Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/tyq7k6T4xEqQgbGkJ2fusYhPOJQ.roa
File: tyq7k6T4xEqQgbGkJ2fusYhPOJQ.roa (raw, json)
Hash identifier: IGWJpPuzQqbP565czDocwJaMa5FKL3JQeJDF/Y2DnIE=
Subject key identifier: B7:2A:BB:93:A4:F8:C4:4A:90:81:B1:A4:27:67:EE:B1:88:4F:38:94
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 01990EBEE8129155251D34CD4EE26BD75727
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/tyq7k6T4xEqQgbGkJ2fusYhPOJQ.roa
Signing time: Wed 03 Sep 2025 08:43:36 +0000
ROA not before: Wed 03 Sep 2025 08:43:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205673
IP address blocks: 176.39.96.0/20 maxlen: 21
176.39.96.0/22 maxlen: 23
185.210.84.0/22 maxlen: 23
185.235.132.0/22 maxlen: 23
185.244.168.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0e:be:e8:12:91:55:25:1d:34:cd:4e:e2:6b:d7:57:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: Sep 3 08:43:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b72abb93a4f8c44a9081b1a42767eeb1884f3894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:2c:c1:65:65:1f:8e:88:23:b1:0b:37:c5:10:
df:41:30:93:a3:c6:34:30:7b:03:4c:49:a0:a8:27:
46:5c:86:b4:e3:08:bb:c6:c9:b6:30:e8:7a:08:d3:
f1:48:f9:7f:d3:a4:aa:b8:7c:d7:d4:f7:fc:c4:d1:
fa:cb:3b:77:38:75:17:0e:19:c6:fd:0e:98:37:9d:
45:59:4f:62:8f:a7:fc:71:84:45:9b:91:c9:dc:72:
0b:26:c8:cb:37:a6:2d:a0:b1:1b:5f:63:dd:b0:05:
04:24:93:87:9c:4f:22:b9:ec:e9:28:4e:99:7f:f5:
84:1b:4b:4e:88:95:62:d2:d4:87:dd:c5:cd:85:7d:
b1:0d:3f:09:33:19:0b:be:3d:d8:13:60:06:7e:cd:
d4:33:f5:7d:fe:72:49:09:4a:cd:63:7f:45:d5:67:
cc:61:d9:91:2d:25:a2:07:34:3e:20:af:58:8c:37:
8d:e7:4d:3e:d2:dd:af:6a:12:74:cd:76:73:83:05:
c1:66:db:10:cb:cf:95:96:27:5c:68:07:4d:00:71:
8d:82:64:19:83:93:76:64:59:eb:73:9f:4e:be:df:
6a:79:cc:3b:20:39:73:67:3b:b6:6f:b5:31:9f:75:
08:36:76:cc:79:d3:87:fc:62:69:3e:10:8d:7e:69:
86:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:2A:BB:93:A4:F8:C4:4A:90:81:B1:A4:27:67:EE:B1:88:4F:38:94
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/tyq7k6T4xEqQgbGkJ2fusYhPOJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.39.96.0/20
185.210.84.0/22
185.235.132.0/22
185.244.168.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:51:a9:cc:ff:65:ed:2e:12:40:cb:14:fa:d2:e1:5d:9d:53:
9b:01:13:0a:e3:86:78:3a:17:e8:c2:ed:14:4b:5d:f1:b6:49:
15:29:77:48:be:6a:ee:c3:d6:a4:84:58:37:c7:b7:56:e2:89:
13:c8:06:eb:05:21:dc:91:9a:b2:ca:52:f5:dd:6b:99:25:6b:
9e:22:4d:cf:83:ad:91:78:e5:c3:09:45:de:ea:70:1d:1d:a9:
be:cb:63:d3:8e:b9:55:86:32:e4:5c:24:42:46:e1:c6:e2:c4:
5d:6f:49:2e:5f:7d:54:10:72:a6:eb:9c:ac:34:13:b8:d9:41:
e5:02:1a:fb:63:b0:3b:9b:f8:ee:44:97:fb:23:44:fb:cd:03:
23:fe:35:44:0a:cd:64:6a:51:dc:5d:04:79:36:dc:e1:78:f9:
7c:91:84:a4:e8:0b:c7:29:05:b8:45:d2:ea:f7:48:e3:af:e1:
82:89:f4:10:ac:db:79:51:60:5e:88:28:5b:1d:ef:8c:8e:d6:
73:6a:bb:7c:66:d8:e0:d4:ee:98:db:1f:7b:4c:7b:78:9b:a3:
d9:eb:5b:cb:19:8a:2d:96:fc:58:53:8c:ee:70:89:df:42:df:
04:0d:da:fa:da:eb:8e:6e:b6:9f:95:b3:34:c0:c0:dc:e2:cf:
cf:df:98:f1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZkOvugSkVUlHTTNTuJr11cnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDEyODE0NmI3YmVjOGJkMTE4NWJiZTBjM2I5MzQwYWFm
NWI3MTQwHhcNMjUwOTAzMDg0MzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzJhYmI5M2E0ZjhjNDRhOTA4MWIxYTQyNzY3ZWViMTg4NGYzODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSzBZWUfjogjsQs3xRDfQTCTo8Y0
MHsDTEmgqCdGXIa04wi7xsm2MOh6CNPxSPl/06SquHzX1Pf8xNH6yzt3OHUXDhnG
/Q6YN51FWU9ij6f8cYRFm5HJ3HILJsjLN6YtoLEbX2PdsAUEJJOHnE8iuezpKE6Z
f/WEG0tOiJVi0tSH3cXNhX2xDT8JMxkLvj3YE2AGfs3UM/V9/nJJCUrNY39F1WfM
YdmRLSWiBzQ+IK9YjDeN500+0t2vahJ0zXZzgwXBZtsQy8+VlidcaAdNAHGNgmQZ
g5N2ZFnrc59Ovt9qecw7IDlzZzu2b7Uxn3UINnbMedOH/GJpPhCNfmmGNwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLcqu5Ok+MRKkIGxpCdn7rGITziUMB8GA1UdIwQY
MBaAFPhBKBRre+yL0Rhbvgw7k0Cq9bcUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FRW9GR3Q3N0l2UkdGdS1ERHVUUUtyMXR4US5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQx
LTEzODM5NjQwYTYwNC8xL3R5cTdrNlQ0eEVxUWdiR2tKMmZ1c1loUE9KUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQxLTEzODM5NjQwYTYw
NC8xLzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBASwJ2AD
BAK50lQDBAK564QDBAK59KgwDQYJKoZIhvcNAQELBQADggEBALRRqcz/Ze0uEkDL
FPrS4V2dU5sBEwrjhng6F+jC7RRLXfG2SRUpd0i+au7D1qSEWDfHt1biiRPIBusF
IdyRmrLKUvXda5kla54iTc+DrZF45cMJRd7qcB0dqb7LY9OOuVWGMuRcJEJG4cbi
xF1vSS5ffVQQcqbrnKw0E7jZQeUCGvtjsDub+O5El/sjRPvNAyP+NUQKzWRqUdxd
BHk23OF4+XyRhKToC8cpBbhF0ur3SOOv4YKJ9BCs23lRYF6IKFsd74yO1nNqu3xm
2ODU7pjbH3tMe3ibo9nrW8sZii2W/FhTjO5wid9C3wQN2vra645utp+VszTAwNzi
z8/fmPE=
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:50:52 2025 by rpki-client