Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/vo2rUhudHaghMCW2SmvX6-xlrgc.roa
File: vo2rUhudHaghMCW2SmvX6-xlrgc.roa (raw, json)
Hash identifier: FZASucIaZ1aOelFRR50cfT704K1hG/2FvzdrgPSdXmY=
Subject key identifier: BE:8D:AB:52:1B:9D:1D:A8:21:30:25:B6:4A:6B:D7:EB:EC:65:AE:07
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0198BF5B8ADB6F423ACE3B4D3DE67978A1EC
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/vo2rUhudHaghMCW2SmvX6-xlrgc.roa
Signing time: Mon 18 Aug 2025 22:45:04 +0000
ROA not before: Mon 18 Aug 2025 22:45:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.253.0/24 maxlen: 24
45.155.254.0/24 maxlen: 24
45.157.208.0/23 maxlen: 23
176.125.251.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.221.26.0/24 maxlen: 24
185.225.168.0/23 maxlen: 23
185.225.168.0/24 maxlen: 24
185.225.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 01:04:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bf:5b:8a:db:6f:42:3a:ce:3b:4d:3d:e6:79:78:a1:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Aug 18 22:45:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be8dab521b9d1da8213025b64a6bd7ebec65ae07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d7:ea:2a:01:b6:bc:17:a2:5e:6b:4c:80:d3:
b4:a9:d0:73:58:8f:4b:d0:e7:44:24:11:79:3f:b7:
21:34:47:06:71:73:87:d3:cb:47:aa:80:b1:99:b6:
46:57:7f:4f:c4:4a:fd:6c:18:27:4d:42:e9:3a:fc:
4c:76:16:40:cf:c5:68:e2:62:ad:85:11:c3:02:fa:
e8:a7:64:41:d9:d9:7e:83:96:35:d6:76:9d:c3:e4:
f5:3f:73:86:19:42:0a:81:26:a8:30:13:a3:4e:13:
7a:8e:ea:1b:94:58:b3:e8:bc:41:01:00:f7:54:c0:
03:a2:f9:c5:ed:1d:3d:2f:bd:28:74:31:5e:02:22:
41:bd:aa:56:be:82:af:55:5a:fb:eb:69:5d:44:b8:
57:5a:52:90:8f:02:36:eb:16:d7:1f:59:87:bd:13:
37:75:fa:02:a2:dc:93:e2:36:98:87:d8:8c:fc:21:
91:58:5a:68:fc:8a:63:b1:a1:72:f4:9c:34:3d:4b:
94:b4:5d:32:9b:9e:79:00:61:05:6f:e3:e4:62:f6:
bd:ed:b1:a6:bb:7e:c5:1d:86:3d:0c:c2:8b:ca:34:
c3:01:bb:cb:e4:41:5a:66:d9:d2:a5:3d:3f:67:7c:
b8:d3:71:43:b3:b8:fc:fc:8d:29:35:27:ca:ea:00:
47:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:8D:AB:52:1B:9D:1D:A8:21:30:25:B6:4A:6B:D7:EB:EC:65:AE:07
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/vo2rUhudHaghMCW2SmvX6-xlrgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.253.0-45.155.254.255
45.157.208.0/23
176.125.251.0/24
185.199.213.0/24
185.221.26.0/24
185.225.168.0/23
Signature Algorithm: sha256WithRSAEncryption
c1:01:e7:64:b1:94:9a:15:39:61:2f:ac:06:64:00:de:04:9d:
b1:8c:78:d0:a0:ea:60:ac:3e:ac:a7:70:f6:ab:f8:5f:1b:24:
8b:72:08:fe:b7:fa:51:5a:84:da:94:35:ba:e5:67:c0:84:62:
a6:e4:98:de:b4:14:b8:15:f5:55:43:80:be:77:ea:b0:8a:1f:
5b:2e:d4:a8:aa:94:cc:fe:47:4f:ff:b8:86:cc:9c:38:4f:3b:
11:03:de:26:43:e9:81:38:67:a4:dd:f9:cb:19:86:54:00:40:
20:07:f0:af:2c:db:bd:a2:1c:a4:b5:44:50:d6:95:e3:65:30:
fd:c8:6e:f6:16:7e:2b:52:d2:46:4a:cb:2d:14:a6:20:e0:3c:
16:14:5d:88:2a:a2:55:c5:ac:9f:e8:dd:65:76:ee:a3:9b:ea:
c6:6b:30:c1:65:24:43:2d:61:51:44:b7:9d:c7:06:71:26:35:
05:39:c3:15:40:df:16:7b:46:cd:5b:13:4a:41:1d:df:3b:7f:
d5:f0:2d:30:ae:ca:38:7f:45:1d:9c:2c:59:d8:08:7e:e7:99:
ba:49:93:6c:54:2e:1d:35:d8:c6:e8:a5:13:d7:ab:72:eb:59:
48:28:38:99:9b:09:8b:5f:52:77:5a:d4:5f:c3:84:27:db:7a:
8c:2b:d9:5e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZi/W4rbb0I6zjtNPeZ5eKHsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjUwODE4MjI0NTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZThkYWI1MjFiOWQxZGE4MjEzMDI1YjY0YTZiZDdlYmVjNjVhZTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx9fqKgG2vBeiXmtMgNO0qdBzWI9L
0OdEJBF5P7chNEcGcXOH08tHqoCxmbZGV39PxEr9bBgnTULpOvxMdhZAz8Vo4mKt
hRHDAvrop2RB2dl+g5Y11nadw+T1P3OGGUIKgSaoMBOjThN6juoblFiz6LxBAQD3
VMADovnF7R09L70odDFeAiJBvapWvoKvVVr762ldRLhXWlKQjwI26xbXH1mHvRM3
dfoCotyT4jaYh9iM/CGRWFpo/IpjsaFy9Jw0PUuUtF0ym555AGEFb+PkYva97bGm
u37FHYY9DMKLyjTDAbvL5EFaZtnSpT0/Z3y403FDs7j8/I0pNSfK6gBHuwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFL6Nq1IbnR2oITAltkpr1+vsZa4HMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvdm8yclVodWRIYWdoTUNXMlNtdlg2LXhscmdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAAtm/0D
BAAtm/4DBAEtndADBACwffsDBAC5x9UDBAC53RoDBAG54agwDQYJKoZIhvcNAQEL
BQADggEBAMEB52SxlJoVOWEvrAZkAN4EnbGMeNCg6mCsPqyncPar+F8bJItyCP63
+lFahNqUNbrlZ8CEYqbkmN60FLgV9VVDgL536rCKH1su1KiqlMz+R0//uIbMnDhP
OxED3iZD6YE4Z6Td+csZhlQAQCAH8K8s272iHKS1RFDWleNlMP3IbvYWfitS0kZK
yy0UpiDgPBYUXYgqolXFrJ/o3WV27qOb6sZrMMFlJEMtYVFEt53HBnEmNQU5wxVA
3xZ7Rs1bE0pBHd87f9XwLTCuyjh/RR2cLFnYCH7nmbpJk2xULh012MbopRPXq3Lr
WUgoOJmbCYtfUnda1F/DhCfbeowr2V4=
-----END CERTIFICATE-----
Generated at Sat Aug 23 11:11:01 2025 by rpki-client