Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234382e302f32342d3234203d3e20323035383836.roa
File: 3138352e3231332e3234382e302f32342d3234203d3e20323035383836.roa (raw, json)
Hash identifier: ODfn5/rpX0/qAWjZsS/cv+gVh3kFgfI7CdBECTg9zww=
Subject key identifier: 74:33:D2:C4:7D:EB:4F:60:C6:5B:A1:C3:6A:CA:6A:8A:D0:E0:BD:DC
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 5428480191398C9BE06530D3C7EF0F4F4E106AA4
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234382e302f32342d3234203d3e20323035383836.roa
Signing time: Sat 11 Oct 2025 03:39:30 +0000
ROA not before: Sat 11 Oct 2025 03:34:30 +0000
ROA not after: Sat 10 Oct 2026 03:39:30 +0000
asID: 205886
IP address blocks: 185.213.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 14:17:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:28:48:01:91:39:8c:9b:e0:65:30:d3:c7:ef:0f:4f:4e:10:6a:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Oct 11 03:34:30 2025 GMT
Not After : Oct 10 03:39:30 2026 GMT
Subject: CN=7433D2C47DEB4F60C65BA1C36ACA6A8AD0E0BDDC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c1:39:20:6b:d7:d0:5d:6e:0a:f2:b4:fb:16:
46:58:b8:c7:c8:1d:7c:7e:4f:71:02:54:9b:a7:b6:
42:24:af:2c:a0:46:68:4e:18:8b:2e:b7:b8:53:d1:
67:27:b5:0e:53:bf:c8:bc:b1:f5:69:59:98:89:45:
8d:cd:b4:bb:6b:93:8e:bf:a5:0c:43:90:04:03:98:
d8:92:95:36:7a:21:df:16:8c:4d:c8:b0:23:58:40:
3b:5c:e1:5b:32:54:09:73:d1:6b:33:01:49:cc:3c:
7c:98:4c:9b:58:68:fe:2f:b3:e5:41:e2:73:22:99:
b6:8c:b3:90:06:e9:52:72:f1:cb:79:47:43:3e:b5:
74:ac:10:de:92:cc:64:45:f1:63:cc:3a:37:cf:18:
9a:67:40:6b:b6:75:c3:32:a6:67:62:e8:e4:fe:85:
a8:30:c0:6b:02:79:07:4f:c9:61:6f:ac:23:bd:5f:
37:b6:73:2d:34:54:ed:c4:fe:38:51:c8:82:95:b7:
8d:6f:71:a7:be:18:e9:c8:8f:d0:29:b6:32:41:63:
76:bf:1a:e2:e3:ae:c3:3d:e1:42:ef:69:18:2f:68:
d1:2f:93:fe:ab:d6:09:32:d1:e6:9b:ab:70:1f:15:
02:7b:25:c6:6e:aa:ce:cd:ba:95:ea:79:11:96:f3:
d2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:33:D2:C4:7D:EB:4F:60:C6:5B:A1:C3:6A:CA:6A:8A:D0:E0:BD:DC
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234382e302f32342d3234203d3e20323035383836.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.248.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:92:ee:3e:08:1e:8d:9d:8c:42:ae:76:69:7c:37:4b:54:8c:
45:01:45:ca:5c:92:5a:20:b5:dd:8b:f6:f5:25:ea:b1:9d:77:
0a:30:98:78:f7:92:88:f1:59:7f:4a:48:0a:fa:02:fd:cd:0f:
7a:ba:1d:39:fc:88:81:0d:c5:4e:fa:4e:38:62:d5:84:a8:03:
35:3d:bf:2f:96:35:35:eb:7d:2b:c0:45:71:87:31:f2:c4:2a:
62:c1:db:91:fb:cf:38:b2:f4:31:a5:a6:cd:97:c3:de:c4:62:
69:65:85:05:ae:9e:0a:85:46:8c:49:05:8e:f1:f8:8f:73:bf:
c4:d7:85:66:95:2d:fe:66:c6:06:82:49:3d:d4:ea:c4:2c:61:
18:96:72:98:44:35:fd:6d:41:b1:88:85:76:69:97:2a:4e:80:
63:8d:fd:43:61:44:f1:3d:80:79:b8:93:f6:c3:f7:1a:52:23:
38:ec:5c:7f:b2:c9:bd:02:1d:83:89:00:af:e5:0e:27:3e:a1:
c4:f0:c7:c8:53:2b:e1:d4:cf:d0:a0:14:04:f8:24:3e:ad:a5:
de:29:60:9d:9e:09:c3:e6:a4:dc:72:2b:2d:7f:f2:0a:22:90:
a7:81:5b:5a:39:8a:e3:d5:7e:fc:74:40:63:26:ea:56:df:34:
97:35:61:99
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUVChIAZE5jJvgZTDTx+8PT04QaqQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTEwMTEwMzM0MzBaFw0yNjEwMTAwMzM5MzBaMDMxMTAvBgNV
BAMTKDc0MzNEMkM0N0RFQjRGNjBDNjVCQTFDMzZBQ0E2QThBRDBFMEJEREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtwTkga9fQXW4K8rT7FkZYuMfI
HXx+T3ECVJuntkIkryygRmhOGIsut7hT0WcntQ5Tv8i8sfVpWZiJRY3NtLtrk46/
pQxDkAQDmNiSlTZ6Id8WjE3IsCNYQDtc4VsyVAlz0WszAUnMPHyYTJtYaP4vs+VB
4nMimbaMs5AG6VJy8ct5R0M+tXSsEN6SzGRF8WPMOjfPGJpnQGu2dcMypmdi6OT+
hagwwGsCeQdPyWFvrCO9Xze2cy00VO3E/jhRyIKVt41vcae+GOnIj9AptjJBY3a/
GuLjrsM94ULvaRgvaNEvk/6r1gky0eabq3AfFQJ7JcZuqs7NupXqeRGW89LfAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUdDPSxH3rT2DGW6HDaspqitDgvdwwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzODM1MmUzMjMxMzMyZTMy
MzQzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNTM4MzgzNi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnV+DANBgkqhkiG9w0BAQsFAAOCAQEAG5LuPggejZ2MQq52aXw3S1SMRQFF
ylySWiC13Yv29SXqsZ13CjCYePeSiPFZf0pICvoC/c0PerodOfyIgQ3FTvpOOGLV
hKgDNT2/L5Y1Net9K8BFcYcx8sQqYsHbkfvPOLL0MaWmzZfD3sRiaWWFBa6eCoVG
jEkFjvH4j3O/xNeFZpUt/mbGBoJJPdTqxCxhGJZymEQ1/W1BsYiFdmmXKk6AY439
Q2FE8T2AebiT9sP3GlIjOOxcf7LJvQIdg4kAr+UOJz6hxPDHyFMr4dTP0KAUBPgk
Pq2l3ilgnZ4Jw+ak3HIrLX/yCiKQp4FbWjmK49V+/HRAYybqVt80lzVhmQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:41:00 2025 by rpki-client