Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/6f80a8-6b6a-4d96-bf49-775f5f74d581/1/TbCSHKmZbS1b4pJNhJktvIj3gbY.roa
File: TbCSHKmZbS1b4pJNhJktvIj3gbY.roa (raw, json)
Hash identifier: ftUuOsVpFZBWkWNul5AZ5Iyn64ha17e+C5t9kYQOtOI=
Subject key identifier: 4D:B0:92:1C:A9:99:6D:2D:5B:E2:92:4D:84:99:2D:BC:88:F7:81:B6
Certificate issuer: /CN=663a24480f04d1318bf1a70dabffa4b27ef32da2
Certificate serial: 019E65F505AA0E4C26D9A36820F45D53054F
Authority key identifier: 66:3A:24:48:0F:04:D1:31:8B:F1:A7:0D:AB:FF:A4:B2:7E:F3:2D:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZjokSA8E0TGL8acNq_-ksn7zLaI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/6f80a8-6b6a-4d96-bf49-775f5f74d581/1/TbCSHKmZbS1b4pJNhJktvIj3gbY.roa
Signing time: Tue 26 May 2026 20:23:37 +0000
ROA not before: Tue 26 May 2026 20:23:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207754
IP address blocks: 194.99.65.0/24 maxlen: 24
2a14:a900::/29 maxlen: 32
2a14:a900::/32 maxlen: 32
2a14:a900::/48 maxlen: 48
2a14:a900:e7f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/6f80a8-6b6a-4d96-bf49-775f5f74d581/1/ZjokSA8E0TGL8acNq_-ksn7zLaI.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/6f80a8-6b6a-4d96-bf49-775f5f74d581/1/ZjokSA8E0TGL8acNq_-ksn7zLaI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZjokSA8E0TGL8acNq_-ksn7zLaI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:65:f5:05:aa:0e:4c:26:d9:a3:68:20:f4:5d:53:05:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=663a24480f04d1318bf1a70dabffa4b27ef32da2
Validity
Not Before: May 26 20:23:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4db0921ca9996d2d5be2924d84992dbc88f781b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:75:97:23:07:ca:99:e1:af:81:6c:75:46:92:
73:c0:bc:57:f5:b6:d9:54:04:53:28:d1:b7:c5:a2:
db:df:66:81:45:c9:ca:95:d3:80:cd:fc:44:bd:94:
4e:7e:9c:db:96:e7:3b:06:86:d7:a3:71:08:81:3a:
90:f9:ab:93:68:9b:09:24:36:c0:d9:49:23:f6:e1:
6c:2b:09:bd:c3:4e:ae:db:35:2f:e5:76:20:78:2e:
05:ae:55:f5:0a:53:9d:46:a5:db:e7:f5:0a:d1:18:
91:7a:64:fc:d9:44:1b:81:6c:31:fb:0c:e4:21:d0:
dc:9c:e5:db:db:a9:14:d1:ed:0e:e1:85:3a:8c:c3:
0b:75:ff:fb:65:5d:aa:40:f7:79:8d:a1:95:b5:9b:
b1:d8:db:19:b4:11:71:5e:2c:05:77:46:1e:a4:ec:
b8:8d:3d:08:ce:f1:49:f7:80:e1:dc:78:53:62:6b:
3f:b1:2e:6e:3e:d9:95:e9:ae:9a:3a:3f:27:40:00:
18:be:7f:08:e7:17:8f:d6:f4:e6:f4:2e:90:d6:1b:
5b:ef:04:a1:d9:b5:f8:b3:04:83:d5:9a:b6:66:c5:
12:87:3f:c7:d0:ac:3b:bf:d8:34:be:18:2c:a5:6e:
e0:5d:b1:d3:66:ee:7e:7b:a1:f6:a3:c6:87:22:cc:
f0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B0:92:1C:A9:99:6D:2D:5B:E2:92:4D:84:99:2D:BC:88:F7:81:B6
X509v3 Authority Key Identifier:
keyid:66:3A:24:48:0F:04:D1:31:8B:F1:A7:0D:AB:FF:A4:B2:7E:F3:2D:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZjokSA8E0TGL8acNq_-ksn7zLaI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6f80a8-6b6a-4d96-bf49-775f5f74d581/1/TbCSHKmZbS1b4pJNhJktvIj3gbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/6f80a8-6b6a-4d96-bf49-775f5f74d581/1/ZjokSA8E0TGL8acNq_-ksn7zLaI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.99.65.0/24
IPv6:
2a14:a900::/29
Signature Algorithm: sha256WithRSAEncryption
01:46:af:da:61:f5:dd:d4:7a:67:d9:13:82:69:22:28:80:1f:
8b:3c:b2:1d:d5:95:71:e1:43:86:ee:c0:21:13:a1:a8:f2:f8:
8b:58:25:76:6e:d4:16:be:b5:98:98:d9:54:3b:db:85:5e:aa:
75:9a:46:83:4e:df:ec:42:eb:41:1a:98:1a:98:e0:2b:ed:bd:
b2:bd:cb:92:e2:4d:64:da:43:95:6b:b8:dd:b1:61:87:24:9f:
29:e5:8e:93:e3:ce:f4:dd:a3:de:23:50:cf:b1:48:1a:22:aa:
5f:dc:b4:3f:aa:a4:b6:03:a0:cb:5c:1e:5f:a2:2d:14:52:9d:
83:27:98:ec:3c:35:4d:b1:ed:c1:8d:8d:20:23:bc:21:46:2c:
b8:8b:c3:99:15:87:6c:af:0c:72:55:2e:99:e1:10:72:88:a1:
c9:87:0d:ee:c8:60:63:52:d7:e4:6d:10:2e:c5:fb:b1:23:26:
20:e8:6b:4a:d1:ee:b2:29:69:93:41:69:96:61:f5:33:6f:3c:
70:6b:94:10:90:24:29:95:fe:93:8b:86:27:3c:5d:9e:18:58:
93:47:32:c3:de:db:a9:1c:4a:06:6d:30:cf:53:e7:4d:4b:c0:
f0:6e:42:5e:8f:d7:99:21:c8:a0:4d:da:10:75:fe:77:4b:e8:
7c:10:c8:3e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZ5l9QWqDkwm2aNoIPRdUwVPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2M2EyNDQ4MGYwNGQxMzE4YmYxYTcwZGFiZmZhNGIyN2Vm
MzJkYTIwHhcNMjYwNTI2MjAyMzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGIwOTIxY2E5OTk2ZDJkNWJlMjkyNGQ4NDk5MmRiYzg4Zjc4MWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHWXIwfKmeGvgWx1RpJzwLxX9bbZ
VARTKNG3xaLb32aBRcnKldOAzfxEvZROfpzbluc7BobXo3EIgTqQ+auTaJsJJDbA
2Ukj9uFsKwm9w06u2zUv5XYgeC4FrlX1ClOdRqXb5/UK0RiRemT82UQbgWwx+wzk
IdDcnOXb26kU0e0O4YU6jMMLdf/7ZV2qQPd5jaGVtZux2NsZtBFxXiwFd0YepOy4
jT0IzvFJ94Dh3HhTYms/sS5uPtmV6a6aOj8nQAAYvn8I5xeP1vTm9C6Q1htb7wSh
2bX4swSD1Zq2ZsUShz/H0Kw7v9g0vhgspW7gXbHTZu5+e6H2o8aHIszwSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE2wkhypmW0tW+KSTYSZLbyI94G2MB8GA1UdIwQY
MBaAFGY6JEgPBNExi/GnDav/pLJ+8y2iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmpva1NBOEUwVEdMOGFjTnFfLWtzbjd6TGFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi82ZjgwYTgtNmI2YS00ZDk2LWJmNDkt
Nzc1ZjVmNzRkNTgxLzEvVGJDU0hLbVpiUzFiNHBKTmhKa3R2SWozZ2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi82ZjgwYTgtNmI2YS00ZDk2LWJmNDktNzc1ZjVmNzRkNTgx
LzEvWmpva1NBOEUwVEdMOGFjTnFfLWtzbjd6TGFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwmNBMA0E
AgACMAcDBQMqFKkAMA0GCSqGSIb3DQEBCwUAA4IBAQABRq/aYfXd1Hpn2ROCaSIo
gB+LPLId1ZVx4UOG7sAhE6Go8viLWCV2btQWvrWYmNlUO9uFXqp1mkaDTt/sQutB
GpgamOAr7b2yvcuS4k1k2kOVa7jdsWGHJJ8p5Y6T48703aPeI1DPsUgaIqpf3LQ/
qqS2A6DLXB5foi0UUp2DJ5jsPDVNse3BjY0gI7whRiy4i8OZFYdsrwxyVS6Z4RBy
iKHJhw3uyGBjUtfkbRAuxfuxIyYg6GtK0e6yKWmTQWmWYfUzbzxwa5QQkCQplf6T
i4YnPF2eGFiTRzLD3tupHEoGbTDPU+dNS8DwbkJej9eZIcigTdoQdf53S+h8EMg+
-----END CERTIFICATE-----
Generated at Sat Jun 6 10:48:33 2026 by rpki-client