Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e38392e37372e302f32342d3234203d3e20323131333733.roa
File: 3138352e38392e37372e302f32342d3234203d3e20323131333733.roa (raw, json)
Hash identifier: kewl9QmNCDYUvXSAuqznUJ30hNGqkWvR4iy0vnHReRo=
Subject key identifier: E8:62:DC:0F:7D:27:8E:4C:E1:14:0B:40:1C:8E:7C:9B:4F:B4:01:0A
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 270706B9467D37A03FA0E60D1782566B809F8B6C
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e38392e37372e302f32342d3234203d3e20323131333733.roa
Signing time: Wed 10 Sep 2025 09:55:01 +0000
ROA not before: Wed 10 Sep 2025 09:50:01 +0000
ROA not after: Wed 09 Sep 2026 09:55:01 +0000
asID: 211373
IP address blocks: 185.89.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:07:06:b9:46:7d:37:a0:3f:a0:e6:0d:17:82:56:6b:80:9f:8b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 10 09:50:01 2025 GMT
Not After : Sep 9 09:55:01 2026 GMT
Subject: CN=E862DC0F7D278E4CE1140B401C8E7C9B4FB4010A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:71:1d:02:d3:a5:5b:b4:22:12:5d:1a:06:42:
77:ef:18:20:66:a0:45:41:74:06:96:7f:dd:4e:8a:
bb:02:48:d4:3a:31:e4:6e:a1:e1:b9:1a:b8:d2:7d:
2f:aa:be:d6:1e:64:5e:62:ff:90:09:5f:a5:32:d2:
6f:17:ae:83:16:2e:cc:9b:80:ea:af:57:18:0c:e0:
8b:36:35:05:45:72:2d:1c:f1:fa:cb:af:39:70:9c:
e6:e5:5c:c1:2a:40:f9:08:65:e8:bf:28:b8:14:2b:
26:9b:3e:50:a3:79:68:71:69:4a:dc:d8:7e:54:92:
0f:a4:f9:2f:38:8b:c1:94:46:4c:15:9e:01:7c:1c:
68:17:20:9e:9d:01:bf:ba:12:82:bb:5f:2b:9e:e5:
72:f5:39:00:0d:0d:8c:ea:e3:1a:2c:dd:d4:f8:00:
33:e0:42:90:be:02:d5:3e:52:0f:c0:27:5f:a1:7c:
f4:55:20:b3:60:9b:7c:01:7a:63:1c:54:8e:2b:f7:
73:1f:9a:03:ec:2c:9f:fa:02:26:1e:71:1a:10:ff:
00:94:f6:cc:4e:8c:ce:09:8d:38:99:cf:93:c5:00:
1b:3f:83:ee:9f:fd:26:02:e1:19:6f:30:c4:41:b9:
50:b5:6f:ea:a8:f9:89:6b:59:5f:dc:87:5b:4f:92:
22:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:62:DC:0F:7D:27:8E:4C:E1:14:0B:40:1C:8E:7C:9B:4F:B4:01:0A
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e38392e37372e302f32342d3234203d3e20323131333733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.77.0/24
Signature Algorithm: sha256WithRSAEncryption
50:04:ed:ff:4f:e2:69:fa:40:cc:d8:79:57:5c:c2:d0:65:7d:
21:27:e2:0c:99:78:38:a3:90:17:c4:2b:fe:99:fc:73:a2:24:
86:de:7a:d8:36:41:a7:b6:d6:c0:66:71:4f:57:57:99:99:c7:
53:2b:3d:55:3f:1d:78:f3:5d:b6:09:1e:07:10:95:22:b4:83:
1c:f3:43:3a:de:07:c4:2b:e7:1b:8c:f3:91:a0:46:a8:25:ac:
94:99:29:46:1e:a5:5c:27:19:c8:d5:72:e0:a6:0e:16:0c:30:
f7:7a:8c:b8:88:c4:35:bf:b2:3e:46:84:c2:52:d1:9b:7c:1d:
f2:a9:54:01:3a:a8:0a:97:28:8b:97:39:c0:ef:22:b1:f3:3a:
75:f2:d6:94:1b:72:02:b8:7e:94:a1:ba:72:72:ab:2f:ed:79:
f6:3e:70:a7:7a:92:4e:69:74:6c:a7:aa:27:85:aa:e5:2e:45:
47:a0:39:80:b2:e6:ab:c0:37:71:5a:0d:b1:5d:67:b9:79:07:
56:a8:7c:d1:d8:56:10:6a:f0:d9:0b:dc:fe:85:5a:ba:1e:64:
00:e5:44:43:8b:1c:47:8e:46:9f:89:cd:8f:85:84:8e:a4:9a:
b8:09:eb:2e:31:61:98:41:3d:26:17:c8:c7:54:6b:7a:4b:d4:
1a:09:ae:9b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJwcGuUZ9N6A/oOYNF4JWa4Cfi2wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA5MTAwOTUwMDFaFw0yNjA5MDkwOTU1MDFaMDMxMTAvBgNV
BAMTKEU4NjJEQzBGN0QyNzhFNENFMTE0MEI0MDFDOEU3QzlCNEZCNDAxMEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkcR0C06VbtCISXRoGQnfvGCBm
oEVBdAaWf91OirsCSNQ6MeRuoeG5GrjSfS+qvtYeZF5i/5AJX6Uy0m8XroMWLsyb
gOqvVxgM4Is2NQVFci0c8frLrzlwnOblXMEqQPkIZei/KLgUKyabPlCjeWhxaUrc
2H5Ukg+k+S84i8GURkwVngF8HGgXIJ6dAb+6EoK7Xyue5XL1OQANDYzq4xos3dT4
ADPgQpC+AtU+Ug/AJ1+hfPRVILNgm3wBemMcVI4r93MfmgPsLJ/6AiYecRoQ/wCU
9sxOjM4JjTiZz5PFABs/g+6f/SYC4RlvMMRBuVC1b+qo+YlrWV/ch1tPkiILAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU6GLcD30njkzhFAtAHI58m0+0AQowHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzODM5MmUzNzM3
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMxMzMzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uVlNMA0GCSqGSIb3DQEBCwUAA4IBAQBQBO3/T+Jp+kDM2HlXXMLQZX0hJ+IMmXg4
o5AXxCv+mfxzoiSG3nrYNkGnttbAZnFPV1eZmcdTKz1VPx148122CR4HEJUitIMc
80M63gfEK+cbjPORoEaoJayUmSlGHqVcJxnI1XLgpg4WDDD3eoy4iMQ1v7I+RoTC
UtGbfB3yqVQBOqgKlyiLlznA7yKx8zp18taUG3ICuH6Uobpycqsv7Xn2PnCnepJO
aXRsp6onharlLkVHoDmAsuarwDdxWg2xXWe5eQdWqHzR2FYQavDZC9z+hVq6HmQA
5URDixxHjkafic2PhYSOpJq4CesuMWGYQT0mF8jHVGt6S9QaCa6b
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:19:10 2025 by rpki-client