Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/5240a6-cd61-4e0c-88b6-f59d20ef27b4/1/TsJN_TLkQxu445oc0XMKkszh0nw.roa
File: TsJN_TLkQxu445oc0XMKkszh0nw.roa (raw, json)
Hash identifier: B4z6N7CnokVq03fzYP/xAwd45WDAB7sy85muMR/wd1I=
Subject key identifier: 4E:C2:4D:FD:32:E4:43:1B:B8:E3:9A:1C:D1:73:0A:92:CC:E1:D2:7C
Certificate issuer: /CN=d37969f5d253210b0abe8e07a086f608d6f2a0af
Certificate serial: 0198E4F565226B5A02AAB982546AF724D4D7
Authority key identifier: D3:79:69:F5:D2:53:21:0B:0A:BE:8E:07:A0:86:F6:08:D6:F2:A0:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/03lp9dJTIQsKvo4HoIb2CNbyoK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/5240a6-cd61-4e0c-88b6-f59d20ef27b4/1/TsJN_TLkQxu445oc0XMKkszh0nw.roa
Signing time: Tue 26 Aug 2025 05:59:04 +0000
ROA not before: Tue 26 Aug 2025 05:59:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43030
IP address blocks: 77.95.0.0/21 maxlen: 21
185.194.196.0/23 maxlen: 23
185.194.198.0/24 maxlen: 24
2a0b:ae80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/5240a6-cd61-4e0c-88b6-f59d20ef27b4/1/03lp9dJTIQsKvo4HoIb2CNbyoK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/5240a6-cd61-4e0c-88b6-f59d20ef27b4/1/03lp9dJTIQsKvo4HoIb2CNbyoK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/03lp9dJTIQsKvo4HoIb2CNbyoK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e4:f5:65:22:6b:5a:02:aa:b9:82:54:6a:f7:24:d4:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d37969f5d253210b0abe8e07a086f608d6f2a0af
Validity
Not Before: Aug 26 05:59:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ec24dfd32e4431bb8e39a1cd1730a92cce1d27c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d9:63:d8:6e:ff:7e:65:76:4e:34:23:75:40:
c1:60:0d:68:47:3b:30:6a:66:a5:be:20:f6:10:9c:
97:90:3a:52:b5:ee:9d:68:f5:07:a8:67:e5:20:bf:
f0:06:ac:d0:18:14:64:16:26:b4:b2:21:17:9a:db:
27:b7:c7:c9:06:74:ea:0d:c9:82:f4:68:c9:12:ee:
26:40:78:ee:c6:99:54:b1:9c:88:77:9a:92:f9:db:
d7:b0:10:12:a0:73:91:c0:f5:c6:e0:9d:5d:6a:8b:
a5:2d:c7:83:de:d8:e4:e6:5b:bf:d9:26:fb:85:31:
c1:a1:d5:c1:dd:49:1b:93:c8:b0:af:cc:bb:e6:97:
6f:97:3b:49:3e:aa:36:69:1a:11:aa:62:11:2c:a7:
00:fc:b6:11:c8:2a:31:33:9c:20:cf:c5:ac:38:00:
d6:98:bb:df:74:e0:a9:f4:9b:fa:ec:63:f9:03:f1:
9f:65:2c:ac:54:71:3c:87:43:38:78:a3:ca:19:cf:
92:12:e5:b5:95:6a:05:ba:45:c8:6f:64:ad:0e:71:
89:18:f5:41:4e:3b:3c:0b:03:6f:b5:3d:01:23:c1:
0b:f9:23:7d:e9:7d:3c:6c:c9:cf:a9:d5:8f:02:40:
bd:ac:f9:9d:b6:07:2e:40:c0:15:32:48:3b:c9:23:
d4:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:C2:4D:FD:32:E4:43:1B:B8:E3:9A:1C:D1:73:0A:92:CC:E1:D2:7C
X509v3 Authority Key Identifier:
keyid:D3:79:69:F5:D2:53:21:0B:0A:BE:8E:07:A0:86:F6:08:D6:F2:A0:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/03lp9dJTIQsKvo4HoIb2CNbyoK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5240a6-cd61-4e0c-88b6-f59d20ef27b4/1/TsJN_TLkQxu445oc0XMKkszh0nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5240a6-cd61-4e0c-88b6-f59d20ef27b4/1/03lp9dJTIQsKvo4HoIb2CNbyoK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.0.0/21
185.194.196.0-185.194.198.255
IPv6:
2a0b:ae80::/32
Signature Algorithm: sha256WithRSAEncryption
1e:82:7f:72:3f:0f:33:09:c2:c8:4b:fb:e1:92:b2:76:bc:46:
f6:68:93:dd:80:70:14:73:3b:92:5c:8b:10:e4:d6:8a:06:0f:
6e:ba:63:a0:12:6e:ac:e8:69:0d:98:ad:05:c6:92:17:e7:4a:
d9:e7:90:49:85:17:f4:ee:d9:a8:50:9a:f1:41:2e:01:f6:60:
a5:1f:22:9f:c9:ef:b6:fd:4f:e3:66:a0:54:a2:e0:92:73:75:
c2:21:c9:6a:70:4e:a3:53:4f:c2:12:9d:bb:37:ef:2a:1e:a3:
45:7e:28:ba:0f:68:18:ad:dd:82:3d:8e:b6:29:76:c8:4f:10:
ad:a4:0b:c0:96:3d:09:4d:29:54:5c:9b:ec:9f:ae:36:92:9d:
75:55:08:4f:6b:9b:29:cf:05:5c:f9:f8:f9:df:9c:14:a9:e9:
69:e5:ed:74:20:6b:b1:58:74:d9:83:c8:49:00:78:97:6b:2a:
54:18:78:8c:aa:21:13:24:72:88:18:59:59:d0:15:50:38:23:
03:a3:55:4b:44:15:16:d8:e8:e3:a0:65:ec:a0:6b:e7:dd:52:
1a:c2:b8:b8:28:4b:16:19:2d:f4:09:f4:62:1b:58:47:b6:13:
27:c8:6e:7b:af:57:0c:0f:f5:0d:20:c7:86:6a:23:b6:42:42:
5a:95:1f:92
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZjk9WUia1oCqrmCVGr3JNTXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNzk2OWY1ZDI1MzIxMGIwYWJlOGUwN2EwODZmNjA4ZDZm
MmEwYWYwHhcNMjUwODI2MDU1OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWMyNGRmZDMyZTQ0MzFiYjhlMzlhMWNkMTczMGE5MmNjZTFkMjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9lj2G7/fmV2TjQjdUDBYA1oRzsw
amalviD2EJyXkDpSte6daPUHqGflIL/wBqzQGBRkFia0siEXmtsnt8fJBnTqDcmC
9GjJEu4mQHjuxplUsZyId5qS+dvXsBASoHORwPXG4J1daoulLceD3tjk5lu/2Sb7
hTHBodXB3Ukbk8iwr8y75pdvlztJPqo2aRoRqmIRLKcA/LYRyCoxM5wgz8WsOADW
mLvfdOCp9Jv67GP5A/GfZSysVHE8h0M4eKPKGc+SEuW1lWoFukXIb2StDnGJGPVB
Tjs8CwNvtT0BI8EL+SN96X08bMnPqdWPAkC9rPmdtgcuQMAVMkg7ySPU6wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFE7CTf0y5EMbuOOaHNFzCpLM4dJ8MB8GA1UdIwQY
MBaAFNN5afXSUyELCr6OB6CG9gjW8qCvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDNscDlkSlRJUXNLdm80SG9JYjJDTmJ5b0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC81MjQwYTYtY2Q2MS00ZTBjLTg4YjYt
ZjU5ZDIwZWYyN2I0LzEvVHNKTl9UTGtReHU0NDVvYzBYTUtrc3poMG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC81MjQwYTYtY2Q2MS00ZTBjLTg4YjYtZjU5ZDIwZWYyN2I0
LzEvMDNscDlkSlRJUXNLdm80SG9JYjJDTmJ5b0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQDTV8AMAwD
BAK5wsQDBAC5wsYwDQQCAAIwBwMFACoLroAwDQYJKoZIhvcNAQELBQADggEBAB6C
f3I/DzMJwshL++GSsna8RvZok92AcBRzO5JcixDk1ooGD266Y6ASbqzoaQ2YrQXG
khfnStnnkEmFF/Tu2ahQmvFBLgH2YKUfIp/J77b9T+NmoFSi4JJzdcIhyWpwTqNT
T8ISnbs37yoeo0V+KLoPaBit3YI9jrYpdshPEK2kC8CWPQlNKVRcm+yfrjaSnXVV
CE9rmynPBVz5+PnfnBSp6Wnl7XQga7FYdNmDyEkAeJdrKlQYeIyqIRMkcogYWVnQ
FVA4IwOjVUtEFRbY6OOgZeyga+fdUhrCuLgoSxYZLfQJ9GIbWEe2EyfIbnuvVwwP
9Q0gx4ZqI7ZCQlqVH5I=
-----END CERTIFICATE-----
Generated at Mon Sep 8 09:33:50 2025 by rpki-client