Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/TKgQBeKbci8AcOtoanfIWooYkj4.roa
File: TKgQBeKbci8AcOtoanfIWooYkj4.roa (raw, json)
Hash identifier: OF7eli8XS2oms4Nfga9p75mGJZOO2jnhqmxAK1o7Dgg=
Subject key identifier: 4C:A8:10:05:E2:9B:72:2F:00:70:EB:68:6A:77:C8:5A:8A:18:92:3E
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0198E72EDBEAE8476451CD6C5BC9D811F787
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/TKgQBeKbci8AcOtoanfIWooYkj4.roa
Signing time: Tue 26 Aug 2025 16:21:04 +0000
ROA not before: Tue 26 Aug 2025 16:21:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197992
IP address blocks: 2a06:5280::/29 maxlen: 29
2a0d:a9c0::/29 maxlen: 29
2a0f:3640::/29 maxlen: 29
2a10:3040::/29 maxlen: 29
2a10:6300::/29 maxlen: 29
2a10:6900::/29 maxlen: 29
2a11:1880::/29 maxlen: 29
2a11:3f80::/29 maxlen: 29
2a11:90c0::/29 maxlen: 29
2a11:9340::/29 maxlen: 29
2a11:9e00::/29 maxlen: 29
2a11:b740::/29 maxlen: 29
2a11:f040::/29 maxlen: 29
2a13:2f40::/29 maxlen: 29
2a13:4f00::/29 maxlen: 29
2a13:9100::/29 maxlen: 29
2a13:9480::/29 maxlen: 29
2a13:c700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 11:14:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e7:2e:db:ea:e8:47:64:51:cd:6c:5b:c9:d8:11:f7:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 26 16:21:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ca81005e29b722f0070eb686a77c85a8a18923e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6e:13:3b:d4:38:58:3d:35:6e:58:04:34:fe:
64:9e:e2:47:87:2d:fc:d9:c3:94:5d:d2:57:df:c3:
3f:9a:97:29:fa:ac:5d:16:19:68:bf:a1:63:1c:9f:
e4:2d:8c:81:8c:39:38:b1:0a:be:31:ea:af:03:e9:
b8:c9:64:60:70:c6:4c:42:84:a0:34:48:62:bf:c3:
30:18:01:d8:46:b2:b2:bf:a0:ef:53:ae:56:02:b3:
c7:3a:b6:ce:48:12:7b:7b:22:03:95:66:fb:7e:fa:
d0:c9:ac:9a:44:cd:65:55:dd:fb:ea:14:e3:67:3c:
b4:e2:39:f3:05:ba:33:b8:c0:7f:24:45:06:d6:b9:
1c:3a:66:75:bc:5f:62:bf:c2:41:7a:0b:a9:6c:09:
35:77:7c:a4:09:1e:1b:90:1a:b3:7c:25:57:2d:4f:
69:a2:3f:18:2d:d8:33:c3:fb:00:f2:a3:05:30:fe:
3b:22:ae:92:fe:8b:2a:7d:04:af:bf:af:0d:c7:27:
ce:35:c6:51:09:91:7f:f3:07:e0:32:bf:e8:04:3a:
bb:30:1d:8f:86:0e:7b:62:5e:66:27:e4:ad:7e:ab:
87:88:06:6e:35:5e:45:a7:f1:f3:5f:0e:ca:22:c7:
8a:a8:e2:64:81:d4:f5:3d:c7:12:da:0a:2c:d2:a7:
30:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A8:10:05:E2:9B:72:2F:00:70:EB:68:6A:77:C8:5A:8A:18:92:3E
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/TKgQBeKbci8AcOtoanfIWooYkj4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:5280::/29
2a0d:a9c0::/29
2a0f:3640::/29
2a10:3040::/29
2a10:6300::/29
2a10:6900::/29
2a11:1880::/29
2a11:3f80::/29
2a11:90c0::/29
2a11:9340::/29
2a11:9e00::/29
2a11:b740::/29
2a11:f040::/29
2a13:2f40::/29
2a13:4f00::/29
2a13:9100::/29
2a13:9480::/29
2a13:c700::/29
Signature Algorithm: sha256WithRSAEncryption
a7:86:4f:a2:6d:2d:42:4b:97:2e:03:b1:e6:b2:9e:ae:8e:f5:
51:15:67:2c:b4:12:df:99:0f:b2:18:18:2e:ee:df:f7:2a:03:
85:79:58:91:bf:60:80:c6:86:48:7e:3b:13:a8:ac:9a:b2:63:
3b:c3:e8:5d:96:e1:ce:74:a5:a8:e2:0b:28:f1:e8:9a:24:44:
87:23:e4:2a:f2:97:4c:db:2b:25:97:51:0d:9d:79:2d:2b:c4:
56:71:eb:de:84:05:c0:70:a7:c3:5e:46:09:0a:c0:41:5e:55:
28:52:33:4c:65:44:db:f1:72:19:0f:e7:d2:0f:2e:bc:1a:b5:
32:58:f6:5f:3f:26:59:03:49:d4:09:ad:31:2a:10:8f:4a:22:
83:98:c0:12:4b:e5:cc:62:0a:0e:8b:e9:7f:06:9d:e2:7f:19:
7f:61:87:49:6a:ed:86:1d:d3:bb:9f:68:3a:5d:32:a5:0a:34:
92:3a:bc:0e:56:b3:7d:b2:98:a0:72:cb:53:ea:0f:67:39:e1:
5c:a6:0d:c3:d1:84:29:11:56:1d:ff:fa:92:11:c1:99:6f:ac:
33:e3:9f:43:ff:ad:8f:59:fc:b0:8d:8c:e3:ce:81:2c:43:e3:
dd:e8:84:f4:26:ee:c0:a5:36:18:18:67:26:01:5f:da:e5:25:
19:97:64:3a
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZjnLtvq6EdkUc1sW8nYEfeHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwODI2MTYyMTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2E4MTAwNWUyOWI3MjJmMDA3MGViNjg2YTc3Yzg1YThhMTg5MjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvW4TO9Q4WD01blgENP5knuJHhy38
2cOUXdJX38M/mpcp+qxdFhlov6FjHJ/kLYyBjDk4sQq+MeqvA+m4yWRgcMZMQoSg
NEhiv8MwGAHYRrKyv6DvU65WArPHOrbOSBJ7eyIDlWb7fvrQyayaRM1lVd376hTj
Zzy04jnzBbozuMB/JEUG1rkcOmZ1vF9iv8JBegupbAk1d3ykCR4bkBqzfCVXLU9p
oj8YLdgzw/sA8qMFMP47Iq6S/osqfQSvv68NxyfONcZRCZF/8wfgMr/oBDq7MB2P
hg57Yl5mJ+StfquHiAZuNV5Fp/HzXw7KIseKqOJkgdT1PccS2gos0qcwyQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFEyoEAXim3IvAHDraGp3yFqKGJI+MB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvVEtnUUJlS2JjaThBY090b2FuZklXb29Za2o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAIwfgMFAyoG
UoADBQMqDanAAwUDKg82QAMFAyoQMEADBQMqEGMAAwUDKhBpAAMFAyoRGIADBQMq
ET+AAwUDKhGQwAMFAyoRk0ADBQMqEZ4AAwUDKhG3QAMFAyoR8EADBQMqEy9AAwUD
KhNPAAMFAyoTkQADBQMqE5SAAwUDKhPHADANBgkqhkiG9w0BAQsFAAOCAQEAp4ZP
om0tQkuXLgOx5rKero71URVnLLQS35kPshgYLu7f9yoDhXlYkb9ggMaGSH47E6is
mrJjO8PoXZbhznSlqOILKPHomiREhyPkKvKXTNsrJZdRDZ15LSvEVnHr3oQFwHCn
w15GCQrAQV5VKFIzTGVE2/FyGQ/n0g8uvBq1Mlj2Xz8mWQNJ1AmtMSoQj0oig5jA
EkvlzGIKDovpfwad4n8Zf2GHSWrthh3Tu59oOl0ypQo0kjq8DlazfbKYoHLLU+oP
ZznhXKYNw9GEKRFWHf/6khHBmW+sM+OfQ/+tj1n8sI2M486BLEPj3eiE9CbuwKU2
GBhnJgFf2uUlGZdkOg==
-----END CERTIFICATE-----
Generated at Sat Sep 6 20:48:25 2025 by rpki-client