Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TmBHrrrqmeheBa1SoawWEWUlf5E.roa
File: TmBHrrrqmeheBa1SoawWEWUlf5E.roa (raw, json)
Hash identifier: P06Cix7BBZKXgyFBB8sBe2yk1p7idn6khlcriuVFzSM=
Subject key identifier: 4E:60:47:AE:BA:EA:99:E8:5E:05:AD:52:A1:AC:16:11:65:25:7F:91
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01990F15FA2478CB1FE262AC6C990FEAE210
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TmBHrrrqmeheBa1SoawWEWUlf5E.roa
Signing time: Wed 03 Sep 2025 10:18:42 +0000
ROA not before: Wed 03 Sep 2025 10:18:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42337
IP address blocks: 31.58.239.0/24 maxlen: 24
94.183.163.0/24 maxlen: 24
217.60.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 19:39:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0f:15:fa:24:78:cb:1f:e2:62:ac:6c:99:0f:ea:e2:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Sep 3 10:18:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e6047aebaea99e85e05ad52a1ac161165257f91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2e:ee:09:56:d3:52:1b:a5:18:a6:1b:60:5b:
52:d7:c7:cf:c8:57:58:1c:30:e3:ab:b2:0d:8b:26:
cd:f0:05:a9:20:96:06:fd:58:98:50:cb:63:de:07:
fc:54:24:e5:f6:da:17:55:1b:cc:93:80:78:91:7a:
37:32:80:00:db:b6:82:1e:ea:e7:c1:ca:60:34:35:
9a:55:d3:a0:71:63:cf:42:9b:5e:b5:27:89:44:e3:
fd:c4:42:45:b0:3b:22:8d:a0:cd:51:ab:e2:97:93:
36:0a:ec:57:20:99:12:f3:01:9a:3e:18:14:5a:1f:
8c:0a:b6:a1:6a:2c:d4:fb:76:c1:9e:c6:f4:9c:85:
68:da:62:05:65:9a:87:41:99:36:2d:f0:1f:48:43:
5a:7a:0a:ef:0b:12:99:bb:c6:04:0e:19:8a:a3:ba:
7f:62:13:ee:a1:bb:a2:b0:bd:e6:75:c3:f1:d0:ed:
8d:a6:ca:7d:c1:a7:9e:55:5f:8c:f7:b6:df:48:40:
e9:59:36:1e:61:7a:fa:f3:d6:3e:56:09:3c:4d:fc:
7d:72:07:30:f9:69:64:a5:24:99:21:ba:87:b4:2c:
32:df:c5:10:93:15:12:65:58:b3:2d:c5:5a:d7:a8:
cd:d3:ca:b2:a5:e1:15:86:1a:cc:ea:55:0c:f2:30:
13:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:60:47:AE:BA:EA:99:E8:5E:05:AD:52:A1:AC:16:11:65:25:7F:91
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TmBHrrrqmeheBa1SoawWEWUlf5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.58.239.0/24
94.183.163.0/24
217.60.236.0/24
Signature Algorithm: sha256WithRSAEncryption
51:6d:ed:1d:1a:fd:20:24:1e:a6:b5:08:2d:c0:d1:38:18:ed:
c8:e9:a2:ac:d4:17:51:c8:21:98:9f:b4:f0:eb:ad:f5:fb:db:
2f:44:61:0c:79:63:8b:fd:66:e4:1c:be:5c:1a:40:2e:82:ea:
1a:47:b5:7f:89:89:93:be:d7:be:4d:9a:4a:19:e9:c1:0d:7d:
ed:e7:a0:58:63:ac:18:b3:a6:de:ca:b7:9f:16:fe:80:c9:86:
56:84:2b:b8:de:11:7f:09:58:1c:ef:73:fe:57:87:9f:e3:91:
a4:4a:0d:85:b5:3d:71:83:a4:ec:cb:9d:44:d4:fb:e4:9a:e1:
88:32:45:fd:ca:82:ff:45:7c:ae:1d:49:a3:ed:29:af:40:48:
35:79:d8:62:b0:58:f1:82:8c:ed:cc:d5:43:f0:f3:0d:0c:7c:
16:67:3e:0a:7b:e6:03:cc:2f:6b:f0:89:6d:53:ef:4d:b3:09:
e7:6b:57:d9:02:03:42:20:5e:e7:f1:dc:f4:f2:97:cf:f1:7a:
32:5c:da:2e:64:46:93:56:7c:02:a7:c8:e4:45:b7:4c:e6:b2:
d0:1f:99:ff:64:0a:d4:b6:82:b1:a4:fb:8b:b2:c9:95:09:e1:
01:47:75:60:8c:6c:e7:11:6a:70:b4:a7:a5:20:da:73:a5:dc:
fa:56:a1:ff
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZkPFfokeMsf4mKsbJkP6uIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwOTAzMTAxODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTYwNDdhZWJhZWE5OWU4NWUwNWFkNTJhMWFjMTYxMTY1MjU3ZjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsC7uCVbTUhulGKYbYFtS18fPyFdY
HDDjq7INiybN8AWpIJYG/ViYUMtj3gf8VCTl9toXVRvMk4B4kXo3MoAA27aCHurn
wcpgNDWaVdOgcWPPQptetSeJROP9xEJFsDsijaDNUavil5M2CuxXIJkS8wGaPhgU
Wh+MCrahaizU+3bBnsb0nIVo2mIFZZqHQZk2LfAfSENaegrvCxKZu8YEDhmKo7p/
YhPuobuisL3mdcPx0O2Npsp9waeeVV+M97bfSEDpWTYeYXr689Y+Vgk8Tfx9cgcw
+WlkpSSZIbqHtCwy38UQkxUSZVizLcVa16jN08qypeEVhhrM6lUM8jATOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE5gR6666pnoXgWtUqGsFhFlJX+RMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvVG1CSHJycnFtZWhlQmExU29hd1dFV1VsZjVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHzrvAwQA
XrejAwQA2TzsMA0GCSqGSIb3DQEBCwUAA4IBAQBRbe0dGv0gJB6mtQgtwNE4GO3I
6aKs1BdRyCGYn7Tw6631+9svRGEMeWOL/WbkHL5cGkAuguoaR7V/iYmTvte+TZpK
GenBDX3t56BYY6wYs6beyrefFv6AyYZWhCu43hF/CVgc73P+V4ef45GkSg2FtT1x
g6Tsy51E1PvkmuGIMkX9yoL/RXyuHUmj7SmvQEg1edhisFjxgoztzNVD8PMNDHwW
Zz4Ke+YDzC9r8IltU+9Nswnna1fZAgNCIF7n8dz08pfP8XoyXNouZEaTVnwCp8jk
RbdM5rLQH5n/ZArUtoKxpPuLssmVCeEBR3VgjGznEWpwtKelINpzpdz6VqH/
-----END CERTIFICATE-----
Generated at Wed Sep 10 03:54:56 2025 by rpki-client