACeeD0DBACeeD8DBAPALrgDBALALsgDBAPANUADBAPANYgwDQYJKoZI
hvcNAQELBQADggEBAEuXsTwjPwMQuTtfaNIhy2nZwkbZXhh3Dz7YtwGnx0E8fbPA
9oueCIAW65+A2LOobJCIFVIOmV8GrbaMNtDoytVyfz/uzjzI46R0ECN2pEUF7kiH
OnxXm1sXO3YbhkKQICKacFxj4W6fTA903YYqYxJBS6k8EkK0jI41NaFFjVRTwTQL
b0++4Q5DroW82cHMoyEhKZqtE2YpVAM3Y4aiD898nGoenMn9LsjMgQ7wuXGOylyt
GRntyoeQsf6oe7yipyq2Xuj038fU50Idq+MXLUdaisqv9Q209I9t9wHq5LvorhNe
uldhRfWl9NlbHg3JhzQ7yrSBUS0Z+JQneZ6seqM=
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:04:43 2025 by rpki-client