Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/3154b4-5bd4-4ac9-b0c8-1b25ae4229db/1/fgNc3XJYzlvVGoE08QNz7y8we1c.roa
File: fgNc3XJYzlvVGoE08QNz7y8we1c.roa (raw, json)
Hash identifier: 0HZ8FpOe+yubT+Fy50QFxz4rHKcRQcjh6z09BKS1JVY=
Subject key identifier: 7E:03:5C:DD:72:58:CE:5B:D5:1A:81:34:F1:03:73:EF:2F:30:7B:57
Certificate issuer: /CN=a370b23f5c0dba89b157f81c9c381095118b7a9f
Certificate serial: 0198842B306797A6C1EFFEBCEC68808D49C6
Authority key identifier: A3:70:B2:3F:5C:0D:BA:89:B1:57:F8:1C:9C:38:10:95:11:8B:7A:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o3CyP1wNuomxV_gcnDgQlRGLep8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/3154b4-5bd4-4ac9-b0c8-1b25ae4229db/1/fgNc3XJYzlvVGoE08QNz7y8we1c.roa
Signing time: Thu 07 Aug 2025 10:54:39 +0000
ROA not before: Thu 07 Aug 2025 10:54:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44500
IP address blocks: 185.75.136.0/22 maxlen: 22
185.203.44.0/22 maxlen: 22
2a03:43a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/3154b4-5bd4-4ac9-b0c8-1b25ae4229db/1/o3CyP1wNuomxV_gcnDgQlRGLep8.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/3154b4-5bd4-4ac9-b0c8-1b25ae4229db/1/o3CyP1wNuomxV_gcnDgQlRGLep8.mft
rsync://rpki.ripe.net/repository/DEFAULT/o3CyP1wNuomxV_gcnDgQlRGLep8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 13:02:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:84:2b:30:67:97:a6:c1:ef:fe:bc:ec:68:80:8d:49:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a370b23f5c0dba89b157f81c9c381095118b7a9f
Validity
Not Before: Aug 7 10:54:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e035cdd7258ce5bd51a8134f10373ef2f307b57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:38:81:0f:96:4b:33:75:c9:fe:aa:ad:a9:4f:
40:7f:35:b9:26:5a:da:c4:13:9c:84:23:1c:27:e9:
3d:f9:67:8d:6d:ce:c9:fa:a8:b7:bc:2b:91:54:d2:
f5:f4:a4:f5:d5:c4:ea:62:cb:fe:59:99:31:8a:a2:
2d:14:f2:b4:84:69:9d:ca:75:60:3c:91:3f:0f:dd:
79:ee:bb:ad:a7:d9:ab:53:32:46:85:66:8e:24:3d:
d1:ee:e7:33:35:49:6a:9e:4b:92:9c:50:db:a1:64:
1a:ae:8d:31:d5:d9:ea:34:d4:44:33:bd:bc:79:3d:
99:e2:6d:4a:1c:c7:e0:48:5c:aa:e9:34:45:04:0c:
75:0a:72:a7:61:30:bc:80:ae:11:a6:fd:9a:99:b4:
46:ac:ce:9f:6d:90:ba:18:3a:43:ab:20:50:40:37:
46:3a:2d:ab:c1:57:0d:85:e0:93:ba:28:cc:6a:8f:
bc:20:16:1f:6a:97:f6:11:f5:8d:60:d4:cb:0d:40:
98:1e:0b:67:54:57:22:47:39:8f:fa:3b:ef:56:b2:
31:7f:a2:13:b3:6f:20:47:9c:51:c5:fb:8a:7b:b5:
3f:cc:c7:26:51:52:a9:79:21:ae:63:5d:97:e8:94:
b8:82:52:d7:9a:dd:66:2b:67:32:a9:53:31:78:9e:
da:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:03:5C:DD:72:58:CE:5B:D5:1A:81:34:F1:03:73:EF:2F:30:7B:57
X509v3 Authority Key Identifier:
keyid:A3:70:B2:3F:5C:0D:BA:89:B1:57:F8:1C:9C:38:10:95:11:8B:7A:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o3CyP1wNuomxV_gcnDgQlRGLep8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/3154b4-5bd4-4ac9-b0c8-1b25ae4229db/1/fgNc3XJYzlvVGoE08QNz7y8we1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/3154b4-5bd4-4ac9-b0c8-1b25ae4229db/1/o3CyP1wNuomxV_gcnDgQlRGLep8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.136.0/22
185.203.44.0/22
IPv6:
2a03:43a0::/32
Signature Algorithm: sha256WithRSAEncryption
23:dd:8e:f3:0a:85:96:f0:a8:9b:9a:37:bb:b9:4e:73:5a:58:
6f:57:ee:7c:33:c8:76:9b:c3:23:d6:3e:dd:21:2c:cf:65:43:
94:eb:0a:0d:17:0f:48:64:7c:38:54:a4:ab:9d:dd:07:a3:6f:
aa:d5:7f:a1:1e:2a:c6:44:8e:01:c0:4f:c7:3e:dc:7d:d3:0d:
77:74:ec:0e:7f:ec:6a:d5:3d:5c:4c:1e:b4:46:69:f8:97:bf:
f4:d4:d8:f7:50:6d:a3:b0:7f:c0:56:e0:94:3b:2c:28:82:14:
73:62:3e:97:1d:95:cf:59:72:72:09:1b:6c:ff:a5:99:95:69:
16:67:20:db:42:1d:3f:40:fe:6b:ba:d4:37:df:8c:e2:45:34:
5d:14:ab:15:5c:fb:40:90:3c:68:d9:5f:86:e4:88:b1:75:6a:
cf:78:67:53:f9:70:b2:c0:c9:c5:a1:1e:1b:fa:36:9d:d7:e7:
f1:47:a9:52:d3:57:62:26:41:b0:bd:bf:ff:08:65:3e:59:4a:
8c:4f:9b:6f:f5:92:c9:ef:6b:53:4c:09:50:fc:29:5d:e9:09:
bd:3b:06:20:0d:5c:36:dc:a3:39:c9:2d:9c:4f:51:73:5b:42:
02:4d:b6:ee:5e:be:4c:30:1d:9d:d2:a5:74:48:28:c5:67:c1:
91:9e:f6:f2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZiEKzBnl6bB7/687GiAjUnGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNzBiMjNmNWMwZGJhODliMTU3ZjgxYzljMzgxMDk1MTE4
YjdhOWYwHhcNMjUwODA3MTA1NDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTAzNWNkZDcyNThjZTViZDUxYTgxMzRmMTAzNzNlZjJmMzA3YjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApziBD5ZLM3XJ/qqtqU9AfzW5Jlra
xBOchCMcJ+k9+WeNbc7J+qi3vCuRVNL19KT11cTqYsv+WZkxiqItFPK0hGmdynVg
PJE/D9157rutp9mrUzJGhWaOJD3R7uczNUlqnkuSnFDboWQaro0x1dnqNNREM728
eT2Z4m1KHMfgSFyq6TRFBAx1CnKnYTC8gK4Rpv2ambRGrM6fbZC6GDpDqyBQQDdG
Oi2rwVcNheCTuijMao+8IBYfapf2EfWNYNTLDUCYHgtnVFciRzmP+jvvVrIxf6IT
s28gR5xRxfuKe7U/zMcmUVKpeSGuY12X6JS4glLXmt1mK2cyqVMxeJ7apwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFH4DXN1yWM5b1RqBNPEDc+8vMHtXMB8GA1UdIwQY
MBaAFKNwsj9cDbqJsVf4HJw4EJURi3qfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzNDeVAxd051b214Vl9nY25EZ1FsUkdMZXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8zMTU0YjQtNWJkNC00YWM5LWIwYzgt
MWIyNWFlNDIyOWRiLzEvZmdOYzNYSll6bHZWR29FMDhRTno3eTh3ZTFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8zMTU0YjQtNWJkNC00YWM5LWIwYzgtMWIyNWFlNDIyOWRi
LzEvbzNDeVAxd051b214Vl9nY25EZ1FsUkdMZXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuUuIAwQC
ucssMA0EAgACMAcDBQAqA0OgMA0GCSqGSIb3DQEBCwUAA4IBAQAj3Y7zCoWW8Kib
mje7uU5zWlhvV+58M8h2m8Mj1j7dISzPZUOU6woNFw9IZHw4VKSrnd0Ho2+q1X+h
HirGRI4BwE/HPtx90w13dOwOf+xq1T1cTB60Rmn4l7/01Nj3UG2jsH/AVuCUOywo
ghRzYj6XHZXPWXJyCRts/6WZlWkWZyDbQh0/QP5rutQ334ziRTRdFKsVXPtAkDxo
2V+G5IixdWrPeGdT+XCywMnFoR4b+jad1+fxR6lS01diJkGwvb//CGU+WUqMT5tv
9ZLJ72tTTAlQ/Cld6Qm9OwYgDVw23KM5yS2cT1FzW0ICTbbuXr5MMB2d0qV0SCjF
Z8GRnvby
-----END CERTIFICATE-----
Generated at Sat Aug 23 23:09:35 2025 by rpki-client