Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230322e302f32342d3234203d3e20323130303330.roa
File: 3138352e3232392e3230322e302f32342d3234203d3e20323130303330.roa (raw, json)
Hash identifier: LqK97diQcFrb4344S9ThgI9qIfk24xWO2D6Fzod4ApM=
Subject key identifier: 46:65:60:89:DE:9F:A4:11:38:D5:E3:CB:E9:FB:F3:38:D1:78:E2:35
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 16407A40D11250C74ECA8C5AFBAC61351C56BA5E
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230322e302f32342d3234203d3e20323130303330.roa
Signing time: Tue 09 Sep 2025 15:51:41 +0000
ROA not before: Tue 09 Sep 2025 15:46:41 +0000
ROA not after: Tue 08 Sep 2026 15:51:41 +0000
asID: 210030
IP address blocks: 185.229.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 13:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:40:7a:40:d1:12:50:c7:4e:ca:8c:5a:fb:ac:61:35:1c:56:ba:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Sep 9 15:46:41 2025 GMT
Not After : Sep 8 15:51:41 2026 GMT
Subject: CN=46656089DE9FA41138D5E3CBE9FBF338D178E235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c9:55:eb:91:24:0c:86:3b:03:f6:eb:c1:44:
48:8f:36:6d:9e:84:51:61:6e:3f:76:d4:be:53:04:
a5:f1:8c:b8:97:4c:7b:7f:6e:58:ed:6d:c9:f7:2c:
0c:c6:53:16:fe:56:ce:f2:a3:51:b0:fa:4e:ac:9d:
5b:ca:f8:0a:89:cd:0b:2e:4d:dd:98:11:d1:6b:8a:
ae:9e:ab:56:d9:45:c9:93:dd:98:38:87:ae:07:ad:
62:1e:a1:64:bb:56:4d:69:b7:39:40:c5:05:25:58:
5c:ee:0a:84:40:c0:70:bb:39:91:44:bd:8b:17:5b:
bf:62:a9:fe:7b:90:54:28:af:c8:e7:7f:5c:6d:da:
d3:23:40:9c:cc:63:22:90:ca:f4:86:ed:75:fc:ab:
eb:5d:45:ec:55:05:bc:0b:8c:f7:7f:5e:7a:39:95:
7f:66:fb:44:21:5b:44:d8:80:92:91:f7:64:f0:6f:
8d:a6:b6:d3:55:06:87:08:24:4b:aa:ba:93:e9:3c:
5c:3b:b1:b9:50:45:6d:21:26:de:95:7b:4c:62:10:
91:81:4b:24:9b:9b:0a:9c:9e:cc:31:e0:fa:ed:52:
22:aa:c0:ca:f3:96:5f:48:3b:fd:ae:76:3b:53:d4:
35:aa:09:1e:82:fc:35:12:86:0b:54:83:21:81:1e:
76:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:65:60:89:DE:9F:A4:11:38:D5:E3:CB:E9:FB:F3:38:D1:78:E2:35
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3232392e3230322e302f32342d3234203d3e20323130303330.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.202.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:15:fc:bc:b8:f7:bb:a0:99:f8:0b:43:a2:35:9d:3a:b1:43:
f3:f2:4f:5f:fc:06:97:83:4e:7a:f6:95:bc:b7:5d:c9:9e:d2:
a2:ee:f0:ff:5e:a8:72:43:81:c4:ef:f0:af:cc:21:5d:ff:e8:
26:1f:6d:11:16:c2:2f:42:0c:af:b6:4e:d2:b7:f9:46:67:57:
8e:9c:0a:4c:8c:16:b3:f9:1a:54:9d:e3:63:52:c1:1c:15:13:
07:be:0b:db:7d:fa:75:a4:47:b2:52:15:c5:2e:b5:b4:18:a3:
2e:b1:35:1f:8b:e1:c3:62:4c:69:2e:ed:0e:8d:a7:c5:c0:80:
62:4f:98:88:16:41:6b:c2:f3:c6:79:d2:6d:97:ba:c8:13:91:
ba:d0:19:db:1f:5c:70:dc:93:68:1a:3f:59:a3:45:9b:59:6d:
a8:0b:89:a1:9e:5a:53:f3:57:60:10:af:f7:c5:f5:17:6c:a4:
7d:85:d2:cb:9c:27:46:e6:6b:a9:b1:f1:66:16:ef:ac:5a:8d:
0f:84:02:6b:5f:2b:95:0f:af:3c:57:4a:fc:64:d2:d3:52:5f:
00:a4:81:55:30:6c:31:a6:ae:d9:08:07:38:2e:8c:aa:13:ef:
29:f3:f4:45:48:f0:64:2f:5f:c3:99:d9:0c:33:3a:6c:fb:30:
3b:17:2e:32
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUFkB6QNESUMdOyoxa+6xhNRxWul4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNTA5MDkxNTQ2NDFaFw0yNjA5MDgxNTUxNDFaMDMxMTAvBgNV
BAMTKDQ2NjU2MDg5REU5RkE0MTEzOEQ1RTNDQkU5RkJGMzM4RDE3OEUyMzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAyVXrkSQMhjsD9uvBREiPNm2e
hFFhbj921L5TBKXxjLiXTHt/bljtbcn3LAzGUxb+Vs7yo1Gw+k6snVvK+AqJzQsu
Td2YEdFriq6eq1bZRcmT3Zg4h64HrWIeoWS7Vk1ptzlAxQUlWFzuCoRAwHC7OZFE
vYsXW79iqf57kFQor8jnf1xt2tMjQJzMYyKQyvSG7XX8q+tdRexVBbwLjPd/Xno5
lX9m+0QhW0TYgJKR92Twb42mttNVBocIJEuqupPpPFw7sblQRW0hJt6Ve0xiEJGB
SySbmwqcnswx4PrtUiKqwMrzll9IO/2udjtT1DWqCR6C/DUShgtUgyGBHnaXAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQURmVgid6fpBE41ePL6fvzONF44jUwHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjMyMzkyZTMy
MzAzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMDMwMzMzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnlyjANBgkqhkiG9w0BAQsFAAOCAQEAbxX8vLj3u6CZ+AtDojWdOrFD8/JP
X/wGl4NOevaVvLddyZ7Sou7w/16ockOBxO/wr8whXf/oJh9tERbCL0IMr7ZO0rf5
RmdXjpwKTIwWs/kaVJ3jY1LBHBUTB74L2336daRHslIVxS61tBijLrE1H4vhw2JM
aS7tDo2nxcCAYk+YiBZBa8LzxnnSbZe6yBORutAZ2x9ccNyTaBo/WaNFm1ltqAuJ
oZ5aU/NXYBCv98X1F2ykfYXSy5wnRuZrqbHxZhbvrFqND4QCa18rlQ+vPFdK/GTS
01JfAKSBVTBsMaau2QgHOC6MqhPvKfP0RUjwZC9fw5nZDDM6bPswOxcuMg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:00:48 2025 by rpki-client