Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/3J88mjatVuaIP6aHK3OYk0kdbfo.roa
File: 3J88mjatVuaIP6aHK3OYk0kdbfo.roa (raw, json)
Hash identifier: sZs3r/v14sEOc9x0G/E9FC3LGk+16fHUKp0kj84KfPU=
Subject key identifier: DC:9F:3C:9A:36:AD:56:E6:88:3F:A6:87:2B:73:98:93:49:1D:6D:FA
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 01969B124F6BEF9A8428E8D5CCED713DCBC7
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/3J88mjatVuaIP6aHK3OYk0kdbfo.roa
Signing time: Sun 04 May 2025 11:33:10 +0000
ROA not before: Sun 04 May 2025 11:33:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.254.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.221.26.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 14:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:9b:12:4f:6b:ef:9a:84:28:e8:d5:cc:ed:71:3d:cb:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: May 4 11:33:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc9f3c9a36ad56e6883fa6872b739893491d6dfa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d1:7f:e0:b1:37:c9:ef:06:d2:fe:10:e9:d3:
b8:c1:31:b6:e4:aa:88:e8:d9:a9:38:8d:72:c4:03:
4f:9a:5f:9e:d8:7b:e6:17:b0:99:b4:af:2a:ea:ba:
4d:5c:9b:f2:a1:b4:3a:25:9f:cb:44:55:8f:3e:4b:
4f:bb:d9:dc:b7:a9:af:99:67:f5:df:e1:de:4e:00:
3c:5e:21:b6:0b:02:e3:58:1e:40:2f:ca:60:b7:fc:
cd:ec:0c:c2:4d:b5:2b:f9:4e:9a:9e:21:b1:20:0c:
c3:10:9e:a2:c9:8e:40:8d:e9:8b:f9:68:5c:84:02:
32:bc:ae:d4:58:74:ec:8d:fd:57:71:b2:52:52:bd:
b2:51:cd:51:d4:10:e9:a5:10:93:b8:41:57:f3:c0:
09:f4:3a:7b:66:4b:76:23:31:13:3b:2e:60:52:48:
39:ec:b7:92:e4:69:19:fd:a1:9c:3b:87:fc:b3:28:
a5:22:16:cd:36:80:2e:c4:5f:10:41:50:e3:18:e0:
1f:35:4f:44:aa:53:f2:e5:4a:47:49:db:77:2b:9f:
9d:25:f7:6b:b0:88:83:7b:bf:ac:b4:70:ec:fe:da:
43:34:1e:5d:c5:08:02:90:4e:1b:ac:b3:3b:3a:3e:
55:ca:01:54:e2:7d:1d:d7:1f:52:c7:9a:c0:23:2b:
79:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:9F:3C:9A:36:AD:56:E6:88:3F:A6:87:2B:73:98:93:49:1D:6D:FA
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/3J88mjatVuaIP6aHK3OYk0kdbfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.254.0/24
185.199.151.0/24
185.199.213.0/24
185.221.26.0/24
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
cc:1f:fc:01:54:17:0b:cf:18:f8:d2:ab:00:ce:60:23:54:3b:
6d:35:53:e5:97:a5:0b:8d:b1:2e:cc:e1:6f:01:30:be:a5:fc:
6c:0b:8e:2f:78:85:bb:c9:82:c8:5d:d2:81:b3:a1:4e:2a:c4:
98:46:15:a4:cb:c0:04:32:23:c1:12:5a:2e:89:95:7c:2f:b1:
ea:eb:d6:c4:98:c8:29:6d:0d:2a:5a:19:1d:fc:7b:6e:66:b0:
1a:c2:44:dc:5d:67:e4:3b:ab:1f:c9:6a:0f:7d:bc:82:dc:78:
ad:a9:f8:43:0e:d6:4c:88:fa:ff:9f:14:06:d7:66:15:62:1a:
41:44:43:c1:fb:05:54:7d:1f:34:bd:28:e7:fb:fd:7f:2c:22:
04:15:a2:29:35:b8:84:9d:19:73:51:a8:8d:fd:69:25:b6:82:
8f:1e:70:9a:53:6b:b3:a5:3f:05:34:61:67:55:3e:b9:b2:35:
e1:60:f0:73:6a:1f:39:22:db:ef:a9:38:64:0c:db:ec:47:f9:
ce:96:d0:64:f8:83:2c:14:50:fe:66:f5:9d:1c:69:c7:79:c0:
fc:79:7e:dc:3a:e9:d5:9a:b8:dd:64:14:d8:a6:46:8e:71:51:
87:5e:72:a1:6b:b8:43:be:9a:94:41:14:72:64:0c:f4:e3:f3:
01:0d:66:23
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZabEk9r75qEKOjVzO1xPcvHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjUwNTA0MTEzMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzlmM2M5YTM2YWQ1NmU2ODgzZmE2ODcyYjczOTg5MzQ5MWQ2ZGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotF/4LE3ye8G0v4Q6dO4wTG25KqI
6NmpOI1yxANPml+e2HvmF7CZtK8q6rpNXJvyobQ6JZ/LRFWPPktPu9nct6mvmWf1
3+HeTgA8XiG2CwLjWB5AL8pgt/zN7AzCTbUr+U6aniGxIAzDEJ6iyY5AjemL+Whc
hAIyvK7UWHTsjf1XcbJSUr2yUc1R1BDppRCTuEFX88AJ9Dp7Zkt2IzETOy5gUkg5
7LeS5GkZ/aGcO4f8syilIhbNNoAuxF8QQVDjGOAfNU9EqlPy5UpHSdt3K5+dJfdr
sIiDe7+stHDs/tpDNB5dxQgCkE4brLM7Oj5VygFU4n0d1x9Sx5rAIyt5tQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNyfPJo2rVbmiD+mhytzmJNJHW36MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvM0o4OG1qYXRWdWFJUDZhSEszT1lrMGtkYmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZv+AwQA
uceXAwQAucfVAwQAud0aAwQAufoaMA0GCSqGSIb3DQEBCwUAA4IBAQDMH/wBVBcL
zxj40qsAzmAjVDttNVPll6ULjbEuzOFvATC+pfxsC44veIW7yYLIXdKBs6FOKsSY
RhWky8AEMiPBElouiZV8L7Hq69bEmMgpbQ0qWhkd/HtuZrAawkTcXWfkO6sfyWoP
fbyC3HitqfhDDtZMiPr/nxQG12YVYhpBREPB+wVUfR80vSjn+/1/LCIEFaIpNbiE
nRlzUaiN/WkltoKPHnCaU2uzpT8FNGFnVT65sjXhYPBzah85ItvvqThkDNvsR/nO
ltBk+IMsFFD+ZvWdHGnHecD8eX7cOunVmrjdZBTYpkaOcVGHXnKha7hDvpqUQRRy
ZAz04/MBDWYj
-----END CERTIFICATE-----
Generated at Tue May 6 22:34:25 2025 by rpki-client