Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/338T7gNmzhLcnt2M-PxpBF5Zzbg.roa
File: 338T7gNmzhLcnt2M-PxpBF5Zzbg.roa (raw, json)
Hash identifier: 09iTq/LWg/GO9om8U14MEEoIZW+wt7Kp5UMgo4uv4sc=
Subject key identifier: DF:7F:13:EE:03:66:CE:12:DC:9E:DD:8C:F8:FC:69:04:5E:59:CD:B8
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0199F6F975B9DBAA02F05B20A27FF44F4059
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/338T7gNmzhLcnt2M-PxpBF5Zzbg.roa
Signing time: Sat 18 Oct 2025 10:59:27 +0000
ROA not before: Sat 18 Oct 2025 10:59:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 79.98.244.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
185.225.168.0/24 maxlen: 24
185.225.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f6:f9:75:b9:db:aa:02:f0:5b:20:a2:7f:f4:4f:40:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Oct 18 10:59:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df7f13ee0366ce12dc9edd8cf8fc69045e59cdb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:10:db:7d:ed:72:eb:4a:c1:69:08:35:e2:f6:
d3:a0:20:b6:f6:86:96:53:c9:36:b1:30:f1:fb:ff:
10:75:6b:32:58:0d:a9:57:1f:90:05:f6:07:6e:a3:
df:b1:ed:3e:75:8a:d3:1e:f7:29:9b:1a:b8:17:23:
ad:93:c5:0d:fa:d5:fb:2d:1c:45:59:18:5a:10:43:
94:59:a7:8d:a3:99:6f:f3:a8:9e:31:a5:5b:ce:ff:
70:b2:5a:6d:4a:84:0f:d9:87:f9:25:3b:12:19:9b:
ca:16:64:61:d3:1b:05:ea:46:22:13:06:b2:28:04:
03:5a:6c:ac:22:66:08:95:9e:2d:57:7a:7f:54:4c:
af:8b:58:f1:67:b1:52:62:1e:9a:cc:e3:55:bc:02:
57:d2:38:e2:df:04:9b:70:88:e3:dc:f5:de:7a:15:
65:3e:37:d3:20:78:ae:5a:4a:90:b3:31:d2:58:1d:
fc:fb:34:25:cc:25:dd:c8:62:e5:c3:e3:15:d4:83:
8c:49:5f:c1:4e:57:da:f2:8a:bd:6e:36:8c:7e:df:
da:e2:4d:06:b2:22:36:29:5c:40:b8:39:8c:a5:f8:
90:6f:08:16:bd:d3:7c:74:a7:a6:e7:d3:b6:cf:91:
5d:83:2d:92:87:e7:63:5a:67:5c:bd:6a:5a:ad:32:
2d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:7F:13:EE:03:66:CE:12:DC:9E:DD:8C:F8:FC:69:04:5E:59:CD:B8
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/338T7gNmzhLcnt2M-PxpBF5Zzbg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.244.0/24
176.125.251.0/24
185.225.168.0/23
Signature Algorithm: sha256WithRSAEncryption
aa:ed:ea:4a:31:5a:3d:14:33:67:81:7e:55:ed:f1:2e:f7:70:
4b:39:60:14:f0:68:f9:13:7e:03:53:60:c9:d6:44:23:02:50:
4b:0b:79:b3:e4:7c:46:43:4e:ea:77:8f:e6:93:7d:3a:5d:bb:
78:57:ef:25:2e:7e:47:57:87:c6:08:82:90:9b:68:70:c6:09:
95:0a:16:26:01:62:06:77:fb:f9:c1:e0:0c:00:39:65:d6:cb:
c8:f2:e1:a1:6a:83:aa:50:d3:73:d0:80:5b:48:4b:e5:7f:c4:
a5:a5:7d:ca:c8:33:46:30:47:30:bb:88:3e:44:f4:f0:d9:a7:
f9:26:33:bd:91:51:7d:2f:97:16:0b:29:f8:72:04:f0:82:97:
4c:b5:2c:64:ad:12:9f:72:d8:ac:9e:db:85:57:b7:0b:6c:ce:
33:c1:7f:bc:65:d4:c9:4e:27:d0:0e:a8:37:6e:a3:ed:c0:31:
54:32:b2:ea:71:7c:a1:60:23:89:9f:c7:73:87:4f:ae:11:51:
2f:09:fa:13:e0:58:99:7d:7b:ed:ff:05:43:24:db:ab:61:be:
29:6f:9c:63:b3:9b:61:24:dd:b2:d3:ea:0b:01:80:09:7f:b3:
8c:10:a3:5e:c0:f4:fb:ba:b1:8e:e1:71:f2:f5:af:15:fd:ba:
b5:9f:9e:d4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZn2+XW526oC8Fsgon/0T0BZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjUxMDE4MTA1OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjdmMTNlZTAzNjZjZTEyZGM5ZWRkOGNmOGZjNjkwNDVlNTljZGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBDbfe1y60rBaQg14vbToCC29oaW
U8k2sTDx+/8QdWsyWA2pVx+QBfYHbqPfse0+dYrTHvcpmxq4FyOtk8UN+tX7LRxF
WRhaEEOUWaeNo5lv86ieMaVbzv9wslptSoQP2Yf5JTsSGZvKFmRh0xsF6kYiEway
KAQDWmysImYIlZ4tV3p/VEyvi1jxZ7FSYh6azONVvAJX0jji3wSbcIjj3PXeehVl
PjfTIHiuWkqQszHSWB38+zQlzCXdyGLlw+MV1IOMSV/BTlfa8oq9bjaMft/a4k0G
siI2KVxAuDmMpfiQbwgWvdN8dKem59O2z5Fdgy2Sh+djWmdcvWparTItkQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN9/E+4DZs4S3J7djPj8aQReWc24MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMzM4VDdnTm16aExjbnQyTS1QeHBCRjVaemJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT2L0AwQA
sH37AwQBueGoMA0GCSqGSIb3DQEBCwUAA4IBAQCq7epKMVo9FDNngX5V7fEu93BL
OWAU8Gj5E34DU2DJ1kQjAlBLC3mz5HxGQ07qd4/mk306Xbt4V+8lLn5HV4fGCIKQ
m2hwxgmVChYmAWIGd/v5weAMADll1svI8uGhaoOqUNNz0IBbSEvlf8SlpX3KyDNG
MEcwu4g+RPTw2af5JjO9kVF9L5cWCyn4cgTwgpdMtSxkrRKfctisntuFV7cLbM4z
wX+8ZdTJTifQDqg3bqPtwDFUMrLqcXyhYCOJn8dzh0+uEVEvCfoT4FiZfXvt/wVD
JNurYb4pb5xjs5thJN2y0+oLAYAJf7OMEKNewPT7urGO4XHy9a8V/bq1n57U
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:34:21 2025 by rpki-client