Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/29066f5d-ecc1-4927-95c1-e1a8df8f9897/0/3138352e39312e3131322e302f32342d3234203d3e20323035383836.roa
File: 3138352e39312e3131322e302f32342d3234203d3e20323035383836.roa (raw, json)
Hash identifier: O1n5JnY1D7Gybc6bse2IOISd30uajo4rcLgj2Y43/4k=
Subject key identifier: F7:CE:B0:0B:A8:54:82:94:82:0A:33:92:5D:E1:4B:E2:14:0C:03:DB
Certificate issuer: /CN=1498141819112b8446c2d4a3111f53038f05dbe9
Certificate serial: 4516C46A923A2CCE5BAE99C71D5EF4873FD42D66
Authority key identifier: 14:98:14:18:19:11:2B:84:46:C2:D4:A3:11:1F:53:03:8F:05:DB:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FJgUGBkRK4RGwtSjER9TA48F2-k.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/29066f5d-ecc1-4927-95c1-e1a8df8f9897/0/3138352e39312e3131322e302f32342d3234203d3e20323035383836.roa
Signing time: Sat 18 Oct 2025 09:17:04 +0000
ROA not before: Sat 18 Oct 2025 09:12:04 +0000
ROA not after: Sat 17 Oct 2026 09:17:04 +0000
asID: 205886
IP address blocks: 185.91.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/29066f5d-ecc1-4927-95c1-e1a8df8f9897/0/1498141819112B8446C2D4A3111F53038F05DBE9.crl
rsync://rsync.paas.rpki.ripe.net/repository/29066f5d-ecc1-4927-95c1-e1a8df8f9897/0/1498141819112B8446C2D4A3111F53038F05DBE9.mft
rsync://rpki.ripe.net/repository/DEFAULT/FJgUGBkRK4RGwtSjER9TA48F2-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:16:c4:6a:92:3a:2c:ce:5b:ae:99:c7:1d:5e:f4:87:3f:d4:2d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1498141819112b8446c2d4a3111f53038f05dbe9
Validity
Not Before: Oct 18 09:12:04 2025 GMT
Not After : Oct 17 09:17:04 2026 GMT
Subject: CN=F7CEB00BA8548294820A33925DE14BE2140C03DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:04:b1:c2:c1:3d:35:56:ab:48:1a:2c:c8:f5:
b3:09:dc:21:f1:75:e7:67:f8:5b:8e:b2:48:81:eb:
09:98:3d:79:cf:9b:12:60:4c:72:72:a6:cd:6b:47:
cb:4c:36:8a:70:d2:13:16:2f:79:de:74:7c:b0:ec:
53:cd:7d:cc:a5:5a:8b:85:71:df:18:5a:fa:a5:aa:
57:14:56:d1:fa:cb:1d:5c:59:e9:23:07:8d:f0:41:
e2:4d:9b:e3:a9:ca:dd:54:97:80:ee:bc:c5:39:d0:
f4:66:5a:33:e1:77:f0:89:33:8b:25:77:90:46:11:
93:b1:d0:77:d6:2d:65:54:a8:3a:e8:ae:8f:00:d5:
0b:59:13:1e:97:fb:49:5a:e1:41:c2:66:fd:72:d1:
2e:c4:9b:66:f8:be:8a:4b:1d:87:9e:ad:1a:58:6b:
27:0a:92:c7:8c:e3:a5:ee:e6:e3:f1:61:bd:d3:83:
b1:a9:fe:44:0b:5f:09:8f:ab:12:81:37:0d:63:52:
e1:e3:a3:ec:2b:18:cc:66:f2:03:21:2f:76:66:83:
b4:e0:0e:51:de:cb:7f:ed:a2:c4:77:ae:d0:fd:7c:
58:f8:74:d0:6d:d6:f9:ed:bd:6c:c5:44:5d:ef:2e:
0d:d7:00:ab:ca:39:0a:b4:fa:74:8b:ca:3f:e9:66:
ac:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:CE:B0:0B:A8:54:82:94:82:0A:33:92:5D:E1:4B:E2:14:0C:03:DB
X509v3 Authority Key Identifier:
keyid:14:98:14:18:19:11:2B:84:46:C2:D4:A3:11:1F:53:03:8F:05:DB:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/29066f5d-ecc1-4927-95c1-e1a8df8f9897/0/1498141819112B8446C2D4A3111F53038F05DBE9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FJgUGBkRK4RGwtSjER9TA48F2-k.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/29066f5d-ecc1-4927-95c1-e1a8df8f9897/0/3138352e39312e3131322e302f32342d3234203d3e20323035383836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.112.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:06:07:e9:f0:b4:d5:47:18:e9:92:20:0f:ff:9a:44:69:30:
d7:bf:a7:7a:41:8b:51:2a:35:d5:91:96:db:de:f0:6c:63:e2:
00:0d:ff:25:b1:f4:e9:b1:47:9f:e9:f4:0c:63:7f:7d:0a:0b:
5d:83:39:56:50:eb:65:aa:bf:a2:ba:0a:6f:ac:24:f9:4e:33:
0e:02:f7:99:a8:86:7f:81:ad:3e:88:bf:3d:cb:67:6d:22:be:
e9:75:a1:83:ff:de:ad:de:86:ec:e0:e6:10:11:9f:72:ef:cb:
ab:8d:20:a0:02:ab:5f:39:63:b6:44:83:c8:ed:df:83:55:5e:
a5:1b:2e:94:9b:35:4c:40:c5:44:93:3b:cb:fe:3e:dd:c6:18:
11:f8:42:43:71:51:c4:92:71:8e:96:9b:56:75:cb:dc:5e:92:
f1:8e:43:19:00:37:62:c9:74:ac:a4:30:d0:bd:2d:5b:fd:6d:
82:74:61:6e:1e:ee:2b:aa:1d:3d:fb:ca:0b:63:0d:83:b8:ba:
f5:b6:20:82:bb:d9:ba:cd:14:31:1d:8a:04:53:a2:92:4c:3a:
a1:5e:7c:8a:73:09:6b:8d:6b:f0:fe:1f:77:cf:2a:ba:5e:77:
21:5a:d6:ac:e7:be:47:84:7c:4c:f8:46:f1:d2:52:b5:11:d0:
70:7e:df:ec
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURRbEapI6LM5brpnHHV70hz/ULWYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTQ5ODE0MTgxOTExMmI4NDQ2YzJkNGEzMTExZjUzMDM4
ZjA1ZGJlOTAeFw0yNTEwMTgwOTEyMDRaFw0yNjEwMTcwOTE3MDRaMDMxMTAvBgNV
BAMTKEY3Q0VCMDBCQTg1NDgyOTQ4MjBBMzM5MjVERTE0QkUyMTQwQzAzREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjBLHCwT01VqtIGizI9bMJ3CHx
dedn+FuOskiB6wmYPXnPmxJgTHJyps1rR8tMNopw0hMWL3nedHyw7FPNfcylWouF
cd8YWvqlqlcUVtH6yx1cWekjB43wQeJNm+Opyt1Ul4DuvMU50PRmWjPhd/CJM4sl
d5BGEZOx0HfWLWVUqDroro8A1QtZEx6X+0la4UHCZv1y0S7Em2b4vopLHYeerRpY
aycKkseM46Xu5uPxYb3Tg7Gp/kQLXwmPqxKBNw1jUuHjo+wrGMxm8gMhL3Zmg7Tg
DlHey3/tosR3rtD9fFj4dNBt1vntvWzFRF3vLg3XAKvKOQq0+nSLyj/pZqx/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU986wC6hUgpSCCjOSXeFL4hQMA9swHwYDVR0j
BBgwFoAUFJgUGBkRK4RGwtSjER9TA48F2+kwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjkwNjZmNWQtZWNjMS00OTI3LTk1YzEtZTFhOGRmOGY5
ODk3LzAvMTQ5ODE0MTgxOTExMkI4NDQ2QzJENEEzMTExRjUzMDM4RjA1REJFOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0ZKZ1VHQmtSSzRSR3d0U2pFUjlUQTQ4
RjItay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjkwNjZmNWQt
ZWNjMS00OTI3LTk1YzEtZTFhOGRmOGY5ODk3LzAvMzEzODM1MmUzOTMxMmUzMTMx
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzUzODM4MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5W3AwDQYJKoZIhvcNAQELBQADggEBAI4GB+nwtNVHGOmSIA//mkRpMNe/p3pB
i1EqNdWRltve8Gxj4gAN/yWx9OmxR5/p9Axjf30KC12DOVZQ62Wqv6K6Cm+sJPlO
Mw4C95mohn+BrT6Ivz3LZ20ivul1oYP/3q3ehuzg5hARn3Lvy6uNIKACq185Y7ZE
g8jt34NVXqUbLpSbNUxAxUSTO8v+Pt3GGBH4QkNxUcSScY6Wm1Z1y9xekvGOQxkA
N2LJdKykMNC9LVv9bYJ0YW4e7iuqHT37ygtjDYO4uvW2IIK72brNFDEdigRTopJM
OqFefIpzCWuNa/D+H3fPKrpedyFa1qznvkeEfEz4RvHSUrUR0HB+3+w=
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:41:45 2025 by rpki-client