Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139352e302f32342d3234203d3e20323030303838.roa
File: 38352e3233372e3139352e302f32342d3234203d3e20323030303838.roa (raw, json)
Hash identifier: 29ehrvyKjW68NzzNMW6mDVgci9SUDafiZi3d4EB3GzI=
Subject key identifier: 20:FA:36:05:5E:CC:1E:AE:63:69:9E:53:D9:B3:87:07:9A:52:98:B7
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 2B891C452D84974D3C14B7C8484DF7866FB40D51
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139352e302f32342d3234203d3e20323030303838.roa
Signing time: Wed 10 Sep 2025 09:55:01 +0000
ROA not before: Wed 10 Sep 2025 09:50:01 +0000
ROA not after: Wed 09 Sep 2026 09:55:01 +0000
asID: 200088
IP address blocks: 85.237.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:89:1c:45:2d:84:97:4d:3c:14:b7:c8:48:4d:f7:86:6f:b4:0d:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 10 09:50:01 2025 GMT
Not After : Sep 9 09:55:01 2026 GMT
Subject: CN=20FA36055ECC1EAE63699E53D9B387079A5298B7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a3:4b:aa:29:a2:2d:97:e5:52:ef:a9:69:8f:
b1:15:f3:33:fc:44:9d:99:aa:21:a9:dc:ba:d6:e7:
22:e3:71:49:9f:72:a3:f0:29:f5:9a:22:6e:b6:9f:
c0:9b:01:00:35:1f:b3:8c:7a:b1:3a:a5:1b:32:45:
a5:9c:89:65:49:53:da:15:8e:9d:69:0b:ea:73:8e:
a9:20:7a:ad:eb:0c:72:4d:f5:7c:77:28:57:8b:dd:
55:22:e7:37:a6:68:7d:28:38:5f:d9:69:14:f6:c5:
1a:e5:4f:98:f9:7d:a6:d2:b1:ab:3c:5d:da:2e:59:
0a:ff:db:38:1c:b3:12:76:00:cb:cb:f5:17:dc:f3:
ed:fb:53:a2:8a:3c:47:77:ef:28:5d:ac:77:50:6c:
de:0e:22:ab:37:9f:ce:0e:6d:49:54:60:de:94:a0:
1e:e4:eb:94:27:f3:08:e1:f9:cb:36:9e:14:d7:06:
7a:b2:d9:8f:80:65:ff:f4:7d:ea:85:c0:89:dd:38:
9c:08:33:dc:3f:1b:5b:b2:3b:02:a0:d2:0e:7c:de:
a9:89:a0:26:b6:e3:d0:4f:43:8b:94:56:e6:ea:fd:
2c:dc:95:6a:3a:8f:a2:1a:93:cc:2b:71:b1:d1:1a:
19:ba:7d:e7:e7:c8:19:eb:fc:49:17:55:11:1e:89:
9a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:FA:36:05:5E:CC:1E:AE:63:69:9E:53:D9:B3:87:07:9A:52:98:B7
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139352e302f32342d3234203d3e20323030303838.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.195.0/24
Signature Algorithm: sha256WithRSAEncryption
02:8a:df:3a:e8:3f:cf:99:04:8d:3b:b6:2c:cb:b9:ee:5a:26:
72:ff:bf:61:a3:95:13:10:a1:fc:50:65:ab:a0:3e:8b:25:d0:
0a:f1:7f:08:ee:cb:6c:04:6d:9b:d2:49:82:5c:b3:28:a6:1a:
32:51:2b:31:73:0f:57:36:64:31:0a:2d:28:2a:69:68:bc:7a:
fa:b8:ac:c6:eb:f1:48:f1:c6:b9:8b:6d:71:e4:20:4a:0e:fa:
ec:ac:96:96:9e:0c:0f:a9:5b:83:5d:b9:e2:c3:e1:bf:3b:42:
78:e3:d9:82:2f:54:3a:30:c3:0a:b0:5d:9f:5c:4e:cb:a5:7d:
f3:83:1e:28:5b:4a:ae:2b:e4:7c:70:26:a7:4a:1e:b9:8f:fa:
69:b2:cd:1b:d3:3d:79:b1:07:1f:18:7c:c4:a5:3a:cb:07:ee:
89:70:ae:26:0c:94:31:c8:ab:94:e7:56:1b:3b:32:84:7c:c2:
8a:aa:70:cb:fb:0d:d3:5e:11:50:82:b5:92:3f:24:59:ee:01:
47:2c:92:e7:01:c0:df:14:80:57:f1:94:2a:bd:be:bc:b1:19:
91:a9:ea:74:5e:42:1c:81:ab:64:41:a7:93:b5:c2:e2:82:63:
db:9a:26:af:3f:c4:a4:04:85:cf:6e:b2:24:30:98:36:6a:a3:
25:94:94:52
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUK4kcRS2El008FLfISE33hm+0DVEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA5MTAwOTUwMDFaFw0yNjA5MDkwOTU1MDFaMDMxMTAvBgNV
BAMTKDIwRkEzNjA1NUVDQzFFQUU2MzY5OUU1M0Q5QjM4NzA3OUE1Mjk4QjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzo0uqKaItl+VS76lpj7EV8zP8
RJ2ZqiGp3LrW5yLjcUmfcqPwKfWaIm62n8CbAQA1H7OMerE6pRsyRaWciWVJU9oV
jp1pC+pzjqkgeq3rDHJN9Xx3KFeL3VUi5zemaH0oOF/ZaRT2xRrlT5j5fabSsas8
XdouWQr/2zgcsxJ2AMvL9Rfc8+37U6KKPEd37yhdrHdQbN4OIqs3n84ObUlUYN6U
oB7k65Qn8wjh+cs2nhTXBnqy2Y+AZf/0feqFwIndOJwIM9w/G1uyOwKg0g583qmJ
oCa249BPQ4uUVubq/SzclWo6j6Iak8wrcbHRGhm6fefnyBnr/EkXVREeiZp/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUIPo2BV7MHq5jaZ5T2bOHB5pSmLcwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzAzMDM4Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7cMwDQYJKoZIhvcNAQELBQADggEBAAKK3zroP8+ZBI07tizLue5aJnL/v2Gj
lRMQofxQZaugPosl0Arxfwjuy2wEbZvSSYJcsyimGjJRKzFzD1c2ZDEKLSgqaWi8
evq4rMbr8UjxxrmLbXHkIEoO+uyslpaeDA+pW4NdueLD4b87Qnjj2YIvVDowwwqw
XZ9cTsulffODHihbSq4r5HxwJqdKHrmP+mmyzRvTPXmxBx8YfMSlOssH7olwriYM
lDHIq5TnVhs7MoR8woqqcMv7DdNeEVCCtZI/JFnuAUcskucBwN8UgFfxlCq9vryx
GZGp6nReQhyBq2RBp5O1wuKCY9uaJq8/xKQEhc9usiQwmDZqoyWUlFI=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:43:55 2025 by rpki-client