Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TqkQ1aZ-HLS8GKoDyASf3jHKDMc.roa
File: TqkQ1aZ-HLS8GKoDyASf3jHKDMc.roa (raw, json)
Hash identifier: o6v9+0T6U+YTExQNXm3uVOyIgATqur48cdOSkhXL1wg=
Subject key identifier: 4E:A9:10:D5:A6:7E:1C:B4:BC:18:AA:03:C8:04:9F:DE:31:CA:0C:C7
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0196F36301A14D8413DDC88C26A7FACF18C5
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TqkQ1aZ-HLS8GKoDyASf3jHKDMc.roa
Signing time: Wed 21 May 2025 15:07:54 +0000
ROA not before: Wed 21 May 2025 15:07:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 193.124.7.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.53.0/24 maxlen: 24
194.87.119.0/24 maxlen: 24
194.87.169.0/24 maxlen: 24
194.87.179.0/24 maxlen: 24
195.133.24.0/23 maxlen: 23
195.133.29.0/24 maxlen: 24
195.133.40.0/23 maxlen: 23
195.133.50.0/23 maxlen: 23
195.133.92.0/23 maxlen: 23
212.192.241.0/24 maxlen: 24
212.193.0.0/24 maxlen: 24
212.193.26.0/23 maxlen: 23
2a01:57c0::/29 maxlen: 29
2a0c:ff40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 15:25:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f3:63:01:a1:4d:84:13:dd:c8:8c:26:a7:fa:cf:18:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: May 21 15:07:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ea910d5a67e1cb4bc18aa03c8049fde31ca0cc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4b:6f:bb:c4:90:c5:18:b1:d6:0e:11:44:fc:
dd:7b:80:b9:76:ef:72:de:bd:30:50:c1:fd:49:cf:
54:d0:38:dd:f9:0b:ba:d9:0f:3c:43:30:95:14:fb:
f2:46:05:3a:ac:82:b2:5e:cf:48:02:88:12:d4:ff:
98:ac:7f:c4:f8:c6:52:18:bd:69:fc:66:bc:16:95:
72:1a:c1:38:f8:8f:87:37:ec:ca:2c:d7:85:91:1a:
ed:b6:d0:e1:fe:cc:39:d1:ae:22:d0:db:8d:84:c0:
8f:4f:8f:b9:25:90:1d:dc:63:69:d0:00:6e:e0:94:
b5:05:0d:06:ad:fb:94:75:4d:f2:d9:d2:b3:9f:79:
18:6c:99:1d:66:ae:49:a3:27:96:16:be:92:a9:5b:
03:f8:68:d3:ed:54:17:51:71:2d:93:39:ea:b5:f8:
30:13:34:bf:03:92:f1:7c:07:c0:45:59:1e:5a:1c:
90:a2:01:e2:85:2e:6b:32:d6:f2:80:eb:00:ce:5c:
9a:42:51:b7:13:4f:64:aa:50:c2:86:f9:20:0a:b3:
80:85:d5:32:44:5d:9c:91:14:c8:fe:d2:cf:62:5a:
5d:b6:2e:91:58:5d:31:37:ba:21:bb:db:87:20:45:
fb:ea:44:17:b5:97:34:5a:0d:84:db:9a:a6:d8:6d:
60:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A9:10:D5:A6:7E:1C:B4:BC:18:AA:03:C8:04:9F:DE:31:CA:0C:C7
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/TqkQ1aZ-HLS8GKoDyASf3jHKDMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.7.0/24
194.58.155.0/24
194.87.53.0/24
194.87.119.0/24
194.87.169.0/24
194.87.179.0/24
195.133.24.0/23
195.133.29.0/24
195.133.40.0/23
195.133.50.0/23
195.133.92.0/23
212.192.241.0/24
212.193.0.0/24
212.193.26.0/23
IPv6:
2a01:57c0::/29
2a0c:ff40::/29
Signature Algorithm: sha256WithRSAEncryption
72:47:e3:66:66:a8:1d:97:3e:1d:08:a8:75:89:19:0f:9d:37:
17:31:30:a6:f6:c6:26:8b:1a:73:49:d1:d0:d5:d6:81:2a:68:
27:07:ea:70:9d:d5:08:91:53:aa:7a:12:9c:2b:4c:d4:01:5f:
d3:5e:01:13:87:5e:91:77:32:13:b4:ce:19:f1:98:4c:52:f3:
92:c6:d1:6e:8f:e6:5b:b7:a4:2c:52:48:8b:21:ff:e6:91:40:
37:2d:8c:39:b8:58:a6:b7:eb:dc:db:a2:ea:69:e6:5e:a6:38:
dd:6d:e1:e6:35:66:bc:a6:6e:8c:9c:8b:1d:59:63:7f:e7:3a:
db:f4:53:9c:34:79:2d:6a:d4:e0:61:de:48:07:a2:0e:22:77:
f3:16:4b:05:88:ef:32:97:e4:e4:a2:6a:50:72:68:08:1d:19:
09:2f:12:6c:a4:e2:22:fb:93:09:90:37:86:94:df:2c:5a:7c:
b2:9a:6b:53:72:f5:f4:69:2a:59:97:3e:fc:c3:60:c6:c6:ab:
6a:3d:58:d9:3f:e7:5e:61:6c:58:8d:81:b9:f1:f4:90:88:ba:
00:d7:fd:c7:e4:12:8a:03:d3:13:43:92:b0:82:d3:07:82:09:
b4:a4:83:be:a6:8d:1c:55:7e:a0:cc:d3:1e:fd:1b:37:6f:19:
05:d6:08:d0
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZbzYwGhTYQT3ciMJqf6zxjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUwNTIxMTUwNzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWE5MTBkNWE2N2UxY2I0YmMxOGFhMDNjODA0OWZkZTMxY2EwY2M3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0tvu8SQxRix1g4RRPzde4C5du9y
3r0wUMH9Sc9U0Djd+Qu62Q88QzCVFPvyRgU6rIKyXs9IAogS1P+YrH/E+MZSGL1p
/Ga8FpVyGsE4+I+HN+zKLNeFkRrtttDh/sw50a4i0NuNhMCPT4+5JZAd3GNp0ABu
4JS1BQ0GrfuUdU3y2dKzn3kYbJkdZq5JoyeWFr6SqVsD+GjT7VQXUXEtkznqtfgw
EzS/A5LxfAfARVkeWhyQogHihS5rMtbygOsAzlyaQlG3E09kqlDChvkgCrOAhdUy
RF2ckRTI/tLPYlpdti6RWF0xN7ohu9uHIEX76kQXtZc0Wg2E25qm2G1g/wIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFE6pENWmfhy0vBiqA8gEn94xygzHMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvVHFrUTFhWi1ITFM4R0tvRHlBU2YzakhLRE1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwWgQCAAEwVAMEAMF8BwME
AMI6mwMEAMJXNQMEAMJXdwMEAMJXqQMEAMJXswMEAcOFGAMEAMOFHQMEAcOFKAME
AcOFMgMEAcOFXAMEANTA8QMEANTBAAMEAdTBGjAUBAIAAjAOAwUDKgFXwAMFAyoM
/0AwDQYJKoZIhvcNAQELBQADggEBAHJH42ZmqB2XPh0IqHWJGQ+dNxcxMKb2xiaL
GnNJ0dDV1oEqaCcH6nCd1QiRU6p6EpwrTNQBX9NeAROHXpF3MhO0zhnxmExS85LG
0W6P5lu3pCxSSIsh/+aRQDctjDm4WKa369zboupp5l6mON1t4eY1Zrymboycix1Z
Y3/nOtv0U5w0eS1q1OBh3kgHog4id/MWSwWI7zKX5OSialByaAgdGQkvEmyk4iL7
kwmQN4aU3yxafLKaa1Ny9fRpKlmXPvzDYMbGq2o9WNk/515hbFiNgbnx9JCIugDX
/cfkEooD0xNDkrCC0weCCbSkg76mjRxVfqDM0x79GzdvGQXWCNA=
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:33:29 2025 by rpki-client