Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/3DY9M_LNawH48POb7XoHnCyRIRI.roa
File: 3DY9M_LNawH48POb7XoHnCyRIRI.roa (raw, json)
Hash identifier: +FPac6iPwMOZ9UkCIRgMljgiyBJsd5O32RrPcVmEajU=
Subject key identifier: DC:36:3D:33:F2:CD:6B:01:F8:F0:F3:9B:ED:7A:07:9C:2C:91:21:12
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 019850BB8C3AFB86F93F61E28E066FB0CE2B
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/3DY9M_LNawH48POb7XoHnCyRIRI.roa
Signing time: Mon 28 Jul 2025 11:12:05 +0000
ROA not before: Mon 28 Jul 2025 11:12:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197998
IP address blocks: 37.230.223.0/24 maxlen: 24
141.101.140.0/23 maxlen: 23
141.101.175.0/24 maxlen: 24
141.101.207.0/24 maxlen: 24
141.101.212.0/23 maxlen: 23
141.101.214.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 08:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:50:bb:8c:3a:fb:86:f9:3f:61:e2:8e:06:6f:b0:ce:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jul 28 11:12:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dc363d33f2cd6b01f8f0f39bed7a079c2c912112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:51:35:40:0a:17:44:84:82:0e:8a:31:2a:eb:
5c:40:99:ac:e6:a2:70:27:a3:0e:14:80:3d:7d:b5:
be:2e:9f:c5:17:b2:a0:1c:cc:a6:cc:74:b7:ae:96:
26:ca:40:b4:e0:7b:d0:f5:f2:b7:e6:76:2a:61:82:
8f:78:8d:a1:1e:50:c2:a2:f7:03:45:86:0c:fd:f0:
22:f4:33:5c:f5:a3:54:04:98:37:02:77:90:d5:85:
17:f6:07:89:31:6f:c7:45:01:b4:4a:6f:95:d0:69:
ba:0e:a4:27:42:9a:6e:19:67:92:e8:40:ee:2b:8a:
e8:98:91:8f:18:45:0f:0c:f3:31:3e:79:ce:82:86:
2f:ef:9b:13:51:ab:f1:8a:82:5e:93:d9:dd:96:59:
e6:80:67:df:97:75:ca:4f:34:3a:57:84:ab:d6:30:
c2:8b:ea:fc:7b:10:a4:b7:c4:7f:f2:d4:fa:b4:24:
17:5c:41:42:4a:ee:12:3d:48:da:63:d9:3b:37:4a:
fd:78:ec:47:49:ff:78:93:51:3f:a4:e2:b2:f0:18:
42:c2:a9:4b:21:4b:3a:fa:1c:a8:dd:e0:b2:19:9a:
dd:e1:a4:37:ca:c9:7d:1b:ba:61:1a:03:7c:46:70:
14:be:a3:42:e1:b3:30:7a:c4:9e:0f:a1:dd:14:93:
6f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:36:3D:33:F2:CD:6B:01:F8:F0:F3:9B:ED:7A:07:9C:2C:91:21:12
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/3DY9M_LNawH48POb7XoHnCyRIRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.223.0/24
141.101.140.0/23
141.101.175.0/24
141.101.207.0/24
141.101.212.0/22
Signature Algorithm: sha256WithRSAEncryption
cd:c1:e1:b2:8e:ae:fb:af:9f:df:b7:88:28:b5:e8:1f:a7:e2:
64:7c:1c:dc:b4:bb:73:0f:dd:44:a6:5a:82:c8:ec:bc:29:55:
52:03:0b:d3:2a:56:65:35:b8:90:32:c0:42:1d:56:d8:c6:98:
f0:8f:62:53:70:31:fa:27:cb:4d:4a:ab:50:f9:4d:8e:68:1d:
c5:6f:f1:a9:7b:4f:6c:9e:d3:46:3a:e2:ad:94:ba:ba:5f:fd:
92:67:fe:46:16:8b:f9:75:81:29:0f:02:37:89:b7:2c:9d:2d:
8b:ce:4b:0b:26:70:53:f6:f5:45:9a:7e:06:6e:59:7a:1b:4a:
dd:b3:1e:b6:49:46:0d:5e:25:e4:5c:19:aa:d7:dd:e7:80:08:
99:3b:7f:cf:6f:20:b8:84:f8:9f:43:6f:f4:5f:68:38:f5:c0:
38:8c:98:b5:12:3b:8c:cf:f9:66:ba:38:8d:ed:fd:92:f5:9b:
0c:7e:63:90:62:82:1a:16:55:69:68:bd:49:fc:66:ef:97:80:
b7:bc:94:2d:23:79:94:2d:21:95:6e:f9:ea:05:d2:03:75:91:
0f:e8:56:b3:18:d4:e6:02:e9:eb:9e:37:3d:31:82:5b:19:0d:
62:f8:19:5d:d1:87:db:49:5e:40:e8:7d:e9:39:f6:23:29:44:
43:30:16:7d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZhQu4w6+4b5P2HijgZvsM4rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwNzI4MTExMjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYzM2M2QzM2YyY2Q2YjAxZjhmMGYzOWJlZDdhMDc5YzJjOTEyMTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulE1QAoXRISCDooxKutcQJms5qJw
J6MOFIA9fbW+Lp/FF7KgHMymzHS3rpYmykC04HvQ9fK35nYqYYKPeI2hHlDCovcD
RYYM/fAi9DNc9aNUBJg3AneQ1YUX9geJMW/HRQG0Sm+V0Gm6DqQnQppuGWeS6EDu
K4romJGPGEUPDPMxPnnOgoYv75sTUavxioJek9ndllnmgGffl3XKTzQ6V4Sr1jDC
i+r8exCkt8R/8tT6tCQXXEFCSu4SPUjaY9k7N0r9eOxHSf94k1E/pOKy8BhCwqlL
IUs6+hyo3eCyGZrd4aQ3ysl9G7phGgN8RnAUvqNC4bMwesSeD6HdFJNv6QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNw2PTPyzWsB+PDzm+16B5wskSESMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvM0RZOU1fTE5hd0g0OFBPYjdYb0huQ3lSSVJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJebfAwQB
jWWMAwQAjWWvAwQAjWXPAwQCjWXUMA0GCSqGSIb3DQEBCwUAA4IBAQDNweGyjq77
r5/ft4gotegfp+JkfBzctLtzD91EplqCyOy8KVVSAwvTKlZlNbiQMsBCHVbYxpjw
j2JTcDH6J8tNSqtQ+U2OaB3Fb/Gpe09sntNGOuKtlLq6X/2SZ/5GFov5dYEpDwI3
ibcsnS2LzksLJnBT9vVFmn4Gbll6G0rdsx62SUYNXiXkXBmq193ngAiZO3/PbyC4
hPifQ2/0X2g49cA4jJi1EjuMz/lmujiN7f2S9ZsMfmOQYoIaFlVpaL1J/Gbvl4C3
vJQtI3mULSGVbvnqBdIDdZEP6FazGNTmAunrnjc9MYJbGQ1i+Bld0YfbSV5A6H3p
OfYjKURDMBZ9
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:09:33 2025 by rpki-client