Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3133392e32352e302f32342d3234203d3e20323030303838.roa
File: 3138352e3133392e32352e302f32342d3234203d3e20323030303838.roa (raw, json)
Hash identifier: hdxD/qKukjXx9A0e82bRQHz2ki+iuVlFqyfVKrJPyK0=
Subject key identifier: 11:9B:9B:F0:42:C8:D3:1C:64:EF:86:33:8F:AE:C8:A1:E6:BA:5E:25
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 73F68D33789226CC5F1BFB0FCEE6A16534540AE5
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3133392e32352e302f32342d3234203d3e20323030303838.roa
Signing time: Mon 15 Sep 2025 07:55:07 +0000
ROA not before: Mon 15 Sep 2025 07:50:07 +0000
ROA not after: Mon 14 Sep 2026 07:55:07 +0000
asID: 200088
IP address blocks: 185.139.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:f6:8d:33:78:92:26:cc:5f:1b:fb:0f:ce:e6:a1:65:34:54:0a:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 15 07:50:07 2025 GMT
Not After : Sep 14 07:55:07 2026 GMT
Subject: CN=119B9BF042C8D31C64EF86338FAEC8A1E6BA5E25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:55:f2:e9:4d:ff:fe:00:8f:0c:57:8f:ba:a6:
17:d0:0a:a5:ef:95:24:5b:e1:94:a0:b3:23:f5:7b:
db:8d:6e:21:ee:0d:79:c1:e0:28:5b:76:4f:67:64:
de:65:81:9a:2b:05:2f:29:8d:df:88:53:be:72:a3:
96:30:76:ab:62:5b:4e:fb:b8:b3:e2:6b:d5:78:63:
f1:a9:da:23:e4:e8:70:a6:dd:60:73:77:95:73:f1:
33:70:a2:b5:4b:20:ff:b8:07:7d:a0:cf:0e:27:24:
22:43:97:c6:e1:7c:40:07:cc:f1:97:51:2f:51:88:
59:41:a7:07:7e:da:ed:b3:12:5a:84:c1:3b:5f:9d:
02:2e:82:01:dd:9f:7f:13:e7:d6:b2:00:47:f8:34:
50:01:d2:2e:9e:ae:79:0c:9b:08:28:1e:60:34:2c:
81:0c:a9:05:db:82:39:af:fe:74:23:f1:51:93:93:
d1:d2:c3:2f:81:61:43:09:99:59:fd:a7:b8:47:0e:
6c:bd:b2:3b:f7:da:e2:6e:46:c8:05:9c:9b:cb:be:
52:02:8b:a5:0a:21:94:bb:b1:e1:cf:75:e1:84:c5:
73:00:25:e4:ce:06:aa:91:30:92:bf:c2:42:4d:0a:
18:f0:c5:6a:37:ad:34:5b:b3:19:47:6f:40:22:96:
d7:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:9B:9B:F0:42:C8:D3:1C:64:EF:86:33:8F:AE:C8:A1:E6:BA:5E:25
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3133392e32352e302f32342d3234203d3e20323030303838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.25.0/24
Signature Algorithm: sha256WithRSAEncryption
16:7e:68:12:89:7d:17:d9:e5:af:50:f4:f5:d9:c6:34:b8:83:
4d:76:c3:87:a8:47:44:76:21:ab:ac:45:7d:ac:8b:5d:0b:d0:
cf:17:7d:f7:27:8b:ce:6d:61:73:2f:fe:38:57:c5:b3:4e:9e:
47:76:c1:97:d4:8c:18:3c:0d:91:10:f9:79:09:5a:c5:c4:8b:
ac:33:24:2c:cf:83:a1:af:37:74:0f:d4:e4:11:d8:94:3d:52:
ef:49:f6:a4:06:ae:42:d9:9a:da:dd:91:e8:38:94:cd:ef:f9:
d7:24:5a:9f:77:1f:fb:15:67:10:d4:52:53:a9:8c:60:32:49:
51:53:3c:be:44:ec:03:b6:22:17:ff:5b:ce:bf:64:4e:4f:68:
00:b8:13:1e:c2:d6:2d:bb:e6:c4:e6:0b:42:2a:4a:b1:6d:72:
d3:72:2f:27:68:22:ac:f3:65:b5:2f:57:5e:be:0c:f7:88:e9:
3f:f7:1d:20:d4:7c:cc:7d:b9:71:e8:1a:cb:7c:c0:b9:91:be:
ca:63:c2:db:c5:72:13:6d:18:07:d7:e6:61:53:41:0f:c8:16:
1c:77:1e:4a:0a:12:e0:5f:45:d3:65:14:82:20:cf:37:a1:a1:
0d:29:b3:10:37:17:e1:f9:2c:56:cd:67:c9:00:f8:98:d9:28:
41:60:f2:0b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUc/aNM3iSJsxfG/sPzuahZTRUCuUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA5MTUwNzUwMDdaFw0yNjA5MTQwNzU1MDdaMDMxMTAvBgNV
BAMTKDExOUI5QkYwNDJDOEQzMUM2NEVGODYzMzhGQUVDOEExRTZCQTVFMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfVfLpTf/+AI8MV4+6phfQCqXv
lSRb4ZSgsyP1e9uNbiHuDXnB4Chbdk9nZN5lgZorBS8pjd+IU75yo5YwdqtiW077
uLPia9V4Y/Gp2iPk6HCm3WBzd5Vz8TNworVLIP+4B32gzw4nJCJDl8bhfEAHzPGX
US9RiFlBpwd+2u2zElqEwTtfnQIuggHdn38T59ayAEf4NFAB0i6ernkMmwgoHmA0
LIEMqQXbgjmv/nQj8VGTk9HSwy+BYUMJmVn9p7hHDmy9sjv32uJuRsgFnJvLvlIC
i6UKIZS7seHPdeGExXMAJeTOBqqRMJK/wkJNChjwxWo3rTRbsxlHb0AiltchAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUEZub8ELI0xxk74Yzj67Ioea6XiUwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzMTMzMzkyZTMy
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzAzMDM4Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5ixkwDQYJKoZIhvcNAQELBQADggEBABZ+aBKJfRfZ5a9Q9PXZxjS4g012w4eo
R0R2IausRX2si10L0M8Xffcni85tYXMv/jhXxbNOnkd2wZfUjBg8DZEQ+XkJWsXE
i6wzJCzPg6GvN3QP1OQR2JQ9Uu9J9qQGrkLZmtrdkeg4lM3v+dckWp93H/sVZxDU
UlOpjGAySVFTPL5E7AO2Ihf/W86/ZE5PaAC4Ex7C1i275sTmC0IqSrFtctNyLydo
IqzzZbUvV16+DPeI6T/3HSDUfMx9uXHoGst8wLmRvspjwtvFchNtGAfX5mFTQQ/I
Fhx3HkoKEuBfRdNlFIIgzzehoQ0psxA3F+H5LFbNZ8kA+JjZKEFg8gs=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:41:06 2025 by rpki-client