Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139362e302f32342d3234203d3e20323035383836.roa
File: 3137382e3133322e3139362e302f32342d3234203d3e20323035383836.roa (raw, json)
Hash identifier: uXr7xv/utv3nrmiA56MIjtPUbX68CjWOqcNFqNQ16UA=
Subject key identifier: D1:66:AE:D2:B6:83:CC:CA:D1:1F:DD:0D:92:7B:1A:E4:68:09:79:50
Certificate issuer: /CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Certificate serial: 325D829F4CC1CA23C8AACA8E3CBE786600254ED0
Authority key identifier: F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139362e302f32342d3234203d3e20323035383836.roa
Signing time: Fri 17 Oct 2025 02:46:48 +0000
ROA not before: Fri 17 Oct 2025 02:41:48 +0000
ROA not after: Fri 16 Oct 2026 02:46:48 +0000
asID: 205886
IP address blocks: 178.132.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.mft
rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 07:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:5d:82:9f:4c:c1:ca:23:c8:aa:ca:8e:3c:be:78:66:00:25:4e:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f768ff6e681858c0ec19f3a93fa1792cd16ceed3
Validity
Not Before: Oct 17 02:41:48 2025 GMT
Not After : Oct 16 02:46:48 2026 GMT
Subject: CN=D166AED2B683CCCAD11FDD0D927B1AE468097950
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4b:38:67:de:e0:27:83:1b:13:05:f7:67:9b:
d6:4f:6c:96:e1:cb:87:7b:1f:a4:1a:35:e8:98:bc:
6c:39:ce:b2:67:8a:0a:21:85:4c:ea:6b:02:0b:02:
37:78:48:c7:af:c7:ae:02:e6:f4:a7:bc:26:23:de:
50:7e:04:38:67:b0:5c:2f:98:8a:b6:48:fb:d9:ec:
1d:a7:53:a1:3e:00:35:e5:e1:06:1d:a1:1b:a4:d6:
10:22:00:f7:c0:00:4a:55:11:4f:88:20:4a:6f:ed:
dc:d2:40:99:b8:99:4b:db:5a:bb:f2:2d:ac:f3:ea:
1a:3a:b4:76:06:d2:30:e8:96:85:a3:84:b7:32:f8:
3d:ba:38:af:32:95:e8:f0:b1:37:0f:99:4d:16:e1:
0b:0a:a9:00:82:ff:6c:b0:af:76:14:0e:76:e2:f5:
5f:d8:5c:79:a0:35:56:0a:ec:94:65:f0:14:5f:e5:
a2:57:db:57:7e:ce:cd:dd:6b:fb:ae:24:22:ba:70:
e5:52:a7:14:00:a7:ad:fe:b7:f3:15:ab:5f:e1:d4:
37:14:98:d9:5f:94:8f:75:b6:74:64:8a:ec:4f:3f:
76:b9:6b:c0:c3:9d:15:e5:74:35:5f:c7:b0:5e:06:
97:a8:9d:6a:7c:c8:0b:fa:3c:cf:5b:e2:86:cb:9e:
25:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:66:AE:D2:B6:83:CC:CA:D1:1F:DD:0D:92:7B:1A:E4:68:09:79:50
X509v3 Authority Key Identifier:
keyid:F7:68:FF:6E:68:18:58:C0:EC:19:F3:A9:3F:A1:79:2C:D1:6C:EE:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/F768FF6E681858C0EC19F3A93FA1792CD16CEED3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/92j_bmgYWMDsGfOpP6F5LNFs7tM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0cc08737-9267-402a-99d4-7aaafea444ed/0/3137382e3133322e3139362e302f32342d3234203d3e20323035383836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.196.0/24
Signature Algorithm: sha256WithRSAEncryption
29:3f:6f:bf:a8:80:45:d3:a1:14:db:21:bc:cb:3d:a6:ab:c6:
f1:a6:ea:77:a1:61:7f:bf:c7:f2:5c:19:78:fa:8e:84:d5:d8:
3b:cf:a4:f3:68:89:6f:28:3e:01:d1:7d:dc:f5:72:2b:c2:f2:
56:b1:7d:7f:c6:cf:2d:82:f1:af:a9:16:76:6b:73:af:1f:8e:
d3:22:b3:a9:7c:b2:4d:e5:02:c0:e8:9f:a4:ed:cb:69:b0:bd:
07:63:7d:30:8e:04:c4:8c:d5:d4:72:2f:a1:58:2b:9d:06:da:
d9:fe:5c:21:cd:49:a5:47:8d:ac:41:ae:80:3d:38:46:3d:89:
26:d3:f1:4c:db:50:c8:80:2c:70:5b:90:c4:2d:1c:37:1f:91:
39:2c:92:97:7a:d6:2c:2c:02:78:83:21:3a:c3:37:2b:b9:88:
67:54:14:60:8f:b3:5f:be:fb:be:99:0c:34:c5:34:ce:64:a2:
c8:ca:b9:61:4e:fe:a2:6d:5e:dd:f9:6e:76:b7:bc:f7:e0:a5:
cf:b4:4d:5b:5c:af:6c:d3:61:3a:7e:83:b2:20:17:ea:90:8f:
7d:f6:34:59:bd:42:43:c8:7b:4d:38:52:f2:22:3e:d0:a0:05:
ee:d1:58:6e:b4:90:94:bb:7b:71:35:4b:43:d0:97:70:0c:42:
e0:db:a4:35
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUMl2Cn0zByiPIqsqOPL54ZgAlTtAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZjc2OGZmNmU2ODE4NThjMGVjMTlmM2E5M2ZhMTc5MmNk
MTZjZWVkMzAeFw0yNTEwMTcwMjQxNDhaFw0yNjEwMTYwMjQ2NDhaMDMxMTAvBgNV
BAMTKEQxNjZBRUQyQjY4M0NDQ0FEMTFGREQwRDkyN0IxQUU0NjgwOTc5NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCySzhn3uAngxsTBfdnm9ZPbJbh
y4d7H6QaNeiYvGw5zrJnigohhUzqawILAjd4SMevx64C5vSnvCYj3lB+BDhnsFwv
mIq2SPvZ7B2nU6E+ADXl4QYdoRuk1hAiAPfAAEpVEU+IIEpv7dzSQJm4mUvbWrvy
Lazz6ho6tHYG0jDoloWjhLcy+D26OK8ylejwsTcPmU0W4QsKqQCC/2ywr3YUDnbi
9V/YXHmgNVYK7JRl8BRf5aJX21d+zs3da/uuJCK6cOVSpxQAp63+t/MVq1/h1DcU
mNlflI91tnRkiuxPP3a5a8DDnRXldDVfx7BeBpeonWp8yAv6PM9b4obLniU3AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU0Wau0raDzMrRH90Nknsa5GgJeVAwHwYDVR0j
BBgwFoAU92j/bmgYWMDsGfOpP6F5LNFs7tMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMGNjMDg3MzctOTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0
NGVkLzAvRjc2OEZGNkU2ODE4NThDMEVDMTlGM0E5M0ZBMTc5MkNEMTZDRUVEMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkyal9ibWdZV01Ec0dmT3BQNkY1TE5G
czd0TS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGNjMDg3Mzct
OTI2Ny00MDJhLTk5ZDQtN2FhYWZlYTQ0NGVkLzAvMzEzNzM4MmUzMTMzMzIyZTMx
MzkzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNTM4MzgzNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALKExDANBgkqhkiG9w0BAQsFAAOCAQEAKT9vv6iARdOhFNshvMs9pqvG8abq
d6Fhf7/H8lwZePqOhNXYO8+k82iJbyg+AdF93PVyK8LyVrF9f8bPLYLxr6kWdmtz
rx+O0yKzqXyyTeUCwOifpO3LabC9B2N9MI4ExIzV1HIvoVgrnQba2f5cIc1JpUeN
rEGugD04Rj2JJtPxTNtQyIAscFuQxC0cNx+ROSySl3rWLCwCeIMhOsM3K7mIZ1QU
YI+zX777vpkMNMU0zmSiyMq5YU7+om1e3fludre89+Clz7RNW1yvbNNhOn6DsiAX
6pCPffY0Wb1CQ8h7TThS8iI+0KAF7tFYbrSQlLt7cTVLQ9CXcAxC4NukNQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:59:54 2025 by rpki-client