Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e33332e32362e302f32342d3234203d3e20323132363039.roa
File: 3138352e33332e32362e302f32342d3234203d3e20323132363039.roa (raw, json)
Hash identifier: +Uou40uKN3P8LL5yuWZGR768rlaEfbKR2VYxApN71AA=
Subject key identifier: 1C:CD:31:33:A5:F3:CD:80:EB:0F:8E:B8:BB:3E:68:CD:1C:50:8B:13
Certificate issuer: /CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Certificate serial: 437DAC041CC514893009CD5B4CD2FA5EF5B9F2F1
Authority key identifier: E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e33332e32362e302f32342d3234203d3e20323132363039.roa
Signing time: Fri 27 Jun 2025 13:45:39 +0000
ROA not before: Fri 27 Jun 2025 13:40:39 +0000
ROA not after: Fri 26 Jun 2026 13:45:39 +0000
asID: 212609
IP address blocks: 185.33.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:7d:ac:04:1c:c5:14:89:30:09:cd:5b:4c:d2:fa:5e:f5:b9:f2:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1f3512f51dc42bb9eb12abc0bb529668b2edee4
Validity
Not Before: Jun 27 13:40:39 2025 GMT
Not After : Jun 26 13:45:39 2026 GMT
Subject: CN=1CCD3133A5F3CD80EB0F8EB8BB3E68CD1C508B13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:51:15:c8:09:24:21:bf:ad:d1:8c:6a:ba:7c:
d5:72:9c:96:8a:6a:f8:46:ee:c3:0e:f7:56:34:ba:
15:0e:b6:a5:e6:44:fe:b6:28:0a:d4:a1:ba:1a:02:
7b:a5:73:61:b0:ac:2e:50:82:bc:75:9e:06:a6:7a:
f8:55:31:3c:4a:6d:c2:f0:a4:0b:57:c6:6c:ab:68:
18:d7:fe:ba:59:72:02:4c:16:5d:4d:be:e5:76:b3:
3f:f7:35:8f:73:b8:bd:58:ec:57:12:4a:54:73:84:
99:4d:2c:83:11:06:ef:a9:9e:2d:1d:66:49:cd:a1:
66:4a:8d:5a:07:31:bb:c8:7c:87:a4:80:18:f0:f3:
4d:5b:f1:5f:51:2a:42:02:02:05:62:3a:ae:d8:90:
ec:5f:77:26:b0:b1:e3:96:4e:0e:32:b2:a9:e0:71:
01:83:d8:96:4b:07:ce:bd:65:b2:85:db:f8:7f:59:
82:36:07:ed:db:01:4f:8c:ce:69:c9:c8:e0:6f:5e:
da:7e:49:46:37:57:63:ea:1a:02:df:d4:41:a6:e6:
e3:c4:17:fd:39:66:4d:0d:18:fe:eb:7a:4d:4c:fb:
ee:94:88:e0:8a:7d:51:72:7f:25:e0:b5:82:51:f7:
43:12:d9:c8:b1:65:dc:0f:b7:af:cf:da:d9:77:bf:
a8:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:CD:31:33:A5:F3:CD:80:EB:0F:8E:B8:BB:3E:68:CD:1C:50:8B:13
X509v3 Authority Key Identifier:
keyid:E1:F3:51:2F:51:DC:42:BB:9E:B1:2A:BC:0B:B5:29:66:8B:2E:DE:E4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/E1F3512F51DC42BB9EB12ABC0BB529668B2EDEE4.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fNRL1HcQruesSq8C7UpZosu3uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e3cdc648-d203-462a-bd0f-ec1b60d879a7/0/3138352e33332e32362e302f32342d3234203d3e20323132363039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.26.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:6f:55:90:5b:c7:e1:20:f0:93:31:83:cc:8a:4a:31:99:47:
36:73:2a:7d:a9:b1:d9:0a:87:5c:24:4f:e6:12:3a:d2:93:d7:
c1:40:c3:78:87:f4:71:ed:2c:61:01:d2:5f:ac:88:38:18:33:
8d:6a:61:28:77:a8:28:ba:10:ad:b8:d4:fd:93:d9:72:6a:9d:
ff:ae:c9:94:9b:e0:b7:8b:3b:00:48:a2:7d:ee:10:fc:8a:5d:
37:1d:cf:13:8a:5e:f8:0f:1a:22:99:b4:03:c1:14:9f:dc:82:
5a:28:a7:11:0a:35:e0:0b:b4:bc:9f:51:15:3f:e6:82:ef:dc:
09:23:bf:d2:ff:1a:1d:d9:3a:54:c0:2f:97:5b:a5:0d:09:c1:
99:d5:9c:21:7a:e3:01:15:e8:8f:52:4c:10:42:02:45:54:40:
64:54:dd:af:df:84:34:ff:08:f9:7a:c4:ec:16:d9:24:7d:e8:
bd:72:ea:67:aa:b1:bb:23:fc:98:e4:21:56:0c:a3:dc:aa:58:
29:0e:cc:b2:5f:9a:cc:37:6a:f5:20:02:5c:5f:06:6f:39:ed:
58:e5:ef:bd:6f:09:f5:4d:c5:44:9f:4c:e9:d9:0d:de:39:e8:
06:da:53:06:2d:f7:6a:9b:f2:eb:4c:ab:92:95:6f:b0:6b:46:
50:20:a3:c4
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQ32sBBzFFIkwCc1bTNL6XvW58vEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZTFmMzUxMmY1MWRjNDJiYjllYjEyYWJjMGJiNTI5NjY4
YjJlZGVlNDAeFw0yNTA2MjcxMzQwMzlaFw0yNjA2MjYxMzQ1MzlaMDMxMTAvBgNV
BAMTKDFDQ0QzMTMzQTVGM0NEODBFQjBGOEVCOEJCM0U2OENEMUM1MDhCMTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzURXICSQhv63RjGq6fNVynJaK
avhG7sMO91Y0uhUOtqXmRP62KArUoboaAnulc2GwrC5Qgrx1ngamevhVMTxKbcLw
pAtXxmyraBjX/rpZcgJMFl1NvuV2sz/3NY9zuL1Y7FcSSlRzhJlNLIMRBu+pni0d
ZknNoWZKjVoHMbvIfIekgBjw801b8V9RKkICAgViOq7YkOxfdyawseOWTg4ysqng
cQGD2JZLB869ZbKF2/h/WYI2B+3bAU+MzmnJyOBvXtp+SUY3V2PqGgLf1EGm5uPE
F/05Zk0NGP7rek1M++6UiOCKfVFyfyXgtYJR90MS2cixZdwPt6/P2tl3v6jpAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUHM0xM6XzzYDrD464uz5ozRxQixMwHwYDVR0j
BBgwFoAU4fNRL1HcQruesSq8C7UpZosu3uQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgtZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3
OWE3LzAvRTFGMzUxMkY1MURDNDJCQjlFQjEyQUJDMEJCNTI5NjY4QjJFREVFNC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzRmTlJMMUhjUXJ1ZXNTcThDN1VwWm9z
dTN1US5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTNjZGM2NDgt
ZDIwMy00NjJhLWJkMGYtZWMxYjYwZDg3OWE3LzAvMzEzODM1MmUzMzMzMmUzMjM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMyMzYzMDM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uSEaMA0GCSqGSIb3DQEBCwUAA4IBAQBPb1WQW8fhIPCTMYPMikoxmUc2cyp9qbHZ
CodcJE/mEjrSk9fBQMN4h/Rx7SxhAdJfrIg4GDONamEod6gouhCtuNT9k9lyap3/
rsmUm+C3izsASKJ97hD8il03Hc8Til74DxoimbQDwRSf3IJaKKcRCjXgC7S8n1EV
P+aC79wJI7/S/xod2TpUwC+XW6UNCcGZ1ZwheuMBFeiPUkwQQgJFVEBkVN2v34Q0
/wj5esTsFtkkfei9cupnqrG7I/yY5CFWDKPcqlgpDsyyX5rMN2r1IAJcXwZvOe1Y
5e+9bwn1TcVEn0zp2Q3eOegG2lMGLfdqm/LrTKuSlW+wa0ZQIKPE
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:23:00 2025 by rpki-client