Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234312e302f32342d3234203d3e203631323732.roa
File: 3138352e3231332e3234312e302f32342d3234203d3e203631323732.roa (raw, json)
Hash identifier: ZRXMJB81EQGqLoTW9rCPLjbdmz5JtoX/ioguz/yH9B4=
Subject key identifier: FF:07:D3:3E:BF:CA:DF:A1:5D:D4:A1:A7:C7:8A:F3:86:2B:22:B0:2C
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 513E21A7E1FA7A568E84B3C09781A43E650B14B1
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234312e302f32342d3234203d3e203631323732.roa
Signing time: Tue 07 Oct 2025 17:55:08 +0000
ROA not before: Tue 07 Oct 2025 17:50:08 +0000
ROA not after: Tue 06 Oct 2026 17:55:08 +0000
asID: 61272
IP address blocks: 185.213.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 13:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:3e:21:a7:e1:fa:7a:56:8e:84:b3:c0:97:81:a4:3e:65:0b:14:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Oct 7 17:50:08 2025 GMT
Not After : Oct 6 17:55:08 2026 GMT
Subject: CN=FF07D33EBFCADFA15DD4A1A7C78AF3862B22B02C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:17:26:da:e8:e4:86:7f:28:6d:4e:2f:ac:d2:
7f:a2:cc:8d:eb:31:ff:f3:a1:db:03:79:ed:2b:7d:
a2:f9:11:1e:14:05:8e:62:bc:c4:5e:e9:4a:9f:3e:
c0:67:1a:ce:c6:e0:ad:ae:37:95:f1:29:9a:58:f9:
4e:09:64:5e:98:fa:23:00:6b:a7:fb:4a:67:c7:e9:
eb:b8:2f:2e:cf:a0:67:f6:65:61:66:6a:ec:9a:76:
aa:0e:a3:89:1c:60:cf:2b:a4:34:28:74:4b:77:1d:
13:ec:e1:ec:40:98:6f:49:60:e4:19:c4:2b:af:d5:
87:a0:76:8a:f2:42:05:f9:7e:83:bb:8b:46:ba:a4:
f7:62:96:ad:b3:08:e2:56:28:f2:c2:e0:1b:f5:0d:
ef:83:51:19:fb:57:48:c0:df:ac:de:74:0d:73:5d:
fc:98:e3:02:0c:a6:d2:30:4d:87:0f:24:b4:12:a3:
29:cf:36:cd:32:0c:fa:31:f4:27:2a:63:5c:b2:23:
a4:20:e1:97:e2:10:8c:93:9b:7b:f9:ab:dc:d7:32:
a2:c7:0e:7f:50:d8:61:0a:64:62:6a:c9:58:23:32:
5f:82:c4:60:39:26:7c:7b:ad:87:5a:56:8a:cd:a0:
d1:ac:49:bc:f5:cb:b0:eb:d1:32:d8:ef:7c:da:4e:
36:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:07:D3:3E:BF:CA:DF:A1:5D:D4:A1:A7:C7:8A:F3:86:2B:22:B0:2C
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3231332e3234312e302f32342d3234203d3e203631323732.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.241.0/24
Signature Algorithm: sha256WithRSAEncryption
d9:c7:f6:f1:7e:cf:a8:d7:a4:20:27:39:ea:ce:cf:af:6f:70:
e3:ab:f1:1f:54:4e:71:16:c2:74:0c:68:5f:c1:0a:95:ef:d4:
7d:fc:24:0d:a3:29:95:68:9e:cc:be:46:01:d0:e0:73:c6:ea:
6d:c3:0c:3d:d9:05:4c:9c:d5:4e:23:72:2f:0e:5e:bd:b1:02:
73:43:e7:3c:b2:26:7a:93:f8:45:87:b1:70:7d:5a:4b:d6:a1:
5f:eb:b3:9a:e4:35:e3:a7:63:86:34:de:22:9a:56:df:38:04:
cd:d7:7e:8b:d8:aa:7c:bd:57:dd:cd:bf:e0:99:fd:35:c7:ef:
db:a8:d2:b8:46:ff:c4:6b:d2:55:af:c5:aa:0b:2e:c1:30:15:
43:1f:a0:4e:f4:7f:a9:13:ae:9f:f3:cd:1e:37:28:4d:64:2b:
86:75:7f:7f:d9:0e:4f:13:48:da:3a:11:5c:a1:1a:87:3a:68:
f9:94:53:4c:2f:65:6f:8f:40:6e:87:cc:9e:9f:e1:a9:1b:7a:
e6:e7:02:af:88:90:78:27:64:dd:54:65:55:d9:6a:fb:df:17:
a4:3c:7c:89:ad:95:14:58:30:0c:97:7a:9e:49:4c:d6:22:63:
3d:72:aa:fb:62:86:76:24:ac:fb:4d:1e:82:aa:4f:fb:b5:0f:
75:69:f5:91
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUT4hp+H6elaOhLPAl4GkPmULFLEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNTEwMDcxNzUwMDhaFw0yNjEwMDYxNzU1MDhaMDMxMTAvBgNV
BAMTKEZGMDdEMzNFQkZDQURGQTE1REQ0QTFBN0M3OEFGMzg2MkIyMkIwMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwFyba6OSGfyhtTi+s0n+izI3r
Mf/zodsDee0rfaL5ER4UBY5ivMRe6UqfPsBnGs7G4K2uN5XxKZpY+U4JZF6Y+iMA
a6f7SmfH6eu4Ly7PoGf2ZWFmauyadqoOo4kcYM8rpDQodEt3HRPs4exAmG9JYOQZ
xCuv1YegdoryQgX5foO7i0a6pPdilq2zCOJWKPLC4Bv1De+DURn7V0jA36zedA1z
XfyY4wIMptIwTYcPJLQSoynPNs0yDPox9CcqY1yyI6Qg4ZfiEIyTm3v5q9zXMqLH
Dn9Q2GEKZGJqyVgjMl+CxGA5Jnx7rYdaVorNoNGsSbz1y7Dr0TLY73zaTjZPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU/wfTPr/K36Fd1KGnx4rzhisisCwwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMxMzMyZTMy
MzQzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMjM3MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51fEwDQYJKoZIhvcNAQELBQADggEBANnH9vF+z6jXpCAnOerOz69vcOOr8R9U
TnEWwnQMaF/BCpXv1H38JA2jKZVonsy+RgHQ4HPG6m3DDD3ZBUyc1U4jci8OXr2x
AnND5zyyJnqT+EWHsXB9WkvWoV/rs5rkNeOnY4Y03iKaVt84BM3XfovYqny9V93N
v+CZ/TXH79uo0rhG/8Rr0lWvxaoLLsEwFUMfoE70f6kTrp/zzR43KE1kK4Z1f3/Z
Dk8TSNo6EVyhGoc6aPmUU0wvZW+PQG6HzJ6f4akbeubnAq+IkHgnZN1UZVXZavvf
F6Q8fImtlRRYMAyXep5JTNYiYz1yqvtihnYkrPtNHoKqT/u1D3Vp9ZE=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:03:36 2025 by rpki-client