Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135322e302f32342d3234203d3e203432383331.roa
File: 3138352e3232362e3135322e302f32342d3234203d3e203432383331.roa (raw, json)
Hash identifier: HpM8i92Nx8n+PHLNcWeurSiekKwVSUI6F0Ofn+tlEDo=
Subject key identifier: B9:04:F8:79:AD:EE:CF:25:DB:48:EA:2F:FA:09:A3:E4:F2:FD:7A:6F
Certificate issuer: /CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Certificate serial: 0C1FEB64141B99525306C8FB855FAB04573926CC
Authority key identifier: B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135322e302f32342d3234203d3e203432383331.roa
Signing time: Thu 21 Aug 2025 14:54:13 +0000
ROA not before: Thu 21 Aug 2025 14:49:13 +0000
ROA not after: Thu 20 Aug 2026 14:54:13 +0000
asID: 42831
IP address blocks: 185.226.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 04:19:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:1f:eb:64:14:1b:99:52:53:06:c8:fb:85:5f:ab:04:57:39:26:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0170abdc955aa176be2af26299678f2f7c9aca0
Validity
Not Before: Aug 21 14:49:13 2025 GMT
Not After : Aug 20 14:54:13 2026 GMT
Subject: CN=B904F879ADEECF25DB48EA2FFA09A3E4F2FD7A6F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:96:e7:a9:87:99:ec:40:cc:95:33:38:9b:03:
03:2f:61:e3:17:09:c1:58:35:20:76:61:fe:31:7a:
f2:ca:b4:13:07:9f:01:c2:7d:3d:57:df:95:88:21:
3d:25:47:c8:67:e8:b4:c3:20:06:1c:0e:09:3a:11:
84:9d:42:00:d7:3d:40:c2:50:b5:87:d6:a0:60:c5:
4e:32:c2:52:3b:68:43:ad:7d:3a:b1:dd:56:3f:88:
0d:45:7a:e5:36:a2:c2:6a:22:51:c2:cb:d8:fa:d2:
77:5c:fb:ce:ea:66:77:fe:fb:81:ed:e3:00:af:10:
2b:dc:a1:a2:78:24:d3:4e:22:5b:52:fd:3f:68:c9:
c8:ea:9b:26:54:47:50:f5:4c:e0:75:84:eb:76:b0:
1e:e0:d6:3f:9b:d3:f2:c5:9e:66:a5:6d:c8:6f:ca:
60:bb:f4:35:37:bf:39:88:a5:df:9d:c2:99:e5:14:
ad:4e:11:e4:82:7a:22:16:b8:9c:b7:d2:ce:d5:72:
eb:bf:f1:ee:22:7d:d3:13:54:e6:6b:37:44:bf:c4:
8a:01:71:c5:26:95:f0:30:42:6c:fc:6d:0e:14:6a:
46:34:97:93:a2:7c:89:f9:75:b1:d7:e2:e5:0d:25:
00:7c:63:a7:d2:80:cc:eb:e4:bd:c7:fc:21:bf:1a:
18:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:04:F8:79:AD:EE:CF:25:DB:48:EA:2F:FA:09:A3:E4:F2:FD:7A:6F
X509v3 Authority Key Identifier:
keyid:B0:17:0A:BD:C9:55:AA:17:6B:E2:AF:26:29:96:78:F2:F7:C9:AC:A0
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/B0170ABDC955AA176BE2AF26299678F2F7C9ACA0.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sBcKvclVqhdr4q8mKZZ48vfJrKA.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7a789e87-f484-423d-a1d7-2c2d5860d2ec/0/3138352e3232362e3135322e302f32342d3234203d3e203432383331.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.152.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:b7:4c:db:18:45:e5:1f:27:94:4f:f9:bb:95:52:87:17:b9:
a8:00:22:4e:1a:6d:5f:33:42:52:d1:a3:06:9e:7f:00:38:24:
89:ae:9c:f2:11:10:1a:9c:a1:e9:eb:8d:72:d7:7b:49:1b:6d:
9b:bf:c2:d5:08:7a:b9:30:c1:74:d8:42:f7:f5:1f:5f:e7:c3:
b7:8d:5d:e5:f0:4b:0c:ef:7a:46:a2:92:00:3f:c5:90:8e:72:
6c:59:b3:c0:ca:7f:2e:91:f7:73:4b:cb:3f:0b:43:6f:e9:a3:
b1:8b:82:f9:42:fe:e2:db:11:2d:3f:6e:dc:d8:26:e2:cb:d9:
73:d0:c3:5b:fd:7a:89:29:33:b4:64:42:c8:46:93:c0:86:e3:
b4:a9:6e:71:50:4e:51:c2:5c:0e:39:1c:3c:ab:bc:47:c2:6b:
1a:d8:56:31:35:7b:46:03:35:31:47:cc:a5:7c:92:43:ff:53:
60:f6:9e:e3:08:8b:1b:04:10:59:27:2c:20:f1:d8:c4:a2:84:
2c:e9:13:4b:40:b9:49:36:de:68:dd:35:2c:1c:88:36:9b:23:
93:ca:70:b9:13:89:a6:94:65:da:aa:5e:43:7b:34:8a:04:8b:
24:70:ce:51:70:1d:e1:f7:da:51:69:48:bd:e9:f2:c5:9f:7c:
64:34:5a:6a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDB/rZBQbmVJTBsj7hV+rBFc5JswwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYjAxNzBhYmRjOTU1YWExNzZiZTJhZjI2Mjk5Njc4ZjJm
N2M5YWNhMDAeFw0yNTA4MjExNDQ5MTNaFw0yNjA4MjAxNDU0MTNaMDMxMTAvBgNV
BAMTKEI5MDRGODc5QURFRUNGMjVEQjQ4RUEyRkZBMDlBM0U0RjJGRDdBNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXlueph5nsQMyVMzibAwMvYeMX
CcFYNSB2Yf4xevLKtBMHnwHCfT1X35WIIT0lR8hn6LTDIAYcDgk6EYSdQgDXPUDC
ULWH1qBgxU4ywlI7aEOtfTqx3VY/iA1FeuU2osJqIlHCy9j60ndc+87qZnf++4Ht
4wCvECvcoaJ4JNNOIltS/T9oycjqmyZUR1D1TOB1hOt2sB7g1j+b0/LFnmalbchv
ymC79DU3vzmIpd+dwpnlFK1OEeSCeiIWuJy30s7Vcuu/8e4ifdMTVOZrN0S/xIoB
ccUmlfAwQmz8bQ4UakY0l5OifIn5dbHX4uUNJQB8Y6fSgMzr5L3H/CG/GhhpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUuQT4ea3uzyXbSOov+gmj5PL9em8wHwYDVR0j
BBgwFoAUsBcKvclVqhdr4q8mKZZ48vfJrKAwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2E3ODllODctZjQ4NC00MjNkLWExZDctMmMyZDU4NjBk
MmVjLzAvQjAxNzBBQkRDOTU1QUExNzZCRTJBRjI2Mjk5Njc4RjJGN0M5QUNBMC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3NCY0t2Y2xWcWhkcjRxOG1LWlo0OHZm
SnJLQS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2E3ODllODct
ZjQ4NC00MjNkLWExZDctMmMyZDU4NjBkMmVjLzAvMzEzODM1MmUzMjMyMzYyZTMx
MzUzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzIzODMzMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC54pgwDQYJKoZIhvcNAQELBQADggEBAMe3TNsYReUfJ5RP+buVUocXuagAIk4a
bV8zQlLRowaefwA4JImunPIREBqcoenrjXLXe0kbbZu/wtUIerkwwXTYQvf1H1/n
w7eNXeXwSwzvekaikgA/xZCOcmxZs8DKfy6R93NLyz8LQ2/po7GLgvlC/uLbES0/
btzYJuLL2XPQw1v9eokpM7RkQshGk8CG47SpbnFQTlHCXA45HDyrvEfCaxrYVjE1
e0YDNTFHzKV8kkP/U2D2nuMIixsEEFknLCDx2MSihCzpE0tAuUk23mjdNSwciDab
I5PKcLkTiaaUZdqqXkN7NIoEiyRwzlFwHeH32lFpSL3p8sWffGQ0Wmo=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:52:31 2025 by rpki-client