Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/03ms_AARg7fIT3yCfFDgnKOBv1Y.roa
File: 03ms_AARg7fIT3yCfFDgnKOBv1Y.roa (raw, json)
Hash identifier: bu7Jr2A35lcZHJyaR/TaMXau5a9JHl3Dv3eybI+BJ1E=
Subject key identifier: D3:79:AC:FC:00:11:83:B7:C8:4F:7C:82:7C:50:E0:9C:A3:81:BF:56
Certificate issuer: /CN=1b12120c351c14eec22109f603249fcdac1d3321
Certificate serial: 0198C90BB4B7306A6FDBB838EAEA047AF9C9
Authority key identifier: 1B:12:12:0C:35:1C:14:EE:C2:21:09:F6:03:24:9F:CD:AC:1D:33:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/03ms_AARg7fIT3yCfFDgnKOBv1Y.roa
Signing time: Wed 20 Aug 2025 19:54:04 +0000
ROA not before: Wed 20 Aug 2025 19:54:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215242
IP address blocks: 185.7.241.0/24 maxlen: 24
185.7.242.0/24 maxlen: 24
185.7.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.mft
rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c9:0b:b4:b7:30:6a:6f:db:b8:38:ea:ea:04:7a:f9:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b12120c351c14eec22109f603249fcdac1d3321
Validity
Not Before: Aug 20 19:54:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d379acfc001183b7c84f7c827c50e09ca381bf56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e8:9f:60:39:f8:c4:d0:50:cb:3f:cc:15:51:
26:2a:ed:b9:8a:0e:5d:0e:d6:e4:81:ed:28:ab:a0:
e9:c9:9c:3b:92:14:5c:85:68:3e:a8:2d:d9:c3:ec:
77:2e:92:6b:95:78:da:20:c4:68:78:e1:c7:67:7a:
d3:1e:b3:89:cd:7f:33:06:59:88:f9:8c:6a:a6:07:
af:1b:38:f6:ac:88:3f:c7:15:25:34:d4:bb:85:8b:
d1:a4:f6:c6:05:39:f2:28:62:ff:33:04:e1:3b:99:
22:be:c2:75:a5:1a:b2:2c:e2:fe:a2:df:96:0d:08:
86:a9:22:f7:48:28:0c:c8:93:ae:3b:36:4a:44:be:
01:2c:1a:41:5d:dd:ed:6c:08:46:0d:44:6c:f2:b2:
fe:ed:86:b6:00:ff:0d:d9:36:c1:1b:59:1e:af:88:
97:8e:e0:fe:2e:41:47:20:37:ca:87:0c:52:26:fd:
53:08:ca:fe:c0:76:f3:62:e3:f2:9a:b4:84:11:34:
3c:cf:26:0e:31:72:73:f5:c5:77:48:bd:2a:8b:f9:
b4:a4:ea:6a:b5:4d:46:53:5d:d4:59:33:f8:70:32:
f0:b4:8b:99:fc:94:f3:c5:2f:a9:e5:5f:99:48:82:
b5:21:f9:1e:50:0d:68:73:f9:af:bc:4f:49:a1:8b:
d4:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:79:AC:FC:00:11:83:B7:C8:4F:7C:82:7C:50:E0:9C:A3:81:BF:56
X509v3 Authority Key Identifier:
keyid:1B:12:12:0C:35:1C:14:EE:C2:21:09:F6:03:24:9F:CD:AC:1D:33:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/03ms_AARg7fIT3yCfFDgnKOBv1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.241.0-185.7.243.255
Signature Algorithm: sha256WithRSAEncryption
65:53:e1:e8:b4:e0:f8:85:17:c7:c3:2f:01:54:b7:e9:b6:2c:
57:34:40:19:46:31:88:67:2a:f6:c2:e6:09:e5:51:0c:fa:a1:
f6:c2:e7:ad:bb:a1:62:a0:6f:dc:70:47:3c:1a:9d:1f:48:16:
df:f9:00:49:b0:b6:ef:f8:2c:72:86:6c:70:ab:63:35:60:1f:
d4:0d:d2:28:bd:3a:51:55:67:19:88:28:33:53:eb:1e:3e:9a:
66:e1:dd:a9:89:36:61:23:c5:57:ec:ea:cf:d1:39:21:ae:73:
02:43:e3:99:77:07:cb:10:fb:df:f8:85:6d:4e:5d:d1:de:16:
3b:51:16:ec:73:c6:c4:22:71:33:b1:72:ea:e3:0f:f9:f9:74:
37:b4:74:f6:95:15:41:41:70:3b:78:38:6c:75:af:98:4a:33:
5c:80:5f:ea:76:06:f8:ff:1d:d0:92:83:97:47:32:67:a2:05:
df:19:64:5b:d0:50:a2:17:29:80:dd:61:7e:0f:a9:c9:8a:d8:
4f:d0:d8:dd:43:0a:f2:35:d9:1e:be:5a:9e:a9:41:d4:5c:5c:
ad:3a:d1:4f:9d:84:2d:4c:74:f2:22:e3:aa:06:74:c1:b7:b5:
0a:60:d7:01:7b:19:f4:04:55:5c:12:9e:ad:ee:3a:81:23:8a:
d1:5e:c8:63
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZjJC7S3MGpv27g46uoEevnJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMTIxMjBjMzUxYzE0ZWVjMjIxMDlmNjAzMjQ5ZmNkYWMx
ZDMzMjEwHhcNMjUwODIwMTk1NDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzc5YWNmYzAwMTE4M2I3Yzg0ZjdjODI3YzUwZTA5Y2EzODFiZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+ifYDn4xNBQyz/MFVEmKu25ig5d
Dtbkge0oq6DpyZw7khRchWg+qC3Zw+x3LpJrlXjaIMRoeOHHZ3rTHrOJzX8zBlmI
+YxqpgevGzj2rIg/xxUlNNS7hYvRpPbGBTnyKGL/MwThO5kivsJ1pRqyLOL+ot+W
DQiGqSL3SCgMyJOuOzZKRL4BLBpBXd3tbAhGDURs8rL+7Ya2AP8N2TbBG1ker4iX
juD+LkFHIDfKhwxSJv1TCMr+wHbzYuPymrSEETQ8zyYOMXJz9cV3SL0qi/m0pOpq
tU1GU13UWTP4cDLwtIuZ/JTzxS+p5V+ZSIK1IfkeUA1oc/mvvE9JoYvUOQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNN5rPwAEYO3yE98gnxQ4Jyjgb9WMB8GA1UdIwQY
MBaAFBsSEgw1HBTuwiEJ9gMkn82sHTMhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3hJU0REVWNGTzdDSVFuMkF5U2Z6YXdkTXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZGFmN2YtMzAxZC00MjNlLTk0NmUt
NDNkZjQ3ZDVhMWU3LzEvMDNtc19BQVJnN2ZJVDN5Q2ZGRGduS09CdjFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZGFmN2YtMzAxZC00MjNlLTk0NmUtNDNkZjQ3ZDVhMWU3
LzEvR3hJU0REVWNGTzdDSVFuMkF5U2Z6YXdkTXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5B/ED
BAK5B/AwDQYJKoZIhvcNAQELBQADggEBAGVT4ei04PiFF8fDLwFUt+m2LFc0QBlG
MYhnKvbC5gnlUQz6ofbC5627oWKgb9xwRzwanR9IFt/5AEmwtu/4LHKGbHCrYzVg
H9QN0ii9OlFVZxmIKDNT6x4+mmbh3amJNmEjxVfs6s/ROSGucwJD45l3B8sQ+9/4
hW1OXdHeFjtRFuxzxsQicTOxcurjD/n5dDe0dPaVFUFBcDt4OGx1r5hKM1yAX+p2
Bvj/HdCSg5dHMmeiBd8ZZFvQUKIXKYDdYX4PqcmK2E/Q2N1DCvI12R6+Wp6pQdRc
XK060U+dhC1MdPIi46oGdMG3tQpg1wF7GfQEVVwSnq3uOoEjitFeyGM=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:25:25 2025 by rpki-client