Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TU33qpntXatxMyZAJzYvLxL-xSg.roa
File: TU33qpntXatxMyZAJzYvLxL-xSg.roa (raw, json)
Hash identifier: QEU287pJAOh9dnfs31+B3kKhDHduu0hsu7IXggVDvWQ=
Subject key identifier: 4D:4D:F7:AA:99:ED:5D:AB:71:33:26:40:27:36:2F:2F:12:FE:C5:28
Certificate issuer: /CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Certificate serial: 019A0CA18476544FFDCBFAC993FAD025B34A
Authority key identifier: 4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TU33qpntXatxMyZAJzYvLxL-xSg.roa
Signing time: Wed 22 Oct 2025 15:55:03 +0000
ROA not before: Wed 22 Oct 2025 15:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62425
IP address blocks: 93.180.132.0/24 maxlen: 24
93.180.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.mft
rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 22:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0c:a1:84:76:54:4f:fd:cb:fa:c9:93:fa:d0:25:b3:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4da84d247ce37cdccf06e1571d226a2b85677bcd
Validity
Not Before: Oct 22 15:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d4df7aa99ed5dab7133264027362f2f12fec528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:dd:61:08:9d:29:6c:d3:0e:82:c2:f9:28:dc:
4e:43:73:d2:c6:a9:dc:97:f3:22:db:d7:a2:5f:61:
52:04:b9:09:0a:f2:6f:7c:7d:f7:d7:8c:97:78:98:
9a:0d:03:d6:1a:11:4e:41:46:da:92:49:5f:57:ce:
4d:0d:5c:d4:14:57:e8:19:a6:0f:33:a8:c9:6b:a2:
64:8c:7c:03:dd:9d:91:58:82:1f:40:f6:cb:f2:00:
e7:8a:4b:45:ad:37:aa:7f:97:30:9f:e7:00:9a:8f:
0a:22:2f:a2:dc:95:f5:1c:fc:9d:03:f0:6b:1d:9e:
f7:6c:88:56:99:22:e6:cc:0e:c5:35:b7:f9:63:e2:
a6:02:bf:84:12:73:77:82:03:62:ec:37:74:85:2d:
a0:da:f8:f3:56:14:b7:5e:71:3e:aa:17:6a:c9:d3:
0e:2b:ec:d1:23:b3:c7:f2:a2:ad:ca:14:de:26:0e:
97:d4:18:0b:34:43:5f:21:de:4a:34:28:95:b2:e5:
a6:e4:10:de:03:e2:ed:b6:d7:59:b7:d6:bb:00:ee:
3a:36:d8:cb:c4:1c:c3:1b:e2:ad:f4:2a:e4:47:75:
25:e7:49:fd:ec:35:cb:71:08:a7:54:bd:b6:6b:32:
08:bf:29:b7:ea:64:15:3d:77:a0:cd:ad:49:21:13:
01:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:4D:F7:AA:99:ED:5D:AB:71:33:26:40:27:36:2F:2F:12:FE:C5:28
X509v3 Authority Key Identifier:
keyid:4D:A8:4D:24:7C:E3:7C:DC:CF:06:E1:57:1D:22:6A:2B:85:67:7B:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TahNJHzjfNzPBuFXHSJqK4Vne80.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TU33qpntXatxMyZAJzYvLxL-xSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/210fbb-aa6e-49c9-918b-5558a8b53e3d/1/TahNJHzjfNzPBuFXHSJqK4Vne80.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.132.0/23
Signature Algorithm: sha256WithRSAEncryption
85:66:26:eb:72:40:a1:66:f8:b7:cd:0a:8d:37:aa:7c:02:37:
f2:71:7a:bc:f4:2d:6c:09:6b:97:32:79:59:9c:c2:38:e2:36:
15:99:72:de:71:b6:fd:aa:c3:43:1d:0a:e2:52:9d:82:0f:b0:
f3:82:1a:ed:e5:31:74:d2:35:04:0a:05:80:e3:e0:cf:bb:e3:
f8:0b:ac:6f:98:c9:93:df:6b:8d:1a:3e:ee:63:51:30:9c:f9:
0d:a8:15:a3:b1:0a:c9:37:cf:7b:fc:5b:87:08:cf:30:e8:19:
eb:c2:a2:69:6c:de:a4:aa:65:21:d4:b8:aa:72:4b:3b:f0:f2:
50:76:76:8d:a3:f5:56:41:e9:43:ae:d8:72:17:76:65:cd:6e:
f0:f1:0f:51:9b:4a:84:1e:27:7f:8b:ec:04:1e:60:36:97:96:
04:e0:b7:bb:f9:3f:c3:23:4c:fd:cb:98:29:9f:ab:11:82:7c:
c3:6a:f4:16:4a:d0:e4:14:de:b1:d4:4e:3f:43:1e:b5:e0:1e:
04:94:ce:be:3f:a6:e6:f5:43:aa:14:78:68:e8:62:d7:a6:75:
c0:da:cc:54:23:2d:36:f0:43:77:fe:e6:d8:e6:4b:a0:e9:0b:
4c:70:5b:80:6e:c4:2f:36:ca:36:c3:22:1d:78:7f:fc:5b:f0:
c8:0b:62:8e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZoMoYR2VE/9y/rJk/rQJbNKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkYTg0ZDI0N2NlMzdjZGNjZjA2ZTE1NzFkMjI2YTJiODU2
NzdiY2QwHhcNMjUxMDIyMTU1NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDRkZjdhYTk5ZWQ1ZGFiNzEzMzI2NDAyNzM2MmYyZjEyZmVjNTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkN1hCJ0pbNMOgsL5KNxOQ3PSxqnc
l/Mi29eiX2FSBLkJCvJvfH3314yXeJiaDQPWGhFOQUbakklfV85NDVzUFFfoGaYP
M6jJa6JkjHwD3Z2RWIIfQPbL8gDniktFrTeqf5cwn+cAmo8KIi+i3JX1HPydA/Br
HZ73bIhWmSLmzA7FNbf5Y+KmAr+EEnN3ggNi7Dd0hS2g2vjzVhS3XnE+qhdqydMO
K+zRI7PH8qKtyhTeJg6X1BgLNENfId5KNCiVsuWm5BDeA+LtttdZt9a7AO46NtjL
xBzDG+Kt9CrkR3Ul50n97DXLcQinVL22azIIvym36mQVPXegza1JIRMB3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1N96qZ7V2rcTMmQCc2Ly8S/sUoMB8GA1UdIwQY
MBaAFE2oTSR843zczwbhVx0iaiuFZ3vNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGIt
NTU1OGE4YjUzZTNkLzEvVFUzM3FwbnRYYXR4TXlaQUp6WXZMeEwteFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8yMTBmYmItYWE2ZS00OWM5LTkxOGItNTU1OGE4YjUzZTNk
LzEvVGFoTkpIempmTnpQQnVGWEhTSnFLNFZuZTgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXbSEMA0G
CSqGSIb3DQEBCwUAA4IBAQCFZibrckChZvi3zQqNN6p8AjfycXq89C1sCWuXMnlZ
nMI44jYVmXLecbb9qsNDHQriUp2CD7Dzghrt5TF00jUECgWA4+DPu+P4C6xvmMmT
32uNGj7uY1EwnPkNqBWjsQrJN897/FuHCM8w6BnrwqJpbN6kqmUh1Liqcks78PJQ
dnaNo/VWQelDrthyF3ZlzW7w8Q9Rm0qEHid/i+wEHmA2l5YE4Le7+T/DI0z9y5gp
n6sRgnzDavQWStDkFN6x1E4/Qx614B4ElM6+P6bm9UOqFHho6GLXpnXA2sxUIy02
8EN3/ubY5kug6QtMcFuAbsQvNso2wyIdeH/8W/DIC2KO
-----END CERTIFICATE-----
Generated at Thu Oct 23 01:28:23 2025 by rpki-client