Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231322e31382e3131362e302f32342d3234203d3e203139343337.roa
File: 3231322e31382e3131362e302f32342d3234203d3e203139343337.roa (raw, json)
Hash identifier: 2oZavsRfA1Q40x9PaOnupB4Ub1RzFaGZLNyIg+RCt6s=
Subject key identifier: AF:35:92:97:73:8A:35:6A:FB:2C:B3:2F:F7:ED:53:0B:C1:8E:59:35
Certificate issuer: /CN=cefce449bea8deaedb1804dba25c584df5873dc4
Certificate serial: 2F31573AB566024291E147DD770514A26E3D9ECB
Authority key identifier: CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231322e31382e3131362e302f32342d3234203d3e203139343337.roa
Signing time: Sun 28 Sep 2025 08:55:07 +0000
ROA not before: Sun 28 Sep 2025 08:50:07 +0000
ROA not after: Sun 27 Sep 2026 08:55:07 +0000
asID: 19437
IP address blocks: 212.18.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:31:57:3a:b5:66:02:42:91:e1:47:dd:77:05:14:a2:6e:3d:9e:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cefce449bea8deaedb1804dba25c584df5873dc4
Validity
Not Before: Sep 28 08:50:07 2025 GMT
Not After : Sep 27 08:55:07 2026 GMT
Subject: CN=AF359297738A356AFB2CB32FF7ED530BC18E5935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:be:3a:c3:da:fb:80:fd:8f:0f:5c:58:2c:97:
68:0f:a5:95:b6:e2:8f:6f:88:6f:ee:ef:e4:a3:1d:
dd:27:c7:a9:0c:8f:3e:7b:06:3d:38:ab:d6:94:86:
67:04:62:7c:17:09:a0:1a:c2:9b:5e:38:0e:ee:f7:
b9:00:5f:a5:d4:5d:54:12:54:8a:6e:04:8d:b9:ed:
ac:a0:0d:bf:ab:b0:06:17:ef:b2:24:3e:e8:16:1b:
02:cf:94:5a:25:7d:a9:44:20:bd:eb:ef:18:cb:eb:
2b:9d:70:2f:e7:54:5c:cb:d1:f3:39:31:87:47:11:
ae:97:b8:cd:c7:f1:43:a2:b3:bd:96:0d:e4:e0:dc:
72:7e:13:f2:a4:29:1a:52:cc:30:eb:41:a4:2a:18:
64:af:5d:b6:0f:9e:b2:47:a7:42:e4:1b:63:dc:f0:
23:2f:12:60:a4:9d:c9:3c:23:d3:d1:53:54:5f:2c:
da:15:0d:4e:6f:05:b2:b1:09:62:73:bf:21:fd:bb:
40:91:88:f3:e9:db:05:0b:03:cc:4f:f4:3f:b5:8c:
6c:68:e3:36:39:c8:b5:7f:80:27:5f:13:96:01:07:
8f:be:52:e1:36:58:d5:c4:6c:8e:48:f1:91:13:39:
52:9c:ed:98:8b:b2:b7:05:16:17:63:82:e6:8d:f4:
d8:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:35:92:97:73:8A:35:6A:FB:2C:B3:2F:F7:ED:53:0B:C1:8E:59:35
X509v3 Authority Key Identifier:
keyid:CE:FC:E4:49:BE:A8:DE:AE:DB:18:04:DB:A2:5C:58:4D:F5:87:3D:C4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/CEFCE449BEA8DEAEDB1804DBA25C584DF5873DC4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zvzkSb6o3q7bGATbolxYTfWHPcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/d1b35f8b-6f48-4bad-b185-5c1daa8acda9/0/3231322e31382e3131362e302f32342d3234203d3e203139343337.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.18.116.0/24
Signature Algorithm: sha256WithRSAEncryption
36:59:19:f4:70:ff:48:75:4a:29:50:94:64:6e:6a:53:69:f4:
be:03:84:0c:02:86:87:e3:f7:1d:4d:78:e4:e6:ca:ef:bd:ec:
e5:40:2c:dd:37:f3:ff:be:83:94:9f:5b:de:cc:b5:a0:ef:d7:
a9:6a:de:4c:86:8b:28:91:7a:3c:73:ca:d1:7b:ab:a4:78:d7:
7e:60:e9:9a:25:25:1d:d7:0d:11:96:71:4e:56:ce:be:4f:8d:
3d:00:1b:32:77:a9:40:24:1f:dc:8a:b0:28:63:39:70:b1:f7:
4b:8f:e7:0a:59:7a:4b:12:a3:8d:f8:c1:66:84:e2:8b:a4:f2:
84:31:58:fb:13:48:c4:09:a0:25:7c:60:92:5b:52:00:d6:b2:
f0:83:a1:28:b2:d2:3d:79:ff:f3:e9:28:24:1b:1c:f8:c0:27:
1e:ed:a9:46:7a:30:13:de:d1:9e:6f:37:52:77:70:07:31:14:
a1:9d:07:33:a6:20:60:f5:35:72:38:89:ca:f6:cd:47:50:34:
eb:cf:c0:91:34:dd:b7:4e:9a:e0:fb:ca:16:b7:f7:05:d0:0f:
cf:7d:7b:ff:ad:e1:ca:73:d5:15:1b:f4:44:43:91:32:ee:58:
8e:61:5b:e0:2d:6d:92:dd:b9:e0:36:2b:84:f8:a3:34:6b:69:
d3:b9:f2:9a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULzFXOrVmAkKR4UfddwUUom49nsswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoY2VmY2U0NDliZWE4ZGVhZWRiMTgwNGRiYTI1YzU4NGRm
NTg3M2RjNDAeFw0yNTA5MjgwODUwMDdaFw0yNjA5MjcwODU1MDdaMDMxMTAvBgNV
BAMTKEFGMzU5Mjk3NzM4QTM1NkFGQjJDQjMyRkY3RUQ1MzBCQzE4RTU5MzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0vjrD2vuA/Y8PXFgsl2gPpZW2
4o9viG/u7+SjHd0nx6kMjz57Bj04q9aUhmcEYnwXCaAawpteOA7u97kAX6XUXVQS
VIpuBI257aygDb+rsAYX77IkPugWGwLPlFolfalEIL3r7xjL6yudcC/nVFzL0fM5
MYdHEa6XuM3H8UOis72WDeTg3HJ+E/KkKRpSzDDrQaQqGGSvXbYPnrJHp0LkG2Pc
8CMvEmCknck8I9PRU1RfLNoVDU5vBbKxCWJzvyH9u0CRiPPp2wULA8xP9D+1jGxo
4zY5yLV/gCdfE5YBB4++UuE2WNXEbI5I8ZETOVKc7ZiLsrcFFhdjguaN9NidAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUrzWSl3OKNWr7LLMv9+1TC8GOWTUwHwYDVR0j
BBgwFoAUzvzkSb6o3q7bGATbolxYTfWHPcQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZDFiMzVmOGItNmY0OC00YmFkLWIxODUtNWMxZGFhOGFj
ZGE5LzAvQ0VGQ0U0NDlCRUE4REVBRURCMTgwNERCQTI1QzU4NERGNTg3M0RDNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3p2emtTYjZvM3E3YkdBVGJvbHhZVGZX
SFBjUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZDFiMzVmOGIt
NmY0OC00YmFkLWIxODUtNWMxZGFhOGFjZGE5LzAvMzIzMTMyMmUzMTM4MmUzMTMx
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzQzMzM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
1BJ0MA0GCSqGSIb3DQEBCwUAA4IBAQA2WRn0cP9IdUopUJRkbmpTafS+A4QMAoaH
4/cdTXjk5srvvezlQCzdN/P/voOUn1vezLWg79epat5MhosokXo8c8rRe6ukeNd+
YOmaJSUd1w0RlnFOVs6+T409ABsyd6lAJB/cirAoYzlwsfdLj+cKWXpLEqON+MFm
hOKLpPKEMVj7E0jECaAlfGCSW1IA1rLwg6EostI9ef/z6SgkGxz4wCce7alGejAT
3tGebzdSd3AHMRShnQczpiBg9TVyOInK9s1HUDTrz8CRNN23Tprg+8oWt/cF0A/P
fXv/reHKc9UVG/REQ5Ey7liOYVvgLW2S3bngNiuE+KM0a2nTufKa
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:56:51 2025 by rpki-client