Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/TYeQm-B0o6O_Gvpp8hOOtZ-gGJw.roa
File: TYeQm-B0o6O_Gvpp8hOOtZ-gGJw.roa (raw, json)
Hash identifier: IdJGuhU17D6k4ubGV10TGtirgX+/WChDIAYbwSldd8g=
Subject key identifier: 4D:87:90:9B:E0:74:A3:A3:BF:1A:FA:69:F2:13:8E:B5:9F:A0:18:9C
Certificate issuer: /CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Certificate serial: 01989D9EC44E4CB0DAEF5F0561382059AC0B
Authority key identifier: 26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/TYeQm-B0o6O_Gvpp8hOOtZ-gGJw.roa
Signing time: Tue 12 Aug 2025 09:31:24 +0000
ROA not before: Tue 12 Aug 2025 09:31:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56971
IP address blocks: 178.255.222.0/24 maxlen: 32
185.92.180.0/24 maxlen: 32
185.92.181.0/24 maxlen: 32
185.92.182.0/24 maxlen: 32
185.92.183.0/24 maxlen: 32
193.28.186.0/24 maxlen: 32
213.232.204.0/24 maxlen: 32
2a13:7c00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.mft
rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9d:9e:c4:4e:4c:b0:da:ef:5f:05:61:38:20:59:ac:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Validity
Not Before: Aug 12 09:31:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d87909be074a3a3bf1afa69f2138eb59fa0189c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:e3:f5:84:28:6f:7b:8e:14:ef:11:ea:68:e3:
4d:f4:52:3f:81:38:b4:54:b2:75:66:1b:cc:77:50:
f3:03:fb:a8:10:64:c4:34:3c:b3:e4:b1:ec:a5:5f:
9a:69:1a:31:87:f6:43:f6:fc:0e:fe:46:e4:20:db:
71:90:89:0a:1f:be:fd:2a:22:9f:c9:90:dd:6e:9b:
4d:df:e8:c1:08:71:31:9c:f6:b9:63:75:d4:86:8d:
a3:5f:4f:cc:e4:f3:86:fd:07:6c:98:30:f6:f9:4c:
79:b0:72:1d:72:b4:ca:f1:8e:c2:4f:3e:6d:a6:ca:
8a:c9:56:db:2e:f1:39:3d:17:de:03:a8:5f:46:1e:
22:15:96:4e:a5:91:93:ba:06:ad:d7:86:73:46:da:
31:75:bb:0c:24:87:aa:b7:ae:9a:f6:49:f2:c0:76:
44:63:9b:de:cf:6b:2c:ed:9c:89:12:76:c5:d4:13:
a6:67:cc:bf:f5:62:7e:ee:dc:ae:2b:a9:36:c0:a1:
49:2a:0e:f3:f0:d6:b0:72:89:e5:4f:cf:51:da:c8:
21:85:7c:6f:41:db:66:33:96:98:6d:f9:6a:bb:49:
45:b9:5d:4c:94:50:0b:c1:02:99:9a:9a:31:d2:f3:
69:c0:e1:04:45:0b:86:d1:fd:e5:13:d2:c6:d4:56:
8e:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:87:90:9B:E0:74:A3:A3:BF:1A:FA:69:F2:13:8E:B5:9F:A0:18:9C
X509v3 Authority Key Identifier:
keyid:26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/TYeQm-B0o6O_Gvpp8hOOtZ-gGJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.222.0/24
185.92.180.0/22
193.28.186.0/24
213.232.204.0/24
IPv6:
2a13:7c00::/32
Signature Algorithm: sha256WithRSAEncryption
47:87:b4:d5:48:07:a5:2c:cf:44:dd:f4:c0:61:cf:0e:b7:b8:
f9:1a:21:3a:69:45:0b:d8:45:3b:43:18:f2:8f:2b:d1:f2:9c:
98:59:d3:6e:81:e7:2b:50:b3:aa:1b:88:ac:e7:63:db:2b:bb:
5a:85:80:b9:c9:0f:9b:7b:dc:c3:e2:43:5a:9a:0f:0b:05:52:
59:10:77:f2:3d:5f:c1:fe:69:47:5f:d1:a3:8d:25:49:62:3c:
da:f1:c2:51:64:f4:98:ae:5b:a4:31:08:cf:b9:0e:be:5c:c8:
47:d9:f8:ab:f4:c8:31:1a:f8:d9:8d:de:47:97:ed:48:b2:82:
88:b6:04:74:d2:e4:21:52:fd:0c:ff:2b:b7:5f:c8:e5:9d:59:
a9:7b:dc:de:f3:14:6b:7f:8d:42:92:5c:c4:24:75:4f:d1:48:
a5:c0:1f:07:9b:8c:d6:c8:06:f8:c6:b5:b5:3e:3a:48:84:a1:
26:de:51:41:3f:5c:67:58:49:42:55:19:bd:1d:d4:af:f8:e1:
d7:80:41:94:e3:cb:db:8d:a3:14:64:20:1b:f1:db:fc:ea:87:
89:60:95:f7:88:bf:04:e1:5c:32:99:c6:2c:5d:2e:57:d8:ed:
ac:72:d0:aa:71:50:37:14:65:c9:d6:48:91:b7:1c:ba:cd:85:
e0:31:af:1d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZidnsROTLDa718FYTggWawLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NzJiOWZiNTQ2YjM2NWUzMjMyMzBkY2VhOWJhOGM5ZmJl
ZGZlYjgwHhcNMjUwODEyMDkzMTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDg3OTA5YmUwNzRhM2EzYmYxYWZhNjlmMjEzOGViNTlmYTAxODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5eP1hChve44U7xHqaONN9FI/gTi0
VLJ1ZhvMd1DzA/uoEGTENDyz5LHspV+aaRoxh/ZD9vwO/kbkINtxkIkKH779KiKf
yZDdbptN3+jBCHExnPa5Y3XUho2jX0/M5POG/QdsmDD2+Ux5sHIdcrTK8Y7CTz5t
psqKyVbbLvE5PRfeA6hfRh4iFZZOpZGTugat14ZzRtoxdbsMJIeqt66a9knywHZE
Y5vez2ss7ZyJEnbF1BOmZ8y/9WJ+7tyuK6k2wKFJKg7z8NawconlT89R2sghhXxv
QdtmM5aYbflqu0lFuV1MlFALwQKZmpox0vNpwOEERQuG0f3lE9LG1FaOyQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFE2HkJvgdKOjvxr6afITjrWfoBicMB8GA1UdIwQY
MBaAFCZyuftUazZeMjIw3OqbqMn77f64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYt
YTcwZGI1ODI4MGZjLzEvVFllUW0tQjBvNk9fR3ZwcDhoT090Wi1nR0p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYtYTcwZGI1ODI4MGZj
LzEvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAsv/eAwQC
uVy0AwQAwRy6AwQA1ejMMA0EAgACMAcDBQAqE3wAMA0GCSqGSIb3DQEBCwUAA4IB
AQBHh7TVSAelLM9E3fTAYc8Ot7j5GiE6aUUL2EU7QxjyjyvR8pyYWdNugecrULOq
G4is52PbK7tahYC5yQ+be9zD4kNamg8LBVJZEHfyPV/B/mlHX9GjjSVJYjza8cJR
ZPSYrlukMQjPuQ6+XMhH2fir9MgxGvjZjd5Hl+1IsoKItgR00uQhUv0M/yu3X8jl
nVmpe9ze8xRrf41CklzEJHVP0UilwB8Hm4zWyAb4xrW1PjpIhKEm3lFBP1xnWElC
VRm9HdSv+OHXgEGU48vbjaMUZCAb8dv86oeJYJX3iL8E4VwymcYsXS5X2O2sctCq
cVA3FGXJ1kiRtxy6zYXgMa8d
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:18:59 2025 by rpki-client