Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/TuomiXIIA_Slf-s3sJo41C4xKlc.roa
File: TuomiXIIA_Slf-s3sJo41C4xKlc.roa (raw, json)
Hash identifier: jL4xji+yoW/Rc+QXuiNFGyHooM/D+TwXPAgsMfszkEg=
Subject key identifier: 4E:EA:26:89:72:08:03:F4:A5:7F:EB:37:B0:9A:38:D4:2E:31:2A:57
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0197F3EAA97A89D89E43D4461372080A4AA8
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/TuomiXIIA_Slf-s3sJo41C4xKlc.roa
Signing time: Thu 10 Jul 2025 10:38:51 +0000
ROA not before: Thu 10 Jul 2025 10:38:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39249
IP address blocks: 195.214.212.0/24 maxlen: 24
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:8000::/33 maxlen: 33
2a01:d0:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 10:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f3:ea:a9:7a:89:d8:9e:43:d4:46:13:72:08:0a:4a:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jul 10 10:38:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4eea2689720803f4a57feb37b09a38d42e312a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:39:86:49:87:37:48:a3:84:29:a6:9c:d1:90:
67:f0:6a:de:c4:f7:df:86:14:77:2d:51:9a:4a:8a:
16:17:dc:02:c2:d4:ba:44:47:d7:42:20:64:26:f9:
67:5c:52:92:18:88:e3:89:16:01:0f:45:1b:33:05:
17:3f:7a:63:8f:6c:d7:73:79:a9:11:3b:4a:78:c8:
ac:ae:ff:a5:39:86:c5:1f:5c:f3:c9:41:28:14:f7:
ae:d0:15:b6:ce:5b:e7:63:57:4a:52:24:44:5b:c9:
58:1d:27:d5:1a:bc:e0:0f:31:ea:03:94:87:c7:ed:
30:79:04:82:5b:25:91:61:f3:d7:28:16:eb:b8:44:
d4:3b:c0:4e:6f:9c:27:2f:35:9f:5c:6c:b9:4e:f2:
97:7c:5e:f6:9e:d8:12:c6:df:b0:9d:8b:b7:81:f2:
15:b4:06:d7:70:c5:b9:b7:64:38:8d:25:69:d1:28:
40:44:8e:e5:ab:7a:db:63:4d:6d:0e:03:12:15:e7:
1e:8e:ca:ff:4c:4b:87:1b:23:9d:4e:d6:98:8e:33:
3c:27:95:ed:ce:9a:15:7f:29:d9:06:95:50:4a:92:
03:2e:9b:f1:05:9e:2c:fd:6a:41:58:55:0b:c7:1b:
6d:8d:cf:46:2f:10:2e:fe:73:81:3d:1b:3e:6e:53:
6d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:EA:26:89:72:08:03:F4:A5:7F:EB:37:B0:9A:38:D4:2E:31:2A:57
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/TuomiXIIA_Slf-s3sJo41C4xKlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.214.212.0/24
IPv6:
2a01:d0:7fff::-2a01:d0:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a6:4e:ef:48:22:63:7d:06:2f:8f:f2:2b:75:38:e9:0b:0e:36:
ce:e7:84:00:51:13:f5:5d:e1:b2:56:e4:1f:a9:48:93:ef:e1:
e2:33:d6:5b:9d:2c:9e:c4:a2:43:b1:1e:af:91:d5:4a:92:90:
09:c7:6d:e1:20:ea:bb:cb:25:a4:c7:55:4c:01:bd:76:ee:e4:
ef:a5:21:78:a5:b7:ff:5a:84:74:27:6e:73:55:0c:f2:e3:b2:
98:08:ae:ea:6c:42:67:ba:55:3f:09:10:b9:38:bb:03:7f:90:
da:33:4b:39:24:da:2d:60:bd:6c:d5:24:57:60:5d:04:39:86:
69:e0:62:1f:c1:73:0b:37:5b:5d:21:68:c0:ca:70:e5:d8:5e:
c2:63:82:a1:4a:c2:13:b8:9e:c0:1e:29:2a:ea:be:7b:c7:cd:
6f:5e:00:9f:57:e8:e2:da:d3:ad:49:be:19:0b:39:5d:0e:80:
46:f8:d7:f3:59:97:7e:13:9d:97:31:24:c6:72:69:9d:58:c3:
8a:28:f0:45:7f:9a:ac:87:05:bd:88:3d:f2:84:f4:20:3d:92:
1b:3c:32:b9:89:bf:7a:ff:94:9f:1c:d6:55:68:88:95:cf:b0:
b0:42:8b:8d:be:ed:0e:ab:66:c0:96:96:a4:2d:cb:e5:9e:34:
b5:66:9e:f4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZfz6ql6idieQ9RGE3IICkqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwNzEwMTAzODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWVhMjY4OTcyMDgwM2Y0YTU3ZmViMzdiMDlhMzhkNDJlMzEyYTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDmGSYc3SKOEKaac0ZBn8GrexPff
hhR3LVGaSooWF9wCwtS6REfXQiBkJvlnXFKSGIjjiRYBD0UbMwUXP3pjj2zXc3mp
ETtKeMisrv+lOYbFH1zzyUEoFPeu0BW2zlvnY1dKUiREW8lYHSfVGrzgDzHqA5SH
x+0weQSCWyWRYfPXKBbruETUO8BOb5wnLzWfXGy5TvKXfF72ntgSxt+wnYu3gfIV
tAbXcMW5t2Q4jSVp0ShARI7lq3rbY01tDgMSFecejsr/TEuHGyOdTtaYjjM8J5Xt
zpoVfynZBpVQSpIDLpvxBZ4s/WpBWFULxxttjc9GLxAu/nOBPRs+blNtxwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFE7qJolyCAP0pX/rN7CaONQuMSpXMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvVHVvbWlYSUlBX1NsZi1zM3NKbzQxQzR4S2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAw9bUMBgE
AgACMBIwEAMHACoBANB//wMFACoBANAwDQYJKoZIhvcNAQELBQADggEBAKZO70gi
Y30GL4/yK3U46QsONs7nhABRE/Vd4bJW5B+pSJPv4eIz1ludLJ7EokOxHq+R1UqS
kAnHbeEg6rvLJaTHVUwBvXbu5O+lIXilt/9ahHQnbnNVDPLjspgIrupsQme6VT8J
ELk4uwN/kNozSzkk2i1gvWzVJFdgXQQ5hmngYh/Bcws3W10haMDKcOXYXsJjgqFK
whO4nsAeKSrqvnvHzW9eAJ9X6OLa061JvhkLOV0OgEb41/NZl34TnZcxJMZyaZ1Y
w4oo8EV/mqyHBb2IPfKE9CA9khs8MrmJv3r/lJ8c1lVoiJXPsLBCi42+7Q6rZsCW
lqQty+WeNLVmnvQ=
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:02:37 2025 by rpki-client