Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/TaORwBpungGF6bF6Ss6nHIcVn0c.roa
File: TaORwBpungGF6bF6Ss6nHIcVn0c.roa (raw, json)
Hash identifier: HR0rN9fTY8a0h1+jF8xadCIktrkFcRsWAumEhYbUB2E=
Subject key identifier: 4D:A3:91:C0:1A:6E:9E:01:85:E9:B1:7A:4A:CE:A7:1C:87:15:9F:47
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0197AB40E13982F109052AB6DB232C003F8E
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/TaORwBpungGF6bF6Ss6nHIcVn0c.roa
Signing time: Thu 26 Jun 2025 08:00:45 +0000
ROA not before: Thu 26 Jun 2025 08:00:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8881
IP address blocks: 89.42.85.0/24 maxlen: 24
93.113.178.0/24 maxlen: 24
93.114.90.0/24 maxlen: 24
93.114.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 14:23:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ab:40:e1:39:82:f1:09:05:2a:b6:db:23:2c:00:3f:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jun 26 08:00:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4da391c01a6e9e0185e9b17a4acea71c87159f47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:6b:71:ae:0a:c9:c1:29:17:af:f5:5d:5d:de:
8a:ef:a8:50:a5:d2:4d:49:b1:9d:5a:c2:7d:d5:ca:
a7:cd:cf:62:28:33:14:05:34:e6:e0:ec:9c:cb:7a:
a9:94:46:51:7f:62:3e:ad:46:c7:f0:c3:15:7e:54:
8a:4f:0d:7b:20:f5:aa:7f:8e:4f:de:09:a6:2f:2b:
a1:18:aa:16:dd:4b:fd:63:fd:30:b5:ce:63:91:bf:
90:80:3a:31:d8:ec:6a:92:2c:9c:21:45:0d:b1:e7:
d2:9c:7c:8a:a3:d0:f8:16:d1:09:03:42:c8:09:56:
a7:77:21:d2:a9:01:01:ee:1b:af:35:33:d0:83:ff:
18:1c:0f:de:05:c3:f6:80:2e:75:88:ff:78:d2:e1:
98:d9:6e:03:9f:9b:02:f8:81:c8:31:6e:83:7b:cb:
97:31:39:06:6a:a7:1c:8a:31:d6:9d:43:34:e8:04:
dd:6c:66:52:03:6a:ab:69:da:da:2e:88:7a:83:f7:
5d:30:e6:38:4c:3e:59:95:be:7e:18:a8:b4:6b:6b:
85:1c:1f:58:5a:bf:f3:12:d7:35:2a:b4:05:9b:5e:
0e:2e:62:63:f5:35:80:0e:55:b0:ee:ea:b9:68:bb:
84:ee:fd:4e:da:7d:12:e6:47:38:5c:87:b1:f9:8c:
0a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A3:91:C0:1A:6E:9E:01:85:E9:B1:7A:4A:CE:A7:1C:87:15:9F:47
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/TaORwBpungGF6bF6Ss6nHIcVn0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.85.0/24
93.113.178.0/24
93.114.90.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:c4:ea:9b:c3:81:b3:fa:09:7b:0b:f2:67:e9:15:0a:27:11:
9b:03:0e:4e:eb:db:4a:6b:c9:cd:64:f3:02:b3:a8:c7:61:6a:
66:a8:cc:87:6f:61:ad:33:19:ee:3e:4c:5f:b1:d0:ee:d3:2e:
fe:e6:21:0f:39:f0:f0:b9:40:07:3c:d7:e9:2d:2e:72:01:10:
00:50:e2:07:8e:19:f5:88:05:c8:26:75:e3:6b:f1:02:55:86:
f0:72:e0:cf:f0:4e:8f:78:bc:bf:82:23:50:41:85:b9:95:04:
95:08:b1:55:d3:eb:79:4c:a8:24:1e:b9:a1:c0:e1:58:84:6b:
3c:91:43:42:ca:99:e9:77:05:e3:5c:96:21:2b:87:fa:ff:e6:
32:08:69:fd:65:9b:4b:08:9a:f3:17:79:77:15:e1:0a:f5:da:
7d:4e:94:25:cb:2f:64:9b:ae:83:38:5d:c6:65:ec:7a:56:86:
29:ff:8f:8c:47:10:7a:43:e4:c8:ac:6a:f6:51:49:ca:cc:51:
98:ca:76:72:41:05:39:c0:56:a4:27:cc:1b:9b:8a:f9:35:b5:
07:d9:d6:1a:89:6a:95:77:aa:1b:1e:81:4b:9d:72:cb:88:bf:
27:3c:22:c7:6f:a0:5d:d5:fc:7a:d3:49:a9:cf:2b:ea:55:be:
0f:4a:6a:03
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZerQOE5gvEJBSq22yMsAD+OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwNjI2MDgwMDQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGEzOTFjMDFhNmU5ZTAxODVlOWIxN2E0YWNlYTcxYzg3MTU5ZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymtxrgrJwSkXr/VdXd6K76hQpdJN
SbGdWsJ91cqnzc9iKDMUBTTm4Oycy3qplEZRf2I+rUbH8MMVflSKTw17IPWqf45P
3gmmLyuhGKoW3Uv9Y/0wtc5jkb+QgDox2OxqkiycIUUNsefSnHyKo9D4FtEJA0LI
CVandyHSqQEB7huvNTPQg/8YHA/eBcP2gC51iP940uGY2W4Dn5sC+IHIMW6De8uX
MTkGaqccijHWnUM06ATdbGZSA2qradraLoh6g/ddMOY4TD5Zlb5+GKi0a2uFHB9Y
Wr/zEtc1KrQFm14OLmJj9TWADlWw7uq5aLuE7v1O2n0S5kc4XIex+YwKbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE2jkcAabp4BhemxekrOpxyHFZ9HMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvVGFPUndCcHVuZ0dGNmJGNlNzNm5ISWNWbjBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSpVAwQA
XXGyAwQBXXJaMA0GCSqGSIb3DQEBCwUAA4IBAQAdxOqbw4Gz+gl7C/Jn6RUKJxGb
Aw5O69tKa8nNZPMCs6jHYWpmqMyHb2GtMxnuPkxfsdDu0y7+5iEPOfDwuUAHPNfp
LS5yARAAUOIHjhn1iAXIJnXja/ECVYbwcuDP8E6PeLy/giNQQYW5lQSVCLFV0+t5
TKgkHrmhwOFYhGs8kUNCypnpdwXjXJYhK4f6/+YyCGn9ZZtLCJrzF3l3FeEK9dp9
TpQlyy9km66DOF3GZex6VoYp/4+MRxB6Q+TIrGr2UUnKzFGYynZyQQU5wFakJ8wb
m4r5NbUH2dYaiWqVd6obHoFLnXLLiL8nPCLHb6Bd1fx600mpzyvqVb4PSmoD
-----END CERTIFICATE-----
Generated at Mon Jun 30 18:19:27 2025 by rpki-client