Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ZGQz0tsigUD9Q_FNeNUn6ogaHqg.roa
File: ZGQz0tsigUD9Q_FNeNUn6ogaHqg.roa (raw, json)
Hash identifier: K6ZZnIzxkzbl1qwYVTj7m0h9gsdaSWPnwrSd9T7K9Qs=
Subject key identifier: 64:64:33:D2:DB:22:81:40:FD:43:F1:4D:78:D5:27:EA:88:1A:1E:A8
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0198BF5B8B76D18EFE585B8EDD5CDBA2C9C5
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ZGQz0tsigUD9Q_FNeNUn6ogaHqg.roa
Signing time: Mon 18 Aug 2025 22:45:04 +0000
ROA not before: Mon 18 Aug 2025 22:45:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 79.98.244.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.221.25.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 23:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bf:5b:8b:76:d1:8e:fe:58:5b:8e:dd:5c:db:a2:c9:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Aug 18 22:45:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=646433d2db228140fd43f14d78d527ea881a1ea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:5a:b9:6e:d2:02:22:e3:a9:ca:fc:45:7c:15:
9d:0b:c0:b6:27:dc:4f:b2:13:61:0d:1e:27:5e:8c:
59:6b:5b:3e:77:e4:4b:4d:39:7a:3a:d7:03:07:f8:
f7:b6:48:e6:71:5f:15:16:b2:bb:6f:dc:9a:a7:ea:
70:24:ef:c4:ba:9e:64:3b:06:3c:7a:f2:80:1a:b0:
cf:61:3c:f1:ba:54:82:8f:2e:14:88:42:99:fc:a1:
07:c5:fe:8e:0b:dc:f6:6e:92:30:1f:78:03:9e:8a:
62:26:c2:cc:44:10:8c:f1:a0:22:e2:fa:9f:05:0d:
a0:72:85:e8:12:f6:f6:ca:2e:e0:34:ec:67:b8:9d:
af:15:71:35:3f:19:e9:e2:5b:3b:80:b1:99:4b:aa:
07:6e:fe:aa:22:a7:9a:18:db:6f:88:6c:7c:2c:70:
40:a0:70:92:73:23:26:95:19:b0:74:35:56:65:c3:
0d:b6:85:33:a0:ef:09:e8:7b:1c:fd:a2:fd:46:25:
f5:96:82:be:39:b3:89:17:69:a2:e6:c6:bd:e0:75:
67:80:9a:c9:99:46:d5:e2:0a:d2:21:c5:9c:c8:5c:
62:0f:b0:bd:71:dc:96:c2:8f:24:96:99:cb:f8:d0:
32:59:18:61:05:b4:98:e1:ce:35:64:bd:83:a1:65:
c1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:64:33:D2:DB:22:81:40:FD:43:F1:4D:78:D5:27:EA:88:1A:1E:A8
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ZGQz0tsigUD9Q_FNeNUn6ogaHqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.244.0/24
185.199.151.0/24
185.221.25.0/24
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:52:d3:6e:b8:8b:d8:5e:14:8d:d4:f5:33:9e:25:3c:49:ff:
b2:dd:8e:db:78:3d:48:ca:34:6f:f3:70:5c:5b:1e:ec:9e:87:
75:43:89:af:d8:10:c3:28:5e:9f:74:56:82:af:22:b9:66:25:
da:6c:b9:24:fa:8d:8e:32:48:0e:36:bb:61:d1:bc:24:ea:f1:
c5:85:c4:47:27:94:1c:72:1e:f3:5f:1d:7d:80:44:f0:ad:fa:
65:d1:71:53:e1:07:2d:f7:1a:9e:99:4a:30:cf:5f:78:f1:58:
ea:2f:8b:ce:bd:85:32:33:ce:da:7b:bd:eb:20:d6:bb:0b:57:
e6:f2:43:a8:25:c1:e0:6d:ee:60:99:3f:89:4e:a4:2d:9d:5f:
cc:e8:fb:95:03:5e:3f:bc:fe:72:02:01:15:e2:bf:32:bb:e3:
0c:25:21:6c:93:0f:51:3a:c0:9f:c9:3c:a5:fe:71:9c:3f:ad:
61:0d:04:52:a9:02:a5:cf:cb:f0:c1:a1:f3:3c:d5:64:96:41:
2e:96:00:f4:c2:db:ae:09:72:f0:d9:36:ff:a5:59:00:be:38:
3a:12:ea:6d:9f:9f:1c:b3:c0:d4:52:87:81:a1:8e:ef:85:f9:
fe:e6:bf:83:33:ba:61:83:b6:df:23:3c:51:33:1c:6d:f8:70:
15:2c:1b:46
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZi/W4t20Y7+WFuO3VzbosnFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjUwODE4MjI0NTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDY0MzNkMmRiMjI4MTQwZmQ0M2YxNGQ3OGQ1MjdlYTg4MWExZWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFq5btICIuOpyvxFfBWdC8C2J9xP
shNhDR4nXoxZa1s+d+RLTTl6OtcDB/j3tkjmcV8VFrK7b9yap+pwJO/Eup5kOwY8
evKAGrDPYTzxulSCjy4UiEKZ/KEHxf6OC9z2bpIwH3gDnopiJsLMRBCM8aAi4vqf
BQ2gcoXoEvb2yi7gNOxnuJ2vFXE1Pxnp4ls7gLGZS6oHbv6qIqeaGNtviGx8LHBA
oHCScyMmlRmwdDVWZcMNtoUzoO8J6Hsc/aL9RiX1loK+ObOJF2mi5sa94HVngJrJ
mUbV4grSIcWcyFxiD7C9cdyWwo8klpnL+NAyWRhhBbSY4c41ZL2DoWXBPwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGRkM9LbIoFA/UPxTXjVJ+qIGh6oMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvWkdRejB0c2lnVUQ5UV9GTmVOVW42b2dhSHFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAT2L0AwQA
uceXAwQAud0ZAwQAufoaMA0GCSqGSIb3DQEBCwUAA4IBAQClUtNuuIvYXhSN1PUz
niU8Sf+y3Y7beD1IyjRv83BcWx7snod1Q4mv2BDDKF6fdFaCryK5ZiXabLkk+o2O
MkgONrth0bwk6vHFhcRHJ5Qcch7zXx19gETwrfpl0XFT4Qct9xqemUowz1948Vjq
L4vOvYUyM87ae73rINa7C1fm8kOoJcHgbe5gmT+JTqQtnV/M6PuVA14/vP5yAgEV
4r8yu+MMJSFskw9ROsCfyTyl/nGcP61hDQRSqQKlz8vwwaHzPNVklkEulgD0wtuu
CXLw2Tb/pVkAvjg6Euptn58cs8DUUoeBoY7vhfn+5r+DM7phg7bfIzxRMxxt+HAV
LBtG
-----END CERTIFICATE-----
Generated at Thu Aug 21 05:41:49 2025 by rpki-client