Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/3138352e3230362e3235332e302f32342d3234203d3e203630373831.roa
File: 3138352e3230362e3235332e302f32342d3234203d3e203630373831.roa (raw, json)
Hash identifier: SQPPpGAfcWzeQjBcG69M0Ql5cnWUCRPHaAkbYVbbBkE=
Subject key identifier: 33:B4:FD:57:B3:A3:ED:4D:C7:42:2D:35:86:04:5D:8E:F4:9B:53:17
Certificate issuer: /CN=68d097afd88aef3f10282f3218fc13f01a0de486
Certificate serial: 3B4F95051652CB1B638C5CB8F07A8155983DB0E5
Authority key identifier: 68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/3138352e3230362e3235332e302f32342d3234203d3e203630373831.roa
Signing time: Fri 17 Oct 2025 12:55:08 +0000
ROA not before: Fri 17 Oct 2025 12:50:08 +0000
ROA not after: Fri 16 Oct 2026 12:55:08 +0000
asID: 60781
IP address blocks: 185.206.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:26:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:4f:95:05:16:52:cb:1b:63:8c:5c:b8:f0:7a:81:55:98:3d:b0:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d097afd88aef3f10282f3218fc13f01a0de486
Validity
Not Before: Oct 17 12:50:08 2025 GMT
Not After : Oct 16 12:55:08 2026 GMT
Subject: CN=33B4FD57B3A3ED4DC7422D3586045D8EF49B5317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e3:6e:de:25:01:96:6d:77:c7:2b:8e:bc:2d:
28:0b:5f:db:e9:c9:81:34:9e:f5:60:73:3b:5d:b4:
64:75:9e:12:bf:65:7a:0b:bb:54:5b:fd:04:94:af:
43:3a:39:98:d2:a8:56:0e:51:95:d3:b3:8d:fc:c8:
f2:2c:d6:88:12:86:fb:e8:8b:68:2c:9c:8d:9e:89:
1f:93:4f:83:93:6e:77:cc:2a:bc:21:99:65:14:cf:
32:48:f8:33:1b:67:44:8c:d8:ac:a7:6e:5a:05:c0:
68:4a:a3:e6:b6:aa:32:ae:1a:af:a7:13:b5:9e:dc:
8a:b0:96:a0:ca:99:93:cf:6e:59:a7:6d:c9:da:a5:
20:df:a1:70:22:83:4a:32:42:72:7a:d1:7d:a1:b5:
19:b2:62:df:0e:fc:47:bd:63:24:a7:74:88:bd:cf:
5d:63:f9:36:f1:d1:6c:62:52:d2:87:a5:ce:a5:e2:
2f:e9:c9:8f:08:08:a0:d3:fa:9c:aa:9f:24:9d:79:
16:70:0f:a8:4b:27:f5:bd:d7:6e:a1:6c:46:cf:25:
3b:d7:23:3a:39:93:65:e5:87:a0:90:29:83:1e:90:
0e:a4:d4:9b:f0:35:de:33:85:3d:e9:32:4a:47:11:
bd:fe:9a:95:4e:dc:d8:5f:77:4b:f5:94:e7:48:c6:
d3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:B4:FD:57:B3:A3:ED:4D:C7:42:2D:35:86:04:5D:8E:F4:9B:53:17
X509v3 Authority Key Identifier:
keyid:68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/3138352e3230362e3235332e302f32342d3234203d3e203630373831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.253.0/24
Signature Algorithm: sha256WithRSAEncryption
70:15:7b:fb:c4:a7:16:82:dc:8c:e9:b4:3c:26:0b:5d:c3:24:
60:62:9e:4d:cc:ca:7c:c6:f8:11:68:20:6d:3f:3e:94:4a:dc:
75:16:f5:c4:b0:1a:07:77:3b:a5:a2:3b:47:b5:4c:dd:d5:7e:
7c:5f:dc:22:ba:cf:97:8b:8d:14:d0:78:e5:ef:7d:cb:3e:7d:
ca:6e:3b:92:e5:77:fe:1a:7d:78:6e:de:2e:3c:c1:64:0f:9b:
cf:6a:5f:aa:2a:1e:ce:30:21:c4:d2:70:28:99:45:02:83:54:
c7:ae:25:18:9c:af:a5:53:ba:a8:c2:da:ba:63:d4:02:39:71:
5e:d1:67:b0:ac:fb:47:b7:62:fb:0c:ce:7f:a8:67:54:fb:9c:
a5:06:44:4a:06:62:1e:0b:0a:03:9f:ab:6a:a4:f9:fa:aa:a3:
dc:7e:1a:13:c1:7b:fd:50:8c:d7:e7:eb:08:a8:27:a3:4f:99:
27:b0:fb:a3:07:ec:1a:ad:4e:cc:2b:74:72:c3:05:72:51:98:
aa:91:f9:e8:0f:e7:96:a3:74:d1:f3:a0:4d:c0:36:fe:25:d7:
e0:3c:7a:41:a1:93:c1:88:d2:f7:0d:78:34:cc:ca:25:a1:e9:
d3:bd:f3:af:1d:31:88:24:11:d9:18:3c:fe:3e:43:ea:82:17:
8d:aa:72:cd
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUO0+VBRZSyxtjjFy48HqBVZg9sOUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjhkMDk3YWZkODhhZWYzZjEwMjgyZjMyMThmYzEzZjAx
YTBkZTQ4NjAeFw0yNTEwMTcxMjUwMDhaFw0yNjEwMTYxMjU1MDhaMDMxMTAvBgNV
BAMTKDMzQjRGRDU3QjNBM0VENERDNzQyMkQzNTg2MDQ1RDhFRjQ5QjUzMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCb427eJQGWbXfHK468LSgLX9vp
yYE0nvVgcztdtGR1nhK/ZXoLu1Rb/QSUr0M6OZjSqFYOUZXTs438yPIs1ogShvvo
i2gsnI2eiR+TT4OTbnfMKrwhmWUUzzJI+DMbZ0SM2KynbloFwGhKo+a2qjKuGq+n
E7We3IqwlqDKmZPPblmnbcnapSDfoXAig0oyQnJ60X2htRmyYt8O/Ee9YySndIi9
z11j+Tbx0WxiUtKHpc6l4i/pyY8ICKDT+pyqnySdeRZwD6hLJ/W9126hbEbPJTvX
Izo5k2Xlh6CQKYMekA6k1JvwNd4zhT3pMkpHEb3+mpVO3Nhfd0v1lOdIxtOLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUM7T9V7Oj7U3HQi01hgRdjvSbUxcwHwYDVR0j
BBgwFoAUaNCXr9iK7z8QKC8yGPwT8BoN5IYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2MxMWI4MTktZDQ1OS00MTM2LTk5ODctZjAyOTJhODdl
NjQwLzAvNjhEMDk3QUZEODhBRUYzRjEwMjgyRjMyMThGQzEzRjAxQTBERTQ4Ni5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FOQ1hyOWlLN3o4UUtDOHlHUHdUOEJv
TjVJWS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2MxMWI4MTkt
ZDQ1OS00MTM2LTk5ODctZjAyOTJhODdlNjQwLzAvMzEzODM1MmUzMjMwMzYyZTMy
MzUzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzNzM4MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5zv0wDQYJKoZIhvcNAQELBQADggEBAHAVe/vEpxaC3IzptDwmC13DJGBink3M
ynzG+BFoIG0/PpRK3HUW9cSwGgd3O6WiO0e1TN3Vfnxf3CK6z5eLjRTQeOXvfcs+
fcpuO5Lld/4afXhu3i48wWQPm89qX6oqHs4wIcTScCiZRQKDVMeuJRicr6VTuqjC
2rpj1AI5cV7RZ7Cs+0e3YvsMzn+oZ1T7nKUGREoGYh4LCgOfq2qk+fqqo9x+GhPB
e/1QjNfn6wioJ6NPmSew+6MH7BqtTswrdHLDBXJRmKqR+egP55ajdNHzoE3ANv4l
1+A8ekGhk8GI0vcNeDTMyiWh6dO9868dMYgkEdkYPP4+Q+qCF42qcs0=
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:07:45 2025 by rpki-client