Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233342e302f32342d3234203d3e203631333137.roa
File: 3138352e3138372e3233342e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: 3eSKeuBZgROC4mPmV2jW4xBcZMq4EnIECvoivuH6cNQ=
Subject key identifier: 53:74:B8:D5:1B:B4:F4:40:9E:11:01:C1:6F:91:77:9B:FA:EB:99:40
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6CCAB37E10871D7326BEF5E6B429D2E853CB1633
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233342e302f32342d3234203d3e203631333137.roa
Signing time: Fri 22 Aug 2025 14:47:19 +0000
ROA not before: Fri 22 Aug 2025 14:42:19 +0000
ROA not after: Fri 21 Aug 2026 14:47:19 +0000
asID: 61317
IP address blocks: 185.187.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 17:37:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:ca:b3:7e:10:87:1d:73:26:be:f5:e6:b4:29:d2:e8:53:cb:16:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:19 2025 GMT
Not After : Aug 21 14:47:19 2026 GMT
Subject: CN=5374B8D51BB4F4409E1101C16F91779BFAEB9940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:26:74:7e:49:32:d4:c8:03:cd:34:52:fa:bc:
61:f8:e0:95:6a:ba:84:72:ac:0b:4b:34:3c:25:2b:
64:5d:be:d9:d6:95:3c:08:91:dd:5c:42:ff:ec:c6:
3a:fc:04:f0:2f:9c:a1:41:81:93:84:3c:72:fe:23:
ab:5c:34:cf:f6:4d:bb:9a:f1:65:fc:39:ef:2d:11:
7d:d7:5b:9b:8e:94:92:87:70:9a:7c:ba:00:52:e3:
8d:1e:c2:c5:a3:0b:01:87:6c:cb:98:ba:e3:45:4a:
33:5a:4f:28:c1:c0:bb:f8:f5:9d:76:3b:cc:a9:39:
22:2e:27:d8:c9:ba:57:29:2c:9c:fb:41:d5:fa:37:
73:fc:0e:da:33:82:e2:14:cd:34:7b:0e:3f:17:11:
7b:70:77:fe:9e:bc:b7:18:b1:cb:2b:f6:7b:81:15:
ca:13:6e:05:90:fd:2b:28:02:c7:d4:e1:ce:3b:b9:
f9:95:fa:cd:20:bf:a5:84:7c:94:69:94:79:03:ec:
bc:e3:1b:1b:d8:b8:8a:c6:9e:5a:94:3e:17:36:16:
5d:7e:f4:a0:2c:0c:83:6b:d5:69:cd:76:4b:9a:26:
2d:0f:f2:9d:e6:a2:40:b1:fe:62:b3:38:5b:31:5e:
37:71:a9:b8:a9:7a:3a:e7:63:e9:82:a7:65:30:92:
d9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:74:B8:D5:1B:B4:F4:40:9E:11:01:C1:6F:91:77:9B:FA:EB:99:40
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3138372e3233342e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.187.234.0/24
Signature Algorithm: sha256WithRSAEncryption
58:3c:08:4d:c2:7f:07:76:53:45:00:84:91:2b:40:df:21:3e:
a5:23:72:3f:75:df:a5:3b:4d:4a:87:45:49:ee:83:87:fa:85:
80:f9:4f:8b:e4:69:12:48:86:e6:57:b2:da:e2:73:f8:92:ed:
e8:53:db:1e:c6:ba:cc:2a:d3:dd:27:8d:e2:38:3c:8d:01:6e:
fa:8d:59:2f:20:8f:a9:1a:3e:06:1a:be:1e:5b:3d:e9:ae:3b:
2c:d0:73:13:45:b0:b7:fe:75:33:05:53:88:44:4d:b7:70:9f:
ce:48:04:09:75:80:bb:82:90:2c:9f:55:2a:20:2d:73:65:d9:
c5:95:78:43:19:8e:ea:27:16:ca:ae:59:a8:88:a6:c6:bd:d9:
e5:95:f0:c3:96:d2:64:a2:9d:88:64:50:59:a7:35:4b:e8:46:
e9:f2:3d:6d:98:03:2c:97:af:d3:3f:b3:04:d3:3c:47:b5:a3:
73:4b:3c:5b:67:de:a6:3e:23:82:29:88:5a:19:e5:9f:6b:96:
40:ad:6c:89:f3:62:f6:94:d5:b4:4f:d3:63:f7:72:7b:08:ff:
d1:a3:7d:e7:f0:7a:bd:7c:84:17:65:3a:97:37:6e:56:54:57:
d8:b9:bb:3f:66:4d:5b:30:1d:ac:7e:9b:66:7d:19:c3:9e:d1:
e2:87:59:5d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUbMqzfhCHHXMmvvXmtCnS6FPLFjMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTlaFw0yNjA4MjExNDQ3MTlaMDMxMTAvBgNV
BAMTKDUzNzRCOEQ1MUJCNEY0NDA5RTExMDFDMTZGOTE3NzlCRkFFQjk5NDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYJnR+STLUyAPNNFL6vGH44JVq
uoRyrAtLNDwlK2RdvtnWlTwIkd1cQv/sxjr8BPAvnKFBgZOEPHL+I6tcNM/2Tbua
8WX8Oe8tEX3XW5uOlJKHcJp8ugBS440ewsWjCwGHbMuYuuNFSjNaTyjBwLv49Z12
O8ypOSIuJ9jJulcpLJz7QdX6N3P8DtozguIUzTR7Dj8XEXtwd/6evLcYscsr9nuB
FcoTbgWQ/SsoAsfU4c47ufmV+s0gv6WEfJRplHkD7LzjGxvYuIrGnlqUPhc2Fl1+
9KAsDINr1WnNdkuaJi0P8p3mokCx/mKzOFsxXjdxqbipejrnY+mCp2UwktnlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUU3S41Ru09ECeEQHBb5F3m/rrmUAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM4MzcyZTMy
MzMzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5u+owDQYJKoZIhvcNAQELBQADggEBAFg8CE3Cfwd2U0UAhJErQN8hPqUjcj91
36U7TUqHRUnug4f6hYD5T4vkaRJIhuZXstric/iS7ehT2x7Guswq090njeI4PI0B
bvqNWS8gj6kaPgYavh5bPemuOyzQcxNFsLf+dTMFU4hETbdwn85IBAl1gLuCkCyf
VSogLXNl2cWVeEMZjuonFsquWaiIpsa92eWV8MOW0mSinYhkUFmnNUvoRunyPW2Y
AyyXr9M/swTTPEe1o3NLPFtn3qY+I4IpiFoZ5Z9rlkCtbInzYvaU1bRP02P3cnsI
/9Gjfefwer18hBdlOpc3blZUV9i5uz9mTVswHax+m2Z9GcOe0eKHWV0=
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:42:49 2025 by rpki-client