Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/F44rSxYHWvCn92sHFFQUEeoKyqw.roa
File: F44rSxYHWvCn92sHFFQUEeoKyqw.roa (raw, json)
Hash identifier: 8AXZMSZO+E7+SkVr6YrOqE49BwMU7g4OcVzs14+WP+A=
Subject key identifier: 17:8E:2B:4B:16:07:5A:F0:A7:F7:6B:07:14:54:14:11:EA:0A:CA:AC
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0198408A0A05316BBAA72D7AA744B1247BBB
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/F44rSxYHWvCn92sHFFQUEeoKyqw.roa
Signing time: Fri 25 Jul 2025 07:44:05 +0000
ROA not before: Fri 25 Jul 2025 07:44:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.253.0/24 maxlen: 24
45.155.254.0/24 maxlen: 24
45.157.208.0/23 maxlen: 23
79.98.244.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.221.25.0/24 maxlen: 24
185.221.26.0/24 maxlen: 24
185.225.168.0/23 maxlen: 23
185.225.168.0/24 maxlen: 24
185.225.169.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:40:8a:0a:05:31:6b:ba:a7:2d:7a:a7:44:b1:24:7b:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jul 25 07:44:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=178e2b4b16075af0a7f76b0714541411ea0acaac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e7:0a:6f:1c:8e:43:cc:9b:a3:fc:c2:12:e1:
bc:8d:a4:8e:9a:73:92:1e:78:59:9b:4a:a5:3b:50:
74:9f:1a:fc:8a:36:48:85:15:1d:d0:84:d5:52:e9:
36:78:20:c1:d8:b1:2d:1e:99:d6:d4:a5:53:1e:5b:
9c:18:1d:93:ba:f7:62:d0:2e:1a:ae:fd:a3:3d:ba:
b7:21:28:4d:d0:9c:a7:0f:a6:b2:3f:7f:d5:4e:d6:
1d:7a:1e:0b:03:20:9b:40:0b:90:86:41:0a:21:f2:
ac:df:aa:d9:e0:ba:01:e0:91:8f:42:cd:4f:4b:87:
ee:38:56:29:60:49:78:58:b7:37:17:b1:76:0b:2b:
5d:8b:08:ba:3b:be:5e:5f:84:13:1f:c0:81:92:4c:
8d:0c:45:1a:e6:f9:68:81:7a:30:b6:02:81:18:ad:
9e:b8:37:bb:52:90:85:4a:01:f6:b4:33:b9:b0:4c:
3c:18:1d:06:5b:a8:eb:5d:22:e4:7e:46:41:78:05:
76:6a:71:1e:63:ac:eb:ea:8a:e8:ec:bd:70:56:90:
ca:a6:98:7f:1c:95:21:b7:c9:3b:85:7d:e3:ad:f5:
e2:6e:29:36:87:41:89:02:6e:ae:57:fc:6c:52:a7:
df:87:c5:50:f3:1a:6f:5d:7f:e3:b2:11:e0:d7:16:
82:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:8E:2B:4B:16:07:5A:F0:A7:F7:6B:07:14:54:14:11:EA:0A:CA:AC
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/F44rSxYHWvCn92sHFFQUEeoKyqw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.253.0-45.155.254.255
45.157.208.0/23
79.98.244.0/24
176.125.251.0/24
185.199.151.0/24
185.199.213.0/24
185.221.25.0-185.221.26.255
185.225.168.0/23
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:4a:14:0c:6c:11:cd:87:89:b9:df:a4:35:80:bc:86:79:0d:
c2:1c:7d:c5:4d:e8:50:a3:5a:44:a2:cf:67:9a:8c:1c:55:d3:
00:0a:2c:7a:fb:b8:ac:c2:5c:27:a3:b3:b0:64:20:35:fe:39:
d2:41:8c:b2:54:52:77:35:de:1e:a5:c2:09:0d:d3:cd:e1:03:
92:9c:42:ce:8e:17:bb:a2:89:32:20:38:1d:cd:3c:6c:05:19:
d5:68:57:17:b0:b4:0d:20:51:40:fb:b5:39:22:87:e8:12:97:
d0:6d:84:d6:14:95:b7:8e:f0:42:f3:24:b0:90:6e:59:e3:1f:
04:bc:41:a9:76:be:0d:98:eb:19:35:d8:28:59:bd:ad:40:54:
7a:e8:05:87:fe:0d:83:d2:16:70:8d:72:ae:8f:39:9b:79:94:
4f:7c:9d:e6:72:97:57:1f:ab:85:95:0b:16:fe:2d:3b:63:49:
34:79:6e:be:b6:b5:95:ea:76:5d:8d:28:ea:98:1f:2d:d6:5d:
bc:78:ff:d5:cc:c1:cb:8f:8c:71:82:19:25:e6:f5:a1:6a:da:
5d:33:44:c7:10:b8:2a:95:cf:f3:fa:28:88:f7:d4:ad:67:93:
19:0a:cc:08:66:7b:2b:9b:a1:ad:ff:de:5b:4e:9a:3a:09:e4:
a5:48:3c:7b
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZhAigoFMWu6py16p0SxJHu7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjUwNzI1MDc0NDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzhlMmI0YjE2MDc1YWYwYTdmNzZiMDcxNDU0MTQxMWVhMGFjYWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoucKbxyOQ8ybo/zCEuG8jaSOmnOS
HnhZm0qlO1B0nxr8ijZIhRUd0ITVUuk2eCDB2LEtHpnW1KVTHlucGB2Tuvdi0C4a
rv2jPbq3IShN0JynD6ayP3/VTtYdeh4LAyCbQAuQhkEKIfKs36rZ4LoB4JGPQs1P
S4fuOFYpYEl4WLc3F7F2Cytdiwi6O75eX4QTH8CBkkyNDEUa5vlogXowtgKBGK2e
uDe7UpCFSgH2tDO5sEw8GB0GW6jrXSLkfkZBeAV2anEeY6zr6oro7L1wVpDKpph/
HJUht8k7hX3jrfXibik2h0GJAm6uV/xsUqffh8VQ8xpvXX/jshHg1xaCTwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFBeOK0sWB1rwp/drBxRUFBHqCsqsMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvRjQ0clN4WUhXdkNuOTJzSEZGUVVFZW9LeXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBAAtm/0D
BAAtm/4DBAEtndADBABPYvQDBACwffsDBAC5x5cDBAC5x9UwDAMEALndGQMEALnd
GgMEAbnhqAMEALn6GjANBgkqhkiG9w0BAQsFAAOCAQEAHkoUDGwRzYeJud+kNYC8
hnkNwhx9xU3oUKNaRKLPZ5qMHFXTAAosevu4rMJcJ6OzsGQgNf450kGMslRSdzXe
HqXCCQ3TzeEDkpxCzo4Xu6KJMiA4Hc08bAUZ1WhXF7C0DSBRQPu1OSKH6BKX0G2E
1hSVt47wQvMksJBuWeMfBLxBqXa+DZjrGTXYKFm9rUBUeugFh/4Ng9IWcI1yro85
m3mUT3yd5nKXVx+rhZULFv4tO2NJNHluvra1lep2XY0o6pgfLdZdvHj/1czBy4+M
cYIZJeb1oWraXTNExxC4KpXP8/ooiPfUrWeTGQrMCGZ7K5uhrf/eW06aOgnkpUg8
ew==
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:27:09 2025 by rpki-client