Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/_TL6mTZXcLYAPXlu1htfIyUl8rc.roa
File: _TL6mTZXcLYAPXlu1htfIyUl8rc.roa (raw, json)
Hash identifier: auu5lQMtJmBXhYLmFNZ2Cdy4mHQJ8c7v+J19cT4Wc3U=
Subject key identifier: FD:32:FA:99:36:57:70:B6:00:3D:79:6E:D6:1B:5F:23:25:25:F2:B7
Certificate issuer: /CN=b65918f25d56000f881da98de323d91a064e0087
Certificate serial: 0197C631817DE743F0AC6CD8FFEB4F3C1DD1
Authority key identifier: B6:59:18:F2:5D:56:00:0F:88:1D:A9:8D:E3:23:D9:1A:06:4E:00:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tlkY8l1WAA-IHamN4yPZGgZOAIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/_TL6mTZXcLYAPXlu1htfIyUl8rc.roa
Signing time: Tue 01 Jul 2025 13:33:42 +0000
ROA not before: Tue 01 Jul 2025 13:33:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216131
IP address blocks: 185.165.116.0/23 maxlen: 23
185.165.116.0/24 maxlen: 24
185.165.117.0/24 maxlen: 24
185.165.118.0/23 maxlen: 23
185.165.118.0/24 maxlen: 24
185.165.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/tlkY8l1WAA-IHamN4yPZGgZOAIc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/tlkY8l1WAA-IHamN4yPZGgZOAIc.mft
rsync://rpki.ripe.net/repository/DEFAULT/tlkY8l1WAA-IHamN4yPZGgZOAIc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 02:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c6:31:81:7d:e7:43:f0:ac:6c:d8:ff:eb:4f:3c:1d:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b65918f25d56000f881da98de323d91a064e0087
Validity
Not Before: Jul 1 13:33:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd32fa99365770b6003d796ed61b5f232525f2b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:10:83:bb:17:68:f1:9d:8e:f9:3c:5c:78:6a:
33:d6:11:18:46:22:c8:42:be:4a:d2:a0:62:42:84:
13:6e:69:7e:09:83:b1:89:e4:3c:59:af:32:8e:36:
13:2d:19:db:ed:49:ac:b7:00:b1:44:c7:e4:e0:05:
68:6d:b7:58:e2:02:63:f6:0b:3f:f3:fe:46:ab:9b:
bf:af:bf:02:a0:65:e2:2d:79:77:34:ba:a5:61:b3:
c3:45:bc:a6:c2:43:41:86:f2:77:cf:9c:c8:54:23:
98:f5:29:a9:35:96:0d:7b:e1:f6:bc:18:22:59:a6:
60:c4:19:ea:4f:e5:d5:48:e2:ce:e1:d6:00:b7:ef:
2d:9e:5c:ce:95:91:ba:79:85:4d:10:c9:20:3f:12:
c2:81:b3:c2:e8:96:75:bb:8e:7d:f8:fd:92:08:7b:
ca:d7:4d:69:89:0b:fa:47:ff:7b:bd:3f:fe:d4:08:
9e:64:cc:fc:88:26:dc:7c:79:4b:83:b1:cf:a6:fe:
dd:72:2c:d7:ae:c6:c0:d0:3f:b4:9b:bf:32:ac:a1:
65:d8:fc:8e:66:37:88:e7:10:1d:dd:a7:d0:3d:d1:
4e:e5:b0:92:90:5c:6e:1d:9f:73:f7:ab:bc:3b:04:
33:fa:75:25:f4:47:2a:ea:23:f5:d3:e4:6c:95:88:
73:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:32:FA:99:36:57:70:B6:00:3D:79:6E:D6:1B:5F:23:25:25:F2:B7
X509v3 Authority Key Identifier:
keyid:B6:59:18:F2:5D:56:00:0F:88:1D:A9:8D:E3:23:D9:1A:06:4E:00:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tlkY8l1WAA-IHamN4yPZGgZOAIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/_TL6mTZXcLYAPXlu1htfIyUl8rc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/5506de-0b1a-47ee-99d1-a520d434654a/1/tlkY8l1WAA-IHamN4yPZGgZOAIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.116.0/22
Signature Algorithm: sha256WithRSAEncryption
70:de:89:91:55:e5:6f:ee:e9:02:41:f4:44:aa:87:97:0f:10:
6a:1a:71:4c:1c:94:43:3c:ec:23:8f:21:2d:17:bd:1f:29:52:
8e:1a:9b:0b:c4:d0:2c:b2:6e:9a:40:95:7e:32:b9:35:db:3b:
7d:2b:db:ec:52:df:70:7a:34:83:80:d4:fd:2d:83:76:30:b8:
1a:c9:f4:70:ea:7c:e7:27:aa:20:50:f6:b2:03:94:4e:0f:e1:
fc:7a:59:3b:c4:98:56:90:6f:0d:d6:18:42:9b:ab:74:d9:a1:
85:a2:11:2f:d1:03:41:ee:1d:c8:dd:e5:81:5b:29:dc:7c:74:
f0:c2:9c:1d:57:45:c0:1a:83:52:13:ba:22:58:47:32:45:2c:
0e:b6:e3:48:0b:b4:80:e8:ac:25:d8:f6:c7:7d:fd:ca:21:d0:
7e:02:0b:fc:27:e1:e5:e5:fa:9d:7b:66:18:8e:4e:04:64:f7:
c7:da:f6:0f:55:e0:67:80:c8:be:f1:99:70:54:91:63:41:75:
be:31:c1:7c:ed:65:19:a8:fd:8f:d2:47:e7:62:5f:48:e4:d1:
05:80:04:bd:30:98:5b:ef:90:91:5c:e8:60:d2:f0:bf:6f:50:
0c:12:ca:cf:d9:90:8f:e8:a9:b3:8f:19:d4:08:0d:1c:c0:fb:
95:9f:93:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfGMYF950PwrGzY/+tPPB3RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NTkxOGYyNWQ1NjAwMGY4ODFkYTk4ZGUzMjNkOTFhMDY0
ZTAwODcwHhcNMjUwNzAxMTMzMzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDMyZmE5OTM2NTc3MGI2MDAzZDc5NmVkNjFiNWYyMzI1MjVmMmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxCDuxdo8Z2O+TxceGoz1hEYRiLI
Qr5K0qBiQoQTbml+CYOxieQ8Wa8yjjYTLRnb7UmstwCxRMfk4AVobbdY4gJj9gs/
8/5Gq5u/r78CoGXiLXl3NLqlYbPDRbymwkNBhvJ3z5zIVCOY9SmpNZYNe+H2vBgi
WaZgxBnqT+XVSOLO4dYAt+8tnlzOlZG6eYVNEMkgPxLCgbPC6JZ1u459+P2SCHvK
101piQv6R/97vT/+1AieZMz8iCbcfHlLg7HPpv7dcizXrsbA0D+0m78yrKFl2PyO
ZjeI5xAd3afQPdFO5bCSkFxuHZ9z96u8OwQz+nUl9Ecq6iP10+RslYhz4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP0y+pk2V3C2AD15btYbXyMlJfK3MB8GA1UdIwQY
MBaAFLZZGPJdVgAPiB2pjeMj2RoGTgCHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGxrWThsMVdBQS1JSGFtTjR5UFpHZ1pPQUljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC81NTA2ZGUtMGIxYS00N2VlLTk5ZDEt
YTUyMGQ0MzQ2NTRhLzEvX1RMNm1UWlhjTFlBUFhsdTFodGZJeVVsOHJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC81NTA2ZGUtMGIxYS00N2VlLTk5ZDEtYTUyMGQ0MzQ2NTRh
LzEvdGxrWThsMVdBQS1JSGFtTjR5UFpHZ1pPQUljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaV0MA0G
CSqGSIb3DQEBCwUAA4IBAQBw3omRVeVv7ukCQfREqoeXDxBqGnFMHJRDPOwjjyEt
F70fKVKOGpsLxNAssm6aQJV+Mrk12zt9K9vsUt9wejSDgNT9LYN2MLgayfRw6nzn
J6ogUPayA5ROD+H8elk7xJhWkG8N1hhCm6t02aGFohEv0QNB7h3I3eWBWyncfHTw
wpwdV0XAGoNSE7oiWEcyRSwOtuNIC7SA6Kwl2PbHff3KIdB+Agv8J+Hl5fqde2YY
jk4EZPfH2vYPVeBngMi+8ZlwVJFjQXW+McF87WUZqP2P0kfnYl9I5NEFgAS9MJhb
75CRXOhg0vC/b1AMEsrP2ZCP6KmzjxnUCA0cwPuVn5MW
-----END CERTIFICATE-----
Generated at Wed Jul 2 11:29:44 2025 by rpki-client