Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232312e302f32342d3234203d3e203239383032.roa
File: 3138352e3230352e3232312e302f32342d3234203d3e203239383032.roa (raw, json)
Hash identifier: CpYkSqadPJCR4u78/7C+e76mP12T+ctV/m0Haq2sh2E=
Subject key identifier: C5:9E:65:75:C6:8D:3E:8C:88:F2:A6:D5:6F:D8:93:08:CE:CF:3C:34
Certificate issuer: /CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Certificate serial: 585A0C99DAE454DB8F552511BF1CCDDE730C34C4
Authority key identifier: 7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232312e302f32342d3234203d3e203239383032.roa
Signing time: Sun 12 Oct 2025 01:55:08 +0000
ROA not before: Sun 12 Oct 2025 01:50:08 +0000
ROA not after: Sun 11 Oct 2026 01:55:08 +0000
asID: 29802
IP address blocks: 185.205.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.mft
rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:5a:0c:99:da:e4:54:db:8f:55:25:11:bf:1c:cd:de:73:0c:34:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7adf63e375b0b785081b5945b1d18d9de86e0efc
Validity
Not Before: Oct 12 01:50:08 2025 GMT
Not After : Oct 11 01:55:08 2026 GMT
Subject: CN=C59E6575C68D3E8C88F2A6D56FD89308CECF3C34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b9:6b:d0:98:52:67:5e:ae:49:8a:56:c7:f1:
7f:81:21:99:56:33:82:75:46:90:42:78:67:c7:40:
1b:9b:55:a6:33:8d:8f:60:94:79:81:c0:ae:d0:0c:
c0:5f:74:9f:4c:f7:05:b4:be:e7:67:f9:47:32:3c:
5e:1f:04:da:28:b8:e1:93:fd:37:2d:7d:d4:fa:5d:
3a:af:43:be:74:6a:23:d6:f9:54:46:ae:e3:c5:33:
50:ee:ba:f5:61:4d:a6:ff:65:78:da:e4:30:a3:57:
6a:48:e6:98:72:c1:6c:22:af:3a:56:cb:1d:90:07:
a9:f9:f9:c5:20:2d:dd:9e:4d:d3:0e:8c:2f:05:7c:
39:d0:d6:21:f8:1d:e8:a8:bf:24:ed:2e:92:bc:81:
c3:84:f1:84:1e:8a:18:41:63:d7:ef:30:06:5d:de:
fa:9a:9f:20:81:3c:b2:4a:6d:71:c8:97:a4:98:8c:
1f:25:cd:9a:5e:b4:c0:60:eb:a9:78:90:8b:e9:30:
50:4d:63:36:86:1e:39:82:1c:d3:e6:00:b0:ed:b7:
ed:1b:f1:f7:77:a4:b1:fa:4c:5a:dd:f2:4a:0d:c5:
6f:10:21:74:67:52:50:00:75:ca:1c:ce:eb:e3:11:
b7:94:6b:7d:0a:90:6b:5c:0c:ab:39:9e:d6:f8:f4:
49:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:9E:65:75:C6:8D:3E:8C:88:F2:A6:D5:6F:D8:93:08:CE:CF:3C:34
X509v3 Authority Key Identifier:
keyid:7A:DF:63:E3:75:B0:B7:85:08:1B:59:45:B1:D1:8D:9D:E8:6E:0E:FC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/7ADF63E375B0B785081B5945B1D18D9DE86E0EFC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/et9j43Wwt4UIG1lFsdGNnehuDvw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/aee3d58d-904a-4375-bf93-8b5f38cab002/0/3138352e3230352e3232312e302f32342d3234203d3e203239383032.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.221.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:24:4e:1c:6c:e5:4a:fe:96:e9:91:ed:ec:27:37:9d:37:0d:
aa:a4:c0:80:57:18:67:f6:7f:f4:97:03:2b:11:ee:e1:b0:ec:
91:29:37:4e:c7:e5:af:31:e2:3d:dd:c5:30:5b:03:8e:16:bd:
e6:53:6a:ff:d3:e3:97:ed:4a:6f:61:43:c4:52:7d:59:98:23:
7d:c7:69:87:50:db:84:42:60:71:fb:96:ca:01:4b:4c:00:eb:
bf:33:d0:32:c6:5b:9a:d9:5a:5f:d0:5c:f6:1c:74:40:db:b9:
18:89:e2:64:35:95:bd:5d:65:86:01:06:8c:16:b4:bd:ec:10:
b7:4f:95:59:e5:b3:d6:b1:9b:49:b0:6e:3f:17:d1:59:38:3f:
fd:97:49:98:97:f1:cf:85:b0:fe:51:f4:50:95:e4:63:99:b3:
06:9c:ff:e8:61:b9:da:18:78:f3:a1:61:0c:2c:26:29:9a:c6:
8a:2b:53:06:19:1e:df:a4:39:e6:08:51:17:6c:b6:9d:40:87:
30:5d:1b:92:05:48:37:c5:95:56:b5:a0:52:3c:c4:35:c1:c7:
f6:d3:82:91:07:b5:5e:97:c9:cc:e4:4f:f0:97:b6:f6:65:a3:
24:7f:cb:5e:9a:ec:e3:9e:62:f0:c0:f9:d0:ed:19:00:a2:81:
05:3c:8f:d4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWFoMmdrkVNuPVSURvxzN3nMMNMQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN2FkZjYzZTM3NWIwYjc4NTA4MWI1OTQ1YjFkMThkOWRl
ODZlMGVmYzAeFw0yNTEwMTIwMTUwMDhaFw0yNjEwMTEwMTU1MDhaMDMxMTAvBgNV
BAMTKEM1OUU2NTc1QzY4RDNFOEM4OEYyQTZENTZGRDg5MzA4Q0VDRjNDMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0uWvQmFJnXq5JilbH8X+BIZlW
M4J1RpBCeGfHQBubVaYzjY9glHmBwK7QDMBfdJ9M9wW0vudn+UcyPF4fBNoouOGT
/TctfdT6XTqvQ750aiPW+VRGruPFM1DuuvVhTab/ZXja5DCjV2pI5phywWwirzpW
yx2QB6n5+cUgLd2eTdMOjC8FfDnQ1iH4HeiovyTtLpK8gcOE8YQeihhBY9fvMAZd
3vqanyCBPLJKbXHIl6SYjB8lzZpetMBg66l4kIvpMFBNYzaGHjmCHNPmALDtt+0b
8fd3pLH6TFrd8koNxW8QIXRnUlAAdcoczuvjEbeUa30KkGtcDKs5ntb49El9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUxZ5ldcaNPoyI8qbVb9iTCM7PPDQwHwYDVR0j
BBgwFoAUet9j43Wwt4UIG1lFsdGNnehuDvwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQtOTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2Fi
MDAyLzAvN0FERjYzRTM3NUIwQjc4NTA4MUI1OTQ1QjFEMThEOURFODZFMEVGQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2V0OWo0M1d3dDRVSUcxbEZzZEdObmVo
dUR2dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWVlM2Q1OGQt
OTA0YS00Mzc1LWJmOTMtOGI1ZjM4Y2FiMDAyLzAvMzEzODM1MmUzMjMwMzUyZTMy
MzIzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzkzODMwMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5zd0wDQYJKoZIhvcNAQELBQADggEBAD8kThxs5Ur+lumR7ewnN503DaqkwIBX
GGf2f/SXAysR7uGw7JEpN07H5a8x4j3dxTBbA44WveZTav/T45ftSm9hQ8RSfVmY
I33HaYdQ24RCYHH7lsoBS0wA678z0DLGW5rZWl/QXPYcdEDbuRiJ4mQ1lb1dZYYB
BowWtL3sELdPlVnls9axm0mwbj8X0Vk4P/2XSZiX8c+FsP5R9FCV5GOZswac/+hh
udoYePOhYQwsJimaxoorUwYZHt+kOeYIURdstp1AhzBdG5IFSDfFlVa1oFI8xDXB
x/bTgpEHtV6XyczkT/CXtvZloyR/y16a7OOeYvDA+dDtGQCigQU8j9Q=
-----END CERTIFICATE-----
Generated at Mon Oct 20 07:56:22 2025 by rpki-client