
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/C34TCWAAsuIM5LVygn6C7yQx3P0.roa
File: C34TCWAAsuIM5LVygn6C7yQx3P0.roa (raw, json)
Hash identifier: M4OJhxeXZ34Zdg4oZ52MXUW46vr94WOQk28NV0lOpg4=
Subject key identifier: 0B:7E:13:09:60:00:B2:E2:0C:E4:B5:72:82:7E:82:EF:24:31:DC:FD
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0199FDB989C57F1A911405F65CAE5D57834E
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/C34TCWAAsuIM5LVygn6C7yQx3P0.roa
Signing time: Sun 19 Oct 2025 18:26:59 +0000
ROA not before: Sun 19 Oct 2025 18:26:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 79.98.244.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.221.25.0/24 maxlen: 24
185.225.168.0/24 maxlen: 24
185.225.169.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fd:b9:89:c5:7f:1a:91:14:05:f6:5c:ae:5d:57:83:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Oct 19 18:26:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b7e13096000b2e20ce4b572827e82ef2431dcfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:a2:02:ca:ca:e1:bf:19:fb:97:aa:37:1c:e5:
5a:4f:9d:ad:f4:95:51:18:61:0b:b2:59:12:bc:d7:
43:7a:bd:1f:f5:29:0e:4a:ce:8f:c7:f4:21:b5:bd:
0f:5f:af:4e:3f:33:84:c6:cd:16:05:a4:49:67:e8:
22:58:13:9d:ae:7a:bf:d3:db:d5:56:93:52:94:bd:
ec:40:0a:01:f1:d7:43:99:d5:2d:aa:82:ff:11:6a:
eb:cb:57:89:ef:6d:de:7b:2f:11:e1:71:91:16:36:
75:c1:e5:46:f4:0f:30:5c:00:df:ba:8f:a8:df:10:
65:39:03:21:c3:62:4a:bc:03:4a:ab:4d:8c:a3:5c:
12:b0:ce:6f:7a:52:99:16:7f:a5:16:b7:24:6f:b6:
8d:1e:9d:85:b4:84:00:0f:68:a4:0f:bd:53:53:1b:
e5:1e:9c:13:ab:53:3f:82:d5:1b:20:50:bf:8c:31:
a7:31:94:52:e2:8e:9b:3e:39:00:bb:12:e4:a4:11:
98:2c:7c:7e:c8:8d:39:2b:78:99:e7:60:b9:89:50:
42:00:f0:61:13:64:4e:af:71:32:be:b6:7b:51:73:
64:95:4e:b8:3e:05:2d:39:c5:c0:fd:b1:ea:7a:bf:
cc:e0:27:3e:fe:b0:7d:12:4d:2f:11:3a:39:31:12:
25:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:7E:13:09:60:00:B2:E2:0C:E4:B5:72:82:7E:82:EF:24:31:DC:FD
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/C34TCWAAsuIM5LVygn6C7yQx3P0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.98.244.0/24
176.125.251.0/24
185.199.151.0/24
185.221.25.0/24
185.225.168.0/23
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
11:2e:b6:8c:2f:8e:b0:f7:39:d5:de:ed:48:a9:b0:8e:d8:82:
88:de:df:d8:0b:a7:e4:52:33:98:7a:a7:65:03:d7:01:d6:48:
45:08:c7:e5:81:d0:72:5d:69:e4:67:12:36:76:f7:d3:36:ed:
91:5f:2e:ff:19:60:08:a9:51:0c:0b:8d:4a:a1:39:97:46:f8:
55:93:7e:01:bd:5d:22:5b:fb:de:d6:f7:29:5a:92:f8:0c:3e:
4c:e7:d5:ad:09:73:30:5a:e4:22:42:4f:9b:3c:4a:92:d1:0a:
b6:79:cc:98:2d:9e:19:e3:ff:fb:ad:d7:e0:a1:65:7a:ea:ae:
ae:ca:e4:ff:bd:b2:15:1f:1f:70:f4:e2:cd:d9:05:7b:c5:3f:
47:05:08:45:75:e3:a9:9d:49:78:a1:40:03:3e:88:b2:70:3f:
c8:1f:0d:10:a4:1e:f8:3b:a6:f8:bc:ab:b2:0d:93:90:72:4a:
a2:6c:2d:2f:23:e6:21:e0:46:b5:d1:02:ff:17:1f:e0:1d:b8:
94:fd:34:42:9d:26:aa:93:00:6f:0e:08:ca:3a:e7:87:e9:a4:
a7:3f:75:d9:27:a6:a3:be:8c:6f:d3:ef:21:38:9a:6c:4c:65:
5f:32:2d:e0:fd:3e:87:f4:a2:3c:45:cc:58:85:18:f2:99:1b:
91:1a:e9:89
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZn9uYnFfxqRFAX2XK5dV4NOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjUxMDE5MTgyNjU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjdlMTMwOTYwMDBiMmUyMGNlNGI1NzI4MjdlODJlZjI0MzFkY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqICysrhvxn7l6o3HOVaT52t9JVR
GGELslkSvNdDer0f9SkOSs6Px/Qhtb0PX69OPzOExs0WBaRJZ+giWBOdrnq/09vV
VpNSlL3sQAoB8ddDmdUtqoL/EWrry1eJ723eey8R4XGRFjZ1weVG9A8wXADfuo+o
3xBlOQMhw2JKvANKq02Mo1wSsM5velKZFn+lFrckb7aNHp2FtIQAD2ikD71TUxvl
HpwTq1M/gtUbIFC/jDGnMZRS4o6bPjkAuxLkpBGYLHx+yI05K3iZ52C5iVBCAPBh
E2ROr3EyvrZ7UXNklU64PgUtOcXA/bHqer/M4Cc+/rB9Ek0vETo5MRIl2wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAt+EwlgALLiDOS1coJ+gu8kMdz9MB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvQzM0VENXQUFzdUlNNUxWeWduNkM3eVF4M1AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAT2L0AwQA
sH37AwQAuceXAwQAud0ZAwQBueGoAwQAufoaMA0GCSqGSIb3DQEBCwUAA4IBAQAR
LraML46w9znV3u1IqbCO2IKI3t/YC6fkUjOYeqdlA9cB1khFCMflgdByXWnkZxI2
dvfTNu2RXy7/GWAIqVEMC41KoTmXRvhVk34BvV0iW/ve1vcpWpL4DD5M59WtCXMw
WuQiQk+bPEqS0Qq2ecyYLZ4Z4//7rdfgoWV66q6uyuT/vbIVHx9w9OLN2QV7xT9H
BQhFdeOpnUl4oUADPoiycD/IHw0QpB74O6b4vKuyDZOQckqibC0vI+Yh4Ea10QL/
Fx/gHbiU/TRCnSaqkwBvDgjKOueH6aSnP3XZJ6ajvoxv0+8hOJpsTGVfMi3g/T6H
9KI8RcxYhRjymRuRGumJ
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:51:56 2025 by rpki-client