Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Tyshw-cmbzB4-r-TANGbzfy_6fI.roa
File: Tyshw-cmbzB4-r-TANGbzfy_6fI.roa (raw, json)
Hash identifier: JWSMk3AY/+EZwzWPZBEEYEoHyZ+eheXQSktduXl/dh4=
Subject key identifier: 4F:2B:21:C3:E7:26:6F:30:78:FA:BF:93:00:D1:9B:CD:FC:BF:E9:F2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019ECA569637B982D8B2F7A9040C27F118AE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Tyshw-cmbzB4-r-TANGbzfy_6fI.roa
Signing time: Mon 15 Jun 2026 08:12:12 +0000
ROA not before: Mon 15 Jun 2026 08:12:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208220
IP address blocks: 45.8.92.0/24 maxlen: 24
81.31.194.0/24 maxlen: 24
81.31.195.0/24 maxlen: 24
87.120.127.0/24 maxlen: 24
94.156.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Jun 2026 19:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ca:56:96:37:b9:82:d8:b2:f7:a9:04:0c:27:f1:18:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 15 08:12:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4f2b21c3e7266f3078fabf9300d19bcdfcbfe9f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4c:88:1f:76:a6:17:20:1f:f2:9c:48:c1:54:
62:41:1b:30:73:d5:fd:91:e2:ed:92:a9:0a:13:c7:
1c:c1:cc:30:58:2e:c7:4c:34:51:86:99:e0:eb:12:
a9:bd:ee:ce:39:ef:d9:54:46:b8:c4:e4:57:95:81:
58:b6:9c:97:92:89:65:ef:41:3c:f2:24:5f:36:54:
db:b2:2f:5c:ee:46:06:4c:73:66:5d:e1:54:de:7a:
30:72:2a:aa:b6:5c:f9:e9:76:8e:e8:49:e7:a8:26:
fc:e0:22:27:11:73:85:e5:b4:1b:03:06:4e:96:f6:
ae:cb:d6:6a:4b:e0:d0:ed:55:14:f6:7d:12:4c:95:
1c:d4:c4:f7:ae:31:40:69:09:19:8b:79:e5:95:2e:
a2:14:9b:6e:50:33:3c:b0:2c:e0:68:d0:ba:74:7f:
6e:83:c5:a8:0a:e7:0c:03:1b:31:ef:ca:85:68:4b:
8b:0b:d0:a2:c5:04:e2:61:99:d3:2e:5f:70:58:d0:
36:69:a6:8c:94:c4:48:d6:fa:73:a5:fa:02:71:77:
60:12:b1:c3:66:2f:7a:b1:33:53:e8:bb:07:a5:ff:
af:66:ee:0b:55:6c:a7:54:de:51:fa:ed:db:f9:e2:
ef:25:59:11:aa:42:54:cf:8e:a0:8b:bf:5c:d5:ee:
a3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:2B:21:C3:E7:26:6F:30:78:FA:BF:93:00:D1:9B:CD:FC:BF:E9:F2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Tyshw-cmbzB4-r-TANGbzfy_6fI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.92.0/24
81.31.194.0/23
87.120.127.0/24
94.156.167.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:1f:34:ec:43:40:ba:bc:49:9c:f1:43:57:f2:3c:c9:0d:1e:
f3:74:a8:d2:c6:fc:47:73:18:eb:b0:11:a7:29:c8:2b:59:81:
48:d1:81:5c:72:16:3a:c6:a5:bc:a0:96:fa:b7:c8:bc:f7:9f:
eb:1e:46:14:42:54:c3:7e:eb:0c:e7:db:ea:58:5b:2e:4c:b8:
f8:8b:99:24:9d:1c:6f:c9:49:9d:11:dc:2f:94:63:46:10:9d:
b3:aa:a3:f4:e7:f8:87:64:06:36:f0:21:57:60:48:dc:2d:c4:
24:38:4d:29:7c:75:2f:b0:20:b8:e4:4c:03:89:c9:2b:fa:38:
cd:f7:86:28:9d:aa:d5:1c:56:a3:6c:af:55:07:b2:61:48:18:
9d:c7:69:15:9d:50:ff:b7:8e:ce:12:f9:c9:df:f6:41:d1:5f:
10:ed:23:f3:42:1a:11:d6:32:2f:8a:2b:87:3b:c0:7e:63:c7:
d2:54:8d:09:9e:e7:af:6e:f0:9e:2d:35:dd:50:b2:94:d7:b4:
f7:89:b5:59:a7:23:2e:0a:5c:e1:e9:33:7e:64:1d:03:fb:d5:
39:54:ca:06:52:bb:01:05:ea:3e:95:8b:1a:87:0e:64:9e:46:
25:6c:2e:85:30:f9:d1:c3:76:d2:2c:45:f7:8b:64:37:62:ff:
c0:ee:8f:49
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ7KVpY3uYLYsvepBAwn8RiuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjYwNjE1MDgxMjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjJiMjFjM2U3MjY2ZjMwNzhmYWJmOTMwMGQxOWJjZGZjYmZlOWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUyIH3amFyAf8pxIwVRiQRswc9X9
keLtkqkKE8ccwcwwWC7HTDRRhpng6xKpve7OOe/ZVEa4xORXlYFYtpyXkoll70E8
8iRfNlTbsi9c7kYGTHNmXeFU3nowciqqtlz56XaO6EnnqCb84CInEXOF5bQbAwZO
lvauy9ZqS+DQ7VUU9n0STJUc1MT3rjFAaQkZi3nllS6iFJtuUDM8sCzgaNC6dH9u
g8WoCucMAxsx78qFaEuLC9CixQTiYZnTLl9wWNA2aaaMlMRI1vpzpfoCcXdgErHD
Zi96sTNT6LsHpf+vZu4LVWynVN5R+u3b+eLvJVkRqkJUz46gi79c1e6jQwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE8rIcPnJm8wePq/kwDRm838v+nyMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVHlzaHctY21iekI0LXItVEFOR2J6ZnlfNmZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQhcAwQB
UR/CAwQAV3h/AwQAXpynMA0GCSqGSIb3DQEBCwUAA4IBAQAuHzTsQ0C6vEmc8UNX
8jzJDR7zdKjSxvxHcxjrsBGnKcgrWYFI0YFcchY6xqW8oJb6t8i895/rHkYUQlTD
fusM59vqWFsuTLj4i5kknRxvyUmdEdwvlGNGEJ2zqqP05/iHZAY28CFXYEjcLcQk
OE0pfHUvsCC45EwDickr+jjN94YonarVHFajbK9VB7JhSBidx2kVnVD/t47OEvnJ
3/ZB0V8Q7SPzQhoR1jIviiuHO8B+Y8fSVI0JnuevbvCeLTXdULKU17T3ibVZpyMu
Clzh6TN+ZB0D+9U5VMoGUrsBBeo+lYsahw5knkYlbC6FMPnRw3bSLEX3i2Q3Yv/A
7o9J
-----END CERTIFICATE-----
Generated at Tue Jun 16 02:04:08 2026 by rpki-client