Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Y93UFuH00_cFjyT9h0x-Xo3LsRA.roa
File: Y93UFuH00_cFjyT9h0x-Xo3LsRA.roa (raw, json)
Hash identifier: KbxPfOmyChm+trCvOnFCPUXdRLZulWQI+556HaiOtUM=
Subject key identifier: 63:DD:D4:16:E1:F4:D3:F7:05:8F:24:FD:87:4C:7E:5E:8D:CB:B1:10
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0198313AFBA837079D6AC7DD79E67AAE7CF8
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Y93UFuH00_cFjyT9h0x-Xo3LsRA.roa
Signing time: Tue 22 Jul 2025 08:23:25 +0000
ROA not before: Tue 22 Jul 2025 08:23:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 79.98.245.0/24 maxlen: 24
176.125.250.0/24 maxlen: 24
185.221.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:31:3a:fb:a8:37:07:9d:6a:c7:dd:79:e6:7a:ae:7c:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jul 22 08:23:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63ddd416e1f4d3f7058f24fd874c7e5e8dcbb110
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:42:02:08:7c:34:21:75:73:6b:c9:e9:b6:5e:
cb:22:79:52:75:cc:7f:51:c0:a0:8a:9f:72:49:71:
a1:2c:51:dd:25:fa:63:65:31:a0:2f:79:f7:2f:94:
a4:0e:47:2a:17:35:db:b7:d1:18:1f:f8:3f:e8:9a:
4e:8e:a6:8e:af:9f:15:39:15:09:11:38:c5:ee:a4:
7a:18:94:67:a2:a5:2f:a7:cf:94:6a:aa:ae:24:c5:
0f:a7:64:1f:9b:e3:46:de:ab:4c:49:16:9b:c9:98:
c9:91:20:1c:d0:b2:61:90:73:b7:5f:1f:13:36:c8:
b6:7f:fb:ce:61:a0:8c:77:e2:e7:52:48:27:62:67:
08:d5:27:a4:28:b5:f0:16:db:9d:66:e6:e5:b5:b5:
14:9f:f0:4e:3c:6f:a4:70:5a:7a:0e:80:2a:02:3b:
2b:5a:0b:8d:2b:b6:b2:29:f5:ca:4a:b3:99:d5:43:
ff:98:dd:1f:1e:82:06:78:93:bc:c7:7b:19:03:59:
82:6e:f0:f1:82:dd:51:2a:ca:69:b4:da:9e:a6:e6:
fe:c5:44:e7:e0:d5:55:42:46:72:89:d2:5b:45:94:
71:f0:b8:a4:c3:f6:ac:a8:61:31:bb:d9:1a:c6:7a:
3e:e9:ae:f2:e7:da:8d:bc:9e:b7:4e:85:8e:b1:77:
ba:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:DD:D4:16:E1:F4:D3:F7:05:8F:24:FD:87:4C:7E:5E:8D:CB:B1:10
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Y93UFuH00_cFjyT9h0x-Xo3LsRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.245.0/24
176.125.250.0/24
185.221.24.0/24
Signature Algorithm: sha256WithRSAEncryption
47:13:5e:4a:72:93:6e:76:6c:37:d4:30:5a:45:90:f6:d2:78:
3e:b6:cf:aa:ca:cb:af:c5:ca:c3:60:37:bc:16:f1:bc:06:87:
e4:a2:6f:d0:5c:ba:ce:69:3f:3e:18:89:ea:8b:99:71:31:d8:
58:dd:eb:67:60:36:87:cf:d0:fa:5b:b0:d3:29:45:50:e9:7a:
a3:83:32:48:cb:6e:72:9d:65:b4:23:d5:bb:9d:57:0a:21:2f:
5a:f9:82:4e:be:c4:3b:c5:7c:7d:7f:7f:f6:b7:32:5c:61:2e:
26:65:3b:fa:39:34:f3:bc:20:ed:7b:96:fd:8e:71:e4:6d:36:
12:df:c7:40:28:82:f9:86:f3:d1:a7:e5:d0:66:18:1e:77:33:
c8:4f:24:df:7d:63:ce:28:5f:f7:aa:78:fe:d7:07:05:c1:8e:
1a:dc:36:6e:b9:2f:e5:fc:a8:b1:eb:1e:9d:9d:58:7b:f5:31:
87:e5:08:34:0d:43:9d:6b:98:da:56:ba:13:f6:e0:ee:aa:80:
73:9e:82:73:1c:9c:4b:52:6f:89:4d:84:82:b4:50:9c:e0:08:
05:0a:50:45:12:15:fe:6e:48:a3:45:6c:48:d1:d6:e0:b0:12:
70:ee:0f:8b:3c:d6:d3:51:31:5b:64:1c:70:88:52:ae:52:16:
aa:a9:a3:c2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZgxOvuoNwedasfdeeZ6rnz4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjUwNzIyMDgyMzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2RkZDQxNmUxZjRkM2Y3MDU4ZjI0ZmQ4NzRjN2U1ZThkY2JiMTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5EICCHw0IXVza8nptl7LInlSdcx/
UcCgip9ySXGhLFHdJfpjZTGgL3n3L5SkDkcqFzXbt9EYH/g/6JpOjqaOr58VORUJ
ETjF7qR6GJRnoqUvp8+UaqquJMUPp2Qfm+NG3qtMSRabyZjJkSAc0LJhkHO3Xx8T
Nsi2f/vOYaCMd+LnUkgnYmcI1SekKLXwFtudZubltbUUn/BOPG+kcFp6DoAqAjsr
WguNK7ayKfXKSrOZ1UP/mN0fHoIGeJO8x3sZA1mCbvDxgt1RKspptNqepub+xUTn
4NVVQkZyidJbRZRx8Likw/asqGExu9kaxno+6a7y59qNvJ63ToWOsXe6AwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGPd1Bbh9NP3BY8k/YdMfl6Ny7EQMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvWTkzVUZ1SDAwX2NGanlUOWgweC1YbzNMc1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT2L1AwQA
sH36AwQAud0YMA0GCSqGSIb3DQEBCwUAA4IBAQBHE15KcpNudmw31DBaRZD20ng+
ts+qysuvxcrDYDe8FvG8Bofkom/QXLrOaT8+GInqi5lxMdhY3etnYDaHz9D6W7DT
KUVQ6XqjgzJIy25ynWW0I9W7nVcKIS9a+YJOvsQ7xXx9f3/2tzJcYS4mZTv6OTTz
vCDte5b9jnHkbTYS38dAKIL5hvPRp+XQZhgedzPITyTffWPOKF/3qnj+1wcFwY4a
3DZuuS/l/Kix6x6dnVh79TGH5Qg0DUOda5jaVroT9uDuqoBznoJzHJxLUm+JTYSC
tFCc4AgFClBFEhX+bkijRWxI0dbgsBJw7g+LPNbTUTFbZBxwiFKuUhaqqaPC
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:33:09 2025 by rpki-client