Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/tjyIf3oxCMR8zuV3qyPRgoZFUCA.roa
File: tjyIf3oxCMR8zuV3qyPRgoZFUCA.roa (raw, json)
Hash identifier: OCg1Zwo9+MN1J/jSL9tu7iFmbPA/CvM7f/+7TVzMxhg=
Subject key identifier: B6:3C:88:7F:7A:31:08:C4:7C:CE:E5:77:AB:23:D1:82:86:45:50:20
Certificate issuer: /CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Certificate serial: 0199EF09776313AF5DF67D3751626EF42BE0
Authority key identifier: E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/tjyIf3oxCMR8zuV3qyPRgoZFUCA.roa
Signing time: Thu 16 Oct 2025 21:59:58 +0000
ROA not before: Thu 16 Oct 2025 21:59:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216129
IP address blocks: 81.30.105.0/24 maxlen: 24
95.215.56.0/24 maxlen: 24
107.161.154.0/24 maxlen: 24
121.127.37.0/24 maxlen: 24
148.253.208.0/24 maxlen: 24
148.253.209.0/24 maxlen: 24
148.253.210.0/24 maxlen: 24
148.253.211.0/24 maxlen: 24
148.253.212.0/24 maxlen: 24
148.253.213.0/24 maxlen: 24
148.253.214.0/24 maxlen: 24
185.28.84.0/24 maxlen: 24
185.28.85.0/24 maxlen: 24
185.56.162.0/24 maxlen: 24
194.164.245.0/24 maxlen: 24
199.83.103.0/24 maxlen: 24
202.181.148.0/24 maxlen: 24
202.181.188.0/24 maxlen: 24
203.31.40.0/24 maxlen: 24
2a13:d200::/32 maxlen: 32
2a13:d200:6::/48 maxlen: 48
2a13:d200:7::/48 maxlen: 48
2a13:d200:8::/48 maxlen: 48
2a13:d200:9::/48 maxlen: 48
2a13:d200:10::/48 maxlen: 48
2a13:d200:11::/48 maxlen: 48
2a13:d200:14::/48 maxlen: 48
2a13:d201::/48 maxlen: 48
2a13:d201:1::/48 maxlen: 48
2a13:d201:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ef:09:77:63:13:af:5d:f6:7d:37:51:62:6e:f4:2b:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e916dc9db4e49de71b2fd0819dae853aeb053b06
Validity
Not Before: Oct 16 21:59:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b63c887f7a3108c47ccee577ab23d18286455020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:1f:ff:4b:42:fb:0b:73:d6:9e:cd:d9:b2:d3:
c1:c2:e7:96:6b:ba:d3:a7:62:bc:2e:6e:ee:86:b3:
5b:a2:c5:f2:71:7a:b9:9e:6c:43:40:f2:03:bd:13:
0f:e0:1e:45:6e:bd:6f:1e:ba:4a:33:48:05:ba:51:
4c:aa:fb:53:fc:e9:c2:b8:7e:03:0f:f1:8c:cf:39:
65:7c:0c:95:dd:06:72:54:06:d3:56:e7:6f:1d:8f:
56:85:85:d3:84:5a:25:03:4a:17:28:44:d2:ad:3a:
55:a2:81:d6:2d:3d:1b:86:e0:53:a8:24:d4:24:5d:
50:0b:9c:5d:7b:11:ef:ce:97:bd:18:3c:99:28:0c:
3d:78:fe:52:ab:70:ab:15:da:3a:d6:df:7a:1c:08:
23:61:b2:65:2f:99:b2:ee:f1:f5:88:d0:3c:34:55:
af:b9:77:db:18:fe:77:18:3a:de:06:d2:bf:3e:3c:
eb:3f:61:19:29:f0:da:54:d1:26:02:dc:39:4a:fe:
fa:f3:a6:0e:87:fd:ae:a7:84:9c:77:36:12:b4:8f:
f8:1d:61:ad:3f:f9:16:0f:9b:94:1f:4a:5f:98:64:
90:5e:be:1e:89:d0:1b:33:3a:74:f5:22:c5:54:ee:
b6:31:65:4c:3d:c5:68:a7:1b:b8:3b:b7:1a:f7:fa:
ec:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:3C:88:7F:7A:31:08:C4:7C:CE:E5:77:AB:23:D1:82:86:45:50:20
X509v3 Authority Key Identifier:
keyid:E9:16:DC:9D:B4:E4:9D:E7:1B:2F:D0:81:9D:AE:85:3A:EB:05:3B:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6RbcnbTknecbL9CBna6FOusFOwY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/tjyIf3oxCMR8zuV3qyPRgoZFUCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/1af4a5-0d6c-4776-be5c-be852f644201/1/6RbcnbTknecbL9CBna6FOusFOwY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.30.105.0/24
95.215.56.0/24
107.161.154.0/24
121.127.37.0/24
148.253.208.0-148.253.214.255
185.28.84.0/23
185.56.162.0/24
194.164.245.0/24
199.83.103.0/24
202.181.148.0/24
202.181.188.0/24
203.31.40.0/24
IPv6:
2a13:d200::-2a13:d201:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
16:7c:a9:1a:4d:f2:d7:c4:19:d0:67:ed:c2:6f:70:78:4e:bf:
16:4a:df:c2:a3:d8:f9:1a:d4:76:01:9c:b4:e2:9a:a4:d3:63:
4e:ff:0b:d5:d8:65:c8:14:cd:2d:64:d1:be:03:8d:64:5e:7e:
fd:11:40:17:47:77:dc:24:ab:e7:4b:19:9e:b7:d2:4b:19:9e:
29:ef:d3:39:17:4d:d7:75:dd:d2:66:d6:0b:a2:b8:15:4f:05:
c2:94:19:d8:e5:75:89:cc:11:e5:6d:e9:94:ef:ad:37:c9:dc:
16:6c:c5:5c:4d:91:47:89:c4:99:bc:2c:23:e7:98:2e:4d:f6:
7e:36:84:75:c0:48:08:4a:6b:2a:05:da:75:b5:8c:73:1a:9c:
e5:f7:f1:f5:90:3e:61:4e:26:4d:86:82:08:bf:42:28:86:8d:
15:1d:5b:ef:42:c1:e9:71:8b:58:44:6e:08:c8:05:21:d8:c8:
d1:84:d4:ce:50:b2:41:32:50:0f:6e:94:c8:c2:2d:3f:9b:3f:
d8:99:19:f8:f5:d4:c2:db:ba:b1:e5:a0:f3:71:66:cd:59:fa:
33:6c:40:8e:92:43:32:1c:a9:a8:11:bb:de:ef:ef:d3:b9:53:
f8:00:c0:06:54:b8:83:50:9f:6a:5c:92:d3:9f:73:42:e1:43:
46:10:3a:28
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZnvCXdjE69d9n03UWJu9CvgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MTZkYzlkYjRlNDlkZTcxYjJmZDA4MTlkYWU4NTNhZWIw
NTNiMDYwHhcNMjUxMDE2MjE1OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjNjODg3ZjdhMzEwOGM0N2NjZWU1NzdhYjIzZDE4Mjg2NDU1MDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlB//S0L7C3PWns3ZstPBwueWa7rT
p2K8Lm7uhrNbosXycXq5nmxDQPIDvRMP4B5Fbr1vHrpKM0gFulFMqvtT/OnCuH4D
D/GMzzllfAyV3QZyVAbTVudvHY9WhYXThFolA0oXKETSrTpVooHWLT0bhuBTqCTU
JF1QC5xdexHvzpe9GDyZKAw9eP5Sq3CrFdo61t96HAgjYbJlL5my7vH1iNA8NFWv
uXfbGP53GDreBtK/PjzrP2EZKfDaVNEmAtw5Sv7686YOh/2up4ScdzYStI/4HWGt
P/kWD5uUH0pfmGSQXr4eidAbMzp09SLFVO62MWVMPcVopxu4O7ca9/rsuwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFLY8iH96MQjEfM7ld6sj0YKGRVAgMB8GA1UdIwQY
MBaAFOkW3J205J3nGy/QgZ2uhTrrBTsGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMt
YmU4NTJmNjQ0MjAxLzEvdGp5SWYzb3hDTVI4enVWM3F5UFJnb1pGVUNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8xYWY0YTUtMGQ2Yy00Nzc2LWJlNWMtYmU4NTJmNjQ0MjAx
LzEvNlJiY25iVGtuZWNiTDlDQm5hNkZPdXNGT3dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwVgQCAAEwUAMEAFEeaQME
AF/XOAMEAGuhmgMEAHl/JTAMAwQElP3QAwQAlP3WAwQBuRxUAwQAuTiiAwQAwqT1
AwQAx1NnAwQAyrWUAwQAyrW8AwQAyx8oMBcEAgACMBEwDwMEASoT0gMHACoT0gEA
AjANBgkqhkiG9w0BAQsFAAOCAQEAFnypGk3y18QZ0Gftwm9weE6/FkrfwqPY+RrU
dgGctOKapNNjTv8L1dhlyBTNLWTRvgONZF5+/RFAF0d33CSr50sZnrfSSxmeKe/T
ORdN13Xd0mbWC6K4FU8FwpQZ2OV1icwR5W3plO+tN8ncFmzFXE2RR4nEmbwsI+eY
Lk32fjaEdcBICEprKgXadbWMcxqc5ffx9ZA+YU4mTYaCCL9CKIaNFR1b70LB6XGL
WERuCMgFIdjI0YTUzlCyQTJQD26UyMItP5s/2JkZ+PXUwtu6seWg83FmzVn6M2xA
jpJDMhypqBG73u/v07lT+ADABlS4g1CfalyS059zQuFDRhA6KA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:41:43 2025 by rpki-client