Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235312e302f32342d3234203d3e20313337353537.roa
File: 3138352e3231332e3235312e302f32342d3234203d3e20313337353537.roa (raw, json)
Hash identifier: eYILiT2JPXpEDLdM1mRS7Zrw3uThCrbSVHgyCN3lFo4=
Subject key identifier: 84:F3:D0:39:F0:12:56:1C:B1:85:D9:EB:80:1E:B0:F8:9C:54:7D:8C
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 6D02B05B4172AE4D7DB120053B261E575BDFB241
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235312e302f32342d3234203d3e20313337353537.roa
Signing time: Wed 13 Aug 2025 09:50:23 +0000
ROA not before: Wed 13 Aug 2025 09:45:23 +0000
ROA not after: Wed 12 Aug 2026 09:50:23 +0000
asID: 137557
IP address blocks: 185.213.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 21:05:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:02:b0:5b:41:72:ae:4d:7d:b1:20:05:3b:26:1e:57:5b:df:b2:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Aug 13 09:45:23 2025 GMT
Not After : Aug 12 09:50:23 2026 GMT
Subject: CN=84F3D039F012561CB185D9EB801EB0F89C547D8C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b2:12:0c:8e:c9:6f:08:01:52:34:8f:81:80:
8f:36:67:e8:98:e6:4f:42:b7:5f:fb:d0:d9:34:35:
04:64:65:1b:9b:70:6e:4c:d9:d7:17:9c:a8:a6:c9:
f8:6b:97:92:09:bc:ed:6d:a5:ea:ff:e6:2e:cb:82:
1a:83:1f:9b:89:10:3d:77:e6:b6:7e:1a:cb:dc:b9:
9d:4f:b9:c3:dc:a7:43:13:a6:bf:b5:11:d0:69:76:
94:2a:d6:b1:ca:8f:e8:79:2d:46:ad:fb:9c:34:ff:
3d:c5:c2:c4:57:d9:3f:7c:8d:7d:8d:90:5a:41:4c:
18:ca:27:9c:80:10:07:38:59:b8:79:4f:84:e9:44:
bb:f9:a9:dd:bd:3e:b5:6c:54:ba:63:c1:7b:07:73:
ed:2b:72:58:ce:c7:43:b2:bc:fe:6d:ac:8d:19:86:
08:92:8c:68:44:0f:80:7d:9a:c7:30:0d:31:cc:9b:
9f:0c:19:1d:67:85:51:61:75:1c:71:5b:d4:0a:87:
47:d1:49:18:91:52:24:af:4f:8d:35:12:99:a7:c5:
d2:ff:dd:6d:30:83:27:a2:07:f5:30:55:71:7f:ec:
db:b1:12:70:db:62:83:6c:c6:cf:cf:28:ba:5e:e4:
e1:05:08:b0:ad:6c:00:10:b4:49:08:36:cb:db:4b:
57:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F3:D0:39:F0:12:56:1C:B1:85:D9:EB:80:1E:B0:F8:9C:54:7D:8C
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3235312e302f32342d3234203d3e20313337353537.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.251.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:c4:35:2a:25:df:7b:c4:62:08:cd:84:63:ac:0e:5d:f6:c2:
8e:79:7a:f4:04:e8:0f:c7:5b:7a:7d:fe:a9:97:5d:bb:56:a1:
38:34:a8:07:f8:bb:4e:a5:84:be:51:4c:25:3f:90:79:7f:e9:
8d:e4:d6:6b:6c:49:cc:2a:c9:5a:06:e6:40:4d:aa:e2:07:d1:
46:23:f3:7c:70:c9:fe:d8:ba:86:97:e0:66:43:d5:11:5c:61:
80:3c:70:3e:85:fb:fb:b2:07:5d:04:b9:34:02:33:3e:64:5f:
fb:7c:1a:6a:a6:3f:7c:70:b1:50:07:90:f5:68:6d:a3:11:b6:
85:12:9b:74:4c:8a:9a:93:6c:98:04:8c:ef:23:ae:cd:ee:cc:
ad:48:78:3a:ed:4b:3a:6a:cf:a8:97:82:97:49:f7:86:44:9d:
2c:c4:c8:bc:7b:1c:d7:b8:73:b1:98:40:d8:c4:00:ec:45:52:
c4:01:e9:fd:17:64:60:2e:a2:b8:13:01:1e:59:3c:a5:fe:2f:
f4:ec:cb:e1:e3:b0:f2:9d:e0:87:3d:e6:0d:be:4c:fa:75:cf:
55:4e:57:56:b4:85:b4:a1:d5:5f:71:b5:07:3b:1e:4e:2c:be:
d8:16:57:35:1e:a8:ae:14:bf:7b:6c:43:57:ce:12:eb:a0:6c:
c0:5f:36:ba
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUbQKwW0Fyrk19sSAFOyYeV1vfskEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTA4MTMwOTQ1MjNaFw0yNjA4MTIwOTUwMjNaMDMxMTAvBgNV
BAMTKDg0RjNEMDM5RjAxMjU2MUNCMTg1RDlFQjgwMUVCMEY4OUM1NDdEOEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSshIMjslvCAFSNI+BgI82Z+iY
5k9Ct1/70Nk0NQRkZRubcG5M2dcXnKimyfhrl5IJvO1tper/5i7LghqDH5uJED13
5rZ+GsvcuZ1PucPcp0MTpr+1EdBpdpQq1rHKj+h5LUat+5w0/z3FwsRX2T98jX2N
kFpBTBjKJ5yAEAc4Wbh5T4TpRLv5qd29PrVsVLpjwXsHc+0rcljOx0OyvP5trI0Z
hgiSjGhED4B9mscwDTHMm58MGR1nhVFhdRxxW9QKh0fRSRiRUiSvT401EpmnxdL/
3W0wgyeiB/UwVXF/7NuxEnDbYoNsxs/PKLpe5OEFCLCtbAAQtEkINsvbS1chAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUhPPQOfASVhyxhdnrgB6w+JxUfYwwHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzODM1MmUzMjMxMzMyZTMy
MzUzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNzM1MzUzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnV+zANBgkqhkiG9w0BAQsFAAOCAQEAbMQ1KiXfe8RiCM2EY6wOXfbCjnl6
9AToD8dben3+qZddu1ahODSoB/i7TqWEvlFMJT+QeX/pjeTWa2xJzCrJWgbmQE2q
4gfRRiPzfHDJ/ti6hpfgZkPVEVxhgDxwPoX7+7IHXQS5NAIzPmRf+3waaqY/fHCx
UAeQ9WhtoxG2hRKbdEyKmpNsmASM7yOuze7MrUh4Ou1LOmrPqJeCl0n3hkSdLMTI
vHsc17hzsZhA2MQA7EVSxAHp/RdkYC6iuBMBHlk8pf4v9OzL4eOw8p3ghz3mDb5M
+nXPVU5XVrSFtKHVX3G1BzseTiy+2BZXNR6orhS/e2xDV84S66BswF82ug==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:38:45 2025 by rpki-client