Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TMAu0T8KrQINw8mnGsURKuuLsyo.roa
File: TMAu0T8KrQINw8mnGsURKuuLsyo.roa (raw, json)
Hash identifier: pH3NY4d0Rh52qWyklvTkBJ8S1F5K+iduinm7Gj+s4q8=
Subject key identifier: 4C:C0:2E:D1:3F:0A:AD:02:0D:C3:C9:A7:1A:C5:11:2A:EB:8B:B3:2A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01997070CFC4A39030FCFB7648EAACDB541F
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TMAu0T8KrQINw8mnGsURKuuLsyo.roa
Signing time: Mon 22 Sep 2025 08:01:05 +0000
ROA not before: Mon 22 Sep 2025 08:01:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 45.90.17.0/24 maxlen: 24
185.222.30.0/24 maxlen: 24
185.230.65.0/24 maxlen: 24
185.230.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 05:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:70:70:cf:c4:a3:90:30:fc:fb:76:48:ea:ac:db:54:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 22 08:01:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4cc02ed13f0aad020dc3c9a71ac5112aeb8bb32a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ea:9f:fa:d6:eb:37:94:9d:0a:20:3b:94:90:
f4:e8:bc:ef:32:e0:8f:15:53:a8:3c:05:7b:f8:71:
8f:bd:21:b7:47:e4:c4:4e:89:c9:f6:bc:51:98:b1:
f3:3c:d6:dc:dc:97:e5:87:97:d8:8e:90:b1:81:fe:
e9:3f:64:b3:ce:31:ef:ce:1e:c1:cc:e2:c0:d7:54:
45:b2:e4:db:21:bb:d2:a3:b1:8c:f1:54:f7:87:1d:
86:db:0b:c2:7c:c7:3e:a4:69:d2:1c:eb:02:fc:5e:
2d:b7:e2:64:60:08:d2:ca:f3:c0:77:2b:d8:ab:70:
57:c1:83:36:81:b8:c8:a9:d8:c8:fc:cb:81:5b:89:
5d:16:73:1e:14:52:a2:89:fc:99:2e:94:7d:b5:e0:
a9:c9:6c:9a:b3:48:7b:6f:bc:b3:b1:dc:5d:07:b8:
04:88:7c:48:3a:ec:52:68:16:00:05:75:72:7f:d6:
5f:46:3f:3f:15:ff:3d:75:c9:18:49:3d:be:2c:bd:
7f:2c:f1:ea:84:c8:91:5e:4c:bf:c9:e5:3c:0f:d5:
41:51:41:31:d9:d6:45:b7:bd:e1:61:87:78:58:f2:
b8:35:bf:44:0c:11:77:ba:da:4d:e4:15:ca:fa:90:
5a:5d:66:d7:92:ea:50:1d:d3:3a:97:84:79:41:85:
5f:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C0:2E:D1:3F:0A:AD:02:0D:C3:C9:A7:1A:C5:11:2A:EB:8B:B3:2A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/TMAu0T8KrQINw8mnGsURKuuLsyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.17.0/24
185.222.30.0/24
185.230.65.0-185.230.66.255
Signature Algorithm: sha256WithRSAEncryption
9d:d0:e0:1d:30:94:fe:07:67:bb:3c:5d:ab:0e:ce:b7:2a:ff:
51:00:35:d7:99:3a:f5:06:87:d6:3d:9f:fb:f1:7a:50:5f:59:
bf:f4:cd:0c:c1:13:17:04:aa:d2:aa:21:5f:49:ca:e8:3d:3e:
d2:91:61:55:6f:74:de:67:f1:77:ca:56:2c:64:cb:35:b2:1a:
d9:75:29:69:1c:ab:86:5c:cb:da:13:39:37:3e:c4:2e:b8:46:
0a:4a:f9:8e:51:2e:a1:ea:90:ad:37:93:74:5b:ac:fb:ac:5a:
24:f4:7f:60:49:8f:35:74:8f:23:67:df:b1:3a:51:ac:59:32:
55:ae:c9:74:fc:b6:3d:6c:79:9a:ab:40:7b:cc:53:0b:3e:61:
ff:e9:7e:de:a5:16:73:e2:ff:0f:c8:d2:5c:0f:02:ab:74:4c:
5a:9a:29:46:f6:39:46:1c:4e:28:11:6a:87:bb:b1:a8:05:fd:
b4:9e:46:a3:3a:22:44:7a:36:e2:ea:22:fb:96:03:9b:f8:b6:
a2:c5:0a:16:ad:13:13:f2:18:b9:9d:c4:90:64:54:0f:f3:16:
1f:2b:21:24:03:e3:a1:bb:40:ef:44:1c:cf:2d:64:ea:5a:3f:
b9:04:38:a5:ba:b0:ce:79:67:2b:63:9d:a3:a7:2a:5c:10:44:
57:10:ab:5f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZlwcM/Eo5Aw/Pt2SOqs21QfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwOTIyMDgwMTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2MwMmVkMTNmMGFhZDAyMGRjM2M5YTcxYWM1MTEyYWViOGJiMzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+qf+tbrN5SdCiA7lJD06LzvMuCP
FVOoPAV7+HGPvSG3R+TETonJ9rxRmLHzPNbc3Jflh5fYjpCxgf7pP2SzzjHvzh7B
zOLA11RFsuTbIbvSo7GM8VT3hx2G2wvCfMc+pGnSHOsC/F4tt+JkYAjSyvPAdyvY
q3BXwYM2gbjIqdjI/MuBW4ldFnMeFFKiifyZLpR9teCpyWyas0h7b7yzsdxdB7gE
iHxIOuxSaBYABXVyf9ZfRj8/Ff89dckYST2+LL1/LPHqhMiRXky/yeU8D9VBUUEx
2dZFt73hYYd4WPK4Nb9EDBF3utpN5BXK+pBaXWbXkupQHdM6l4R5QYVfFwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEzALtE/Cq0CDcPJpxrFESrri7MqMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvVE1BdTBUOEtyUUlOdzhtbkdzVVJLdXVMc3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALVoRAwQA
ud4eMAwDBAC55kEDBAC55kIwDQYJKoZIhvcNAQELBQADggEBAJ3Q4B0wlP4HZ7s8
XasOzrcq/1EANdeZOvUGh9Y9n/vxelBfWb/0zQzBExcEqtKqIV9Jyug9PtKRYVVv
dN5n8XfKVixkyzWyGtl1KWkcq4Zcy9oTOTc+xC64RgpK+Y5RLqHqkK03k3RbrPus
WiT0f2BJjzV0jyNn37E6UaxZMlWuyXT8tj1seZqrQHvMUws+Yf/pft6lFnPi/w/I
0lwPAqt0TFqaKUb2OUYcTigRaoe7sagF/bSeRqM6IkR6NuLqIvuWA5v4tqLFChat
ExPyGLmdxJBkVA/zFh8rISQD46G7QO9EHM8tZOpaP7kEOKW6sM55ZytjnaOnKlwQ
RFcQq18=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:28:40 2025 by rpki-client