Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/yYxM37nNOq_TV4NpKIVgHa0idwM.roa
File: yYxM37nNOq_TV4NpKIVgHa0idwM.roa (raw, json)
Hash identifier: PpyKS/PDZE9gzuoyI90eCE2wlMAhgSpTrd9ux3dKRDk=
Subject key identifier: C9:8C:4C:DF:B9:CD:3A:AF:D3:57:83:69:28:85:60:1D:AD:22:77:03
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0198B9C752840F808AD1AF0232E5DBD4AFD7
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/yYxM37nNOq_TV4NpKIVgHa0idwM.roa
Signing time: Sun 17 Aug 2025 20:45:04 +0000
ROA not before: Sun 17 Aug 2025 20:45:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 79.175.96.0/24 maxlen: 24
109.121.0.0/19 maxlen: 24
109.121.36.0/24 maxlen: 24
109.121.38.0/24 maxlen: 24
109.121.40.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
178.253.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 22:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b9:c7:52:84:0f:80:8a:d1:af:02:32:e5:db:d4:af:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Aug 17 20:45:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c98c4cdfb9cd3aafd35783692885601dad227703
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:73:5f:96:3d:27:63:e6:d0:7c:06:e5:ae:9a:
69:ef:8c:89:70:47:f7:81:54:53:60:e5:5d:97:cc:
71:14:68:33:cc:b2:10:34:eb:2d:e3:44:89:34:38:
7b:27:23:e9:bc:d0:1d:9c:1d:a9:c5:37:b1:ce:da:
17:67:7b:ac:73:46:e4:41:c8:27:2e:d0:d3:68:71:
7d:fd:ad:10:bd:45:ed:93:a8:7c:a5:80:d5:23:1c:
59:42:ea:a4:c9:bf:a7:ee:83:21:56:f4:8e:2f:e8:
d0:8c:42:8e:2f:d5:e5:d0:5f:3b:82:18:e6:d2:e1:
30:7a:a6:00:67:43:43:b8:f5:b5:6c:13:b8:84:d3:
78:da:55:d3:c0:73:82:2d:e8:9c:2e:14:49:ca:4c:
7b:69:f7:3c:a7:ba:aa:31:84:25:9a:82:d8:27:45:
84:70:e0:06:03:1f:30:a7:ee:f0:b0:8d:33:89:87:
2f:17:97:33:63:57:7c:81:84:29:8a:c9:29:23:56:
56:81:f1:4f:78:40:17:b9:5d:d2:25:85:6d:e6:f7:
6e:2f:3b:15:e1:f4:e1:a2:ef:ab:66:33:5d:23:07:
ee:dd:54:b5:7b:72:1e:2e:37:6a:40:f9:4a:05:9c:
5c:c0:59:82:2f:53:4b:9b:7b:7b:90:a1:d5:04:08:
be:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:8C:4C:DF:B9:CD:3A:AF:D3:57:83:69:28:85:60:1D:AD:22:77:03
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/yYxM37nNOq_TV4NpKIVgHa0idwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.175.96.0/24
109.121.0.0/19
109.121.36.0/24
109.121.38.0/24
109.121.40.0/24
109.121.43.0/24
109.233.184.0/23
178.253.237.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:8a:cf:e4:ef:75:99:fc:27:b5:fc:83:fc:96:0f:1a:51:72:
c5:59:df:ca:5d:eb:7b:5f:f5:e0:60:c5:6f:fc:85:28:f8:f0:
d4:19:41:2e:4a:68:61:8f:c5:dd:cd:d9:96:8a:b1:ef:d9:e7:
1a:9b:a1:5e:25:a0:6c:77:c0:f7:34:dc:e2:ae:b4:b3:fa:03:
93:d0:93:47:a1:87:49:0d:ed:d7:19:f0:0b:e7:77:ff:62:1e:
fd:7a:e6:69:aa:dd:fd:92:b8:49:8f:62:eb:e9:43:3d:ba:55:
46:fa:6d:97:76:98:52:2c:73:0e:5d:79:6a:9e:dd:b5:ff:3e:
da:0c:70:c1:1b:54:2f:6e:87:24:cf:b4:c5:18:bb:f7:37:91:
dc:a1:03:00:bd:a5:32:2e:da:6a:42:9b:f0:a2:13:b1:5c:d0:
e2:9e:21:d8:14:2c:de:91:04:de:1d:5f:78:36:82:7e:0e:01:
ae:3e:f4:58:a8:e5:13:8c:54:d2:80:8b:e6:2b:f0:e9:21:40:
7f:90:c2:67:16:e9:71:4a:a1:35:20:71:8f:43:f2:c5:79:4e:
79:f3:2a:7d:ce:c1:f2:33:99:41:00:18:a9:79:89:82:07:5a:
3e:11:52:d4:cb:12:96:5e:5c:95:75:85:8c:75:63:34:7d:ce:
22:34:4b:3c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZi5x1KED4CK0a8CMuXb1K/XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUwODE3MjA0NTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOThjNGNkZmI5Y2QzYWFmZDM1NzgzNjkyODg1NjAxZGFkMjI3NzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHNflj0nY+bQfAblrppp74yJcEf3
gVRTYOVdl8xxFGgzzLIQNOst40SJNDh7JyPpvNAdnB2pxTexztoXZ3usc0bkQcgn
LtDTaHF9/a0QvUXtk6h8pYDVIxxZQuqkyb+n7oMhVvSOL+jQjEKOL9Xl0F87ghjm
0uEweqYAZ0NDuPW1bBO4hNN42lXTwHOCLeicLhRJykx7afc8p7qqMYQlmoLYJ0WE
cOAGAx8wp+7wsI0ziYcvF5czY1d8gYQpiskpI1ZWgfFPeEAXuV3SJYVt5vduLzsV
4fThou+rZjNdIwfu3VS1e3IeLjdqQPlKBZxcwFmCL1NLm3t7kKHVBAi+HQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFMmMTN+5zTqv01eDaSiFYB2tIncDMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEveVl4TTM3bk5PcV9UVjROcEtJVmdIYTBpZHdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAT69gAwQF
bXkAAwQAbXkkAwQAbXkmAwQAbXkoAwQAbXkrAwQBbem4AwQAsv3tMA0GCSqGSIb3
DQEBCwUAA4IBAQBOis/k73WZ/Ce1/IP8lg8aUXLFWd/KXet7X/XgYMVv/IUo+PDU
GUEuSmhhj8XdzdmWirHv2ecam6FeJaBsd8D3NNzirrSz+gOT0JNHoYdJDe3XGfAL
53f/Yh79euZpqt39krhJj2Lr6UM9ulVG+m2XdphSLHMOXXlqnt21/z7aDHDBG1Qv
bockz7TFGLv3N5HcoQMAvaUyLtpqQpvwohOxXNDiniHYFCzekQTeHV94NoJ+DgGu
PvRYqOUTjFTSgIvmK/DpIUB/kMJnFulxSqE1IHGPQ/LFeU558yp9zsHyM5lBABip
eYmCB1o+EVLUyxKWXlyVdYWMdWM0fc4iNEs8
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:39:11 2025 by rpki-client