Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230322e302f32342d3234203d3e203534323532.roa
File: 38352e3233372e3230322e302f32342d3234203d3e203534323532.roa (raw, json)
Hash identifier: H12uOj7aoAPkj6IU/J0nAb2qpc/ESgVvsg4IotInXfM=
Subject key identifier: 62:B0:40:C1:C2:1A:1B:3C:9E:C5:03:66:9B:52:B7:1A:77:26:C3:DF
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 6C8368CDE3954EDDF11EBDF34BDEFADD04F8A30A
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230322e302f32342d3234203d3e203534323532.roa
Signing time: Fri 10 Oct 2025 12:26:08 +0000
ROA not before: Fri 10 Oct 2025 12:21:08 +0000
ROA not after: Fri 09 Oct 2026 12:26:08 +0000
asID: 54252
IP address blocks: 85.237.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 16:03:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:83:68:cd:e3:95:4e:dd:f1:1e:bd:f3:4b:de:fa:dd:04:f8:a3:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 10 12:21:08 2025 GMT
Not After : Oct 9 12:26:08 2026 GMT
Subject: CN=62B040C1C21A1B3C9EC503669B52B71A7726C3DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6d:05:31:a4:aa:b8:bb:d4:b6:fb:79:26:5a:
03:76:da:31:3d:8b:41:a8:ff:f9:a3:6e:a0:a0:a0:
1c:4c:60:64:bc:26:ba:97:22:b6:f1:5e:bb:91:81:
ba:bb:06:dd:47:aa:1f:cd:1c:fc:12:d8:2f:67:c1:
88:48:fe:09:d5:11:69:ce:1e:7b:9d:76:02:4b:a5:
20:33:47:0d:89:4d:7d:16:66:78:a7:f1:81:ce:be:
12:6c:f4:ca:81:24:d8:71:1f:85:0d:27:5c:f8:19:
9e:cd:1a:0b:d3:af:2d:72:98:5f:b6:f8:01:5f:b6:
91:c2:7b:50:41:2e:91:09:98:8f:73:7c:51:8e:f0:
4c:bd:65:d4:ea:8a:36:da:7e:10:4e:48:0a:bc:57:
60:fd:3f:1d:d3:d3:c9:d0:1a:8e:d1:cc:58:ab:47:
0e:9a:06:5e:17:f6:4e:aa:8f:71:44:b6:c5:7a:a2:
3d:7b:fc:50:31:58:ea:38:ed:f5:fa:76:d7:5c:1b:
4e:a5:c5:d4:65:43:fa:00:8a:97:d1:f8:f4:5b:98:
94:eb:ed:90:71:72:eb:18:c0:cd:98:ca:ae:d7:eb:
fc:b1:92:db:69:e4:5b:8d:cf:01:6d:69:84:f3:ca:
ba:5b:6c:37:51:1d:1f:05:b6:d8:50:87:7d:16:99:
53:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B0:40:C1:C2:1A:1B:3C:9E:C5:03:66:9B:52:B7:1A:77:26:C3:DF
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230322e302f32342d3234203d3e203534323532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.202.0/24
Signature Algorithm: sha256WithRSAEncryption
56:16:16:5d:3e:f2:ec:85:b0:ac:bc:a6:66:3d:e1:f1:9b:eb:
ff:b8:98:54:0c:cc:dc:b1:82:94:12:44:93:a5:a0:34:12:17:
e3:b0:45:ad:bc:85:4c:11:32:9c:39:91:08:2a:9a:c0:99:73:
6e:9a:71:9e:19:2d:43:0b:68:0b:fe:3d:d2:f1:67:6f:f7:06:
cb:c1:6c:05:a2:7c:c4:4d:d3:24:8a:55:51:5e:f8:d3:69:a6:
98:a8:05:73:a9:22:3c:b6:d9:b6:66:da:d4:61:3c:e3:88:69:
8c:df:ad:a6:e6:c3:e9:b7:c4:b4:86:5c:bf:46:f2:b5:a8:ca:
8b:37:4b:f0:8f:8d:7b:79:59:22:7c:0e:71:48:85:af:69:89:
90:7e:74:f4:4e:76:f0:1a:cd:32:6f:5a:0a:83:1f:53:fd:6b:
6e:56:84:ad:2b:af:a3:f1:6e:02:fb:ca:cc:25:0c:9d:2f:8a:
70:d5:9c:f1:95:e2:8b:41:ba:24:e3:63:0d:a2:be:44:20:96:
85:bd:ac:b8:61:8c:af:04:65:9b:ea:d6:3b:b1:35:43:bc:f9:
15:f9:fe:dd:36:91:09:df:57:2f:0b:cd:81:e1:01:45:cf:1f:
10:54:f0:df:ec:b1:32:f9:34:c7:15:79:96:6d:ed:9b:8a:a4:
fb:df:c9:98
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUbINozeOVTt3xHr3zS9763QT4owowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTEwMTAxMjIxMDhaFw0yNjEwMDkxMjI2MDhaMDMxMTAvBgNV
BAMTKDYyQjA0MEMxQzIxQTFCM0M5RUM1MDM2NjlCNTJCNzFBNzcyNkMzREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCubQUxpKq4u9S2+3kmWgN22jE9
i0Go//mjbqCgoBxMYGS8JrqXIrbxXruRgbq7Bt1Hqh/NHPwS2C9nwYhI/gnVEWnO
HnuddgJLpSAzRw2JTX0WZnin8YHOvhJs9MqBJNhxH4UNJ1z4GZ7NGgvTry1ymF+2
+AFftpHCe1BBLpEJmI9zfFGO8Ey9ZdTqijbafhBOSAq8V2D9Px3T08nQGo7RzFir
Rw6aBl4X9k6qj3FEtsV6oj17/FAxWOo47fX6dtdcG06lxdRlQ/oAipfR+PRbmJTr
7ZBxcusYwM2Yyq7X6/yxkttp5FuNzwFtaYTzyrpbbDdRHR8FtthQh30WmVOLAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUYrBAwcIaGzyexQNmm1K3Gncmw98wHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM0MzIzNTMyLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3KMA0GCSqGSIb3DQEBCwUAA4IBAQBWFhZdPvLshbCsvKZmPeHxm+v/uJhUDMzc
sYKUEkSTpaA0EhfjsEWtvIVMETKcOZEIKprAmXNumnGeGS1DC2gL/j3S8Wdv9wbL
wWwFonzETdMkilVRXvjTaaaYqAVzqSI8ttm2ZtrUYTzjiGmM362m5sPpt8S0hly/
RvK1qMqLN0vwj417eVkifA5xSIWvaYmQfnT0TnbwGs0yb1oKgx9T/WtuVoStK6+j
8W4C+8rMJQydL4pw1ZzxleKLQbok42MNor5EIJaFvay4YYyvBGWb6tY7sTVDvPkV
+f7dNpEJ31cvC82B4QFFzx8QVPDf7LEy+TTHFXmWbe2biqT738mY
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:40:06 2025 by rpki-client