Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38372e302f32342d3234203d3e20313336373837.roa
File: 3138352e3136352e38372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: kekudjx2EUyu6kwQMEBfDLqbgQUPf7oYaRAqC7Q1B70=
Subject key identifier: 21:EE:51:F8:36:0D:AE:C9:8A:0E:70:7B:0A:E2:F1:C2:23:B6:54:C2
Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Certificate serial: 2BABAC11A42F0CC79276CE24EC49D53C0F09C83E
Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38372e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 14 Aug 2025 22:47:04 +0000
ROA not before: Thu 14 Aug 2025 22:42:04 +0000
ROA not after: Thu 13 Aug 2026 22:47:04 +0000
asID: 136787
IP address blocks: 185.165.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:26:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:ab:ac:11:a4:2f:0c:c7:92:76:ce:24:ec:49:d5:3c:0f:09:c8:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959
Validity
Not Before: Aug 14 22:42:04 2025 GMT
Not After : Aug 13 22:47:04 2026 GMT
Subject: CN=21EE51F8360DAEC98A0E707B0AE2F1C223B654C2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:ad:ea:1e:a5:d8:34:d7:70:83:53:3f:2a:e3:
4a:37:83:28:c1:5a:8a:48:cc:76:ed:09:7e:17:cd:
41:f0:94:70:84:8c:2f:82:6e:71:b3:e3:2e:f4:4e:
88:98:90:bb:4b:c3:d1:db:9a:bb:d5:f3:25:8f:5c:
b3:40:1a:d7:42:94:df:c8:92:f5:21:48:fc:d6:10:
6b:54:5a:8b:b3:ec:cc:c7:93:a8:e7:72:73:9e:03:
87:b4:7c:f8:2e:a9:c1:19:18:e1:2d:37:d6:0e:23:
38:9b:0d:ca:f2:2d:0a:d6:c1:c0:97:f4:09:e0:eb:
d1:33:88:c0:fd:3a:f6:24:75:e3:4c:6e:1b:a9:50:
da:4f:e5:23:17:28:89:82:07:69:10:bf:99:cb:e5:
bb:0e:32:8c:fe:59:3e:f8:86:a9:2b:bb:19:f2:e2:
56:0d:db:49:e0:ab:c0:3d:17:0c:2f:83:9d:13:92:
6f:1a:42:85:bb:76:e0:6b:c6:de:3b:5b:ba:b3:5c:
67:e5:09:a7:63:13:76:21:8f:16:c4:0d:68:9d:32:
45:5e:1c:a3:31:cc:8c:60:eb:e9:6c:8c:ce:7c:e4:
b2:d1:b8:b7:53:b0:e5:23:c0:32:aa:47:dc:99:f2:
4a:46:53:19:06:5f:7a:39:e7:fc:62:0c:9f:43:e1:
d1:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:EE:51:F8:36:0D:AE:C9:8A:0E:70:7B:0A:E2:F1:C2:23:B6:54:C2
X509v3 Authority Key Identifier:
keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3136352e38372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.87.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:e7:f4:3d:61:60:d3:0b:0d:6a:1d:28:8c:a8:c1:40:25:3e:
a0:60:fc:7d:5a:ac:2b:b0:c3:b1:a6:7d:e4:bf:33:fb:04:f2:
3b:ac:6d:db:b8:de:57:da:0e:e6:24:29:ca:e9:d9:da:4b:fb:
21:18:db:0e:8a:54:ea:25:a2:64:84:1e:c0:78:54:d1:ab:06:
7d:fa:d9:e2:a7:0b:7e:c2:51:5d:43:65:4c:6c:43:54:dd:d3:
43:4b:fb:d3:bb:0f:39:2b:18:74:80:3a:55:41:55:f9:cd:3c:
23:ed:27:ae:45:1e:5d:54:59:a6:d5:b7:45:27:23:54:7e:8a:
58:d5:ef:b3:02:fe:0d:34:ff:38:b0:9e:aa:a1:f7:3e:49:b5:
1e:9a:b9:7c:bf:84:81:5d:4d:92:56:eb:a1:21:dd:74:4c:43:
25:cb:e3:ff:c8:d4:a4:cd:98:59:59:a6:15:24:04:8b:4b:aa:
94:4a:a3:6c:54:75:35:25:34:ef:69:ed:5c:8b:b6:5a:0f:98:
45:ee:50:f4:a5:89:bb:7f:d3:1f:0d:6d:de:5a:4f:45:ee:33:
98:30:0c:7e:ab:17:09:ac:63:aa:10:c2:76:5e:9e:11:4c:85:
fb:98:86:f6:98:5d:77:d5:ae:8c:39:96:e5:d3:36:b1:bd:49:
b5:e0:71:53
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUK6usEaQvDMeSds4k7EnVPA8JyD4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi
YmUzYTk1OTAeFw0yNTA4MTQyMjQyMDRaFw0yNjA4MTMyMjQ3MDRaMDMxMTAvBgNV
BAMTKDIxRUU1MUY4MzYwREFFQzk4QTBFNzA3QjBBRTJGMUMyMjNCNjU0QzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhreoepdg013CDUz8q40o3gyjB
WopIzHbtCX4XzUHwlHCEjC+CbnGz4y70ToiYkLtLw9HbmrvV8yWPXLNAGtdClN/I
kvUhSPzWEGtUWouz7MzHk6jncnOeA4e0fPguqcEZGOEtN9YOIzibDcryLQrWwcCX
9Ang69EziMD9OvYkdeNMbhupUNpP5SMXKImCB2kQv5nL5bsOMoz+WT74hqkruxny
4lYN20ngq8A9Fwwvg50Tkm8aQoW7duBrxt47W7qzXGflCadjE3YhjxbEDWidMkVe
HKMxzIxg6+lsjM585LLRuLdTsOUjwDKqR9yZ8kpGUxkGX3o55/xiDJ9D4dHhAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUIe5R+DYNrsmKDnB7CuLxwiO2VMIwHwYDVR0j
BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV
HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi
OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1
OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku
cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5
bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz
eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4
YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMxMzYz
NTJlMzgzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2Ew
GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC
AAEwBgMEALmlVzANBgkqhkiG9w0BAQsFAAOCAQEAbef0PWFg0wsNah0ojKjBQCU+
oGD8fVqsK7DDsaZ95L8z+wTyO6xt27jeV9oO5iQpyunZ2kv7IRjbDopU6iWiZIQe
wHhU0asGffrZ4qcLfsJRXUNlTGxDVN3TQ0v707sPOSsYdIA6VUFV+c08I+0nrkUe
XVRZptW3RScjVH6KWNXvswL+DTT/OLCeqqH3Pkm1Hpq5fL+EgV1NklbroSHddExD
Jcvj/8jUpM2YWVmmFSQEi0uqlEqjbFR1NSU072ntXIu2Wg+YRe5Q9KWJu3/THw1t
3lpPRe4zmDAMfqsXCaxjqhDCdl6eEUyF+5iG9phdd9WujDmW5dM2sb1JteBxUw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:55:26 2025 by rpki-client