Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233342e302f32342d3234203d3e20333939363431.roa
File: 3138352e3138372e3233342e302f32342d3234203d3e20333939363431.roa (raw, json)
Hash identifier: OiPGxPpNOTpVAPhwpOCNtKf5XNN/0xqXunTPHC18jyU=
Subject key identifier: 86:AC:22:5A:40:0D:E2:A9:A3:C2:D3:4D:05:FB:4C:69:E5:E0:A1:6D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5F12D9F69929BEEA48E0B6807CD62D88C7530E9D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233342e302f32342d3234203d3e20333939363431.roa
Signing time: Fri 22 Aug 2025 14:47:20 +0000
ROA not before: Fri 22 Aug 2025 14:42:20 +0000
ROA not after: Fri 21 Aug 2026 14:47:20 +0000
asID: 399641
IP address blocks: 185.187.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:12:d9:f6:99:29:be:ea:48:e0:b6:80:7c:d6:2d:88:c7:53:0e:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:20 2025 GMT
Not After : Aug 21 14:47:20 2026 GMT
Subject: CN=86AC225A400DE2A9A3C2D34D05FB4C69E5E0A16D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:97:ad:67:6b:d4:09:bc:0f:8a:51:79:fc:6d:
bc:1f:1f:43:5b:eb:53:7a:4e:69:72:8d:be:0f:48:
a7:88:48:bc:b3:5d:a6:35:b9:78:a6:a1:94:5d:93:
b7:b1:5e:ed:0b:8f:c6:6f:29:88:ed:56:25:e7:2b:
42:26:a5:54:56:dd:ed:54:2e:65:28:d0:e6:47:b5:
8d:ee:90:39:45:ab:96:a1:aa:c4:59:2e:a2:8a:ce:
c4:ea:58:8e:26:94:40:6d:04:fc:db:54:11:48:af:
2e:7d:6f:c0:53:9d:79:38:dc:68:89:62:d4:6b:85:
9f:5f:70:89:49:27:bd:14:65:8e:24:17:22:79:1b:
2c:bd:1a:e3:3e:cc:91:23:0c:e9:e4:d9:46:cb:a9:
e4:75:7f:6f:8f:cb:06:04:64:93:8c:3e:61:0c:1a:
bf:40:80:89:10:46:0c:5d:ef:4e:63:6b:00:71:1b:
00:e5:6a:b1:08:75:09:a9:d3:4a:e7:cc:d0:84:f6:
00:62:c6:f1:f7:87:71:b4:7b:dd:37:02:9e:a3:d1:
0d:9c:d7:19:a2:e3:d0:a1:df:48:16:d7:0d:96:55:
0d:2c:58:cb:c3:41:3e:ce:ef:98:ea:e9:53:6c:e8:
bb:13:0e:53:bb:a5:7e:f2:19:f1:22:21:c6:ac:1c:
6f:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:AC:22:5A:40:0D:E2:A9:A3:C2:D3:4D:05:FB:4C:69:E5:E0:A1:6D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233342e302f32342d3234203d3e20333939363431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.234.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:f0:e0:e3:3d:de:d8:c5:85:7b:17:e0:d8:79:6d:06:4e:6e:
d3:b7:50:74:6e:05:9e:34:d5:c7:a4:ef:21:72:93:8c:a1:b8:
97:da:5d:21:a7:cd:20:b8:38:aa:85:79:a5:d5:87:a0:fa:d4:
e1:47:34:a5:41:1e:89:8e:f9:fb:14:ec:91:40:0d:6f:97:a4:
6b:f4:5b:c4:8b:f4:f3:f9:16:1e:63:40:35:b7:ec:9f:e2:0f:
32:f8:a7:c4:aa:03:54:77:c3:20:55:04:66:db:09:f9:ca:18:
c1:5b:5c:22:f2:3c:46:ee:0d:c0:e3:da:69:13:ff:fe:f6:6e:
a4:77:2b:13:90:ad:ee:98:be:b8:1d:2e:2d:1e:b8:a2:0a:3e:
48:d6:7c:dd:1c:a8:29:a0:da:75:47:dd:d8:bd:30:75:df:17:
c5:68:2b:3a:ab:37:b8:16:fd:24:32:62:a0:ea:ec:09:1a:73:
b7:ab:d7:d3:3c:a6:04:12:fb:0f:fa:b3:57:14:bc:6e:a6:43:
d5:67:6e:49:2b:cf:d1:b4:b8:a7:25:5c:41:5e:a8:fd:c0:cf:
f7:11:97:0e:51:cd:55:b4:92:e2:cf:36:fe:9c:3c:70:66:d8:
04:bf:02:e7:01:b4:f1:90:cc:c0:64:a3:05:a6:37:26:db:83:
6f:d1:49:0e
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUXxLZ9pkpvupI4LaAfNYtiMdTDp0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMjBaFw0yNjA4MjExNDQ3MjBaMDMxMTAvBgNV
BAMTKDg2QUMyMjVBNDAwREUyQTlBM0MyRDM0RDA1RkI0QzY5RTVFMEExNkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4l61na9QJvA+KUXn8bbwfH0Nb
61N6Tmlyjb4PSKeISLyzXaY1uXimoZRdk7exXu0Lj8ZvKYjtViXnK0ImpVRW3e1U
LmUo0OZHtY3ukDlFq5ahqsRZLqKKzsTqWI4mlEBtBPzbVBFIry59b8BTnXk43GiJ
YtRrhZ9fcIlJJ70UZY4kFyJ5Gyy9GuM+zJEjDOnk2UbLqeR1f2+PywYEZJOMPmEM
Gr9AgIkQRgxd705jawBxGwDlarEIdQmp00rnzNCE9gBixvH3h3G0e903Ap6j0Q2c
1xmi49Ch30gW1w2WVQ0sWMvDQT7O75jq6VNs6LsTDlO7pX7yGfEiIcasHG+BAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUhqwiWkAN4qmjwtNNBftMaeXgoW0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzcyZTMy
MzMzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzOTM2MzQzMS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALm76jANBgkqhkiG9w0BAQsFAAOCAQEAT/Dg4z3e2MWFexfg2HltBk5u07dQ
dG4FnjTVx6TvIXKTjKG4l9pdIafNILg4qoV5pdWHoPrU4Uc0pUEeiY75+xTskUAN
b5eka/RbxIv08/kWHmNANbfsn+IPMvinxKoDVHfDIFUEZtsJ+coYwVtcIvI8Ru4N
wOPaaRP//vZupHcrE5Ct7pi+uB0uLR64ogo+SNZ83RyoKaDadUfd2L0wdd8XxWgr
Oqs3uBb9JDJioOrsCRpzt6vX0zymBBL7D/qzVxS8bqZD1WduSSvP0bS4pyVcQV6o
/cDP9xGXDlHNVbSS4s82/pw8cGbYBL8C5wG08ZDMwGSjBaY3JtuDb9FJDg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:55:48 2025 by rpki-client