Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/TEQ2s_TPddXgs2TBHawu_QRXdAY.roa
File: TEQ2s_TPddXgs2TBHawu_QRXdAY.roa (raw, json)
Hash identifier: v8GdY3sNaK+PD8iTL9fBBYBUT72JOPHFN0JrePdltX0=
Subject key identifier: 4C:44:36:B3:F4:CF:75:D5:E0:B3:64:C1:1D:AC:2E:FD:04:57:74:06
Certificate issuer: /CN=68579722c3a0cb0c3351c595dfa3d7ead81f16bf
Certificate serial: 0196C9ECA1B7E7BA2EBB3DC469DEE4C818E6
Authority key identifier: 68:57:97:22:C3:A0:CB:0C:33:51:C5:95:DF:A3:D7:EA:D8:1F:16:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aFeXIsOgywwzUcWV36PX6tgfFr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/TEQ2s_TPddXgs2TBHawu_QRXdAY.roa
Signing time: Tue 13 May 2025 13:54:10 +0000
ROA not before: Tue 13 May 2025 13:54:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56368
IP address blocks: 91.198.172.0/24 maxlen: 24
91.198.185.0/24 maxlen: 24
91.198.196.0/24 maxlen: 24
2a0f:8840::/29 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/aFeXIsOgywwzUcWV36PX6tgfFr8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/aFeXIsOgywwzUcWV36PX6tgfFr8.mft
rsync://rpki.ripe.net/repository/DEFAULT/aFeXIsOgywwzUcWV36PX6tgfFr8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 16:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c9:ec:a1:b7:e7:ba:2e:bb:3d:c4:69:de:e4:c8:18:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68579722c3a0cb0c3351c595dfa3d7ead81f16bf
Validity
Not Before: May 13 13:54:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c4436b3f4cf75d5e0b364c11dac2efd04577406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8f:46:5d:5b:97:c7:1f:15:92:5c:94:da:71:
1e:20:a3:fb:af:c2:5a:ab:74:5f:57:e3:c0:ec:d4:
e7:af:a4:5e:e7:2a:6f:6a:4f:a9:80:4a:41:c5:bc:
07:a7:48:b4:ae:9a:52:01:11:89:04:6c:a3:b8:d6:
b9:78:60:67:c2:7c:ed:88:48:3f:33:60:25:56:5c:
be:b5:3c:17:e2:d4:55:e3:92:b7:9f:c5:90:01:a5:
09:7e:ec:91:dc:9b:99:49:a1:6d:11:f8:fe:13:35:
c0:40:e6:f6:57:de:21:56:9d:91:9d:a9:39:da:63:
d1:90:69:a6:25:7a:d5:7e:1d:90:51:37:a1:3f:cc:
5c:87:53:28:3f:ae:b3:95:cf:42:eb:83:02:67:c2:
18:f2:cb:ab:64:d6:24:cf:4e:a9:d3:5a:9c:5b:49:
a8:71:65:c8:e3:45:47:9c:08:56:f6:8c:17:63:53:
77:46:de:b8:62:59:15:57:e3:34:17:9a:65:6a:06:
56:69:b7:68:4b:f6:0a:3d:82:d9:81:ac:dd:61:45:
64:96:6e:8e:95:d2:82:13:93:0a:85:fb:23:16:4b:
fb:12:47:8d:85:f3:0d:8d:74:3f:ee:a0:76:67:6f:
9e:45:a1:86:31:5e:cf:65:32:be:04:fc:9b:19:e2:
71:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:44:36:B3:F4:CF:75:D5:E0:B3:64:C1:1D:AC:2E:FD:04:57:74:06
X509v3 Authority Key Identifier:
keyid:68:57:97:22:C3:A0:CB:0C:33:51:C5:95:DF:A3:D7:EA:D8:1F:16:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aFeXIsOgywwzUcWV36PX6tgfFr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/TEQ2s_TPddXgs2TBHawu_QRXdAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/aFeXIsOgywwzUcWV36PX6tgfFr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.172.0/24
91.198.185.0/24
91.198.196.0/24
IPv6:
2a0f:8840::/29
Signature Algorithm: sha256WithRSAEncryption
1f:4f:8c:92:ac:95:55:78:55:70:17:37:79:71:ff:16:c5:f0:
4a:b6:b5:c9:20:0b:80:ba:12:53:4d:3b:df:44:a2:ca:87:51:
a2:48:21:04:73:4b:84:66:8b:63:09:7e:6a:7a:fe:7d:fe:13:
7a:b5:41:03:8b:4b:fb:5b:3e:d3:f7:e2:fa:b2:0b:61:86:50:
4e:cc:f1:de:7a:84:5e:b3:49:56:26:c7:83:4f:f5:60:2c:b4:
c5:fe:ab:55:d2:b4:d8:74:2e:84:db:16:d4:b9:e7:ff:d9:64:
83:58:fb:73:da:09:33:8a:43:70:ad:49:27:5c:cc:9d:fd:fc:
bd:0a:be:a9:47:f4:91:0c:97:3d:d9:80:fd:e8:86:d4:3b:7a:
db:8e:7b:30:c2:66:83:32:26:f1:fc:24:56:ec:4a:e5:ae:c7:
77:d9:2f:d7:26:43:5e:9f:58:ad:d2:9a:db:35:67:eb:df:b0:
9c:48:b3:28:85:74:f8:e9:e5:78:d2:5f:7d:86:1f:5b:e0:a6:
b4:30:37:4a:79:47:52:9a:70:89:8c:5b:7a:f6:d0:17:93:81:
87:48:b1:68:b9:ee:33:27:1f:2a:5c:7b:91:66:17:a4:4b:4b:
31:68:55:a3:b9:26:bb:88:e5:eb:9e:80:f2:83:41:2d:82:27:
ce:64:71:f4
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZbJ7KG357ouuz3Ead7kyBjmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NTc5NzIyYzNhMGNiMGMzMzUxYzU5NWRmYTNkN2VhZDgx
ZjE2YmYwHhcNMjUwNTEzMTM1NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzQ0MzZiM2Y0Y2Y3NWQ1ZTBiMzY0YzExZGFjMmVmZDA0NTc3NDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY9GXVuXxx8VklyU2nEeIKP7r8Ja
q3RfV+PA7NTnr6Re5ypvak+pgEpBxbwHp0i0rppSARGJBGyjuNa5eGBnwnztiEg/
M2AlVly+tTwX4tRV45K3n8WQAaUJfuyR3JuZSaFtEfj+EzXAQOb2V94hVp2Rnak5
2mPRkGmmJXrVfh2QUTehP8xch1MoP66zlc9C64MCZ8IY8surZNYkz06p01qcW0mo
cWXI40VHnAhW9owXY1N3Rt64YlkVV+M0F5plagZWabdoS/YKPYLZgazdYUVklm6O
ldKCE5MKhfsjFkv7EkeNhfMNjXQ/7qB2Z2+eRaGGMV7PZTK+BPybGeJxIwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFExENrP0z3XV4LNkwR2sLv0EV3QGMB8GA1UdIwQY
MBaAFGhXlyLDoMsMM1HFld+j1+rYHxa/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUZlWElzT2d5d3d6VWNXVjM2UFg2dGdmRnI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9mYTgzNmMtMWNkMy00YmE3LWI1OTgt
OWY1NTk3YjU2Yjc2LzEvVEVRMnNfVFBkZFhnczJUQkhhd3VfUVJYZEFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9mYTgzNmMtMWNkMy00YmE3LWI1OTgtOWY1NTk3YjU2Yjc2
LzEvYUZlWElzT2d5d3d6VWNXVjM2UFg2dGdmRnI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW8asAwQA
W8a5AwQAW8bEMA0EAgACMAcDBQMqD4hAMA0GCSqGSIb3DQEBCwUAA4IBAQAfT4yS
rJVVeFVwFzd5cf8WxfBKtrXJIAuAuhJTTTvfRKLKh1GiSCEEc0uEZotjCX5qev59
/hN6tUEDi0v7Wz7T9+L6sgthhlBOzPHeeoRes0lWJseDT/VgLLTF/qtV0rTYdC6E
2xbUuef/2WSDWPtz2gkzikNwrUknXMyd/fy9Cr6pR/SRDJc92YD96IbUO3rbjnsw
wmaDMibx/CRW7Erlrsd32S/XJkNen1it0prbNWfr37CcSLMohXT46eV40l99hh9b
4Ka0MDdKeUdSmnCJjFt69tAXk4GHSLFoue4zJx8qXHuRZhekS0sxaFWjuSa7iOXr
noDyg0EtgifOZHH0
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:27:13 2025 by rpki-client