Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/0sTiQL9BpziNNFF9FacA7txFp4w.roa
File: 0sTiQL9BpziNNFF9FacA7txFp4w.roa (raw, json)
Hash identifier: CLrdyx0Cg3S+QuOUt4e8L9WYyaGDex4K2YIa5CkZ86Q=
Subject key identifier: D2:C4:E2:40:BF:41:A7:38:8D:34:51:7D:15:A7:00:EE:DC:45:A7:8C
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0199F6F6487A1BA5B69F99817CD7A6A38248
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/0sTiQL9BpziNNFF9FacA7txFp4w.roa
Signing time: Sat 18 Oct 2025 10:55:59 +0000
ROA not before: Sat 18 Oct 2025 10:55:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 185.225.170.0/24 maxlen: 24
185.225.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f6:f6:48:7a:1b:a5:b6:9f:99:81:7c:d7:a6:a3:82:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Oct 18 10:55:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2c4e240bf41a7388d34517d15a700eedc45a78c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:52:84:2c:69:43:7b:eb:e4:b8:2d:e6:d8:9d:
97:51:f2:69:f2:be:a9:71:d0:20:48:e7:bf:51:41:
7d:e4:8a:9f:9b:2b:bf:8c:f0:0c:a8:83:ac:d9:c8:
96:55:eb:ca:78:57:68:01:ec:38:5a:da:c5:0d:2e:
a4:82:15:8f:43:2b:7f:01:1f:99:0a:d4:f9:77:91:
d1:bd:f7:36:0a:fc:ca:ad:d3:c3:ac:2a:86:c0:fe:
36:07:a4:2c:20:16:e1:26:7a:be:79:d0:66:9b:04:
03:6f:01:fd:d0:43:01:23:f8:06:d5:97:d2:af:3d:
8c:51:51:48:c5:da:36:bf:75:c2:d8:f4:1c:28:74:
c3:0f:56:f6:fd:ba:46:b3:38:fa:2c:13:cf:bd:ae:
62:6c:b0:e2:ed:3b:3a:51:59:eb:21:4d:fa:8c:7a:
15:28:cb:f3:e3:d9:fe:06:c8:db:0d:0b:bd:ad:46:
51:07:b4:aa:a5:6f:8f:6d:d6:fe:c4:82:f9:d9:97:
de:36:93:c0:f0:bc:e7:5f:ff:a0:cf:b1:3e:c0:83:
4f:2c:ea:be:68:96:0a:b8:55:11:fc:74:3e:0a:8a:
a0:34:3a:76:89:b2:ef:0f:72:74:cd:0c:5b:a0:6f:
49:a1:f1:08:79:e3:81:65:82:da:60:a2:88:58:d4:
85:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C4:E2:40:BF:41:A7:38:8D:34:51:7D:15:A7:00:EE:DC:45:A7:8C
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/0sTiQL9BpziNNFF9FacA7txFp4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.170.0/23
Signature Algorithm: sha256WithRSAEncryption
14:f8:6b:61:41:f5:0a:0a:9b:74:2a:c6:eb:92:d2:bd:6c:77:
f5:77:29:6a:0d:74:9f:d5:83:a7:a0:ca:77:92:3c:85:2d:79:
04:e9:b6:d4:d9:1a:34:70:58:42:60:2b:42:b1:c4:66:8c:c7:
d6:7a:eb:9d:f5:2b:7f:d1:9b:22:9a:13:b2:22:2d:dd:c0:c0:
1c:ce:b4:6f:79:49:49:73:bb:a3:fa:ee:a0:81:6c:f1:53:04:
a0:6a:be:22:25:f0:b3:9c:95:f3:3e:55:f3:60:9d:1a:fc:2c:
22:4d:fc:5d:7a:df:d0:c6:bf:9a:35:65:72:43:69:03:9d:ea:
40:22:71:22:b4:a0:2f:6d:cd:e5:a7:d3:bb:38:7a:58:02:40:
6b:86:b0:a0:bd:01:76:c1:5a:62:c4:ec:43:c7:3b:5b:81:d7:
a2:96:3f:4e:ba:e0:17:ac:b4:fb:b6:7e:61:e3:61:81:bd:af:
26:ae:d1:31:cd:dd:99:3d:58:d0:d2:55:11:e0:38:c5:85:f3:
58:59:ba:68:0c:b2:b2:27:02:f1:69:ad:3d:59:e9:ce:04:ce:
03:66:2e:5f:01:01:d7:b9:7d:52:f8:bc:aa:84:0e:8a:ea:3c:
cf:d1:65:b9:07:1a:a8:3d:48:5a:81:ca:61:c5:10:8c:f1:ec:
28:4b:9c:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZn29kh6G6W2n5mBfNemo4JIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjUxMDE4MTA1NTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmM0ZTI0MGJmNDFhNzM4OGQzNDUxN2QxNWE3MDBlZWRjNDVhNzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1KELGlDe+vkuC3m2J2XUfJp8r6p
cdAgSOe/UUF95Iqfmyu/jPAMqIOs2ciWVevKeFdoAew4WtrFDS6kghWPQyt/AR+Z
CtT5d5HRvfc2CvzKrdPDrCqGwP42B6QsIBbhJnq+edBmmwQDbwH90EMBI/gG1ZfS
rz2MUVFIxdo2v3XC2PQcKHTDD1b2/bpGszj6LBPPva5ibLDi7Ts6UVnrIU36jHoV
KMvz49n+BsjbDQu9rUZRB7SqpW+Pbdb+xIL52ZfeNpPA8LznX/+gz7E+wINPLOq+
aJYKuFUR/HQ+CoqgNDp2ibLvD3J0zQxboG9JofEIeeOBZYLaYKKIWNSFqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNLE4kC/Qac4jTRRfRWnAO7cRaeMMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvMHNUaVFMOUJwemlOTkZGOUZhY0E3dHhGcDR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBueGqMA0G
CSqGSIb3DQEBCwUAA4IBAQAU+GthQfUKCpt0KsbrktK9bHf1dylqDXSf1YOnoMp3
kjyFLXkE6bbU2Ro0cFhCYCtCscRmjMfWeuud9St/0ZsimhOyIi3dwMAczrRveUlJ
c7uj+u6ggWzxUwSgar4iJfCznJXzPlXzYJ0a/CwiTfxdet/Qxr+aNWVyQ2kDnepA
InEitKAvbc3lp9O7OHpYAkBrhrCgvQF2wVpixOxDxztbgdeilj9OuuAXrLT7tn5h
42GBva8mrtExzd2ZPVjQ0lUR4DjFhfNYWbpoDLKyJwLxaa09WenOBM4DZi5fAQHX
uX1S+LyqhA6K6jzP0WW5BxqoPUhagcphxRCM8ewoS5xr
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:55:37 2025 by rpki-client