Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/780c34-183b-46f4-b961-d4ae4071328f/1/tVaiZFiLINawsOK82OFMO15DejQ.roa
File: tVaiZFiLINawsOK82OFMO15DejQ.roa (raw, json)
Hash identifier: 8nEDMZ8EuVxpyIr0H29BICF51Bn0ST34hEU28E7vWbM=
Subject key identifier: B5:56:A2:64:58:8B:20:D6:B0:B0:E2:BC:D8:E1:4C:3B:5E:43:7A:34
Certificate issuer: /CN=8453d1e8618ef8fae8075ddd58270d094006be99
Certificate serial: 01989F1AB5D6245D0E4B110CDB1A8F32FBD8
Authority key identifier: 84:53:D1:E8:61:8E:F8:FA:E8:07:5D:DD:58:27:0D:09:40:06:BE:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hFPR6GGO-ProB13dWCcNCUAGvpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/780c34-183b-46f4-b961-d4ae4071328f/1/tVaiZFiLINawsOK82OFMO15DejQ.roa
Signing time: Tue 12 Aug 2025 16:26:24 +0000
ROA not before: Tue 12 Aug 2025 16:26:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59577
IP address blocks: 91.201.232.0/22 maxlen: 22
178.216.14.0/24 maxlen: 24
195.72.144.0/24 maxlen: 24
195.72.145.0/24 maxlen: 24
195.72.146.0/24 maxlen: 24
2a12:5b80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/780c34-183b-46f4-b961-d4ae4071328f/1/hFPR6GGO-ProB13dWCcNCUAGvpk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/780c34-183b-46f4-b961-d4ae4071328f/1/hFPR6GGO-ProB13dWCcNCUAGvpk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hFPR6GGO-ProB13dWCcNCUAGvpk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 04:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9f:1a:b5:d6:24:5d:0e:4b:11:0c:db:1a:8f:32:fb:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8453d1e8618ef8fae8075ddd58270d094006be99
Validity
Not Before: Aug 12 16:26:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b556a264588b20d6b0b0e2bcd8e14c3b5e437a34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:9a:b2:57:68:1e:b8:95:75:97:f2:bb:68:0e:
4f:59:78:5a:6c:79:fa:d5:4b:3a:2b:ea:1a:f6:89:
67:a9:ec:ae:08:61:4b:09:cd:a5:56:2e:9b:e8:94:
35:bc:ee:e4:f5:5f:0d:60:65:0f:b7:88:d6:4b:25:
b9:0c:48:eb:84:f4:4a:61:ab:3d:32:bc:c0:00:33:
91:9f:ea:55:bf:66:83:6a:2f:36:88:93:50:4e:a5:
4d:ce:9e:39:7d:c1:38:81:f2:69:a6:fe:5a:a2:c0:
48:ed:c2:48:58:53:4d:b0:11:f2:bd:d8:76:4d:bb:
2f:49:2b:0b:8c:76:fa:5d:9b:04:d3:e2:8b:28:e0:
ab:cd:fc:3e:51:31:c2:09:6d:58:7b:b9:c1:97:f4:
0a:0e:fe:9e:8d:a2:0a:bb:99:7b:a3:c7:d6:25:c8:
80:9b:9b:41:e1:da:4d:e4:88:7f:1c:7b:02:4d:7e:
ea:58:88:c7:36:20:40:b2:34:2e:de:16:bd:06:b8:
54:06:7e:86:3d:36:a7:16:37:4f:4c:b1:eb:b1:91:
3a:b1:8d:2f:d0:16:50:71:54:e9:b2:34:8b:39:1e:
21:28:13:12:b0:89:ba:0e:8f:95:fd:78:23:d7:6c:
ec:21:88:58:70:c6:c8:4a:4a:ab:de:39:1c:d8:ac:
65:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:56:A2:64:58:8B:20:D6:B0:B0:E2:BC:D8:E1:4C:3B:5E:43:7A:34
X509v3 Authority Key Identifier:
keyid:84:53:D1:E8:61:8E:F8:FA:E8:07:5D:DD:58:27:0D:09:40:06:BE:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hFPR6GGO-ProB13dWCcNCUAGvpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/780c34-183b-46f4-b961-d4ae4071328f/1/tVaiZFiLINawsOK82OFMO15DejQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/780c34-183b-46f4-b961-d4ae4071328f/1/hFPR6GGO-ProB13dWCcNCUAGvpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.232.0/22
178.216.14.0/24
195.72.144.0-195.72.146.255
IPv6:
2a12:5b80::/29
Signature Algorithm: sha256WithRSAEncryption
a4:38:6c:4b:07:42:97:9b:2f:cb:a8:44:a3:50:2d:94:da:58:
f8:75:9a:8e:52:b5:18:66:2c:1a:7c:98:dc:cf:30:0c:1c:bc:
07:da:93:bb:3b:c1:78:49:11:45:0f:e0:bc:7b:ff:30:ee:30:
cc:06:20:1d:4d:09:c1:20:c5:00:d0:df:9b:d6:7a:16:04:be:
5a:f3:da:b3:41:7a:b2:7e:03:ec:63:31:63:38:20:73:f2:51:
28:56:55:fd:f3:b9:38:dd:32:b4:b1:10:36:26:54:c9:3d:4a:
e1:56:27:e7:9d:27:90:76:71:4b:cc:1a:0c:b3:5d:6b:af:4d:
b2:89:fb:fe:b8:01:39:60:66:34:15:4a:7c:c3:c8:2a:bf:a5:
36:93:f0:a6:44:24:5b:ca:ea:08:ce:36:22:78:ea:a0:fc:5f:
b7:10:5b:b5:77:47:5f:2f:76:a1:36:23:1e:56:79:8a:43:cb:
25:51:7e:0a:6a:97:e6:62:be:f4:49:1a:66:5f:2e:4d:87:34:
dc:3b:e7:15:c1:df:6f:40:5f:0f:12:33:e8:6f:50:cb:1f:25:
bb:ef:57:93:6f:d1:08:65:15:17:97:a5:17:c7:c5:43:04:84:
36:f4:4e:c9:8c:88:2f:7e:06:cc:cd:49:6b:40:c2:6c:49:64:
64:c1:22:fe
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZifGrXWJF0OSxEM2xqPMvvYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NTNkMWU4NjE4ZWY4ZmFlODA3NWRkZDU4MjcwZDA5NDAw
NmJlOTkwHhcNMjUwODEyMTYyNjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTU2YTI2NDU4OGIyMGQ2YjBiMGUyYmNkOGUxNGMzYjVlNDM3YTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZqyV2geuJV1l/K7aA5PWXhabHn6
1Us6K+oa9olnqeyuCGFLCc2lVi6b6JQ1vO7k9V8NYGUPt4jWSyW5DEjrhPRKYas9
MrzAADORn+pVv2aDai82iJNQTqVNzp45fcE4gfJppv5aosBI7cJIWFNNsBHyvdh2
TbsvSSsLjHb6XZsE0+KLKOCrzfw+UTHCCW1Ye7nBl/QKDv6ejaIKu5l7o8fWJciA
m5tB4dpN5Ih/HHsCTX7qWIjHNiBAsjQu3ha9BrhUBn6GPTanFjdPTLHrsZE6sY0v
0BZQcVTpsjSLOR4hKBMSsIm6Do+V/Xgj12zsIYhYcMbISkqr3jkc2Kxl6wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFLVWomRYiyDWsLDivNjhTDteQ3o0MB8GA1UdIwQY
MBaAFIRT0ehhjvj66Add3VgnDQlABr6ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEZQUjZHR08tUHJvQjEzZFdDY05DVUFHdnBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83ODBjMzQtMTgzYi00NmY0LWI5NjEt
ZDRhZTQwNzEzMjhmLzEvdFZhaVpGaUxJTmF3c09LODJPRk1PMTVEZWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83ODBjMzQtMTgzYi00NmY0LWI5NjEtZDRhZTQwNzEzMjhm
LzEvaEZQUjZHR08tUHJvQjEzZFdDY05DVUFHdnBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCW8noAwQA
stgOMAwDBATDSJADBADDSJIwDQQCAAIwBwMFAyoSW4AwDQYJKoZIhvcNAQELBQAD
ggEBAKQ4bEsHQpebL8uoRKNQLZTaWPh1mo5StRhmLBp8mNzPMAwcvAfak7s7wXhJ
EUUP4Lx7/zDuMMwGIB1NCcEgxQDQ35vWehYEvlrz2rNBerJ+A+xjMWM4IHPyUShW
Vf3zuTjdMrSxEDYmVMk9SuFWJ+edJ5B2cUvMGgyzXWuvTbKJ+/64ATlgZjQVSnzD
yCq/pTaT8KZEJFvK6gjONiJ46qD8X7cQW7V3R18vdqE2Ix5WeYpDyyVRfgpql+Zi
vvRJGmZfLk2HNNw75xXB329AXw8SM+hvUMsfJbvvV5Nv0QhlFReXpRfHxUMEhDb0
TsmMiC9+BszNSWtAwmxJZGTBIv4=
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:32:53 2025 by rpki-client