Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/TcREFaat3BLntw04ypyL63blPnc.roa
File: TcREFaat3BLntw04ypyL63blPnc.roa (raw, json)
Hash identifier: ujFrwypXV/leJfWI8GP1wwYG1eD9LOp8Gpc7lvuU/io=
Subject key identifier: 4D:C4:44:15:A6:AD:DC:12:E7:B7:0D:38:CA:9C:8B:EB:76:E5:3E:77
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 0197A5870C20940181D96E57B09EDA36AD75
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/TcREFaat3BLntw04ypyL63blPnc.roa
Signing time: Wed 25 Jun 2025 05:19:40 +0000
ROA not before: Wed 25 Jun 2025 05:19:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42615
IP address blocks: 185.186.8.0/24 maxlen: 24
185.186.11.0/24 maxlen: 24
2a0b:6b81:3::/48 maxlen: 48
2a0b:6b81:4::/48 maxlen: 48
2a0b:6b81:401::/48 maxlen: 48
2a0b:6b81:403::/48 maxlen: 48
2a0b:6b87::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.mft
rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 23:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a5:87:0c:20:94:01:81:d9:6e:57:b0:9e:da:36:ad:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jun 25 05:19:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4dc44415a6addc12e7b70d38ca9c8beb76e53e77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:fd:3b:8b:dd:93:5f:a5:84:4a:b4:ac:17:6e:
75:43:2d:3b:b7:06:3f:9c:8a:d9:fb:89:49:d7:1b:
a0:e3:c7:1b:ca:70:e0:4c:32:b8:41:54:2f:6d:40:
4a:75:f6:6e:40:c4:3f:ce:ab:61:c4:c9:36:ce:82:
b2:ef:eb:76:27:16:86:1a:7c:30:06:35:c7:e9:0c:
62:1c:97:3a:1b:89:4e:73:c9:ed:6a:6a:8e:1d:8d:
45:c3:4d:a2:cf:fb:b1:80:18:69:44:4f:e8:85:04:
95:95:05:d7:17:d3:92:e7:59:96:7d:f9:c4:98:5b:
76:3f:97:37:08:f1:9d:8d:39:fa:22:41:36:99:5f:
e3:21:b3:03:19:49:70:3e:97:29:22:ab:2a:96:9a:
4b:d3:51:41:ac:aa:d6:c2:db:98:cd:73:58:58:bb:
0c:0a:f8:b6:fb:52:a0:5b:4d:06:21:d7:2d:c8:e3:
27:e6:08:1f:31:bb:52:88:69:88:a4:72:74:d9:e4:
3f:a9:d2:3d:29:5b:9f:03:af:ef:c1:76:de:4f:80:
c7:d5:9e:ec:18:cb:cb:45:d1:e7:ef:24:94:b6:d6:
d2:5c:d9:22:d7:ee:14:8d:3b:b3:5b:64:73:d6:14:
69:58:71:42:9d:30:f8:a3:24:c5:91:d4:c7:64:5c:
e8:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C4:44:15:A6:AD:DC:12:E7:B7:0D:38:CA:9C:8B:EB:76:E5:3E:77
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/TcREFaat3BLntw04ypyL63blPnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.8.0/24
185.186.11.0/24
IPv6:
2a0b:6b81:3::-2a0b:6b81:4:ffff:ffff:ffff:ffff:ffff
2a0b:6b81:401::/48
2a0b:6b81:403::/48
2a0b:6b87::/32
Signature Algorithm: sha256WithRSAEncryption
2e:f1:08:16:39:91:34:a2:07:4c:27:f9:39:c3:ef:cb:6f:b4:
6a:d1:12:a0:cc:e6:1c:a6:b0:0f:d2:8f:77:5d:a2:90:aa:80:
5d:26:35:46:59:d2:ac:86:78:3f:31:aa:c6:c6:78:54:d1:96:
7f:58:34:60:51:e8:4d:b3:f8:97:69:2e:a8:72:e2:e1:c2:90:
5d:af:c2:c2:8c:12:b3:b6:29:6b:0f:b5:08:e5:d1:1b:1f:b1:
f3:5f:96:92:a4:38:64:5c:98:0f:8a:9c:56:e0:d3:1f:30:0e:
66:52:1f:4c:d8:fe:4c:0f:6c:0a:94:48:a1:0f:b0:74:9f:99:
3c:bf:59:f4:08:9f:56:6e:5a:05:1c:8c:17:8f:ec:59:f8:b9:
57:9f:44:be:15:3f:51:a9:a8:2a:6d:65:77:26:da:e9:fd:b4:
17:ec:49:f7:2f:87:e1:72:5b:de:a0:00:c1:73:4b:e5:6d:28:
12:32:a7:84:3c:e6:e2:89:82:14:69:be:4f:37:60:3b:1b:17:
38:5e:b8:19:89:ee:c8:3e:ff:c9:f9:18:29:75:96:af:b0:4c:
17:8b:a2:a3:8a:60:75:93:c8:64:6f:97:39:e1:03:c6:92:67:
0a:69:10:e5:27:34:e0:24:b7:d2:8d:63:1a:5c:cd:1d:38:ca:
47:51:9d:12
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZelhwwglAGB2W5XsJ7aNq11MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjUwNjI1MDUxOTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGM0NDQxNWE2YWRkYzEyZTdiNzBkMzhjYTljOGJlYjc2ZTUzZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2v07i92TX6WESrSsF251Qy07twY/
nIrZ+4lJ1xug48cbynDgTDK4QVQvbUBKdfZuQMQ/zqthxMk2zoKy7+t2JxaGGnww
BjXH6QxiHJc6G4lOc8ntamqOHY1Fw02iz/uxgBhpRE/ohQSVlQXXF9OS51mWffnE
mFt2P5c3CPGdjTn6IkE2mV/jIbMDGUlwPpcpIqsqlppL01FBrKrWwtuYzXNYWLsM
Cvi2+1KgW00GIdctyOMn5ggfMbtSiGmIpHJ02eQ/qdI9KVufA6/vwXbeT4DH1Z7s
GMvLRdHn7ySUttbSXNki1+4UjTuzW2Rz1hRpWHFCnTD4oyTFkdTHZFzoXwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFE3ERBWmrdwS57cNOMqci+t25T53MB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvVGNSRUZhYXQzQkxudHcwNHlweUw2M2JsUG5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTASBAIAATAMAwQAuboIAwQA
uboLMDMEAgACMC0wEgMHACoLa4EAAwMHACoLa4EABAMHACoLa4EEAQMHACoLa4EE
AwMFACoLa4cwDQYJKoZIhvcNAQELBQADggEBAC7xCBY5kTSiB0wn+TnD78tvtGrR
EqDM5hymsA/Sj3ddopCqgF0mNUZZ0qyGeD8xqsbGeFTRln9YNGBR6E2z+JdpLqhy
4uHCkF2vwsKMErO2KWsPtQjl0RsfsfNflpKkOGRcmA+KnFbg0x8wDmZSH0zY/kwP
bAqUSKEPsHSfmTy/WfQIn1ZuWgUcjBeP7Fn4uVefRL4VP1GpqCptZXcm2un9tBfs
Sfcvh+FyW96gAMFzS+VtKBIyp4Q85uKJghRpvk83YDsbFzheuBmJ7sg+/8n5GCl1
lq+wTBeLoqOKYHWTyGRvlznhA8aSZwppEOUnNOAkt9KNYxpczR04ykdRnRI=
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:55:07 2025 by rpki-client