Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/TQuAoSMTgD47o86Mfnh3jJOO5ek.roa
File: TQuAoSMTgD47o86Mfnh3jJOO5ek.roa (raw, json)
Hash identifier: OnrGrU7lhj5to79HwgQxpEZnXPQGMxbjMVbPvn1if3E=
Subject key identifier: 4D:0B:80:A1:23:13:80:3E:3B:A3:CE:8C:7E:78:77:8C:93:8E:E5:E9
Certificate issuer: /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial: 01984211E22F4F72E9A786D4D9199C808345
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/TQuAoSMTgD47o86Mfnh3jJOO5ek.roa
Signing time: Fri 25 Jul 2025 14:52:04 +0000
ROA not before: Fri 25 Jul 2025 14:52:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59437
IP address blocks: 85.234.64.0/24 maxlen: 24
85.234.66.0/24 maxlen: 24
85.234.67.0/24 maxlen: 24
85.234.84.0/24 maxlen: 24
85.234.86.0/24 maxlen: 24
85.234.90.0/24 maxlen: 24
85.234.91.0/24 maxlen: 24
85.234.93.0/24 maxlen: 24
85.234.94.0/24 maxlen: 24
92.38.143.0/24 maxlen: 24
93.113.170.0/24 maxlen: 24
93.119.168.0/24 maxlen: 24
93.119.169.0/24 maxlen: 24
109.61.121.0/24 maxlen: 24
2a03:90c0:650::/44 maxlen: 64
2a03:90c0:680::/44 maxlen: 44
2a03:90c0:7a0::/44 maxlen: 44
2a03:90c0:7b0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.mft
rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 02:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:42:11:e2:2f:4f:72:e9:a7:86:d4:d9:19:9c:80:83:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Validity
Not Before: Jul 25 14:52:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d0b80a12313803e3ba3ce8c7e78778c938ee5e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:41:3d:56:f7:0b:cd:24:a0:61:60:e5:e2:09:
7f:05:d8:85:d2:9c:af:53:cd:f8:94:49:68:98:e9:
13:06:55:2b:25:ec:a2:9e:7e:bf:32:38:8f:79:8d:
de:f3:fa:df:f5:f8:fb:94:2b:90:f4:c6:12:71:30:
77:5e:c2:26:d9:64:65:44:4e:68:de:4a:bb:90:65:
57:50:61:2a:b3:3d:74:a8:65:e1:5e:ab:ca:40:31:
ae:70:88:f9:06:51:93:aa:67:cc:af:65:74:bd:7a:
85:e4:f0:b1:a2:05:8e:40:fd:a9:35:38:e9:13:6f:
e5:85:f1:35:1b:5b:20:40:9b:25:36:d6:3a:52:3f:
54:45:c6:88:20:f0:87:6b:04:bc:3a:81:25:0b:97:
4d:b7:98:dd:b6:58:6b:21:f3:95:1f:de:63:94:51:
0f:b3:6e:f3:48:f1:f4:a0:cf:eb:ba:8f:a5:7a:f4:
9a:cd:6f:4f:98:5a:1f:93:b8:d5:7c:33:27:32:7b:
bb:fc:e6:0a:9b:96:3d:f1:29:c8:45:c9:08:9c:e6:
aa:8a:82:9e:0a:b2:e2:50:31:10:75:13:4b:09:79:
c4:a6:c2:0c:22:3f:7f:34:09:21:9a:a9:4b:b2:f9:
0d:05:b7:8f:1a:6e:78:44:a4:bb:0f:30:5a:7b:e0:
ff:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:0B:80:A1:23:13:80:3E:3B:A3:CE:8C:7E:78:77:8C:93:8E:E5:E9
X509v3 Authority Key Identifier:
keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/TQuAoSMTgD47o86Mfnh3jJOO5ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.64.0/24
85.234.66.0/23
85.234.84.0/24
85.234.86.0/24
85.234.90.0/23
85.234.93.0-85.234.94.255
92.38.143.0/24
93.113.170.0/24
93.119.168.0/23
109.61.121.0/24
IPv6:
2a03:90c0:650::/44
2a03:90c0:680::/44
2a03:90c0:7a0::/43
Signature Algorithm: sha256WithRSAEncryption
66:69:2f:7f:f5:a4:50:3e:55:65:de:86:e4:a2:dc:02:d5:d6:
90:12:64:d2:03:18:d8:cf:ee:86:0b:85:17:04:f1:8a:f0:8f:
48:83:4e:19:0e:4c:f2:dc:a4:c2:91:6e:aa:60:59:b4:21:72:
59:df:37:07:22:e6:e3:c9:57:b4:f2:2e:ea:42:1d:fc:0f:12:
01:63:93:ac:23:32:4b:57:53:5d:19:be:1f:97:d4:a5:c3:71:
0e:8f:87:8c:ef:3b:7c:d8:13:2b:6a:f7:fc:71:5b:c3:3b:06:
f1:81:a4:51:65:6f:c4:a7:b7:be:a7:76:0b:ce:d3:fe:6b:fc:
83:e8:5e:00:24:51:8a:b3:1a:7a:fe:80:4c:55:e1:d7:ab:de:
98:97:bd:26:32:8b:6b:e3:30:a3:76:6a:a7:47:e9:0a:e8:4b:
09:eb:19:b3:41:c6:ba:cd:e2:9b:3e:af:52:b8:81:62:de:c2:
20:c6:4f:60:bb:43:f6:12:52:ad:b2:49:72:d8:95:32:86:93:
93:bd:e3:1c:bb:7e:11:d4:ff:41:87:b8:6f:f3:60:5c:74:d2:
89:4e:7c:e0:c5:fe:2a:d0:ba:0c:68:fb:28:c1:4d:84:fd:7f:
90:c9:d7:15:ee:51:75:8d:89:4f:58:e9:4d:4f:f7:2f:ad:db:
ce:67:d3:81
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAZhCEeIvT3Lpp4bU2RmcgINFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjUwNzI1MTQ1MjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDBiODBhMTIzMTM4MDNlM2JhM2NlOGM3ZTc4Nzc4YzkzOGVlNWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUE9VvcLzSSgYWDl4gl/BdiF0pyv
U834lElomOkTBlUrJeyinn6/MjiPeY3e8/rf9fj7lCuQ9MYScTB3XsIm2WRlRE5o
3kq7kGVXUGEqsz10qGXhXqvKQDGucIj5BlGTqmfMr2V0vXqF5PCxogWOQP2pNTjp
E2/lhfE1G1sgQJslNtY6Uj9URcaIIPCHawS8OoElC5dNt5jdtlhrIfOVH95jlFEP
s27zSPH0oM/ruo+levSazW9PmFofk7jVfDMnMnu7/OYKm5Y98SnIRckInOaqioKe
CrLiUDEQdRNLCXnEpsIMIj9/NAkhmqlLsvkNBbePGm54RKS7DzBae+D/2QIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFE0LgKEjE4A+O6POjH54d4yTjuXpMB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEvVFF1QW9TTVRnRDQ3bzg2TWZuaDNqSk9PNWVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wSgQCAAEwRAMEAFXqQAME
AVXqQgMEAFXqVAMEAFXqVgMEAVXqWjAMAwQAVepdAwQAVepeAwQAXCaPAwQAXXGq
AwQBXXeoAwQAbT15MCEEAgACMBsDBwQqA5DABlADBwQqA5DABoADBwUqA5DAB6Aw
DQYJKoZIhvcNAQELBQADggEBAGZpL3/1pFA+VWXehuSi3ALV1pASZNIDGNjP7oYL
hRcE8Yrwj0iDThkOTPLcpMKRbqpgWbQhclnfNwci5uPJV7TyLupCHfwPEgFjk6wj
MktXU10Zvh+X1KXDcQ6Ph4zvO3zYEytq9/xxW8M7BvGBpFFlb8Snt76ndgvO0/5r
/IPoXgAkUYqzGnr+gExV4der3piXvSYyi2vjMKN2aqdH6QroSwnrGbNBxrrN4ps+
r1K4gWLewiDGT2C7Q/YSUq2ySXLYlTKGk5O94xy7fhHU/0GHuG/zYFx00olOfODF
/irQugxo+yjBTYT9f5DJ1xXuUXWNiU9Y6U1P9y+t285n04E=
-----END CERTIFICATE-----
Generated at Sun Jul 27 11:55:26 2025 by rpki-client