Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/TjgJ-jXJAqNyKQsEA1IXunYC7tA.roa
File: TjgJ-jXJAqNyKQsEA1IXunYC7tA.roa (raw, json)
Hash identifier: o0oZG9RtKI31h1Oxymh3LxGp1diy2Us4NFVw8pOuZVQ=
Subject key identifier: 4E:38:09:FA:35:C9:02:A3:72:29:0B:04:03:52:17:BA:76:02:EE:D0
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01991AB269DD6F9E83D2DAFC3B5D31516EC7
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/TjgJ-jXJAqNyKQsEA1IXunYC7tA.roa
Signing time: Fri 05 Sep 2025 16:25:24 +0000
ROA not before: Fri 05 Sep 2025 16:25:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.240.0/24 maxlen: 24
45.155.242.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.206.0/23 maxlen: 24
194.143.207.0/24 maxlen: 24
194.143.221.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
195.114.195.0/24 maxlen: 24
195.114.196.0/24 maxlen: 24
195.114.197.0/24 maxlen: 24
195.114.198.0/24 maxlen: 24
195.114.202.0/24 maxlen: 24
213.220.2.0/24 maxlen: 24
213.220.4.0/24 maxlen: 24
213.220.20.0/24 maxlen: 24
213.220.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 00:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1a:b2:69:dd:6f:9e:83:d2:da:fc:3b:5d:31:51:6e:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Sep 5 16:25:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e3809fa35c902a372290b04035217ba7602eed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c1:ac:2b:f8:40:df:99:33:22:12:73:65:ea:
0d:d4:d3:df:6c:d6:a0:82:1f:f7:21:50:d8:01:eb:
98:14:6a:4e:d3:e9:b0:15:23:c3:22:9c:b2:04:7c:
67:8a:0e:5c:a2:8a:10:1d:fb:ac:b0:68:f4:d2:d4:
4e:e9:e3:5f:27:f8:19:ec:f6:77:49:eb:67:ac:5d:
ec:8f:41:29:af:5d:6a:ce:a9:b7:f2:78:df:23:c3:
fc:7e:db:c1:e8:a7:ee:c2:6f:6a:a8:7b:ed:a4:76:
51:cc:07:73:92:8a:65:1c:34:fb:0f:a0:22:4b:29:
76:72:5a:e3:b7:b2:33:bc:ae:70:74:64:02:23:12:
fb:c6:66:71:69:d6:dd:00:47:c2:ab:12:ee:c8:bb:
da:9c:d3:74:45:7c:43:9d:2e:da:3f:f7:1e:e2:9f:
c6:50:d4:1a:04:31:3f:9f:e9:9b:ba:d0:38:d9:a4:
38:27:00:be:b1:6c:a5:5e:8e:5b:77:38:d3:9d:10:
ce:f1:d5:d5:91:01:0b:09:de:d2:db:85:77:8c:78:
f6:57:7b:88:9f:75:9a:b1:7e:51:32:61:64:48:a2:
91:52:83:66:df:47:cc:b7:d6:ea:0c:68:38:0b:ed:
aa:03:5d:b5:be:e8:6b:56:13:fb:aa:67:67:a1:0b:
05:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:38:09:FA:35:C9:02:A3:72:29:0B:04:03:52:17:BA:76:02:EE:D0
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/TjgJ-jXJAqNyKQsEA1IXunYC7tA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.240.0/24
45.155.242.0/24
194.143.205.0-194.143.207.255
194.143.221.0/24
195.114.192.0/24
195.114.195.0-195.114.198.255
195.114.202.0/24
213.220.2.0/24
213.220.4.0/24
213.220.20.0/24
213.220.62.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:49:d9:c5:8b:40:34:50:10:82:81:97:bb:d7:af:bd:46:45:
86:db:2f:d6:67:6e:c2:1d:30:47:92:db:47:74:50:36:dd:88:
97:f6:9b:7b:c1:ae:32:a9:87:e1:88:f5:54:06:b6:4b:39:fa:
9d:74:ce:ec:b0:6e:a7:33:19:11:4e:f7:8f:83:42:8e:34:47:
2b:a4:b5:fd:6e:4e:c4:f5:bc:73:54:65:cb:cb:1c:32:22:db:
55:fc:68:c7:e8:8d:7d:51:69:7c:e0:2a:09:f5:bd:7d:6e:05:
5c:72:43:9d:b5:89:e3:0b:62:ef:14:87:86:a1:76:c0:54:bc:
21:5e:4c:1d:a3:5f:7e:6d:bd:34:b2:34:9b:4d:a3:33:84:a9:
26:48:d2:2c:86:00:e6:fd:62:8b:ba:6e:ec:59:d9:6b:62:4c:
d0:c1:3e:2f:39:5e:31:33:5b:ef:5c:6e:b5:94:5a:0e:ac:6f:
9c:33:e0:c4:6c:83:38:41:b4:f7:15:fd:25:6e:bf:6a:0c:bb:
ec:b5:4c:c7:75:a1:3c:dd:b7:c0:d4:ef:5e:01:0f:f9:af:bb:
27:81:1e:4e:8b:2a:f0:e2:3a:b1:3e:4a:19:4d:ba:f9:71:65:
c2:3d:65:5d:4f:13:32:83:48:57:88:8b:88:7e:70:5b:97:c5:
42:67:69:39
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZkasmndb56D0tr8O10xUW7HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUwOTA1MTYyNTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTM4MDlmYTM1YzkwMmEzNzIyOTBiMDQwMzUyMTdiYTc2MDJlZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18GsK/hA35kzIhJzZeoN1NPfbNag
gh/3IVDYAeuYFGpO0+mwFSPDIpyyBHxnig5coooQHfussGj00tRO6eNfJ/gZ7PZ3
SetnrF3sj0Epr11qzqm38njfI8P8ftvB6Kfuwm9qqHvtpHZRzAdzkoplHDT7D6Ai
Syl2clrjt7IzvK5wdGQCIxL7xmZxadbdAEfCqxLuyLvanNN0RXxDnS7aP/ce4p/G
UNQaBDE/n+mbutA42aQ4JwC+sWylXo5bdzjTnRDO8dXVkQELCd7S24V3jHj2V3uI
n3WasX5RMmFkSKKRUoNm30fMt9bqDGg4C+2qA121vuhrVhP7qmdnoQsF1wIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFE44Cfo1yQKjcikLBANSF7p2Au7QMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvVGpnSi1qWEpBcU55S1FzRUExSVh1bllDN3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQALZvwAwQA
LZvyMAwDBADCj80DBATCj8ADBADCj90DBADDcsAwDAMEAMNywwMEAMNyxgMEAMNy
ygMEANXcAgMEANXcBAMEANXcFAMEANXcPjANBgkqhkiG9w0BAQsFAAOCAQEAjknZ
xYtANFAQgoGXu9evvUZFhtsv1mduwh0wR5LbR3RQNt2Il/abe8GuMqmH4Yj1VAa2
Szn6nXTO7LBupzMZEU73j4NCjjRHK6S1/W5OxPW8c1Rly8scMiLbVfxox+iNfVFp
fOAqCfW9fW4FXHJDnbWJ4wti7xSHhqF2wFS8IV5MHaNffm29NLI0m02jM4SpJkjS
LIYA5v1ii7pu7FnZa2JM0ME+LzleMTNb71xutZRaDqxvnDPgxGyDOEG09xX9JW6/
agy77LVMx3WhPN23wNTvXgEP+a+7J4EeTosq8OI6sT5KGU26+XFlwj1lXU8TMoNI
V4iLiH5wW5fFQmdpOQ==
-----END CERTIFICATE-----
Generated at Thu Sep 18 08:00:12 2025 by rpki-client