Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TBgKLsPuccrL0nFu1i3H8apkSQU.roa
File: TBgKLsPuccrL0nFu1i3H8apkSQU.roa (raw, json)
Hash identifier: jpun4HLOb/3qSP2yhWFC5Qlpaw8Dy6XfN5EBvyTfXYQ=
Subject key identifier: 4C:18:0A:2E:C3:EE:71:CA:CB:D2:71:6E:D6:2D:C7:F1:AA:64:49:05
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019778E1433AB878F32A6FFC2564FE49D1E0
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TBgKLsPuccrL0nFu1i3H8apkSQU.roa
Signing time: Mon 16 Jun 2025 13:15:18 +0000
ROA not before: Mon 16 Jun 2025 13:15:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 217.60.239.0/24 maxlen: 24
217.60.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 22:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:78:e1:43:3a:b8:78:f3:2a:6f:fc:25:64:fe:49:d1:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Jun 16 13:15:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c180a2ec3ee71cacbd2716ed62dc7f1aa644905
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:df:dc:d8:a3:f5:86:27:c9:92:e3:6e:78:b2:
1e:0d:ef:ef:3a:42:dd:32:23:86:99:71:d8:f9:7e:
93:1c:54:9e:f3:cd:a1:9d:ba:20:a6:9c:3f:db:79:
89:8b:70:f5:8c:76:60:de:9d:3d:87:31:1a:04:0b:
b2:d5:7a:d3:2a:86:49:0b:a1:34:75:69:bf:fd:22:
49:dd:b8:06:48:16:89:00:5c:66:91:9d:2e:94:b7:
15:bb:af:f7:bb:29:75:c1:69:e6:fd:f9:f1:3e:e8:
4d:6a:b9:94:c6:48:15:0d:6b:86:b6:13:a3:68:00:
32:e7:42:e5:29:27:a6:46:bc:b8:f4:5e:a3:2f:5e:
97:c0:15:0a:a6:12:1f:f6:a0:72:ab:a7:5c:c5:30:
33:6d:c7:72:fa:ee:9d:c1:9c:4f:2d:5a:62:d6:eb:
b6:e9:4a:77:43:19:0f:1f:62:5a:57:19:91:2a:e7:
d5:2d:48:56:11:19:2f:ba:f2:7f:5c:b8:42:4e:04:
37:55:ee:e8:ad:e0:ea:9c:f8:8b:11:12:41:82:08:
ed:0d:67:43:a5:2a:19:8c:7d:e2:92:5e:3b:12:55:
a5:04:a5:4d:df:9d:9a:32:6b:8c:23:4d:ed:c1:48:
46:b9:15:a3:94:35:a1:39:26:47:aa:0b:59:45:43:
58:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:18:0A:2E:C3:EE:71:CA:CB:D2:71:6E:D6:2D:C7:F1:AA:64:49:05
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TBgKLsPuccrL0nFu1i3H8apkSQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.239.0/24
217.60.247.0/24
Signature Algorithm: sha256WithRSAEncryption
21:3f:ab:53:d1:55:b4:aa:4a:82:6d:1f:60:2f:d8:84:88:b2:
82:8d:01:fb:f6:c1:8b:2e:7e:b7:64:f3:21:81:cf:04:3a:c4:
ce:43:48:c1:e2:80:54:60:e0:7d:2e:3b:ef:d8:85:2b:bd:44:
61:29:33:b5:82:e9:c3:5b:57:60:33:92:62:69:3a:25:30:c9:
37:f8:0d:53:05:b3:d9:90:7d:84:83:c5:26:b9:12:e6:dc:8b:
18:c6:86:c5:fa:bd:75:da:97:0a:38:db:27:e1:ec:91:4b:f7:
cd:1d:15:c0:9b:0a:86:0a:0c:47:19:38:6f:c2:57:25:ed:75:
4e:25:8c:ed:7d:00:b5:66:95:bb:b3:29:81:99:d0:d1:7c:db:
bb:07:5e:78:6d:96:3e:b7:08:b2:42:37:b1:80:25:c3:88:64:
42:f9:e8:76:cf:7c:0d:22:fc:1f:da:6b:82:b6:8b:d0:0a:67:
1c:2c:3a:e9:ba:3e:9e:ac:04:2e:76:9c:b0:c5:d2:46:6f:2a:
b7:bf:56:2a:e8:49:eb:59:e4:bb:9b:31:7c:5f:a0:3b:97:6d:
3b:28:4c:23:fa:87:59:78:3f:e7:6a:01:06:ee:8a:39:7f:e6:
2f:2f:c8:da:a7:90:a2:b2:9c:7b:d9:18:da:78:45:a2:d3:ee:
f0:2f:03:a6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZd44UM6uHjzKm/8JWT+SdHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwNjE2MTMxNTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzE4MGEyZWMzZWU3MWNhY2JkMjcxNmVkNjJkYzdmMWFhNjQ0OTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyt/c2KP1hifJkuNueLIeDe/vOkLd
MiOGmXHY+X6THFSe882hnbogppw/23mJi3D1jHZg3p09hzEaBAuy1XrTKoZJC6E0
dWm//SJJ3bgGSBaJAFxmkZ0ulLcVu6/3uyl1wWnm/fnxPuhNarmUxkgVDWuGthOj
aAAy50LlKSemRry49F6jL16XwBUKphIf9qByq6dcxTAzbcdy+u6dwZxPLVpi1uu2
6Up3QxkPH2JaVxmRKufVLUhWERkvuvJ/XLhCTgQ3Ve7oreDqnPiLERJBggjtDWdD
pSoZjH3ikl47ElWlBKVN352aMmuMI03twUhGuRWjlDWhOSZHqgtZRUNYQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEwYCi7D7nHKy9JxbtYtx/GqZEkFMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVEJnS0xzUHVjY3JMMG5GdTFpM0g4YXBrU1FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2TzvAwQA
2Tz3MA0GCSqGSIb3DQEBCwUAA4IBAQAhP6tT0VW0qkqCbR9gL9iEiLKCjQH79sGL
Ln63ZPMhgc8EOsTOQ0jB4oBUYOB9Ljvv2IUrvURhKTO1gunDW1dgM5JiaTolMMk3
+A1TBbPZkH2Eg8UmuRLm3IsYxobF+r112pcKONsn4eyRS/fNHRXAmwqGCgxHGThv
wlcl7XVOJYztfQC1ZpW7symBmdDRfNu7B154bZY+twiyQjexgCXDiGRC+eh2z3wN
Ivwf2muCtovQCmccLDrpuj6erAQudpywxdJGbyq3v1Yq6EnrWeS7mzF8X6A7l207
KEwj+odZeD/nagEG7oo5f+YvL8jap5Cispx72RjaeEWi0+7wLwOm
-----END CERTIFICATE-----
Generated at Thu Jul 3 07:15:01 2025 by rpki-client