Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232302e302f32342d3234203d3e20323035383836.roa
File: 38352e3233372e3232302e302f32342d3234203d3e20323035383836.roa (raw, json)
Hash identifier: xo39Kbb/Dp6SMcv3mcEl9kkC9o/9h+TDNj8SrNW/nbw=
Subject key identifier: 0E:4E:AB:81:D0:CC:9F:95:FB:63:F1:46:C0:E3:02:C4:11:DD:0B:1F
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 4C306C73BE9941EEF165661F2EB9F0761A3CA828
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232302e302f32342d3234203d3e20323035383836.roa
Signing time: Sun 12 Oct 2025 03:43:59 +0000
ROA not before: Sun 12 Oct 2025 03:38:59 +0000
ROA not after: Sun 11 Oct 2026 03:43:59 +0000
asID: 205886
IP address blocks: 85.237.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 16:03:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:30:6c:73:be:99:41:ee:f1:65:66:1f:2e:b9:f0:76:1a:3c:a8:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 12 03:38:59 2025 GMT
Not After : Oct 11 03:43:59 2026 GMT
Subject: CN=0E4EAB81D0CC9F95FB63F146C0E302C411DD0B1F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:b9:fc:b9:fa:0c:93:4c:da:5a:45:d1:8c:10:
63:e0:90:82:b0:64:32:8d:fa:58:b8:01:20:3c:13:
3b:5d:02:86:85:3a:71:e0:90:1f:fa:af:c4:12:cc:
9b:f6:a9:ac:9f:e6:25:1a:a6:dd:f0:f1:ee:70:45:
23:8e:ce:69:f9:1c:1b:28:4c:49:93:2d:23:fa:b5:
f1:07:d5:f7:40:fa:87:00:19:63:9a:41:56:f1:e6:
ae:90:61:85:9e:76:09:f9:4b:f3:47:9e:00:42:17:
90:8f:06:46:dd:01:7f:56:c8:b0:35:da:89:61:65:
ba:eb:ba:9c:35:ba:48:84:e9:26:14:c5:34:d6:39:
de:d0:0c:d7:a4:24:fb:68:a1:9f:53:7b:fe:3e:81:
3d:6d:af:2a:8a:d8:42:39:de:9c:35:4a:0e:ed:e9:
4d:b1:53:1d:ad:5b:8e:3f:a8:54:d6:bf:f7:7b:5f:
9b:56:93:d0:9f:00:72:e9:b8:f3:27:3b:ff:44:eb:
ab:5b:60:54:18:e8:7f:ec:37:42:d1:08:bd:2b:2e:
32:e6:13:85:5a:71:bb:62:78:19:01:d1:97:08:8e:
5c:94:e3:05:ad:dc:e3:35:00:22:15:85:f6:9e:79:
37:a9:d5:3f:4b:38:56:4b:bd:af:ec:93:37:88:2d:
c3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:4E:AB:81:D0:CC:9F:95:FB:63:F1:46:C0:E3:02:C4:11:DD:0B:1F
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232302e302f32342d3234203d3e20323035383836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.220.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:92:03:60:1c:0a:72:d6:e1:54:49:5c:fb:2c:0c:4c:e7:88:
51:5b:79:74:75:20:71:bd:4e:c7:96:9a:f7:89:28:02:20:6b:
44:1d:bc:18:05:1f:33:b8:14:7e:47:9b:cf:9e:0c:4f:ba:d0:
f9:45:e7:af:09:c5:cf:12:85:d2:54:10:df:bc:38:b4:d2:56:
11:5b:6e:e8:81:fb:ad:24:6c:15:4e:4f:dc:7d:14:3a:fa:6c:
2e:cc:2b:7d:d9:5d:df:69:b2:bf:d8:03:18:bc:9b:3d:e6:7c:
ff:b7:93:c2:ca:5c:43:97:ea:3d:b5:45:01:21:d6:fd:fe:a1:
1a:30:95:08:34:d8:4a:94:37:dc:e9:4b:0d:05:bc:d5:30:11:
8c:4e:47:e8:7a:91:de:7a:49:c1:e5:7c:13:f6:d0:df:b1:6c:
30:e7:06:03:18:60:c6:66:80:ee:8a:46:91:70:40:ef:ec:4f:
1e:16:6d:e1:54:0c:76:5d:01:fd:2c:af:2a:d5:fe:00:26:5b:
cb:14:83:cd:f5:76:0c:da:f1:a4:3f:25:a6:8b:ec:27:f0:1f:
ed:00:a6:e6:d9:34:dc:89:39:9e:b0:30:2a:e9:54:98:6f:a3:
57:13:06:e6:73:f7:72:0b:f5:07:a4:34:9e:f4:7a:07:de:10:
0b:26:30:e9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTDBsc76ZQe7xZWYfLrnwdho8qCgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTEwMTIwMzM4NTlaFw0yNjEwMTEwMzQzNTlaMDMxMTAvBgNV
BAMTKDBFNEVBQjgxRDBDQzlGOTVGQjYzRjE0NkMwRTMwMkM0MTFERDBCMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYufy5+gyTTNpaRdGMEGPgkIKw
ZDKN+li4ASA8EztdAoaFOnHgkB/6r8QSzJv2qayf5iUapt3w8e5wRSOOzmn5HBso
TEmTLSP6tfEH1fdA+ocAGWOaQVbx5q6QYYWedgn5S/NHngBCF5CPBkbdAX9WyLA1
2olhZbrrupw1ukiE6SYUxTTWOd7QDNekJPtooZ9Te/4+gT1tryqK2EI53pw1Sg7t
6U2xUx2tW44/qFTWv/d7X5tWk9CfAHLpuPMnO/9E66tbYFQY6H/sN0LRCL0rLjLm
E4VacbtieBkB0ZcIjlyU4wWt3OM1ACIVhfaeeTep1T9LOFZLva/skzeILcPrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUDk6rgdDMn5X7Y/FGwOMCxBHdCx8wHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMy
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzUzODM4MzYucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dwwDQYJKoZIhvcNAQELBQADggEBAHuSA2AcCnLW4VRJXPssDEzniFFbeXR1
IHG9TseWmveJKAIga0QdvBgFHzO4FH5Hm8+eDE+60PlF568Jxc8ShdJUEN+8OLTS
VhFbbuiB+60kbBVOT9x9FDr6bC7MK33ZXd9psr/YAxi8mz3mfP+3k8LKXEOX6j21
RQEh1v3+oRowlQg02EqUN9zpSw0FvNUwEYxOR+h6kd56ScHlfBP20N+xbDDnBgMY
YMZmgO6KRpFwQO/sTx4WbeFUDHZdAf0sryrV/gAmW8sUg831dgza8aQ/JaaL7Cfw
H+0ApubZNNyJOZ6wMCrpVJhvo1cTBuZz93IL9QekNJ70egfeEAsmMOk=
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:40:03 2025 by rpki-client