Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/a92eb2-b2ba-4efd-bd09-6abb1ccb6153/1/TaeJtyX_r65BJgtnAVUyX4b6_y4.roa
File: TaeJtyX_r65BJgtnAVUyX4b6_y4.roa (raw, json)
Hash identifier: dzjDTiRU5fSOmzi0pNy5i9tEZHjAGMA+eGu6ZYh0oVc=
Subject key identifier: 4D:A7:89:B7:25:FF:AF:AE:41:26:0B:67:01:55:32:5F:86:FA:FF:2E
Certificate issuer: /CN=93efa2bf90a23728852727f126ede65286c3ca67
Certificate serial: 01973D043EBE39A7B4F8E550F20F4BFAAB37
Authority key identifier: 93:EF:A2:BF:90:A2:37:28:85:27:27:F1:26:ED:E6:52:86:C3:CA:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k--iv5CiNyiFJyfxJu3mUobDymc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/a92eb2-b2ba-4efd-bd09-6abb1ccb6153/1/TaeJtyX_r65BJgtnAVUyX4b6_y4.roa
Signing time: Wed 04 Jun 2025 22:16:17 +0000
ROA not before: Wed 04 Jun 2025 22:16:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14445
IP address blocks: 80.73.247.0/24 maxlen: 24
164.152.216.0/24 maxlen: 24
185.218.2.0/24 maxlen: 24
2001:3900::/29 maxlen: 29
2a11:2800:239::/48 maxlen: 48
2a11:2800:761::/48 maxlen: 48
2a11:2800:10db::/48 maxlen: 48
2a11:2800:131c::/48 maxlen: 48
2a11:2800:1bce::/48 maxlen: 48
2a11:2800:1f33::/48 maxlen: 48
2a11:2800:2047::/48 maxlen: 48
2a11:2800:215b::/48 maxlen: 48
2a11:2800:285d::/48 maxlen: 48
2a11:2800:3dc6::/48 maxlen: 48
2a11:2800:661f::/48 maxlen: 48
2a11:2800:792e::/48 maxlen: 48
2a11:2800:9e16::/48 maxlen: 48
2a11:2800:b41d::/48 maxlen: 48
2a11:2803:e78b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/a92eb2-b2ba-4efd-bd09-6abb1ccb6153/1/k--iv5CiNyiFJyfxJu3mUobDymc.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/a92eb2-b2ba-4efd-bd09-6abb1ccb6153/1/k--iv5CiNyiFJyfxJu3mUobDymc.mft
rsync://rpki.ripe.net/repository/DEFAULT/k--iv5CiNyiFJyfxJu3mUobDymc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3d:04:3e:be:39:a7:b4:f8:e5:50:f2:0f:4b:fa:ab:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93efa2bf90a23728852727f126ede65286c3ca67
Validity
Not Before: Jun 4 22:16:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4da789b725ffafae41260b670155325f86faff2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:c8:a3:d6:ba:78:63:de:46:89:68:53:49:6e:
e3:5f:ea:05:23:cf:50:f0:dc:3b:66:ab:44:6d:68:
d3:4d:5a:0d:73:e7:c9:a4:8c:d9:36:0e:47:91:1b:
ef:25:7c:4c:c0:79:46:e6:25:1f:63:a7:29:fa:5c:
0a:7f:1f:e7:01:bc:fb:ab:9b:30:ad:ed:51:a8:b8:
70:73:cf:22:f9:8b:26:04:3d:27:52:6b:4a:0d:99:
cb:8b:f7:8d:c3:b7:0f:f1:12:7e:b3:72:5e:cb:61:
b8:9b:17:08:3b:2e:71:85:b2:d2:51:ad:c1:7a:c5:
c1:a4:40:fd:74:25:d2:9f:91:dd:be:86:4f:8e:ee:
13:5e:ef:f3:a5:a0:78:ff:20:9b:9b:ef:8a:4c:3c:
eb:51:12:b7:4e:99:4e:30:62:88:73:2d:db:26:6d:
c6:17:bf:37:57:9c:5e:b4:30:68:64:30:dd:c9:23:
2c:aa:ef:a7:80:03:03:16:01:06:16:f6:88:51:4f:
09:e8:63:37:19:03:4c:1f:88:ea:07:7a:46:c9:01:
5b:97:61:2a:e0:f0:75:17:44:0f:61:99:2c:44:92:
4f:44:e2:90:83:06:85:25:52:f3:28:11:e0:c2:89:
d7:32:a7:e7:44:79:2a:f9:b6:ce:1c:46:6a:23:4a:
58:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A7:89:B7:25:FF:AF:AE:41:26:0B:67:01:55:32:5F:86:FA:FF:2E
X509v3 Authority Key Identifier:
keyid:93:EF:A2:BF:90:A2:37:28:85:27:27:F1:26:ED:E6:52:86:C3:CA:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k--iv5CiNyiFJyfxJu3mUobDymc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a92eb2-b2ba-4efd-bd09-6abb1ccb6153/1/TaeJtyX_r65BJgtnAVUyX4b6_y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a92eb2-b2ba-4efd-bd09-6abb1ccb6153/1/k--iv5CiNyiFJyfxJu3mUobDymc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.247.0/24
164.152.216.0/24
185.218.2.0/24
IPv6:
2001:3900::/29
2a11:2800:239::/48
2a11:2800:761::/48
2a11:2800:10db::/48
2a11:2800:131c::/48
2a11:2800:1bce::/48
2a11:2800:1f33::/48
2a11:2800:2047::/48
2a11:2800:215b::/48
2a11:2800:285d::/48
2a11:2800:3dc6::/48
2a11:2800:661f::/48
2a11:2800:792e::/48
2a11:2800:9e16::/48
2a11:2800:b41d::/48
2a11:2803:e78b::/48
Signature Algorithm: sha256WithRSAEncryption
5c:b6:74:23:f5:50:82:9b:b1:bc:27:85:d1:3a:d9:e1:18:59:
04:27:54:92:41:b6:54:a4:5b:f9:98:c5:ba:ea:89:50:9c:8c:
37:9e:a4:49:6e:6f:23:48:9b:5a:90:84:de:7a:f7:4a:d1:bc:
74:3c:f4:0a:95:9a:39:60:40:82:c0:de:df:60:a2:c9:32:ce:
c4:85:5f:af:6d:15:ce:21:e8:3e:63:51:ee:ba:8c:da:4b:3a:
c9:a4:80:c9:ab:c7:7a:9d:47:b0:eb:72:f0:b6:1a:96:2d:e9:
bd:7f:ca:1f:3f:c3:41:f1:6f:db:1e:6f:cd:96:09:69:1e:fc:
6b:93:13:d7:d1:ed:84:d5:2b:66:d0:ac:6f:c1:99:8a:2e:1e:
0e:41:8e:80:fa:97:33:b1:90:ae:5b:e2:e9:ba:92:36:25:90:
7a:69:64:87:d4:39:90:81:29:a9:57:13:ce:bd:b3:6c:5a:10:
e7:a6:45:a8:4a:0f:9a:60:f4:ec:f1:47:60:d5:60:f3:d1:23:
3c:4b:49:6a:2d:36:14:4b:51:e9:4c:f7:0a:69:50:55:13:fe:
99:41:da:12:e1:d0:a9:cb:a9:25:6d:f9:ba:58:04:3d:4b:75:
e2:2b:da:95:ff:3b:44:1f:9c:34:80:74:7c:ad:f3:be:65:0e:
a8:3e:22:11
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZc9BD6+Oae0+OVQ8g9L+qs3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZWZhMmJmOTBhMjM3Mjg4NTI3MjdmMTI2ZWRlNjUyODZj
M2NhNjcwHhcNMjUwNjA0MjIxNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGE3ODliNzI1ZmZhZmFlNDEyNjBiNjcwMTU1MzI1Zjg2ZmFmZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMij1rp4Y95GiWhTSW7jX+oFI89Q
8Nw7ZqtEbWjTTVoNc+fJpIzZNg5HkRvvJXxMwHlG5iUfY6cp+lwKfx/nAbz7q5sw
re1RqLhwc88i+YsmBD0nUmtKDZnLi/eNw7cP8RJ+s3Jey2G4mxcIOy5xhbLSUa3B
esXBpED9dCXSn5HdvoZPju4TXu/zpaB4/yCbm++KTDzrURK3TplOMGKIcy3bJm3G
F783V5xetDBoZDDdySMsqu+ngAMDFgEGFvaIUU8J6GM3GQNMH4jqB3pGyQFbl2Eq
4PB1F0QPYZksRJJPROKQgwaFJVLzKBHgwonXMqfnRHkq+bbOHEZqI0pYvwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFE2nibcl/6+uQSYLZwFVMl+G+v8uMB8GA1UdIwQY
MBaAFJPvor+QojcohScn8Sbt5lKGw8pnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay0taXY1Q2lOeWlGSnlmeEp1M21Vb2JEeW1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9hOTJlYjItYjJiYS00ZWZkLWJkMDkt
NmFiYjFjY2I2MTUzLzEvVGFlSnR5WF9yNjVCSmd0bkFWVXlYNGI2X3k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9hOTJlYjItYjJiYS00ZWZkLWJkMDktNmFiYjFjY2I2MTUz
LzEvay0taXY1Q2lOeWlGSnlmeEp1M21Vb2JEeW1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjAYBAIAATASAwQAUEn3
AwQApJjYAwQAudoCMIGVBAIAAjCBjgMFAyABOQADBwAqESgAAjkDBwAqESgAB2ED
BwAqESgAENsDBwAqESgAExwDBwAqESgAG84DBwAqESgAHzMDBwAqESgAIEcDBwAq
ESgAIVsDBwAqESgAKF0DBwAqESgAPcYDBwAqESgAZh8DBwAqESgAeS4DBwAqESgA
nhYDBwAqESgAtB0DBwAqESgD54swDQYJKoZIhvcNAQELBQADggEBAFy2dCP1UIKb
sbwnhdE62eEYWQQnVJJBtlSkW/mYxbrqiVCcjDeepElubyNIm1qQhN5690rRvHQ8
9AqVmjlgQILA3t9goskyzsSFX69tFc4h6D5jUe66jNpLOsmkgMmrx3qdR7DrcvC2
GpYt6b1/yh8/w0Hxb9seb82WCWke/GuTE9fR7YTVK2bQrG/BmYouHg5BjoD6lzOx
kK5b4um6kjYlkHppZIfUOZCBKalXE869s2xaEOemRahKD5pg9OzxR2DVYPPRIzxL
SWotNhRLUelM9wppUFUT/plB2hLh0KnLqSVt+bpYBD1LdeIr2pX/O0QfnDSAdHyt
875lDqg+IhE=
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:05:32 2025 by rpki-client