Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/3138352e3133342e3139312e302f32342d3234203d3e20323037343837.roa
File: 3138352e3133342e3139312e302f32342d3234203d3e20323037343837.roa (raw, json)
Hash identifier: wMCy3m1h75GfC2ATV5bYCJD7S6jjiI8Si5ikYie+OUI=
Subject key identifier: AF:AB:05:0E:95:12:FF:F9:1C:7F:25:9F:64:55:50:77:4E:50:0E:53
Certificate issuer: /CN=25827d84056b8444cc2a7842759035354b8416bc
Certificate serial: 270ECF2490543B55C8A96F9CEAF272DA2E8436E2
Authority key identifier: 25:82:7D:84:05:6B:84:44:CC:2A:78:42:75:90:35:35:4B:84:16:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/3138352e3133342e3139312e302f32342d3234203d3e20323037343837.roa
Signing time: Tue 12 Aug 2025 07:38:41 +0000
ROA not before: Tue 12 Aug 2025 07:33:41 +0000
ROA not after: Tue 11 Aug 2026 07:38:41 +0000
asID: 207487
IP address blocks: 185.134.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.crl
rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.mft
rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 02:23:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:0e:cf:24:90:54:3b:55:c8:a9:6f:9c:ea:f2:72:da:2e:84:36:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25827d84056b8444cc2a7842759035354b8416bc
Validity
Not Before: Aug 12 07:33:41 2025 GMT
Not After : Aug 11 07:38:41 2026 GMT
Subject: CN=AFAB050E9512FFF91C7F259F645550774E500E53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b8:52:13:a5:a3:5a:a3:47:e8:68:09:c1:17:
6b:26:9f:2b:ab:bb:3d:a6:79:70:da:61:3f:72:2a:
a3:d3:67:ab:08:47:92:4d:cc:8b:69:78:df:ad:95:
f5:9a:5a:66:37:d7:bc:d7:b6:da:80:08:39:98:7e:
fc:e0:39:73:33:7d:6a:73:d9:52:2d:8d:0c:ae:29:
ac:7f:9f:b0:ed:e0:7a:ab:75:a0:cd:f4:dd:88:34:
1d:aa:9c:15:c8:9a:2a:6e:83:be:84:c2:95:eb:dd:
22:2f:53:7f:3f:ef:8c:c7:6f:a4:7a:aa:96:ce:11:
d3:4a:e9:19:e8:91:e1:c1:12:d4:08:79:b6:ff:fd:
22:fb:23:35:c4:da:a2:9b:5f:a0:0e:d9:55:86:ba:
9a:cc:7d:96:fd:25:56:22:11:67:67:c5:ef:9c:84:
01:22:e5:fc:b7:b9:0d:bd:26:33:ad:57:ee:36:c2:
72:0b:0c:f0:9f:e7:4e:65:ee:9a:1b:c0:77:49:da:
d2:59:18:db:dc:51:64:f8:b3:db:5f:ae:e5:16:81:
92:9a:7b:68:f5:17:f7:87:86:46:58:b9:1d:6d:a2:
fb:8f:21:65:3d:42:98:5b:dc:af:81:cf:04:b4:d3:
36:f2:71:0e:0a:4e:b6:ed:0c:16:72:17:3d:ca:5f:
89:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:AB:05:0E:95:12:FF:F9:1C:7F:25:9F:64:55:50:77:4E:50:0E:53
X509v3 Authority Key Identifier:
keyid:25:82:7D:84:05:6B:84:44:CC:2A:78:42:75:90:35:35:4B:84:16:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/25827D84056B8444CC2A7842759035354B8416BC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JYJ9hAVrhETMKnhCdZA1NUuEFrw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/69bbfdcf-35cd-4524-8ffa-3005b0b69a29/0/3138352e3133342e3139312e302f32342d3234203d3e20323037343837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.191.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:ec:9e:fc:45:27:b3:63:3f:f5:93:9e:90:17:56:92:43:9c:
ee:46:8c:1a:eb:7c:cb:aa:b4:5b:b4:69:6d:bc:83:a9:40:c5:
d1:92:e9:98:8c:e9:6e:75:64:02:d8:01:89:2d:95:55:2c:c1:
09:6b:36:23:14:1d:37:60:75:e7:f6:0a:69:f8:80:2e:2b:76:
55:a4:d4:ad:22:eb:13:d1:81:06:92:27:cb:1b:6b:14:8a:27:
74:9e:f1:2b:1a:d4:1a:1c:36:20:f0:05:2c:38:32:f1:83:8a:
bd:d0:ca:15:e2:15:f4:3e:d5:de:12:c2:f6:75:7f:c9:82:d9:
61:67:73:f1:d6:de:66:58:5a:a4:e1:52:ff:62:71:4c:7c:1b:
a2:a1:b0:14:82:1d:e7:da:f0:1e:0a:c3:40:cd:8c:03:33:de:
96:55:b2:6a:2d:0e:87:f7:6d:e9:70:68:1e:24:57:6b:9f:40:
f0:3a:d9:e0:d2:f0:3a:54:bd:be:2f:5d:0a:6a:10:f7:fc:eb:
b0:b3:68:a0:b9:c4:8c:1d:aa:ab:ee:86:63:67:a2:bf:f3:6a:
88:0d:2f:f8:e2:62:a0:94:5e:ce:5d:52:41:0a:a9:29:6d:6b:
90:e2:30:44:75:b3:f3:2f:9c:25:28:ed:af:8c:f4:b3:42:df:
e4:86:1b:20
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUJw7PJJBUO1XIqW+c6vJy2i6ENuIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjU4MjdkODQwNTZiODQ0NGNjMmE3ODQyNzU5MDM1MzU0
Yjg0MTZiYzAeFw0yNTA4MTIwNzMzNDFaFw0yNjA4MTEwNzM4NDFaMDMxMTAvBgNV
BAMTKEFGQUIwNTBFOTUxMkZGRjkxQzdGMjU5RjY0NTU1MDc3NEU1MDBFNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+uFITpaNao0foaAnBF2smnyur
uz2meXDaYT9yKqPTZ6sIR5JNzItpeN+tlfWaWmY317zXttqACDmYfvzgOXMzfWpz
2VItjQyuKax/n7Dt4HqrdaDN9N2INB2qnBXImipug76EwpXr3SIvU38/74zHb6R6
qpbOEdNK6RnokeHBEtQIebb//SL7IzXE2qKbX6AO2VWGuprMfZb9JVYiEWdnxe+c
hAEi5fy3uQ29JjOtV+42wnILDPCf505l7pobwHdJ2tJZGNvcUWT4s9tfruUWgZKa
e2j1F/eHhkZYuR1tovuPIWU9Qphb3K+BzwS00zbycQ4KTrbtDBZyFz3KX4mlAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUr6sFDpUS//kcfyWfZFVQd05QDlMwHwYDVR0j
BBgwFoAUJYJ9hAVrhETMKnhCdZA1NUuEFrwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNjliYmZkY2YtMzVjZC00NTI0LThmZmEtMzAwNWIwYjY5
YTI5LzAvMjU4MjdEODQwNTZCODQ0NENDMkE3ODQyNzU5MDM1MzU0Qjg0MTZCQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0pZSjloQVZyaEVUTUtuaENkWkExTlV1
RUZydy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNjliYmZkY2Yt
MzVjZC00NTI0LThmZmEtMzAwNWIwYjY5YTI5LzAvMzEzODM1MmUzMTMzMzQyZTMx
MzkzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNzM0MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALmGvzANBgkqhkiG9w0BAQsFAAOCAQEAwOye/EUns2M/9ZOekBdWkkOc7kaM
Gut8y6q0W7RpbbyDqUDF0ZLpmIzpbnVkAtgBiS2VVSzBCWs2IxQdN2B15/YKafiA
Lit2VaTUrSLrE9GBBpInyxtrFIondJ7xKxrUGhw2IPAFLDgy8YOKvdDKFeIV9D7V
3hLC9nV/yYLZYWdz8dbeZlhapOFS/2JxTHwboqGwFIId59rwHgrDQM2MAzPellWy
ai0Oh/dt6XBoHiRXa59A8DrZ4NLwOlS9vi9dCmoQ9/zrsLNooLnEjB2qq+6GY2ei
v/NqiA0v+OJioJRezl1SQQqpKW1rkOIwRHWz8y+cJSjtr4z0s0Lf5IYbIA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:52:24 2025 by rpki-client