Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230322e302f32342d3234203d3e203634323637.roa
File: 38352e3233372e3230322e302f32342d3234203d3e203634323637.roa (raw, json)
Hash identifier: xCFPNNAgTQMk0NXoWAVyyYUMyDq5KSHdXsKzzHj8bQA=
Subject key identifier: C2:CD:3F:88:79:8C:93:F3:9F:31:B1:29:BD:9D:5F:4B:4F:B2:B6:B2
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 2648870EE1956EF2442E99A4A73983FB6D132D38
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230322e302f32342d3234203d3e203634323637.roa
Signing time: Fri 10 Oct 2025 12:26:08 +0000
ROA not before: Fri 10 Oct 2025 12:21:08 +0000
ROA not after: Fri 09 Oct 2026 12:26:08 +0000
asID: 64267
IP address blocks: 85.237.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 16:03:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:48:87:0e:e1:95:6e:f2:44:2e:99:a4:a7:39:83:fb:6d:13:2d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 10 12:21:08 2025 GMT
Not After : Oct 9 12:26:08 2026 GMT
Subject: CN=C2CD3F88798C93F39F31B129BD9D5F4B4FB2B6B2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:7b:49:fc:b0:38:a5:23:32:89:b1:f7:b4:c2:
ba:bb:1c:2e:0a:8a:c0:ff:48:bb:11:8a:bb:6c:c3:
dc:a8:6b:25:95:b8:12:d6:d3:0d:59:94:4c:b2:f0:
a2:53:3c:d8:23:51:d9:6d:ea:f6:41:d8:09:e5:8b:
49:c6:6a:b0:e6:cd:bc:78:64:ae:87:91:7a:31:f1:
e7:cd:bc:2e:c7:38:c3:1c:9f:c5:b6:38:63:55:8a:
62:26:fb:c1:47:6a:a6:f3:41:d8:ec:c7:cf:37:24:
d3:06:a5:ea:4a:ba:e5:4f:5e:15:68:6c:9c:75:ec:
d3:01:46:88:a2:e7:9d:77:a1:f0:2d:ab:de:eb:6b:
6c:94:de:10:0d:4b:15:45:7a:c6:78:b8:8a:54:4a:
b0:4a:15:c5:8e:83:43:85:1b:96:c5:b6:92:b3:f1:
79:cd:c0:61:60:d1:77:92:17:4b:e8:99:29:83:91:
30:46:c2:5e:b3:a9:f7:8d:be:8a:e8:34:61:bd:48:
9c:a6:bc:b3:e2:84:3c:30:40:ec:6f:03:19:87:d3:
16:55:09:c6:90:13:6d:60:e5:45:19:cb:04:29:e7:
17:48:a2:9d:dc:29:b0:6b:ed:db:c1:ad:55:1c:43:
9f:03:75:6b:6c:08:c8:ba:4d:e1:71:0e:2d:bb:7c:
34:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:CD:3F:88:79:8C:93:F3:9F:31:B1:29:BD:9D:5F:4B:4F:B2:B6:B2
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230322e302f32342d3234203d3e203634323637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.202.0/24
Signature Algorithm: sha256WithRSAEncryption
62:d9:c6:da:b9:2a:62:8f:6b:8e:2d:60:c2:49:a7:a2:84:2c:
ab:a9:aa:a3:20:eb:55:00:cc:65:00:df:37:e5:32:a5:ec:d8:
f0:1a:cc:7b:02:84:14:d2:2e:a7:75:ab:25:09:49:03:3a:cf:
a9:25:c2:e1:a5:dc:24:b0:91:bf:0b:eb:c8:ce:0c:ee:50:92:
ed:8a:95:6b:e4:84:f1:df:1e:95:ba:d6:c4:0a:2b:83:e0:b9:
ce:ac:23:b9:2f:5f:37:ec:c0:20:e6:a9:22:aa:7c:ec:50:92:
bc:a3:10:64:b9:60:8d:48:0d:e1:7e:56:ba:ba:7c:ac:5f:36:
d5:d3:f6:2b:1a:44:13:fa:2b:d7:84:a4:69:bf:6f:ef:9b:ae:
70:cb:7d:9e:19:5a:5d:f0:c6:eb:46:53:6f:5d:df:2d:85:b8:
b2:b0:94:5e:b4:75:f3:69:4d:dd:f5:75:f6:b9:6e:8e:c1:a4:
7d:77:1b:18:8a:c2:f8:97:54:0b:7f:b8:15:9d:21:09:b8:39:
a4:ed:37:64:47:2f:f4:e2:d0:67:1d:77:d4:58:dd:7d:36:ac:
bb:92:c8:b2:4f:56:15:0d:e2:17:9e:e5:da:5b:b1:7f:6a:d9:
86:d6:67:46:72:70:40:ee:e0:cc:e4:42:9e:dc:94:75:e6:7f:
45:85:60:78
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJkiHDuGVbvJELpmkpzmD+20TLTgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTEwMTAxMjIxMDhaFw0yNjEwMDkxMjI2MDhaMDMxMTAvBgNV
BAMTKEMyQ0QzRjg4Nzk4QzkzRjM5RjMxQjEyOUJEOUQ1RjRCNEZCMkI2QjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCne0n8sDilIzKJsfe0wrq7HC4K
isD/SLsRirtsw9yoayWVuBLW0w1ZlEyy8KJTPNgjUdlt6vZB2Anli0nGarDmzbx4
ZK6HkXox8efNvC7HOMMcn8W2OGNVimIm+8FHaqbzQdjsx883JNMGpepKuuVPXhVo
bJx17NMBRoii5513ofAtq97ra2yU3hANSxVFesZ4uIpUSrBKFcWOg0OFG5bFtpKz
8XnNwGFg0XeSF0vomSmDkTBGwl6zqfeNvoroNGG9SJymvLPihDwwQOxvAxmH0xZV
CcaQE21g5UUZywQp5xdIop3cKbBr7dvBrVUcQ58DdWtsCMi6TeFxDi27fDR5AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUws0/iHmMk/OfMbEpvZ1fS0+ytrIwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjM0MzIzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3KMA0GCSqGSIb3DQEBCwUAA4IBAQBi2cbauSpij2uOLWDCSaeihCyrqaqjIOtV
AMxlAN835TKl7NjwGsx7AoQU0i6ndaslCUkDOs+pJcLhpdwksJG/C+vIzgzuUJLt
ipVr5ITx3x6VutbECiuD4LnOrCO5L1837MAg5qkiqnzsUJK8oxBkuWCNSA3hfla6
unysXzbV0/YrGkQT+ivXhKRpv2/vm65wy32eGVpd8MbrRlNvXd8thbiysJRetHXz
aU3d9XX2uW6OwaR9dxsYisL4l1QLf7gVnSEJuDmk7TdkRy/04tBnHXfUWN19Nqy7
ksiyT1YVDeIXnuXaW7F/atmG1mdGcnBA7uDM5EKe3JR15n9FhWB4
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:40:10 2025 by rpki-client