Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138322e3138362e302f32332d3332203d3e203531313637.roa
File: 3138352e3138322e3138362e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: c0V+yZY5KSgTs2DyHEwyTdISteZFM9YP0suwLdudAcY=
Subject key identifier: A3:19:E1:D6:5F:5B:99:0A:E6:16:89:72:BE:B6:C1:21:13:6E:66:BF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 30AEBD22C4473FA606802D6EB5BBCEB2EF58FAE6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138322e3138362e302f32332d3332203d3e203531313637.roa
Signing time: Fri 22 Aug 2025 14:47:09 +0000
ROA not before: Fri 22 Aug 2025 14:42:09 +0000
ROA not after: Fri 21 Aug 2026 14:47:09 +0000
asID: 51167
IP address blocks: 185.182.186.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:ae:bd:22:c4:47:3f:a6:06:80:2d:6e:b5:bb:ce:b2:ef:58:fa:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:09 2025 GMT
Not After : Aug 21 14:47:09 2026 GMT
Subject: CN=A319E1D65F5B990AE6168972BEB6C121136E66BF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5f:c1:69:1c:46:ae:7d:ec:d9:6b:f8:bd:35:
bf:d7:55:b1:2f:c6:4e:92:e7:62:5a:ea:bc:54:97:
55:12:a7:02:73:31:6c:34:7b:23:f9:b4:2e:c0:a0:
89:8a:11:7e:7c:94:6d:34:af:6e:f9:66:92:4a:9c:
15:4d:5b:45:a8:ba:a4:c5:fd:22:65:a7:fa:0b:39:
e3:30:0b:50:a7:57:67:45:c6:50:9a:2e:c2:15:f0:
4d:25:a2:54:5f:46:0b:d2:9f:b8:6c:c2:6c:3c:7f:
16:2d:dd:dc:b7:28:75:14:cd:cd:de:66:7b:0e:a3:
17:d2:4b:39:9d:f6:85:ae:de:a2:95:e8:57:93:e4:
df:21:f2:d3:07:89:6b:f0:d1:45:e8:38:e2:79:05:
24:09:2a:32:fa:c8:61:26:eb:63:8b:43:23:5f:e9:
0b:4a:2c:de:6f:c1:d5:21:92:ba:e8:cf:52:20:59:
20:60:d3:3e:06:52:a6:7a:78:8c:67:ba:ff:82:b0:
24:4e:4e:5b:8c:c4:52:10:1b:e4:a3:a8:ea:f6:61:
d9:a8:88:d5:8e:e4:b2:73:62:c4:b2:ff:34:69:59:
84:71:b9:17:ca:d4:71:b1:ad:48:6f:06:f1:25:39:
10:a3:f6:db:b5:e7:0c:0c:5e:0f:d9:8c:43:fa:6f:
73:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:19:E1:D6:5F:5B:99:0A:E6:16:89:72:BE:B6:C1:21:13:6E:66:BF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138322e3138362e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.182.186.0/23
Signature Algorithm: sha256WithRSAEncryption
46:d4:1f:41:95:1b:77:71:3a:5d:31:cc:7f:1c:1f:bb:04:b7:
3a:e2:36:6a:ee:04:6f:5a:57:17:0c:9b:0b:bc:f6:19:1e:44:
6d:e3:cb:a7:76:3f:2b:0b:d2:9d:a1:c8:20:c8:21:6e:4e:45:
21:e3:93:13:03:8d:b1:dd:44:de:0f:e9:da:74:a4:ef:a3:7f:
5a:d7:06:61:d4:95:2c:04:2a:61:cf:57:7e:c8:f3:14:74:56:
2c:24:84:f9:32:ec:4a:72:3e:f6:86:22:e4:73:db:3e:ce:9f:
3e:55:19:fc:dd:cd:d4:89:7b:10:1b:8a:01:5d:7c:5b:42:ec:
5e:ab:27:fd:4d:d7:d2:3a:f4:d7:8e:92:62:ed:30:a1:f6:4e:
b2:69:c0:41:3e:7e:ae:69:36:40:66:c8:97:a8:92:10:3d:e7:
51:86:bf:c3:b0:17:42:60:f4:05:79:b5:96:4a:86:d7:a5:59:
58:2a:23:55:3e:dc:85:de:50:a1:33:a8:be:c2:92:ce:55:d6:
9c:62:88:94:04:a1:34:43:5c:fc:ed:98:07:05:b4:27:ad:3a:
2a:1c:fa:ca:87:21:ac:67:f1:50:99:d7:17:2a:b7:56:0f:2e:
05:58:ae:8b:e6:49:a3:58:f8:70:70:59:aa:5f:7a:af:6c:33:
69:60:b0:43
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMK69IsRHP6YGgC1utbvOsu9Y+uYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMDlaFw0yNjA4MjExNDQ3MDlaMDMxMTAvBgNV
BAMTKEEzMTlFMUQ2NUY1Qjk5MEFFNjE2ODk3MkJFQjZDMTIxMTM2RTY2QkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5X8FpHEaufezZa/i9Nb/XVbEv
xk6S52Ja6rxUl1USpwJzMWw0eyP5tC7AoImKEX58lG00r275ZpJKnBVNW0WouqTF
/SJlp/oLOeMwC1CnV2dFxlCaLsIV8E0lolRfRgvSn7hswmw8fxYt3dy3KHUUzc3e
ZnsOoxfSSzmd9oWu3qKV6FeT5N8h8tMHiWvw0UXoOOJ5BSQJKjL6yGEm62OLQyNf
6QtKLN5vwdUhkrroz1IgWSBg0z4GUqZ6eIxnuv+CsCROTluMxFIQG+SjqOr2Ydmo
iNWO5LJzYsSy/zRpWYRxuRfK1HGxrUhvBvElORCj9tu15wwMXg/ZjEP6b3PZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUoxnh1l9bmQrmFolyvrbBIRNuZr8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzIyZTMx
MzgzNjJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5trowDQYJKoZIhvcNAQELBQADggEBAEbUH0GVG3dxOl0xzH8cH7sEtzriNmru
BG9aVxcMmwu89hkeRG3jy6d2PysL0p2hyCDIIW5ORSHjkxMDjbHdRN4P6dp0pO+j
f1rXBmHUlSwEKmHPV37I8xR0ViwkhPky7EpyPvaGIuRz2z7Onz5VGfzdzdSJexAb
igFdfFtC7F6rJ/1N19I69NeOkmLtMKH2TrJpwEE+fq5pNkBmyJeokhA951GGv8Ow
F0Jg9AV5tZZKhtelWVgqI1U+3IXeUKEzqL7Cks5V1pxiiJQEoTRDXPztmAcFtCet
Oioc+sqHIaxn8VCZ1xcqt1YPLgVYrovmSaNY+HBwWapfeq9sM2lgsEM=
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:18:37 2025 by rpki-client