Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/TzuzSGjWwV3OX8zX79IT4KZ2KbM.roa
File: TzuzSGjWwV3OX8zX79IT4KZ2KbM.roa (raw, json)
Hash identifier: km0dEl7ZooKnmSTFDQzgqnm2fuMBjhQx4KgIive/k7E=
Subject key identifier: 4F:3B:B3:48:68:D6:C1:5D:CE:5F:CC:D7:EF:D2:13:E0:A6:76:29:B3
Certificate issuer: /CN=ea46963cc479dadbe3c52234ab9fabaa8122d25b
Certificate serial: 0197818DA60D73598F53289E534831849BC0
Authority key identifier: EA:46:96:3C:C4:79:DA:DB:E3:C5:22:34:AB:9F:AB:AA:81:22:D2:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/TzuzSGjWwV3OX8zX79IT4KZ2KbM.roa
Signing time: Wed 18 Jun 2025 05:40:33 +0000
ROA not before: Wed 18 Jun 2025 05:40:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35039
IP address blocks: 139.66.0.0/23 maxlen: 23
139.66.2.0/23 maxlen: 23
139.66.4.0/23 maxlen: 23
139.66.6.0/23 maxlen: 23
139.66.8.0/23 maxlen: 23
139.66.10.0/23 maxlen: 23
139.66.12.0/23 maxlen: 23
139.66.14.0/23 maxlen: 23
139.66.16.0/23 maxlen: 23
139.66.18.0/23 maxlen: 23
139.66.122.0/23 maxlen: 23
139.66.124.0/23 maxlen: 23
139.66.126.0/23 maxlen: 23
155.56.128.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.mft
rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 12:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:81:8d:a6:0d:73:59:8f:53:28:9e:53:48:31:84:9b:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea46963cc479dadbe3c52234ab9fabaa8122d25b
Validity
Not Before: Jun 18 05:40:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f3bb34868d6c15dce5fccd7efd213e0a67629b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a6:9f:40:40:2b:41:92:38:c8:07:7a:b9:e2:
b7:c3:d7:9c:da:a1:42:cf:af:cf:db:ab:27:28:24:
b8:9e:07:64:a2:d6:e6:ee:bb:b0:d2:36:4f:6e:7f:
34:5d:f6:e3:b0:d3:1b:f6:f8:2f:f7:a0:98:46:24:
1b:d8:61:ec:ea:b3:fd:5a:af:fd:0d:5e:f6:e2:4b:
b0:72:a8:18:52:bc:d1:ed:1b:ee:03:a1:e0:51:7f:
ef:c5:4f:d2:b1:91:98:5a:6d:fd:f8:ef:a3:5c:00:
86:3e:14:d1:d3:17:52:ea:7d:6c:6c:a1:eb:b4:3e:
71:9b:86:7f:f7:3a:b7:30:98:9d:31:8c:dd:4d:9b:
59:a9:1c:17:5f:1d:c6:c8:5f:1e:68:65:a3:ff:f0:
9c:53:84:26:1c:68:30:80:e8:d9:c2:6a:c2:de:f9:
2b:4d:93:98:80:13:8d:14:64:9d:9c:dc:a6:b1:17:
63:4e:ab:a6:82:47:cb:ef:ca:d4:0d:d1:15:77:99:
b2:01:b4:4e:fc:3d:29:98:6d:ec:fe:65:0a:a6:fa:
12:02:e9:cd:22:19:4c:58:89:24:35:73:c2:a1:a5:
a4:09:d9:33:d1:ba:c7:41:8b:42:3e:b2:2c:4d:4e:
45:95:26:eb:63:e6:08:c8:fd:c6:95:e5:64:d0:87:
81:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:3B:B3:48:68:D6:C1:5D:CE:5F:CC:D7:EF:D2:13:E0:A6:76:29:B3
X509v3 Authority Key Identifier:
keyid:EA:46:96:3C:C4:79:DA:DB:E3:C5:22:34:AB:9F:AB:AA:81:22:D2:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/TzuzSGjWwV3OX8zX79IT4KZ2KbM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.66.0.0-139.66.19.255
139.66.122.0-139.66.127.255
155.56.128.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:21:c0:db:e8:4a:ac:63:72:b7:55:45:1f:88:01:c4:cd:ad:
5b:f4:a4:4a:c4:1a:23:e8:bc:3c:33:1b:2c:6c:65:fd:06:ac:
7b:59:80:a4:75:2c:5b:79:08:ec:ab:a6:11:c2:bf:90:99:e0:
79:c9:92:88:56:63:bc:43:ce:fe:7c:ff:9d:7f:95:3d:9b:83:
06:3d:58:86:ab:b2:57:ad:e2:6b:cb:fe:85:c5:d3:f7:93:a8:
f5:af:bd:ca:c3:39:08:e6:1a:01:f4:98:0e:a1:f4:b4:20:28:
a1:06:89:5c:3b:e9:5b:82:be:6b:48:5d:32:fb:79:e6:26:ca:
df:75:c7:7a:67:9a:ab:75:8b:ff:9c:7d:4e:d0:bd:3a:84:d9:
08:6a:08:d4:3a:57:02:21:1b:d8:7c:4c:98:a9:75:e3:c6:d1:
01:29:50:0e:3d:57:4c:c8:a6:61:71:0b:90:01:36:2f:03:ba:
49:00:c1:b9:93:06:b4:7e:73:de:ae:c6:b4:ce:59:8b:ac:d3:
a3:12:35:47:88:d6:f8:ff:d3:c4:52:6a:f8:1f:cc:03:bc:5e:
cf:34:8a:91:f8:1c:43:9b:07:64:9f:b0:5a:ef:5f:b0:71:74:
01:82:3d:24:02:e2:59:f2:8e:c2:de:e1:e4:2c:d5:e3:d1:28:
99:d3:c4:a6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZeBjaYNc1mPUyieU0gxhJvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNDY5NjNjYzQ3OWRhZGJlM2M1MjIzNGFiOWZhYmFhODEy
MmQyNWIwHhcNMjUwNjE4MDU0MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjNiYjM0ODY4ZDZjMTVkY2U1ZmNjZDdlZmQyMTNlMGE2NzYyOWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6afQEArQZI4yAd6ueK3w9ec2qFC
z6/P26snKCS4ngdkotbm7ruw0jZPbn80XfbjsNMb9vgv96CYRiQb2GHs6rP9Wq/9
DV724kuwcqgYUrzR7RvuA6HgUX/vxU/SsZGYWm39+O+jXACGPhTR0xdS6n1sbKHr
tD5xm4Z/9zq3MJidMYzdTZtZqRwXXx3GyF8eaGWj//CcU4QmHGgwgOjZwmrC3vkr
TZOYgBONFGSdnNymsRdjTqumgkfL78rUDdEVd5myAbRO/D0pmG3s/mUKpvoSAunN
IhlMWIkkNXPCoaWkCdkz0brHQYtCPrIsTU5FlSbrY+YIyP3GleVk0IeB+wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFE87s0ho1sFdzl/M1+/SE+CmdimzMB8GA1UdIwQY
MBaAFOpGljzEedrb48UiNKufq6qBItJbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmthV1BNUjUydHZqeFNJMHE1LXJxb0VpMGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9lODYyZGUtYzQ2Yy00ZjIxLWIzOGUt
ZWI1YmM3ZDk3YWEwLzEvVHp1elNHald3VjNPWDh6WDc5SVQ0S1oyS2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9lODYyZGUtYzQ2Yy00ZjIxLWIzOGUtZWI1YmM3ZDk3YWEw
LzEvNmthV1BNUjUydHZqeFNJMHE1LXJxb0VpMGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAnBAIAATAhMAsDAwGLQgME
AotCEDAMAwQBi0J6AwQHi0IAAwQBmziAMA0GCSqGSIb3DQEBCwUAA4IBAQChIcDb
6EqsY3K3VUUfiAHEza1b9KRKxBoj6Lw8MxssbGX9Bqx7WYCkdSxbeQjsq6YRwr+Q
meB5yZKIVmO8Q87+fP+df5U9m4MGPViGq7JXreJry/6FxdP3k6j1r73KwzkI5hoB
9JgOofS0ICihBolcO+lbgr5rSF0y+3nmJsrfdcd6Z5qrdYv/nH1O0L06hNkIagjU
OlcCIRvYfEyYqXXjxtEBKVAOPVdMyKZhcQuQATYvA7pJAMG5kwa0fnPersa0zlmL
rNOjEjVHiNb4/9PEUmr4H8wDvF7PNIqR+BxDmwdkn7Ba71+wcXQBgj0kAuJZ8o7C
3uHkLNXj0SiZ08Sm
-----END CERTIFICATE-----
Generated at Mon Jun 30 16:53:00 2025 by rpki-client