Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tFjeCo58saN70N-0VZRRWKyrNQ4.roa
File: tFjeCo58saN70N-0VZRRWKyrNQ4.roa (raw, json)
Hash identifier: KjtyXSyvzV9A405uOz4wItweq3r+/lVABO1dWGD1jN4=
Subject key identifier: B4:58:DE:0A:8E:7C:B1:A3:7B:D0:DF:B4:55:94:51:58:AC:AB:35:0E
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 01990F15FC0CB1E5B083E5687EC4F94C2216
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tFjeCo58saN70N-0VZRRWKyrNQ4.roa
Signing time: Wed 03 Sep 2025 10:18:42 +0000
ROA not before: Wed 03 Sep 2025 10:18:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213644
IP address blocks: 217.60.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 23:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0f:15:fc:0c:b1:e5:b0:83:e5:68:7e:c4:f9:4c:22:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Sep 3 10:18:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b458de0a8e7cb1a37bd0dfb455945158acab350e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:75:22:bb:df:b3:9b:39:1c:fc:49:0e:04:5e:
0b:4d:80:2e:6f:7a:7a:78:70:d6:bf:f2:51:13:de:
92:23:fc:52:89:ee:a2:3e:d7:ca:77:b7:2c:e5:73:
fe:e0:77:a2:82:30:97:1a:b3:6e:28:a2:99:2c:86:
70:eb:c7:86:3c:c5:60:33:78:4c:f2:19:87:d1:f2:
ad:17:de:ef:03:e5:f6:6f:f2:a8:4e:2a:91:e3:8a:
fb:13:93:a5:95:84:e9:da:57:a6:b8:ea:54:68:a0:
6d:26:f8:e7:2c:04:8e:ef:1a:80:78:bd:f6:10:76:
48:4f:9b:75:d4:cf:ce:4e:5c:f2:8a:01:70:3d:76:
95:a9:93:0c:fe:a1:8f:f5:03:1c:55:82:bf:e2:7b:
7d:da:c0:10:7b:d4:1b:c6:7f:8d:54:c4:da:b6:7e:
36:9f:19:41:ac:25:09:86:63:f3:54:e6:3d:21:10:
b3:41:ac:96:b0:f0:db:42:10:1f:62:be:96:7d:c5:
07:53:cd:b2:17:13:25:55:19:91:d1:ef:b4:d7:88:
e6:cd:2e:31:de:ba:e1:65:63:c7:8b:c0:9b:68:12:
a9:db:63:5c:3f:3c:df:18:d5:09:b5:5f:83:e6:79:
22:7e:f0:f0:a5:d4:bf:3f:13:c3:8d:c2:3e:ab:75:
e6:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:58:DE:0A:8E:7C:B1:A3:7B:D0:DF:B4:55:94:51:58:AC:AB:35:0E
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/tFjeCo58saN70N-0VZRRWKyrNQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.60.236.0/24
Signature Algorithm: sha256WithRSAEncryption
20:51:73:c0:4e:b1:a2:d1:5c:de:90:53:3c:b3:3d:48:2c:e0:
b1:46:18:1d:09:21:10:d0:ba:d8:46:49:7c:83:82:ab:a6:bf:
23:73:95:5d:4f:f9:75:76:1a:e8:85:0e:fd:28:ad:5b:2c:70:
dd:f6:d5:62:9a:a7:9e:22:77:0d:55:5f:6a:57:2d:b4:6a:ec:
09:35:03:1c:1c:60:8d:d2:46:63:d1:95:8d:8a:10:ff:2e:02:
a3:80:98:3b:16:bb:5c:4a:45:f3:0b:c0:e1:7e:f0:0c:31:a1:
bb:eb:e9:7e:10:5e:2d:1d:2d:9d:cb:7d:8a:de:44:fd:23:ee:
6e:f0:91:6e:79:02:d0:ef:07:d2:e6:11:ab:de:13:25:a5:96:
7d:9d:9e:e3:83:65:ea:cd:1a:14:f4:37:05:0e:5e:09:83:59:
28:e7:ff:c6:44:95:27:1d:4b:17:52:e9:58:7d:97:48:b3:e0:
91:3b:d4:29:ba:8e:1d:57:9e:84:ac:a1:7e:86:ad:ee:68:f6:
7c:7d:47:c3:c1:36:ea:18:8c:19:83:f8:8d:67:93:0a:52:66:
a7:cb:db:9a:16:24:c4:d8:14:07:f2:c0:c8:42:a9:fb:7b:0d:
fe:4b:26:05:32:b9:72:2e:af:9b:14:90:61:0e:26:21:67:06:
f2:00:a0:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZkPFfwMseWwg+VofsT5TCIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUwOTAzMTAxODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDU4ZGUwYThlN2NiMWEzN2JkMGRmYjQ1NTk0NTE1OGFjYWIzNTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXUiu9+zmzkc/EkOBF4LTYAub3p6
eHDWv/JRE96SI/xSie6iPtfKd7cs5XP+4HeigjCXGrNuKKKZLIZw68eGPMVgM3hM
8hmH0fKtF97vA+X2b/KoTiqR44r7E5OllYTp2lemuOpUaKBtJvjnLASO7xqAeL32
EHZIT5t11M/OTlzyigFwPXaVqZMM/qGP9QMcVYK/4nt92sAQe9Qbxn+NVMTatn42
nxlBrCUJhmPzVOY9IRCzQayWsPDbQhAfYr6WfcUHU82yFxMlVRmR0e+014jmzS4x
3rrhZWPHi8CbaBKp22NcPzzfGNUJtV+D5nkifvDwpdS/PxPDjcI+q3XmwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLRY3gqOfLGje9DftFWUUVisqzUOMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvdEZqZUNvNThzYU43ME4tMFZaUlJXS3lyTlE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2TzsMA0G
CSqGSIb3DQEBCwUAA4IBAQAgUXPATrGi0VzekFM8sz1ILOCxRhgdCSEQ0LrYRkl8
g4Krpr8jc5VdT/l1dhrohQ79KK1bLHDd9tVimqeeIncNVV9qVy20auwJNQMcHGCN
0kZj0ZWNihD/LgKjgJg7FrtcSkXzC8DhfvAMMaG76+l+EF4tHS2dy32K3kT9I+5u
8JFueQLQ7wfS5hGr3hMlpZZ9nZ7jg2XqzRoU9DcFDl4Jg1ko5//GRJUnHUsXUulY
fZdIs+CRO9Qpuo4dV56ErKF+hq3uaPZ8fUfDwTbqGIwZg/iNZ5MKUmany9uaFiTE
2BQH8sDIQqn7ew3+SyYFMrlyLq+bFJBhDiYhZwbyAKB8
-----END CERTIFICATE-----
Generated at Tue Sep 9 08:36:05 2025 by rpki-client