Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e203136353039.roa
File: 3138352e3234342e39352e302f32342d3234203d3e203136353039.roa (raw, json)
Hash identifier: tBBH3ivLD6QCOuz/zDI7JAWzO8l/tRZui9Xrn0qJpA4=
Subject key identifier: 5F:87:50:8E:D1:7C:29:F8:70:5F:F1:D3:1E:24:26:30:E3:EA:49:9B
Certificate issuer: /CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Certificate serial: 24733683A1146AA4F8FCE84125031A3E2A60FA20
Authority key identifier: 3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e203136353039.roa
Signing time: Sat 11 Oct 2025 08:55:08 +0000
ROA not before: Sat 11 Oct 2025 08:50:08 +0000
ROA not after: Sat 10 Oct 2026 08:55:08 +0000
asID: 16509
IP address blocks: 185.244.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.mft
rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 13:26:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:73:36:83:a1:14:6a:a4:f8:fc:e8:41:25:03:1a:3e:2a:60:fa:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e870b9a7003c4fd9c51bd354a9defa3fb77b4a9
Validity
Not Before: Oct 11 08:50:08 2025 GMT
Not After : Oct 10 08:55:08 2026 GMT
Subject: CN=5F87508ED17C29F8705FF1D31E242630E3EA499B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b4:e8:74:3c:5c:76:af:47:6f:93:67:e0:8f:
1d:76:da:a0:48:34:73:3d:a1:81:a5:79:c0:bc:7d:
a3:24:87:aa:b2:e9:56:1f:e2:25:64:9f:42:be:74:
80:91:d2:00:e8:4a:09:1c:03:b7:d5:23:70:6b:20:
eb:ab:85:ec:4b:68:5a:6e:f6:ed:21:c9:18:54:13:
b6:a1:5b:81:d7:95:96:01:c8:b2:35:08:e4:e0:44:
31:ab:8b:81:eb:6c:b3:04:49:f4:cb:86:3d:39:06:
7f:12:9e:a5:81:9d:f1:50:f4:fe:57:2d:12:96:98:
df:ac:74:46:86:8b:1b:aa:c3:48:e1:b7:85:5c:69:
1a:0d:fb:89:46:7f:9e:51:a7:1b:da:12:e6:7d:78:
f2:07:d6:37:f3:55:7a:ba:2c:26:b0:87:78:96:0f:
28:83:f4:74:b5:84:e3:9a:e4:1f:bb:c5:d2:c4:d0:
12:c1:5c:79:5c:03:cb:8e:bb:ae:c3:e9:56:01:d5:
80:95:1f:5f:3f:b0:e4:fd:38:23:29:12:c4:7d:96:
1e:c9:27:44:b6:3e:6e:3f:34:29:ce:58:71:10:49:
ff:5f:04:a9:60:78:25:cb:6c:4c:41:54:16:cc:e2:
4b:02:f5:9d:c2:14:8c:c6:de:8d:5d:22:08:ef:8c:
58:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:87:50:8E:D1:7C:29:F8:70:5F:F1:D3:1E:24:26:30:E3:EA:49:9B
X509v3 Authority Key Identifier:
keyid:3E:87:0B:9A:70:03:C4:FD:9C:51:BD:35:4A:9D:EF:A3:FB:77:B4:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3E870B9A7003C4FD9C51BD354A9DEFA3FB77B4A9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PocLmnADxP2cUb01Sp3vo_t3tKk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c5d18e82-4d68-45a6-a5df-cac115ad2279/0/3138352e3234342e39352e302f32342d3234203d3e203136353039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.95.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:49:e1:53:3e:8e:b4:d1:59:2b:a1:f2:b8:97:2c:dd:c3:ce:
17:25:ff:a2:eb:4c:d5:7c:7f:36:30:6c:4c:dc:23:a6:57:05:
3a:9e:cf:5f:50:cc:af:1f:2c:cf:d0:93:22:ee:45:09:42:80:
de:8e:2e:ff:2e:81:c0:ca:fe:ab:6f:03:80:69:84:e7:1e:23:
57:04:02:9a:17:09:95:54:92:c2:65:02:14:00:2b:ee:e4:b8:
89:77:9d:85:c7:d3:ed:b6:95:23:29:ec:1a:7d:6c:4b:a3:45:
ca:0f:01:1a:a5:f1:97:65:ab:9b:87:d5:d7:29:4c:d1:e2:94:
44:d1:3c:54:cb:68:d3:e2:7f:5a:a9:11:16:de:34:c5:fd:4e:
98:94:f8:ed:db:6c:2a:d7:82:5d:84:31:d5:d9:14:01:87:b5:
d4:88:67:7a:e4:42:6d:e3:ac:52:2a:2c:8a:e5:01:bf:fd:d0:
9f:38:9f:7c:5b:6b:32:6e:eb:47:54:40:f2:de:d3:71:dc:40:
46:cf:21:0c:ee:e5:11:47:5e:c9:03:48:9e:41:ce:91:79:74:
ae:b6:73:f4:6a:71:3a:ac:9b:a2:7d:54:68:db:95:8d:b1:5c:
1a:72:19:e0:a1:3a:29:8d:ae:5e:ce:d9:10:09:cf:08:99:15:
5a:c2:ee:75
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUJHM2g6EUaqT4/OhBJQMaPipg+iAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2U4NzBiOWE3MDAzYzRmZDljNTFiZDM1NGE5ZGVmYTNm
Yjc3YjRhOTAeFw0yNTEwMTEwODUwMDhaFw0yNjEwMTAwODU1MDhaMDMxMTAvBgNV
BAMTKDVGODc1MDhFRDE3QzI5Rjg3MDVGRjFEMzFFMjQyNjMwRTNFQTQ5OUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3tOh0PFx2r0dvk2fgjx122qBI
NHM9oYGlecC8faMkh6qy6VYf4iVkn0K+dICR0gDoSgkcA7fVI3BrIOurhexLaFpu
9u0hyRhUE7ahW4HXlZYByLI1COTgRDGri4HrbLMESfTLhj05Bn8SnqWBnfFQ9P5X
LRKWmN+sdEaGixuqw0jht4VcaRoN+4lGf55RpxvaEuZ9ePIH1jfzVXq6LCawh3iW
DyiD9HS1hOOa5B+7xdLE0BLBXHlcA8uOu67D6VYB1YCVH18/sOT9OCMpEsR9lh7J
J0S2Pm4/NCnOWHEQSf9fBKlgeCXLbExBVBbM4ksC9Z3CFIzG3o1dIgjvjFjrAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUX4dQjtF8KfhwX/HTHiQmMOPqSZswHwYDVR0j
BBgwFoAUPocLmnADxP2cUb01Sp3vo/t3tKkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzVkMThlODItNGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQy
Mjc5LzAvM0U4NzBCOUE3MDAzQzRGRDlDNTFCRDM1NEE5REVGQTNGQjc3QjRBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1BvY0xtbkFEeFAyY1ViMDFTcDN2b190
M3RLay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYzVkMThlODIt
NGQ2OC00NWE2LWE1ZGYtY2FjMTE1YWQyMjc5LzAvMzEzODM1MmUzMjM0MzQyZTM5
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM2MzUzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ufRfMA0GCSqGSIb3DQEBCwUAA4IBAQDGSeFTPo600VkrofK4lyzdw84XJf+i60zV
fH82MGxM3COmVwU6ns9fUMyvHyzP0JMi7kUJQoDeji7/LoHAyv6rbwOAaYTnHiNX
BAKaFwmVVJLCZQIUACvu5LiJd52Fx9PttpUjKewafWxLo0XKDwEapfGXZaubh9XX
KUzR4pRE0TxUy2jT4n9aqREW3jTF/U6YlPjt22wq14JdhDHV2RQBh7XUiGd65EJt
46xSKiyK5QG//dCfOJ98W2sybutHVEDy3tNx3EBGzyEM7uURR17JA0ieQc6ReXSu
tnP0anE6rJuifVRo25WNsVwachngoTopja5eztkQCc8ImRVawu51
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:03:23 2025 by rpki-client