Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/TyWwGPBhvtrDTa9-WKai6CZuV8M.roa
File: TyWwGPBhvtrDTa9-WKai6CZuV8M.roa (raw, json)
Hash identifier: 5pzk3M84kVMyD+EhFWS4/PDEBzPW5mhSK7r58e8kVnY=
Subject key identifier: 4F:25:B0:18:F0:61:BE:DA:C3:4D:AF:7E:58:A6:A2:E8:26:6E:57:C3
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0197D47B09E441635CE5BD1E7A763C02A24A
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/TyWwGPBhvtrDTa9-WKai6CZuV8M.roa
Signing time: Fri 04 Jul 2025 08:08:42 +0000
ROA not before: Fri 04 Jul 2025 08:08:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395793
IP address blocks: 217.179.49.0/24 maxlen: 24
217.179.56.0/24 maxlen: 24
217.179.57.0/24 maxlen: 24
217.179.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:7b:09:e4:41:63:5c:e5:bd:1e:7a:76:3c:02:a2:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Jul 4 08:08:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f25b018f061bedac34daf7e58a6a2e8266e57c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2a:21:07:29:93:16:a1:48:92:78:51:e4:ca:
73:27:3b:94:15:52:1c:1b:a3:63:e4:78:53:23:30:
c9:9a:87:fa:83:2f:5e:3b:2a:e3:b4:08:f8:0a:29:
73:e9:aa:f9:ed:6e:d0:40:3b:3e:45:83:d8:70:ca:
c6:f8:db:c0:a1:66:c6:1f:93:51:02:a2:64:41:13:
c6:28:6c:4f:f4:7c:f3:3b:f6:b6:19:7c:81:12:e0:
32:07:78:d3:62:61:84:eb:96:78:ad:9e:73:be:63:
bf:dd:ba:ba:61:a9:35:23:4f:f5:4a:47:80:20:9d:
e8:ec:5e:6d:ce:02:42:bc:e0:8f:7d:4b:07:e3:c0:
20:31:a7:c5:2f:2d:0f:ca:ce:4d:1f:44:c2:9d:ad:
af:22:5f:76:5e:f2:f9:26:57:6f:34:74:c2:0f:da:
94:40:2e:5a:f0:ac:10:2a:de:ed:34:b0:d4:cf:97:
a4:96:51:f3:70:ca:01:6b:be:4f:02:a2:9c:64:b9:
c7:ea:ae:65:43:16:89:70:80:8e:f5:71:04:de:cd:
3b:ac:2d:49:25:7c:53:49:ab:65:36:fc:a4:42:97:
eb:c1:07:90:7b:03:e7:57:7f:4c:1e:16:4a:79:d2:
63:82:35:80:88:81:35:5a:49:57:89:a5:c6:41:5d:
d9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:25:B0:18:F0:61:BE:DA:C3:4D:AF:7E:58:A6:A2:E8:26:6E:57:C3
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/TyWwGPBhvtrDTa9-WKai6CZuV8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.179.49.0/24
217.179.56.0/23
217.179.74.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:fe:95:c3:e3:6f:6c:4e:f4:d5:20:ab:c2:65:4a:22:96:43:
62:a8:09:7c:61:38:43:a7:1f:c7:f6:22:eb:68:e3:1f:4b:88:
64:47:c9:23:66:61:9b:ae:a0:af:5f:ee:8b:ec:3c:a7:6b:19:
b0:16:a0:f7:14:c0:a6:ba:34:b2:bf:ec:2e:0c:24:93:26:0b:
00:d7:3e:71:1a:5c:d3:e9:27:05:29:d1:b3:9a:be:ea:c9:77:
43:bd:1d:a3:2d:54:52:66:50:98:d9:4f:1f:cf:27:54:0f:b1:
24:6d:93:e1:15:3b:da:cd:ab:55:75:43:96:ec:db:76:67:87:
25:90:9f:8b:08:a1:02:fa:3a:f6:9f:62:74:72:31:41:c4:5e:
4b:d3:ab:86:48:3d:8a:23:3b:38:d1:7f:2d:8b:cd:4a:36:a2:
20:cb:8b:35:9c:3b:d1:31:d3:22:06:d4:0a:29:ca:62:ed:bb:
f6:50:70:04:3e:31:06:90:36:0c:0c:17:35:2d:48:80:60:75:
a0:95:3b:2f:9f:f6:01:09:cd:63:3a:6e:50:27:7d:bc:f3:46:
f2:0e:31:ea:26:c2:85:4e:83:ee:68:87:90:9d:f1:db:78:31:
c1:46:6d:59:cc:7e:2b:42:54:fd:60:b6:fc:08:72:ec:3f:b0:
7c:29:f8:14
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZfUewnkQWNc5b0eenY8AqJKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwNzA0MDgwODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjI1YjAxOGYwNjFiZWRhYzM0ZGFmN2U1OGE2YTJlODI2NmU1N2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiohBymTFqFIknhR5MpzJzuUFVIc
G6Nj5HhTIzDJmof6gy9eOyrjtAj4Cilz6ar57W7QQDs+RYPYcMrG+NvAoWbGH5NR
AqJkQRPGKGxP9HzzO/a2GXyBEuAyB3jTYmGE65Z4rZ5zvmO/3bq6Yak1I0/1SkeA
IJ3o7F5tzgJCvOCPfUsH48AgMafFLy0Pys5NH0TCna2vIl92XvL5JldvNHTCD9qU
QC5a8KwQKt7tNLDUz5ekllHzcMoBa75PAqKcZLnH6q5lQxaJcICO9XEE3s07rC1J
JXxTSatlNvykQpfrwQeQewPnV39MHhZKedJjgjWAiIE1WklXiaXGQV3ZBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE8lsBjwYb7aw02vflimougmblfDMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvVHlXd0dQQmh2dHJEVGE5LVdLYWk2Q1p1VjhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA2bMxAwQB
2bM4AwQA2bNKMA0GCSqGSIb3DQEBCwUAA4IBAQAO/pXD429sTvTVIKvCZUoilkNi
qAl8YThDpx/H9iLraOMfS4hkR8kjZmGbrqCvX+6L7DynaxmwFqD3FMCmujSyv+wu
DCSTJgsA1z5xGlzT6ScFKdGzmr7qyXdDvR2jLVRSZlCY2U8fzydUD7EkbZPhFTva
zatVdUOW7Nt2Z4clkJ+LCKEC+jr2n2J0cjFBxF5L06uGSD2KIzs40X8ti81KNqIg
y4s1nDvRMdMiBtQKKcpi7bv2UHAEPjEGkDYMDBc1LUiAYHWglTsvn/YBCc1jOm5Q
J32880byDjHqJsKFToPuaIeQnfHbeDHBRm1ZzH4rQlT9YLb8CHLsP7B8KfgU
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:44:22 2025 by rpki-client