Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/3138352e3131352e3230372e302f32342d3234203d3e20323132333336.roa
File: 3138352e3131352e3230372e302f32342d3234203d3e20323132333336.roa (raw, json)
Hash identifier: yFl38PxDDUPllDewnZ7MEFH9Z5qJaOTL0zY/pvxRoUY=
Subject key identifier: F0:DC:58:D4:0D:28:C8:3D:F9:B4:8D:9C:08:96:DC:D5:4E:49:EB:69
Certificate issuer: /CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Certificate serial: 08CA205DF62E4E07CA937D4AB374BDDE44B3B774
Authority key identifier: 92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/3138352e3131352e3230372e302f32342d3234203d3e20323132333336.roa
Signing time: Thu 21 Aug 2025 08:17:49 +0000
ROA not before: Thu 21 Aug 2025 08:12:49 +0000
ROA not after: Thu 20 Aug 2026 08:17:49 +0000
asID: 212336
IP address blocks: 185.115.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:ca:20:5d:f6:2e:4e:07:ca:93:7d:4a:b3:74:bd:de:44:b3:b7:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f49de8684f1287f4f6cb185d5cf7de80c90b94
Validity
Not Before: Aug 21 08:12:49 2025 GMT
Not After : Aug 20 08:17:49 2026 GMT
Subject: CN=F0DC58D40D28C83DF9B48D9C0896DCD54E49EB69
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:47:35:c0:cc:e6:46:48:5e:82:ca:b0:c7:25:
07:e3:9c:1e:9d:01:3b:20:e0:e5:a2:f9:2c:91:43:
13:0e:d0:14:39:1c:59:d9:0b:8d:83:54:16:16:8c:
04:b7:c7:7d:3b:99:0f:be:64:93:02:f5:30:0f:84:
6b:1e:d9:bc:ee:0d:e3:ea:54:6b:7b:65:a4:06:09:
47:cd:02:16:6f:67:ed:03:fa:ed:a4:53:6f:08:e0:
89:14:48:ac:0f:bc:43:79:ee:3c:88:15:9f:f6:7c:
47:62:67:3e:e3:e0:f8:14:7a:f4:82:17:54:7f:eb:
d0:31:34:81:7d:3f:4a:8f:72:f2:0d:82:0e:b7:0f:
84:b3:8b:99:55:4d:1e:66:4b:58:0c:3c:6d:06:35:
71:ff:4f:f8:13:12:d1:bc:de:ec:7e:61:4d:e8:4a:
8f:67:d1:f3:fc:68:50:eb:cd:e9:5c:f9:a8:91:95:
12:b7:1e:42:9a:4a:1f:c7:63:74:e8:86:da:e2:5d:
81:fd:eb:31:23:c8:87:a7:c3:4e:05:3c:01:8e:01:
8f:cf:e8:ca:c5:3b:45:c9:a7:18:f9:53:45:f9:2b:
28:6d:7c:72:12:4e:85:15:67:01:73:9c:8c:ed:d4:
02:0f:bc:91:57:4b:b0:f9:9d:b3:24:fb:b1:0c:e0:
26:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:DC:58:D4:0D:28:C8:3D:F9:B4:8D:9C:08:96:DC:D5:4E:49:EB:69
X509v3 Authority Key Identifier:
keyid:92:F4:9D:E8:68:4F:12:87:F4:F6:CB:18:5D:5C:F7:DE:80:C9:0B:94
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/92F49DE8684F1287F4F6CB185D5CF7DE80C90B94.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSd6GhPEof09ssYXVz33oDJC5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/60923389-2bde-43e0-b0d5-fc244a6303d0/0/3138352e3131352e3230372e302f32342d3234203d3e20323132333336.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.207.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:4b:1a:eb:4b:66:b5:a8:01:df:26:4b:57:3f:21:a6:a9:81:
ab:84:d2:19:ef:d1:63:21:7e:6f:ef:fa:cc:7c:11:a0:97:93:
dd:d1:65:36:5e:6c:9b:7d:28:28:42:8d:9c:34:5c:f5:ac:95:
3a:92:13:33:7e:d6:c4:e4:50:2d:8f:48:9b:cc:1f:33:d0:89:
70:22:12:52:a0:75:37:7d:b1:0d:7d:4f:47:f7:54:8c:74:d1:
fa:c2:de:53:09:0f:43:ab:1e:21:26:50:8e:79:e4:62:86:5b:
37:7f:9a:4c:6d:63:2b:ca:94:0b:07:d5:99:9f:b7:f1:75:94:
15:75:de:6e:28:d4:67:73:d5:aa:72:29:b7:13:3c:dd:04:39:
81:cb:f8:0e:c2:57:1b:47:02:d0:49:80:d6:8f:cc:4e:a0:8c:
59:99:c4:94:b8:0c:4f:a6:e1:e7:38:a6:50:87:92:a7:51:36:
39:82:23:b1:24:14:ef:e5:e0:cb:b7:c6:57:64:e8:a4:de:18:
42:aa:3d:78:dd:06:ba:f3:4d:c7:ea:5c:f3:86:30:ce:88:f8:
b7:72:d1:ac:4a:af:7b:e5:bf:9a:e8:68:56:e7:c8:bd:e5:82:
56:66:04:64:83:4a:66:5a:91:e6:83:f2:43:94:3f:f6:8a:7f:
9e:b3:b8:fc
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUCMogXfYuTgfKk31Ks3S93kSzt3QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTJmNDlkZTg2ODRmMTI4N2Y0ZjZjYjE4NWQ1Y2Y3ZGU4
MGM5MGI5NDAeFw0yNTA4MjEwODEyNDlaFw0yNjA4MjAwODE3NDlaMDMxMTAvBgNV
BAMTKEYwREM1OEQ0MEQyOEM4M0RGOUI0OEQ5QzA4OTZEQ0Q1NEU0OUVCNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnRzXAzOZGSF6CyrDHJQfjnB6d
ATsg4OWi+SyRQxMO0BQ5HFnZC42DVBYWjAS3x307mQ++ZJMC9TAPhGse2bzuDePq
VGt7ZaQGCUfNAhZvZ+0D+u2kU28I4IkUSKwPvEN57jyIFZ/2fEdiZz7j4PgUevSC
F1R/69AxNIF9P0qPcvINgg63D4Szi5lVTR5mS1gMPG0GNXH/T/gTEtG83ux+YU3o
So9n0fP8aFDrzelc+aiRlRK3HkKaSh/HY3TohtriXYH96zEjyIenw04FPAGOAY/P
6MrFO0XJpxj5U0X5KyhtfHISToUVZwFznIzt1AIPvJFXS7D5nbMk+7EM4CbZAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU8NxY1A0oyD35tI2cCJbc1U5J62kwHwYDVR0j
BBgwFoAUkvSd6GhPEof09ssYXVz33oDJC5QwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjA5MjMzODktMmJkZS00M2UwLWIwZDUtZmMyNDRhNjMw
M2QwLzAvOTJGNDlERTg2ODRGMTI4N0Y0RjZDQjE4NUQ1Q0Y3REU4MEM5MEI5NC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2t2U2Q2R2hQRW9mMDlzc1lYVnozM29E
SkM1US5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjA5MjMzODkt
MmJkZS00M2UwLWIwZDUtZmMyNDRhNjMwM2QwLzAvMzEzODM1MmUzMTMxMzUyZTMy
MzAzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjMzMzMzNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALlzzzANBgkqhkiG9w0BAQsFAAOCAQEAnEsa60tmtagB3yZLVz8hpqmBq4TS
Ge/RYyF+b+/6zHwRoJeT3dFlNl5sm30oKEKNnDRc9ayVOpITM37WxORQLY9Im8wf
M9CJcCISUqB1N32xDX1PR/dUjHTR+sLeUwkPQ6seISZQjnnkYoZbN3+aTG1jK8qU
CwfVmZ+38XWUFXXebijUZ3PVqnIptxM83QQ5gcv4DsJXG0cC0EmA1o/MTqCMWZnE
lLgMT6bh5zimUIeSp1E2OYIjsSQU7+Xgy7fGV2TopN4YQqo9eN0GuvNNx+pc84Yw
zoj4t3LRrEqve+W/muhoVufIveWCVmYEZINKZlqR5oPyQ5Q/9op/nrO4/A==
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:01:48 2025 by rpki-client