Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/tmcPOE1pyndb8RGf6EHwXXCdZIY.roa
File: tmcPOE1pyndb8RGf6EHwXXCdZIY.roa (raw, json)
Hash identifier: 3/61559nySkHhNbzl1Bwq5DY/ilZmvcFD7ScH6oX34A=
Subject key identifier: B6:67:0F:38:4D:69:CA:77:5B:F1:11:9F:E8:41:F0:5D:70:9D:64:86
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 019EBB6F9233737485F2297839FDF8CC05C0
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/tmcPOE1pyndb8RGf6EHwXXCdZIY.roa
Signing time: Fri 12 Jun 2026 10:45:11 +0000
ROA not before: Fri 12 Jun 2026 10:45:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57043
IP address blocks: 91.217.149.0/24 maxlen: 24
192.109.206.0/24 maxlen: 24
195.96.129.0/24 maxlen: 24
217.28.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 22:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bb:6f:92:33:73:74:85:f2:29:78:39:fd:f8:cc:05:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Jun 12 10:45:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b6670f384d69ca775bf1119fe841f05d709d6486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:08:bd:a1:2f:a2:25:c3:27:06:f8:d7:14:d4:
46:a9:9c:60:4a:76:ac:93:1d:85:6f:1e:6e:5f:0b:
65:d0:5d:e6:32:20:77:96:ea:05:48:4e:6b:33:db:
e8:f3:d1:29:00:3f:ff:73:e1:0b:04:78:4b:03:e5:
8f:7e:71:7c:fe:b0:e7:88:eb:c6:ae:33:e6:50:f9:
8b:ad:08:c6:f9:e4:be:71:04:e5:05:b1:02:e0:9f:
a2:d0:ec:94:22:97:a8:fc:e4:98:0c:a8:05:1f:43:
5a:1f:1c:ea:70:f7:d9:85:6f:c5:0d:0c:7e:6e:df:
8e:a5:2a:fc:a0:95:42:7a:c2:8e:a7:4a:94:8a:b5:
f0:b2:4d:be:be:0e:ed:88:fa:7b:dc:0d:e6:3e:0f:
d4:4a:51:26:8b:6c:2a:2b:42:7c:90:cd:e4:4c:e9:
6d:cc:7c:c6:fb:a9:ad:a9:87:6b:0c:e8:93:31:2e:
c7:6d:13:fa:54:38:db:02:34:bc:c2:0d:43:a9:8d:
98:21:74:d8:7d:37:16:94:9a:cf:15:48:c5:0a:8f:
00:fb:65:29:cc:ac:13:2a:61:db:eb:d0:f6:f4:89:
66:1e:bf:34:3f:a8:dc:34:50:43:d1:11:03:22:85:
bb:9c:45:26:a2:ba:8f:7b:cf:9b:62:50:75:fe:c8:
82:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:67:0F:38:4D:69:CA:77:5B:F1:11:9F:E8:41:F0:5D:70:9D:64:86
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/tmcPOE1pyndb8RGf6EHwXXCdZIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.149.0/24
192.109.206.0/24
195.96.129.0/24
217.28.129.0/24
Signature Algorithm: sha256WithRSAEncryption
12:82:e6:ba:f5:c1:ae:7a:0d:d0:52:30:43:0a:7c:2d:96:05:
04:29:8d:b2:6b:83:2f:60:83:90:7b:e6:21:9a:14:11:d1:38:
84:eb:29:9b:f0:58:2f:44:9c:e5:34:0a:7f:82:c1:b5:62:bb:
d5:21:b2:3b:8f:a6:4f:fe:77:4f:39:56:2a:5b:78:8c:1a:31:
2d:eb:5c:b7:36:3a:07:ae:52:2f:7c:2e:da:f4:3f:cc:28:e6:
39:34:1d:81:78:05:77:7e:c9:d6:37:a9:72:45:ee:6d:df:df:
de:96:f5:48:d5:54:06:35:b5:18:75:35:5e:f6:69:77:bb:09:
78:87:b4:84:e8:d1:8d:d7:2d:e3:f3:af:ba:44:64:ce:84:8d:
eb:39:e1:ce:12:77:56:a2:fe:e8:2e:d8:20:53:8f:2c:81:b5:
59:9e:39:04:c6:ee:53:83:24:32:c9:e5:b9:fe:87:ba:e3:48:
28:34:74:44:d6:a7:60:4f:89:47:ec:c0:33:e2:d9:79:5f:40:
1d:a6:b7:39:d2:eb:bf:96:53:56:28:2a:1d:f3:23:ac:01:08:
a7:9d:5f:00:76:0c:48:d8:aa:e5:98:62:d4:70:8c:71:26:06:
16:61:8d:90:4e:65:5a:b6:bc:77:17:a1:d5:ad:f4:4f:c9:bf:
4f:88:f8:ba
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ67b5Izc3SF8il4Of34zAXAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjYwNjEyMTA0NTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjY3MGYzODRkNjljYTc3NWJmMTExOWZlODQxZjA1ZDcwOWQ2NDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowi9oS+iJcMnBvjXFNRGqZxgSnas
kx2Fbx5uXwtl0F3mMiB3luoFSE5rM9vo89EpAD//c+ELBHhLA+WPfnF8/rDniOvG
rjPmUPmLrQjG+eS+cQTlBbEC4J+i0OyUIpeo/OSYDKgFH0NaHxzqcPfZhW/FDQx+
bt+OpSr8oJVCesKOp0qUirXwsk2+vg7tiPp73A3mPg/USlEmi2wqK0J8kM3kTOlt
zHzG+6mtqYdrDOiTMS7HbRP6VDjbAjS8wg1DqY2YIXTYfTcWlJrPFUjFCo8A+2Up
zKwTKmHb69D29IlmHr80P6jcNFBD0REDIoW7nEUmorqPe8+bYlB1/siCMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLZnDzhNacp3W/ERn+hB8F1wnWSGMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvdG1jUE9FMXB5bmRiOFJHZjZFSHdYWENkWklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW9mVAwQA
wG3OAwQAw2CBAwQA2RyBMA0GCSqGSIb3DQEBCwUAA4IBAQASgua69cGueg3QUjBD
CnwtlgUEKY2ya4MvYIOQe+YhmhQR0TiE6ymb8FgvRJzlNAp/gsG1YrvVIbI7j6ZP
/ndPOVYqW3iMGjEt61y3NjoHrlIvfC7a9D/MKOY5NB2BeAV3fsnWN6lyRe5t39/e
lvVI1VQGNbUYdTVe9ml3uwl4h7SE6NGN1y3j86+6RGTOhI3rOeHOEndWov7oLtgg
U48sgbVZnjkExu5TgyQyyeW5/oe640goNHRE1qdgT4lH7MAz4tl5X0Adprc50uu/
llNWKCod8yOsAQinnV8AdgxI2KrlmGLUcIxxJgYWYY2QTmVatrx3F6HVrfRPyb9P
iPi6
-----END CERTIFICATE-----
Generated at Sun Jun 14 06:30:53 2026 by rpki-client