Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135362e302f32342d3234203d3e20323133323832.roa
File: 3138352e3132332e3135362e302f32342d3234203d3e20323133323832.roa (raw, json)
Hash identifier: GDvt5K8JvoUItISvzfr5Lq2NAjGhfbtSPK2vmFHq3HY=
Subject key identifier: 70:64:21:B6:A9:4D:B3:EB:F7:28:5A:78:49:6F:DB:F9:34:C8:76:16
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 1C7C94D64CEC8BF4C0E19978B84A88150BC247F3
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135362e302f32342d3234203d3e20323133323832.roa
Signing time: Mon 29 Sep 2025 11:35:03 +0000
ROA not before: Mon 29 Sep 2025 11:30:03 +0000
ROA not after: Mon 28 Sep 2026 11:35:03 +0000
asID: 213282
IP address blocks: 185.123.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:7c:94:d6:4c:ec:8b:f4:c0:e1:99:78:b8:4a:88:15:0b:c2:47:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: Sep 29 11:30:03 2025 GMT
Not After : Sep 28 11:35:03 2026 GMT
Subject: CN=706421B6A94DB3EBF7285A78496FDBF934C87616
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7a:62:62:97:72:78:75:bd:86:64:53:97:73:
e8:1f:a0:a4:b3:fb:b4:d3:cd:e4:8c:a2:85:c5:93:
77:c1:61:f7:c3:19:64:2d:99:d9:69:3d:6e:20:76:
af:01:7b:0d:d4:20:0b:a5:fe:3c:7c:4a:fe:f6:2b:
09:22:c7:ac:d7:20:3f:39:dd:71:44:68:e8:b6:a0:
bb:19:cb:c6:3d:a8:77:c7:4b:de:9d:97:03:c7:d5:
48:5a:f4:8b:74:d0:f2:a3:d8:ff:9a:25:44:08:dc:
9c:62:be:2c:9e:e1:1a:b0:58:c6:cb:7e:99:b9:68:
d5:d7:ee:57:bb:90:5f:28:8f:1e:13:a5:19:c2:cd:
22:ba:ce:57:4b:92:4a:d2:6e:55:34:da:e0:0c:b5:
99:bb:f6:e1:19:98:fb:13:f6:90:0e:c7:5b:56:ba:
98:bf:26:55:e0:b8:15:ad:7f:f7:a1:a4:5b:d7:a8:
b6:67:18:f9:9e:f6:a4:01:e5:89:f0:be:43:ee:dc:
2d:f8:27:c3:30:82:12:05:24:9e:8f:7a:13:a8:f9:
16:ec:aa:5b:5e:2b:46:7b:0e:52:e0:67:de:74:5e:
ea:40:17:31:40:9b:a7:17:2c:9d:ed:c4:69:44:4e:
a9:e5:d5:74:bc:9a:a1:a7:b3:01:a9:43:ff:a3:9d:
b5:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:64:21:B6:A9:4D:B3:EB:F7:28:5A:78:49:6F:DB:F9:34:C8:76:16
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e3132332e3135362e302f32342d3234203d3e20323133323832.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.156.0/24
Signature Algorithm: sha256WithRSAEncryption
34:50:1d:7b:10:72:4b:c9:2a:0d:19:f2:77:fe:f9:e0:58:d5:
23:61:cb:e9:f0:99:87:19:b4:ea:27:48:69:38:3c:44:ed:e8:
b8:1f:3c:47:96:b2:fa:7d:b3:43:ad:79:b7:f4:37:cc:c9:66:
ab:ed:cc:ee:7e:13:1a:c1:91:e6:c5:c1:cb:8c:a7:8f:79:9c:
48:44:df:cc:2f:1a:0b:7c:30:35:af:f5:0d:49:32:7b:ea:66:
a8:60:01:ea:3a:7b:f8:e9:4b:6e:ad:d2:38:13:c2:d2:66:cb:
8a:eb:2b:f5:a5:9b:30:b2:3a:7d:9b:68:18:f4:01:ad:d5:b9:
37:48:b1:50:c5:30:24:da:ef:55:6f:3a:c7:09:bb:7d:b5:f9:
84:23:92:e5:70:d1:a4:60:aa:cc:50:2c:35:24:f7:12:83:fb:
da:a0:92:10:bc:11:ef:35:73:55:aa:cd:98:bb:79:2c:86:b5:
f9:19:56:dc:e9:dc:31:72:74:8b:ef:2f:8a:42:f2:39:20:bd:
e9:d1:1b:65:b3:6b:61:0b:48:a8:39:93:94:02:f1:59:d9:ae:
ea:45:e3:d1:06:9b:83:19:08:b0:28:63:6d:37:b5:f6:9d:03:
59:38:ff:48:96:aa:1c:ec:97:e5:fe:85:e6:55:9d:e5:1b:d4:
72:50:23:63
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUHHyU1kzsi/TA4Zl4uEqIFQvCR/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNTA5MjkxMTMwMDNaFw0yNjA5MjgxMTM1MDNaMDMxMTAvBgNV
BAMTKDcwNjQyMUI2QTk0REIzRUJGNzI4NUE3ODQ5NkZEQkY5MzRDODc2MTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9emJil3J4db2GZFOXc+gfoKSz
+7TTzeSMooXFk3fBYffDGWQtmdlpPW4gdq8Bew3UIAul/jx8Sv72Kwkix6zXID85
3XFEaOi2oLsZy8Y9qHfHS96dlwPH1Uha9It00PKj2P+aJUQI3Jxiviye4RqwWMbL
fpm5aNXX7le7kF8ojx4TpRnCzSK6zldLkkrSblU02uAMtZm79uEZmPsT9pAOx1tW
upi/JlXguBWtf/ehpFvXqLZnGPme9qQB5YnwvkPu3C34J8MwghIFJJ6PehOo+Rbs
qlteK0Z7DlLgZ950XupAFzFAm6cXLJ3txGlETqnl1XS8mqGnswGpQ/+jnbUvAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUcGQhtqlNs+v3KFp4SW/b+TTIdhYwHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzEzODM1MmUzMTMyMzMyZTMx
MzUzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMzMyMzgzMi5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALl7nDANBgkqhkiG9w0BAQsFAAOCAQEANFAdexByS8kqDRnyd/754FjVI2HL
6fCZhxm06idIaTg8RO3ouB88R5ay+n2zQ615t/Q3zMlmq+3M7n4TGsGR5sXBy4yn
j3mcSETfzC8aC3wwNa/1DUkye+pmqGAB6jp7+OlLbq3SOBPC0mbLiusr9aWbMLI6
fZtoGPQBrdW5N0ixUMUwJNrvVW86xwm7fbX5hCOS5XDRpGCqzFAsNST3EoP72qCS
ELwR7zVzVarNmLt5LIa1+RlW3OncMXJ0i+8vikLyOSC96dEbZbNrYQtIqDmTlALx
Wdmu6kXj0QabgxkIsChjbTe19p0DWTj/SJaqHOyX5f6F5lWd5RvUclAjYw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:06:09 2025 by rpki-client