Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/TrJv_8fKTcS_JBhUlD0AOoYAAQA.roa
File: TrJv_8fKTcS_JBhUlD0AOoYAAQA.roa (raw, json)
Hash identifier: f2kfoia7LPQzOEBZN5rSYHh6gWQLd4Eepwr2rpiJk9c=
Subject key identifier: 4E:B2:6F:FF:C7:CA:4D:C4:BF:24:18:54:94:3D:00:3A:86:00:01:00
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 019779CD76FB7B2C91328B6BBA33B12CA5A8
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/TrJv_8fKTcS_JBhUlD0AOoYAAQA.roa
Signing time: Mon 16 Jun 2025 17:33:17 +0000
ROA not before: Mon 16 Jun 2025 17:33:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 81.22.139.0/24 maxlen: 24
81.22.142.0/24 maxlen: 24
81.22.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:79:cd:76:fb:7b:2c:91:32:8b:6b:ba:33:b1:2c:a5:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jun 16 17:33:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4eb26fffc7ca4dc4bf241854943d003a86000100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:07:56:25:86:a5:62:04:29:31:d9:3b:2d:df:
79:ef:c2:ed:67:31:3a:a4:e0:a4:93:d6:bd:ed:14:
07:37:93:75:5d:f0:6a:e0:f7:e0:9b:86:07:d5:49:
cf:69:f9:5e:e2:e6:16:eb:c7:42:9a:53:3a:ae:3c:
31:48:04:8b:85:fa:74:69:79:83:fa:16:70:ec:31:
98:19:62:44:9f:0b:59:11:18:b3:83:b6:8c:b7:92:
48:6a:9a:a8:97:b9:e1:18:a4:b7:c2:6d:76:1c:87:
01:b5:4a:77:2b:ff:ed:58:7a:0d:42:01:8d:dc:26:
b4:60:e1:0b:66:f8:42:87:21:55:08:10:ec:c7:46:
95:20:12:b5:d4:6c:98:c9:e0:b6:78:d7:18:5f:69:
e4:ff:8c:1a:7e:6d:40:33:f9:02:c7:87:40:30:02:
b1:04:93:9d:b3:9e:9a:1b:2c:38:0b:98:65:ee:be:
09:3e:7a:17:9f:38:cf:1d:06:2c:a1:17:60:ce:2b:
cf:81:bc:3d:92:36:0e:ec:2d:fe:34:6b:84:5c:57:
91:06:1c:ad:89:75:be:c4:c9:9b:e0:83:ca:66:7f:
dc:27:7b:84:59:ac:b7:ff:e5:6e:04:c1:d4:20:98:
85:85:e6:86:da:b1:1a:d3:52:da:f2:67:32:af:85:
91:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B2:6F:FF:C7:CA:4D:C4:BF:24:18:54:94:3D:00:3A:86:00:01:00
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/TrJv_8fKTcS_JBhUlD0AOoYAAQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.139.0/24
81.22.142.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:7c:9f:af:e4:b9:05:12:a0:4a:9c:c9:1c:4a:8e:20:68:7b:
a4:89:ec:a3:f8:04:d9:cf:ae:83:15:81:68:3a:31:f2:4e:95:
02:3f:cc:83:52:8f:5d:7d:77:fa:74:93:8a:6e:26:c8:06:07:
95:2e:2e:f8:e6:84:46:d7:4e:53:52:8e:76:9f:73:74:1c:dd:
22:41:c2:9f:8a:d8:71:3e:5e:1c:3e:9d:12:78:f3:f1:87:c6:
98:b4:b9:c9:48:5f:2e:6f:9e:8f:6a:c8:cb:65:eb:f2:cd:f0:
0a:9a:72:3e:d9:77:48:0f:fd:f2:b4:5b:58:2a:ed:c9:00:50:
17:b6:0d:22:ac:31:01:58:4e:6a:d3:19:b4:46:fe:1f:e1:81:
fb:3b:0f:89:22:3d:35:40:cc:9f:0d:d6:d0:1f:0f:8a:18:20:
b3:aa:2b:60:98:3c:5d:fe:d7:a5:e3:12:d2:8d:fd:7a:bb:e3:
f6:b3:f5:bc:47:0c:07:4d:12:a3:92:2c:30:97:cd:be:98:71:
11:bb:a2:54:11:03:8f:b8:6c:39:f7:b6:b3:36:da:24:6e:6d:
4e:3e:e0:09:df:d3:e6:74:0d:65:53:b9:75:b7:52:50:ce:df:
17:14:c6:97:65:db:ed:06:06:a9:27:9d:0a:30:4c:ed:e5:b8:
e3:8d:95:bf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZd5zXb7eyyRMotrujOxLKWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjUwNjE2MTczMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWIyNmZmZmM3Y2E0ZGM0YmYyNDE4NTQ5NDNkMDAzYTg2MDAwMTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/AdWJYalYgQpMdk7Ld9578LtZzE6
pOCkk9a97RQHN5N1XfBq4Pfgm4YH1UnPafle4uYW68dCmlM6rjwxSASLhfp0aXmD
+hZw7DGYGWJEnwtZERizg7aMt5JIapqol7nhGKS3wm12HIcBtUp3K//tWHoNQgGN
3Ca0YOELZvhChyFVCBDsx0aVIBK11GyYyeC2eNcYX2nk/4wafm1AM/kCx4dAMAKx
BJOds56aGyw4C5hl7r4JPnoXnzjPHQYsoRdgzivPgbw9kjYO7C3+NGuEXFeRBhyt
iXW+xMmb4IPKZn/cJ3uEWay3/+VuBMHUIJiFheaG2rEa01La8mcyr4WRTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE6yb//Hyk3EvyQYVJQ9ADqGAAEAMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvVHJKdl84ZktUY1NfSkJoVWxEMEFPb1lBQVFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAURaLAwQB
URaOMA0GCSqGSIb3DQEBCwUAA4IBAQCgfJ+v5LkFEqBKnMkcSo4gaHukieyj+ATZ
z66DFYFoOjHyTpUCP8yDUo9dfXf6dJOKbibIBgeVLi745oRG105TUo52n3N0HN0i
QcKfithxPl4cPp0SePPxh8aYtLnJSF8ub56PasjLZevyzfAKmnI+2XdID/3ytFtY
Ku3JAFAXtg0irDEBWE5q0xm0Rv4f4YH7Ow+JIj01QMyfDdbQHw+KGCCzqitgmDxd
/tel4xLSjf16u+P2s/W8RwwHTRKjkiwwl82+mHERu6JUEQOPuGw597azNtokbm1O
PuAJ39PmdA1lU7l1t1JQzt8XFMaXZdvtBgapJ50KMEzt5bjjjZW/
-----END CERTIFICATE-----
Generated at Sun Jun 29 14:34:17 2025 by rpki-client