Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/29066f5d-ecc1-4927-95c1-e1a8df8f9897/0/3138352e39312e3131332e302f32342d3234203d3e20323134323038.roa
File: 3138352e39312e3131332e302f32342d3234203d3e20323134323038.roa (raw, json)
Hash identifier: qSSu/jTa9CtmAhgZlrJ1s4QldXeKp0EqfLu29FuP5Zs=
Subject key identifier: F7:96:22:9D:55:A7:9D:FE:81:B1:9C:A2:B8:10:C3:56:93:F2:FC:13
Certificate issuer: /CN=1498141819112b8446c2d4a3111f53038f05dbe9
Certificate serial: 71521F3617DEBDE9A5DB7F96FF9B6DF29BDEB2
Authority key identifier: 14:98:14:18:19:11:2B:84:46:C2:D4:A3:11:1F:53:03:8F:05:DB:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FJgUGBkRK4RGwtSjER9TA48F2-k.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/29066f5d-ecc1-4927-95c1-e1a8df8f9897/0/3138352e39312e3131332e302f32342d3234203d3e20323134323038.roa
Signing time: Fri 27 Jun 2025 11:41:53 +0000
ROA not before: Fri 27 Jun 2025 11:36:53 +0000
ROA not after: Fri 26 Jun 2026 11:41:53 +0000
asID: 214208
IP address blocks: 185.91.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/29066f5d-ecc1-4927-95c1-e1a8df8f9897/0/1498141819112B8446C2D4A3111F53038F05DBE9.crl
rsync://rsync.paas.rpki.ripe.net/repository/29066f5d-ecc1-4927-95c1-e1a8df8f9897/0/1498141819112B8446C2D4A3111F53038F05DBE9.mft
rsync://rpki.ripe.net/repository/DEFAULT/FJgUGBkRK4RGwtSjER9TA48F2-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 13:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:52:1f:36:17:de:bd:e9:a5:db:7f:96:ff:9b:6d:f2:9b:de:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1498141819112b8446c2d4a3111f53038f05dbe9
Validity
Not Before: Jun 27 11:36:53 2025 GMT
Not After : Jun 26 11:41:53 2026 GMT
Subject: CN=F796229D55A79DFE81B19CA2B810C35693F2FC13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a8:a7:6f:7a:c1:ba:5d:b1:c2:9f:95:79:27:
f3:16:44:65:8e:6d:58:db:f1:59:86:40:5b:77:50:
52:cc:01:5b:a4:ba:6b:11:49:fe:36:eb:f7:e5:b2:
48:8b:79:12:df:56:e9:5c:b7:cd:92:96:f9:9b:8f:
ba:f3:14:3b:6d:eb:d9:57:47:97:2d:cd:87:9a:d3:
d8:71:fe:ff:2b:38:ff:82:88:d3:e6:86:92:9c:47:
4d:92:5d:a1:f7:73:81:1b:0b:8e:ea:3b:e6:ee:28:
df:bf:1a:44:5c:a9:cf:78:a7:fd:dd:5c:df:33:37:
6b:6e:37:4d:f5:0b:9d:9e:2a:3b:71:56:9d:e5:8a:
f1:f4:73:fe:b8:ff:09:56:6d:06:41:f7:14:2f:60:
03:66:fd:a5:52:ea:d5:b7:07:67:89:f5:4f:0b:6d:
dd:88:67:d7:83:56:c4:19:b2:2e:75:bd:a3:aa:08:
cb:d4:ed:b6:ff:50:00:49:33:0b:66:a0:7b:88:6c:
16:f0:68:81:c7:35:c0:55:21:4a:17:3c:04:ed:6d:
2a:c9:fb:6a:a8:3a:4c:75:13:43:ad:8d:5d:fa:d0:
47:67:9d:f1:28:9c:d7:8b:f0:89:74:10:0b:a4:0e:
f3:a2:e5:3a:2f:af:ca:e2:59:25:cf:51:85:8d:09:
f3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:96:22:9D:55:A7:9D:FE:81:B1:9C:A2:B8:10:C3:56:93:F2:FC:13
X509v3 Authority Key Identifier:
keyid:14:98:14:18:19:11:2B:84:46:C2:D4:A3:11:1F:53:03:8F:05:DB:E9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/29066f5d-ecc1-4927-95c1-e1a8df8f9897/0/1498141819112B8446C2D4A3111F53038F05DBE9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FJgUGBkRK4RGwtSjER9TA48F2-k.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/29066f5d-ecc1-4927-95c1-e1a8df8f9897/0/3138352e39312e3131332e302f32342d3234203d3e20323134323038.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.113.0/24
Signature Algorithm: sha256WithRSAEncryption
65:3a:63:be:f9:97:e3:71:c5:06:b3:9d:42:e3:15:30:fe:cc:
be:83:d3:42:1f:d7:77:4b:aa:1d:7e:27:84:d4:fc:16:ba:fd:
de:26:dd:e4:54:cd:57:de:f3:ca:41:39:77:c0:5b:2e:0d:3b:
61:fa:fc:14:68:b2:99:e7:dc:c1:78:d6:5b:a2:c8:4c:fe:5d:
62:d6:21:03:e5:87:f0:5c:32:2f:12:86:3b:fc:88:b4:20:e4:
fa:a7:c9:e1:32:e1:12:55:37:1a:9d:88:32:16:a3:5e:94:47:
af:2c:50:05:39:62:2f:2d:b2:49:96:c0:56:68:b5:f8:27:16:
29:ec:ac:3e:3a:cc:b2:1e:7a:df:6f:17:bd:a8:05:6d:83:f9:
f3:98:ae:58:f1:50:42:08:57:45:cb:72:ba:b1:f5:4b:db:ca:
61:13:b9:b0:9a:32:37:0d:b7:10:3d:6a:0b:e4:30:0f:f0:7f:
d1:20:a8:88:51:4a:da:1e:ea:4f:69:10:7d:95:59:04:0d:35:
88:c0:a0:45:23:f4:cd:d1:bb:2d:79:a2:db:03:25:5e:43:3b:
2d:a5:a5:46:25:ed:d0:49:74:8b:73:78:4a:86:43:5d:df:2d:
0e:70:b9:64:b6:56:51:1e:e4:4e:d4:e3:c2:c5:8c:77:26:49:
79:71:63:f9
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgITcVIfNhfeveml23+W/5tt8pvesjANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEygxNDk4MTQxODE5MTEyYjg0NDZjMmQ0YTMxMTFmNTMwMzhm
MDVkYmU5MB4XDTI1MDYyNzExMzY1M1oXDTI2MDYyNjExNDE1M1owMzExMC8GA1UE
AxMoRjc5NjIyOUQ1NUE3OURGRTgxQjE5Q0EyQjgxMEMzNTY5M0YyRkMxMzCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALmop296wbpdscKflXkn8xZEZY5t
WNvxWYZAW3dQUswBW6S6axFJ/jbr9+WySIt5Et9W6Vy3zZKW+ZuPuvMUO23r2VdH
ly3Nh5rT2HH+/ys4/4KI0+aGkpxHTZJdofdzgRsLjuo75u4o378aRFypz3in/d1c
3zM3a243TfULnZ4qO3FWneWK8fRz/rj/CVZtBkH3FC9gA2b9pVLq1bcHZ4n1Twtt
3Yhn14NWxBmyLnW9o6oIy9Tttv9QAEkzC2age4hsFvBogcc1wFUhShc8BO1tKsn7
aqg6THUTQ62NXfrQR2ed8Sic14vwiXQQC6QO86LlOi+vyuJZJc9RhY0J898CAwEA
AaOCAj8wggI7MB0GA1UdDgQWBBT3liKdVaed/oGxnKK4EMNWk/L8EzAfBgNVHSME
GDAWgBQUmBQYGRErhEbC1KMRH1MDjwXb6TAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u
ZXQvcmVwb3NpdG9yeS8yOTA2NmY1ZC1lY2MxLTQ5MjctOTVjMS1lMWE4ZGY4Zjk4
OTcvMC8xNDk4MTQxODE5MTEyQjg0NDZDMkQ0QTMxMTFGNTMwMzhGMDVEQkU5LmNy
bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvRkpnVUdCa1JLNFJHd3RTakVSOVRBNDhG
Mi1rLmNlcjCBrwYIKwYBBQUHAQsEgaIwgZ8wgZwGCCsGAQUFBzALhoGPcnN5bmM6
Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yOTA2NmY1ZC1l
Y2MxLTQ5MjctOTVjMS1lMWE4ZGY4Zjk4OTcvMC8zMTM4MzUyZTM5MzEyZTMxMzEz
MzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDMyMzAzOC5yb2EwGAYDVR0g
AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
ALlbcTANBgkqhkiG9w0BAQsFAAOCAQEAZTpjvvmX43HFBrOdQuMVMP7MvoPTQh/X
d0uqHX4nhNT8Frr93ibd5FTNV97zykE5d8BbLg07Yfr8FGiymefcwXjWW6LITP5d
YtYhA+WH8FwyLxKGO/yItCDk+qfJ4TLhElU3Gp2IMhajXpRHryxQBTliLy2ySZbA
Vmi1+CcWKeysPjrMsh56328XvagFbYP585iuWPFQQghXRctyurH1S9vKYRO5sJoy
Nw23ED1qC+QwD/B/0SCoiFFK2h7qT2kQfZVZBA01iMCgRSP0zdG7LXmi2wMlXkM7
LaWlRiXt0El0i3N4SoZDXd8tDnC5ZLZWUR7kTtTjwsWMdyZJeXFj+Q==
-----END CERTIFICATE-----
Generated at Mon Jun 30 18:16:31 2025 by rpki-client