
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/a48ab2-d523-40f3-96bf-1c260b1e28d1/1/41j3d2RDOJcBPDBuQ5GVOR304-4.roa
File: 41j3d2RDOJcBPDBuQ5GVOR304-4.roa (raw, json)
Hash identifier: eAoOudYj+cHlQYjWYa9sz6FB+63f4zS6NwTicUIeFfM=
Subject key identifier: E3:58:F7:77:64:43:38:97:01:3C:30:6E:43:91:95:39:1D:F4:E3:EE
Certificate issuer: /CN=ff3f26b541f0bba8a5ce71ea53811b46c1657ab3
Certificate serial: 0198E1E3E0568ED830310722E2C1FB9F91D3
Authority key identifier: FF:3F:26:B5:41:F0:BB:A8:A5:CE:71:EA:53:81:1B:46:C1:65:7A:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_z8mtUHwu6ilznHqU4EbRsFlerM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/a48ab2-d523-40f3-96bf-1c260b1e28d1/1/41j3d2RDOJcBPDBuQ5GVOR304-4.roa
Signing time: Mon 25 Aug 2025 15:41:04 +0000
ROA not before: Mon 25 Aug 2025 15:41:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34146
IP address blocks: 78.40.72.0/24 maxlen: 24
78.40.73.0/24 maxlen: 24
78.40.74.0/24 maxlen: 24
78.40.75.0/24 maxlen: 24
78.40.79.0/24 maxlen: 24
185.200.220.0/24 maxlen: 24
185.200.221.0/24 maxlen: 24
185.200.222.0/24 maxlen: 24
185.200.223.0/24 maxlen: 24
2a02:449::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/a48ab2-d523-40f3-96bf-1c260b1e28d1/1/_z8mtUHwu6ilznHqU4EbRsFlerM.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/a48ab2-d523-40f3-96bf-1c260b1e28d1/1/_z8mtUHwu6ilznHqU4EbRsFlerM.mft
rsync://rpki.ripe.net/repository/DEFAULT/_z8mtUHwu6ilznHqU4EbRsFlerM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 06:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e1:e3:e0:56:8e:d8:30:31:07:22:e2:c1:fb:9f:91:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff3f26b541f0bba8a5ce71ea53811b46c1657ab3
Validity
Not Before: Aug 25 15:41:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e358f77764433897013c306e439195391df4e3ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:48:71:97:16:2b:ac:38:a3:1d:f2:7f:6f:45:
3e:60:53:d3:f2:cd:15:79:4f:b7:06:f5:f5:8a:a8:
e9:e4:5d:d8:58:76:01:07:1f:6f:7f:15:56:e6:e8:
97:58:c8:63:e9:fc:69:54:15:42:94:85:a1:3c:3d:
2e:90:02:24:33:ca:31:d4:f3:fd:8a:93:99:21:ab:
8e:c5:f0:64:ce:0f:2c:b4:fc:55:47:ca:ea:0d:6e:
56:43:ea:77:a7:e8:ed:39:62:bc:3a:83:36:db:f2:
66:c1:0c:dd:49:e1:cf:05:b3:a6:c9:b8:7a:43:35:
27:64:fc:bd:a7:85:1a:49:29:b3:2a:15:25:10:d9:
4a:95:c7:b2:ec:da:67:e3:9a:6e:91:4a:16:f2:b3:
ef:50:f9:73:a6:40:d8:af:c1:92:65:75:25:c5:12:
9a:5e:26:a7:4a:e0:1f:a5:4f:29:e5:11:d2:78:bc:
e4:95:07:f7:36:70:a2:24:99:58:63:ba:aa:24:dd:
88:e6:07:25:de:7a:d6:9e:d3:17:fc:5a:57:b4:f0:
d8:b9:3c:8c:f3:ec:4f:54:c0:40:80:56:76:54:93:
0b:8d:b1:16:df:a9:71:cc:a9:e3:06:82:7a:dd:86:
09:c0:00:14:01:4c:a7:eb:9b:53:95:79:b6:07:13:
e8:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:58:F7:77:64:43:38:97:01:3C:30:6E:43:91:95:39:1D:F4:E3:EE
X509v3 Authority Key Identifier:
keyid:FF:3F:26:B5:41:F0:BB:A8:A5:CE:71:EA:53:81:1B:46:C1:65:7A:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_z8mtUHwu6ilznHqU4EbRsFlerM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a48ab2-d523-40f3-96bf-1c260b1e28d1/1/41j3d2RDOJcBPDBuQ5GVOR304-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/a48ab2-d523-40f3-96bf-1c260b1e28d1/1/_z8mtUHwu6ilznHqU4EbRsFlerM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.72.0/22
78.40.79.0/24
185.200.220.0/22
IPv6:
2a02:449::/32
Signature Algorithm: sha256WithRSAEncryption
2f:70:75:5e:c8:1d:13:48:4e:45:8a:51:0b:67:38:ad:ab:9a:
b9:fd:03:1f:3d:21:b6:49:c0:93:0b:ee:71:c8:99:fe:e0:fe:
83:3f:4b:79:fe:35:f8:12:84:35:b3:f5:b6:9f:54:1c:bd:63:
be:77:de:84:a3:bf:68:6d:22:bf:ee:fc:6e:d5:43:fa:fb:16:
4a:8e:97:10:6a:90:0c:cd:dc:84:c8:5c:f3:56:7a:b4:94:09:
e1:a0:54:c2:cb:eb:62:3d:77:cc:17:c0:f3:36:3d:92:05:74:
08:ca:40:f2:5f:33:ba:7b:18:0a:63:e3:6f:e0:2d:39:ea:0e:
76:9f:d8:95:cc:7e:91:df:1e:e4:87:31:5c:2c:2f:79:14:c4:
8b:a7:fc:81:12:84:c8:68:0d:15:6f:b6:48:9e:9d:16:e8:1e:
d1:ac:09:00:ea:95:bd:43:07:40:de:1f:9f:85:70:0e:97:52:
31:d4:15:33:c6:16:96:16:2b:79:ce:ec:d9:1d:38:3a:49:f9:
fd:56:45:51:3b:2a:d2:bf:98:7d:27:69:d8:b4:fb:c9:10:19:
2d:5d:58:35:39:30:04:a2:1c:e6:ce:c7:ee:6d:1d:20:78:70:
82:77:ac:8a:9c:62:20:2c:44:c8:8d:d6:fc:0f:13:76:b7:b4:
76:18:8c:99
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZjh4+BWjtgwMQci4sH7n5HTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmM2YyNmI1NDFmMGJiYThhNWNlNzFlYTUzODExYjQ2YzE2
NTdhYjMwHhcNMjUwODI1MTU0MTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzU4Zjc3NzY0NDMzODk3MDEzYzMwNmU0MzkxOTUzOTFkZjRlM2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3UhxlxYrrDijHfJ/b0U+YFPT8s0V
eU+3BvX1iqjp5F3YWHYBBx9vfxVW5uiXWMhj6fxpVBVClIWhPD0ukAIkM8ox1PP9
ipOZIauOxfBkzg8stPxVR8rqDW5WQ+p3p+jtOWK8OoM22/JmwQzdSeHPBbOmybh6
QzUnZPy9p4UaSSmzKhUlENlKlcey7Npn45pukUoW8rPvUPlzpkDYr8GSZXUlxRKa
XianSuAfpU8p5RHSeLzklQf3NnCiJJlYY7qqJN2I5gcl3nrWntMX/FpXtPDYuTyM
8+xPVMBAgFZ2VJMLjbEW36lxzKnjBoJ63YYJwAAUAUyn65tTlXm2BxPozwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFONY93dkQziXATwwbkORlTkd9OPuMB8GA1UdIwQY
MBaAFP8/JrVB8Luopc5x6lOBG0bBZXqzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3o4bXRVSHd1Nmlsem5IcVU0RWJSc0ZsZXJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9hNDhhYjItZDUyMy00MGYzLTk2YmYt
MWMyNjBiMWUyOGQxLzEvNDFqM2QyUkRPSmNCUERCdVE1R1ZPUjMwNC00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9hNDhhYjItZDUyMy00MGYzLTk2YmYtMWMyNjBiMWUyOGQx
LzEvX3o4bXRVSHd1Nmlsem5IcVU0RWJSc0ZsZXJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCTihIAwQA
TihPAwQCucjcMA0EAgACMAcDBQAqAgRJMA0GCSqGSIb3DQEBCwUAA4IBAQAvcHVe
yB0TSE5FilELZzitq5q5/QMfPSG2ScCTC+5xyJn+4P6DP0t5/jX4EoQ1s/W2n1Qc
vWO+d96Eo79obSK/7vxu1UP6+xZKjpcQapAMzdyEyFzzVnq0lAnhoFTCy+tiPXfM
F8DzNj2SBXQIykDyXzO6exgKY+Nv4C056g52n9iVzH6R3x7khzFcLC95FMSLp/yB
EoTIaA0Vb7ZInp0W6B7RrAkA6pW9QwdA3h+fhXAOl1Ix1BUzxhaWFit5zuzZHTg6
Sfn9VkVROyrSv5h9J2nYtPvJEBktXVg1OTAEohzmzsfubR0geHCCd6yKnGIgLETI
jdb8DxN2t7R2GIyZ
-----END CERTIFICATE-----
Generated at Tue Oct 21 11:01:50 2025 by rpki-client