
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/rhdlIPf0kldmF9zarlD8waw_XUo.roa
File: rhdlIPf0kldmF9zarlD8waw_XUo.roa (raw, json)
Hash identifier: k5ckTcIRM+plzWJGrblXeTQwycMXQLLi0LTQTmpE/UQ=
Subject key identifier: AE:17:65:20:F7:F4:92:57:66:17:DC:DA:AE:50:FC:C1:AC:3F:5D:4A
Certificate issuer: /CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823
Certificate serial: 0199E7EC7C27490EF5D0ED28B3240FC0E7E7
Authority key identifier: 62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/rhdlIPf0kldmF9zarlD8waw_XUo.roa
Signing time: Wed 15 Oct 2025 12:50:59 +0000
ROA not before: Wed 15 Oct 2025 12:50:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400696
IP address blocks: 158.173.35.0/24 maxlen: 24
158.173.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e7:ec:7c:27:49:0e:f5:d0:ed:28:b3:24:0f:c0:e7:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823
Validity
Not Before: Oct 15 12:50:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae176520f7f492576617dcdaae50fcc1ac3f5d4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:70:a1:2e:00:d4:14:01:f5:88:42:42:8f:fb:
d2:4d:84:52:77:93:61:e1:1e:21:81:0a:47:6b:8c:
3e:3f:41:f8:d6:28:66:e4:7d:c0:20:76:cb:a4:81:
72:8a:53:99:3b:67:7a:8e:d2:f5:ce:74:75:53:9a:
8a:f7:24:3b:4a:91:23:87:b2:b1:42:f9:f4:fc:9b:
95:29:a9:8a:a1:70:a1:3a:0f:ce:01:03:7b:91:8a:
a1:ef:0b:7a:b8:58:54:59:be:e6:5b:17:00:3c:59:
04:a3:96:43:92:3f:05:51:69:dd:08:04:8e:11:46:
9c:b0:63:e5:4d:a4:20:98:3e:b6:3a:10:45:c0:ae:
49:c3:d4:24:7e:9d:60:e1:ed:64:d1:db:db:e1:42:
82:9a:0f:35:c7:ec:a1:d2:04:0e:88:5e:ea:c4:31:
d8:51:ca:2d:01:2b:a2:90:07:9b:fe:d5:dc:45:89:
c4:e7:88:5e:48:8d:b0:14:8a:6f:fa:ff:af:27:aa:
83:02:7c:3f:2d:16:7f:40:16:24:d9:43:a0:a8:f1:
b6:05:9d:30:c5:a6:f1:a4:e4:87:36:b9:cd:96:93:
13:0a:c3:da:be:34:67:c8:86:8b:31:2d:99:63:5c:
8b:d5:bc:e6:b1:9c:4a:29:47:61:0b:21:04:fe:4b:
5d:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:17:65:20:F7:F4:92:57:66:17:DC:DA:AE:50:FC:C1:AC:3F:5D:4A
X509v3 Authority Key Identifier:
keyid:62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/rhdlIPf0kldmF9zarlD8waw_XUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.173.35.0/24
158.173.38.0/24
Signature Algorithm: sha256WithRSAEncryption
31:65:ca:c4:47:5c:0d:e5:00:b1:62:98:9a:a9:83:61:f0:35:
36:32:19:92:4d:ee:c4:d8:d1:1f:1f:f4:4b:ac:8d:a3:3f:b4:
92:3c:d0:2b:c3:6a:2f:e2:9c:c4:9d:f3:b7:a3:82:08:7e:b9:
da:a3:be:5a:84:6f:e8:f5:8b:42:74:80:fb:30:b3:f2:19:ca:
fa:4c:35:2c:89:86:d6:49:08:60:71:8f:43:0d:1f:5f:25:27:
36:bd:74:0c:1c:b4:17:dc:e0:02:b1:af:f6:46:7b:0e:c0:1a:
cb:43:95:d4:a7:b4:72:24:01:1d:4e:4e:5a:96:8c:21:f0:63:
a9:99:b6:e2:3c:86:58:f5:59:df:19:b7:f0:07:8f:57:63:c6:
a5:3f:12:93:aa:29:c8:b6:b3:f9:a8:b1:5d:dd:3a:9f:1c:cb:
b0:71:c1:be:e5:35:da:9c:84:09:e2:d5:df:cb:68:e1:ac:af:
96:51:f5:32:42:0c:64:20:07:d7:c0:f9:9f:ae:a3:61:da:eb:
b5:f9:9b:c6:03:87:37:14:e5:8b:fd:d8:92:ac:d9:94:64:e4:
54:2e:cd:38:da:63:e1:0c:46:ba:ac:29:a7:ed:a3:8b:65:10:
4a:7f:fc:7d:e7:34:e0:d0:00:31:78:b2:85:f9:d6:12:66:4c:
53:67:c7:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZnn7HwnSQ710O0osyQPwOfnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNmEyOGI3YzYzZWY2YWIyMTRhNTJjZmE3YzNlNzhkYjlh
NDA4MjMwHhcNMjUxMDE1MTI1MDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTE3NjUyMGY3ZjQ5MjU3NjYxN2RjZGFhZTUwZmNjMWFjM2Y1ZDRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunChLgDUFAH1iEJCj/vSTYRSd5Nh
4R4hgQpHa4w+P0H41ihm5H3AIHbLpIFyilOZO2d6jtL1znR1U5qK9yQ7SpEjh7Kx
Qvn0/JuVKamKoXChOg/OAQN7kYqh7wt6uFhUWb7mWxcAPFkEo5ZDkj8FUWndCASO
EUacsGPlTaQgmD62OhBFwK5Jw9Qkfp1g4e1k0dvb4UKCmg81x+yh0gQOiF7qxDHY
UcotASuikAeb/tXcRYnE54heSI2wFIpv+v+vJ6qDAnw/LRZ/QBYk2UOgqPG2BZ0w
xabxpOSHNrnNlpMTCsPavjRnyIaLMS2ZY1yL1bzmsZxKKUdhCyEE/ktduwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK4XZSD39JJXZhfc2q5Q/MGsP11KMB8GA1UdIwQY
MBaAFGJqKLfGPvarIUpSz6fD5425pAgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUt
ZDJjZDI2YjY5ZGYxLzEvcmhkbElQZjBrbGRtRjl6YXJsRDh3YXdfWFVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUtZDJjZDI2YjY5ZGYx
LzEvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAnq0jAwQA
nq0mMA0GCSqGSIb3DQEBCwUAA4IBAQAxZcrER1wN5QCxYpiaqYNh8DU2MhmSTe7E
2NEfH/RLrI2jP7SSPNArw2ov4pzEnfO3o4IIfrnao75ahG/o9YtCdID7MLPyGcr6
TDUsiYbWSQhgcY9DDR9fJSc2vXQMHLQX3OACsa/2RnsOwBrLQ5XUp7RyJAEdTk5a
lowh8GOpmbbiPIZY9VnfGbfwB49XY8alPxKTqinItrP5qLFd3TqfHMuwccG+5TXa
nIQJ4tXfy2jhrK+WUfUyQgxkIAfXwPmfrqNh2uu1+ZvGA4c3FOWL/diSrNmUZORU
Ls042mPhDEa6rCmn7aOLZRBKf/x95zTg0AAxeLKF+dYSZkxTZ8c/
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:54 2025 by rpki-client