Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/TFSSUVJYPdC_xi0OAIV0JFJQBfo.roa
File: TFSSUVJYPdC_xi0OAIV0JFJQBfo.roa (raw, json)
Hash identifier: oX2R11AjocQh2DpCr38wvGugieksGJUlkq+0NL2U9GI=
Subject key identifier: 4C:54:92:51:52:58:3D:D0:BF:C6:2D:0E:00:85:74:24:52:50:05:FA
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 0199A568A5C35AAAB8E13551B2581ADB68A2
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/TFSSUVJYPdC_xi0OAIV0JFJQBfo.roa
Signing time: Thu 02 Oct 2025 14:52:02 +0000
ROA not before: Thu 02 Oct 2025 14:52:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205090
IP address blocks: 89.44.86.0/24 maxlen: 24
89.44.87.0/24 maxlen: 24
95.81.121.0/24 maxlen: 24
95.81.122.0/24 maxlen: 24
103.71.20.0/24 maxlen: 24
103.71.21.0/24 maxlen: 24
109.69.62.0/24 maxlen: 24
185.105.88.0/24 maxlen: 24
185.105.89.0/24 maxlen: 24
185.105.90.0/24 maxlen: 24
185.105.91.0/24 maxlen: 24
185.128.105.0/24 maxlen: 24
185.128.106.0/24 maxlen: 24
185.128.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 16:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a5:68:a5:c3:5a:aa:b8:e1:35:51:b2:58:1a:db:68:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Oct 2 14:52:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c54925152583dd0bfc62d0e00857424525005fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:28:8f:02:d2:da:0b:c1:13:2f:39:d5:5c:c1:
5a:15:f0:c9:52:73:f7:05:eb:36:1f:a7:48:3a:d6:
66:16:f6:1a:8f:4a:57:4d:0c:55:13:1d:85:c2:e3:
f2:cf:6c:1c:89:a4:14:1c:14:8f:6e:63:1f:5b:62:
ca:ea:12:cf:bb:95:a0:91:0c:11:4a:56:82:82:d1:
97:86:c4:0b:c1:59:18:19:e4:16:ba:c4:1e:91:bd:
ab:b8:c7:d4:e9:32:c2:f1:64:38:35:92:fc:74:94:
64:59:d1:52:d4:02:f5:e6:3c:13:c6:f9:9f:ca:d1:
a3:af:26:5d:40:de:70:59:aa:d0:93:cb:96:ac:f9:
14:f6:be:76:b5:4c:48:a5:40:0e:da:4d:74:5b:88:
cf:46:eb:4f:eb:20:35:06:c1:d5:8e:32:18:03:f7:
ba:62:91:d1:ac:87:f3:64:c4:03:23:7f:dc:08:df:
1f:c5:5d:00:6d:82:0e:18:de:33:bf:6f:03:65:32:
b1:1a:59:55:74:79:b3:fa:1f:fc:57:dd:87:4c:70:
93:60:b0:00:58:7f:bb:6c:f4:48:08:2e:a8:b1:88:
cf:1c:00:ee:e1:c6:31:24:6c:63:93:c1:f8:c6:43:
7a:b1:53:c0:f7:06:10:b8:9f:cb:95:1f:2b:28:c2:
e3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:54:92:51:52:58:3D:D0:BF:C6:2D:0E:00:85:74:24:52:50:05:FA
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/TFSSUVJYPdC_xi0OAIV0JFJQBfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.86.0/23
95.81.121.0-95.81.122.255
103.71.20.0/23
109.69.62.0/24
185.105.88.0/22
185.128.105.0-185.128.107.255
Signature Algorithm: sha256WithRSAEncryption
1c:72:70:f5:7a:7c:e1:95:23:c8:ea:8d:01:62:46:6b:3e:04:
44:66:a0:9a:35:ce:b0:e9:13:60:83:d8:0c:41:b5:ca:82:04:
07:78:87:b1:c6:bd:fe:a9:65:ce:c2:b4:e2:14:e5:94:da:cf:
86:68:8d:50:dc:a7:de:82:b4:ea:3d:da:60:e0:42:20:4a:17:
a2:6d:54:34:00:8d:ca:27:83:6f:bf:5c:b7:3d:0d:b2:fa:13:
ae:27:4f:b5:9e:b1:56:a9:df:14:6d:d7:96:ae:52:e6:db:4a:
6a:b8:8d:35:4f:ed:b2:62:9d:dc:7d:da:32:94:32:ee:b7:a4:
d9:a2:ac:17:89:2d:25:2c:d8:47:d4:82:24:52:5f:35:ed:fe:
8d:16:6d:e5:9c:48:d6:be:8e:87:b3:1f:24:ac:8e:20:e6:81:
2f:d7:cc:3f:ec:97:91:c8:b1:70:6e:d4:ed:e6:cb:6e:5f:2c:
ca:a5:af:bb:70:2e:a0:66:73:8e:47:cd:8e:7f:4d:87:65:65:
e2:66:cd:35:44:fa:e8:fc:eb:fe:c6:1f:66:4c:ba:f6:69:1d:
67:80:80:3c:1f:fc:6e:d7:53:16:59:a9:8c:39:d0:44:97:2b:
06:a8:7c:09:11:76:37:6d:34:1c:cc:43:cd:3c:8e:f9:00:1a:
48:cd:10:82
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZmlaKXDWqq44TVRslga22iiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUxMDAyMTQ1MjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzU0OTI1MTUyNTgzZGQwYmZjNjJkMGUwMDg1NzQyNDUyNTAwNWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yiPAtLaC8ETLznVXMFaFfDJUnP3
Bes2H6dIOtZmFvYaj0pXTQxVEx2FwuPyz2wciaQUHBSPbmMfW2LK6hLPu5WgkQwR
SlaCgtGXhsQLwVkYGeQWusQekb2ruMfU6TLC8WQ4NZL8dJRkWdFS1AL15jwTxvmf
ytGjryZdQN5wWarQk8uWrPkU9r52tUxIpUAO2k10W4jPRutP6yA1BsHVjjIYA/e6
YpHRrIfzZMQDI3/cCN8fxV0AbYIOGN4zv28DZTKxGllVdHmz+h/8V92HTHCTYLAA
WH+7bPRICC6osYjPHADu4cYxJGxjk8H4xkN6sVPA9wYQuJ/LlR8rKMLjtwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFExUklFSWD3Qv8YtDgCFdCRSUAX6MB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvVEZTU1VWSllQZENfeGkwT0FJVjBKRkpRQmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQBWSxWMAwD
BABfUXkDBABfUXoDBAFnRxQDBABtRT4DBAK5aVgwDAMEALmAaQMEArmAaDANBgkq
hkiG9w0BAQsFAAOCAQEAHHJw9Xp84ZUjyOqNAWJGaz4ERGagmjXOsOkTYIPYDEG1
yoIEB3iHsca9/qllzsK04hTllNrPhmiNUNyn3oK06j3aYOBCIEoXom1UNACNyieD
b79ctz0NsvoTridPtZ6xVqnfFG3Xlq5S5ttKariNNU/tsmKd3H3aMpQy7rek2aKs
F4ktJSzYR9SCJFJfNe3+jRZt5ZxI1r6Oh7MfJKyOIOaBL9fMP+yXkcixcG7U7ebL
bl8syqWvu3AuoGZzjkfNjn9Nh2Vl4mbNNUT66Pzr/sYfZky69mkdZ4CAPB/8btdT
FlmpjDnQRJcrBqh8CRF2N200HMxDzTyO+QAaSM0Qgg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:24 2025 by rpki-client