
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/OgfuNbp0FLwn35kSH1QFksBBpuk.roa
File: OgfuNbp0FLwn35kSH1QFksBBpuk.roa (raw, json)
Hash identifier: iI+edTbWFpONN9x09GV3LBC0YBWX5LquEmt51grcATc=
Subject key identifier: 3A:07:EE:35:BA:74:14:BC:27:DF:99:12:1F:54:05:92:C0:41:A6:E9
Certificate issuer: /CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Certificate serial: 01981D6576E1C91260FAC0C3400CE861C9DA
Authority key identifier: 66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/OgfuNbp0FLwn35kSH1QFksBBpuk.roa
Signing time: Fri 18 Jul 2025 11:57:25 +0000
ROA not before: Fri 18 Jul 2025 11:57:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211588
IP address blocks: 185.229.33.0/24 maxlen: 24
185.229.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 13:47:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1d:65:76:e1:c9:12:60:fa:c0:c3:40:0c:e8:61:c9:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66f8206e3311df394f48389b8122b94aa1f0b05c
Validity
Not Before: Jul 18 11:57:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a07ee35ba7414bc27df99121f540592c041a6e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:fd:1d:7d:d0:b8:b7:e9:94:d3:c9:2b:fc:b1:
ac:9b:18:c6:2d:f0:c4:7d:c6:70:ee:dc:49:9c:eb:
cd:4c:f8:de:1f:69:6d:b3:8e:81:25:ad:0b:a3:dd:
b1:75:03:53:cc:79:ca:00:45:0a:38:08:a5:b5:94:
e5:4b:f4:a0:f8:19:39:a9:9e:61:a6:aa:b1:7e:58:
a8:6d:f3:3b:02:08:91:f7:2c:5b:71:a2:67:c7:f1:
b2:2c:86:34:66:94:4e:b2:c6:a6:47:35:67:73:8b:
34:b6:9c:70:1a:cc:d5:87:a7:33:fc:7c:0c:87:10:
ed:43:da:ab:cd:2b:af:fc:40:e3:57:2f:12:6c:e8:
6e:bf:ed:c7:40:ec:cb:41:a1:05:fb:f3:a6:29:4d:
a8:fc:2e:cc:c8:92:ee:5b:36:5d:31:11:20:09:b7:
ac:ad:38:2d:ce:b4:0d:3d:6a:54:b8:36:eb:6b:79:
ae:4f:c1:d1:9b:1b:98:b0:da:4c:e4:c7:42:cd:10:
02:d1:32:6e:0a:f9:78:52:c5:b7:82:24:96:f9:c1:
0c:55:40:36:cc:7b:91:00:2d:a4:3d:57:5a:a7:c4:
a4:b4:bc:2f:30:fd:a9:06:77:e1:ad:f6:19:45:eb:
0a:06:02:c7:40:98:dc:b9:4f:5d:d5:a4:f5:ac:8a:
80:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:07:EE:35:BA:74:14:BC:27:DF:99:12:1F:54:05:92:C0:41:A6:E9
X509v3 Authority Key Identifier:
keyid:66:F8:20:6E:33:11:DF:39:4F:48:38:9B:81:22:B9:4A:A1:F0:B0:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZvggbjMR3zlPSDibgSK5SqHwsFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/OgfuNbp0FLwn35kSH1QFksBBpuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/be1a25-5855-4aec-8e18-bbfd45c84bea/1/ZvggbjMR3zlPSDibgSK5SqHwsFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.33.0/24
185.229.35.0/24
Signature Algorithm: sha256WithRSAEncryption
83:b7:fd:f1:82:58:a8:86:52:33:4b:20:af:86:a4:9e:f2:eb:
d5:40:c9:dd:e5:d2:78:f4:17:d3:bd:c5:01:c5:8f:9e:54:c1:
9f:e9:fa:ad:f4:c8:86:62:92:95:64:0d:86:9a:21:3f:ab:d7:
ae:dd:bf:2d:56:0a:74:06:6c:bd:a1:db:76:57:aa:ea:49:42:
8b:fc:34:70:5c:08:8d:a3:0c:e6:46:17:a4:9b:d9:69:9f:e7:
1c:ce:52:88:c2:41:45:93:cc:d3:a0:50:87:97:0b:be:4c:eb:
0c:73:12:fb:98:b9:aa:0c:03:17:b5:ec:ad:e5:ab:bc:5a:7e:
17:02:55:87:66:a6:c7:66:e0:7a:34:95:3b:e1:96:5b:22:7c:
04:99:b1:22:62:31:6f:0a:c8:37:db:f0:a4:c9:c8:04:f1:b2:
3a:04:d9:03:24:35:99:1c:3e:33:fd:1a:ee:f0:6a:9f:8c:74:
04:1f:c7:56:c1:31:da:96:15:9e:68:20:ef:10:c6:1d:fd:b4:
eb:cb:77:78:05:7a:7c:30:8b:30:8a:35:1a:20:17:eb:fb:2b:
4c:64:4b:51:83:76:40:5e:1d:9a:84:37:0e:de:83:e8:9d:6e:
5c:99:d6:16:f8:8d:b8:5d:73:09:9a:51:c2:18:f2:40:68:5a:
d6:0f:13:c4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZgdZXbhyRJg+sDDQAzoYcnaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZjgyMDZlMzMxMWRmMzk0ZjQ4Mzg5YjgxMjJiOTRhYTFm
MGIwNWMwHhcNMjUwNzE4MTE1NzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTA3ZWUzNWJhNzQxNGJjMjdkZjk5MTIxZjU0MDU5MmMwNDFhNmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq/0dfdC4t+mU08kr/LGsmxjGLfDE
fcZw7txJnOvNTPjeH2lts46BJa0Lo92xdQNTzHnKAEUKOAiltZTlS/Sg+Bk5qZ5h
pqqxfliobfM7AgiR9yxbcaJnx/GyLIY0ZpROssamRzVnc4s0tpxwGszVh6cz/HwM
hxDtQ9qrzSuv/EDjVy8SbOhuv+3HQOzLQaEF+/OmKU2o/C7MyJLuWzZdMREgCbes
rTgtzrQNPWpUuDbra3muT8HRmxuYsNpM5MdCzRAC0TJuCvl4UsW3giSW+cEMVUA2
zHuRAC2kPVdap8SktLwvMP2pBnfhrfYZResKBgLHQJjcuU9d1aT1rIqA9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDoH7jW6dBS8J9+ZEh9UBZLAQabpMB8GA1UdIwQY
MBaAFGb4IG4zEd85T0g4m4EiuUqh8LBcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgt
YmJmZDQ1Yzg0YmVhLzEvT2dmdU5icDBGTHduMzVrU0gxUUZrc0JCcHVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9iZTFhMjUtNTg1NS00YWVjLThlMTgtYmJmZDQ1Yzg0YmVh
LzEvWnZnZ2JqTVIzemxQU0RpYmdTSzVTcUh3c0Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAueUhAwQA
ueUjMA0GCSqGSIb3DQEBCwUAA4IBAQCDt/3xgliohlIzSyCvhqSe8uvVQMnd5dJ4
9BfTvcUBxY+eVMGf6fqt9MiGYpKVZA2GmiE/q9eu3b8tVgp0Bmy9odt2V6rqSUKL
/DRwXAiNowzmRhekm9lpn+cczlKIwkFFk8zToFCHlwu+TOsMcxL7mLmqDAMXteyt
5au8Wn4XAlWHZqbHZuB6NJU74ZZbInwEmbEiYjFvCsg32/CkycgE8bI6BNkDJDWZ
HD4z/Rru8GqfjHQEH8dWwTHalhWeaCDvEMYd/bTry3d4BXp8MIswijUaIBfr+ytM
ZEtRg3ZAXh2ahDcO3oPonW5cmdYW+I24XXMJmlHCGPJAaFrWDxPE
-----END CERTIFICATE-----
Generated at Tue Jul 22 20:17:49 2025 by rpki-client