Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139332e36352e302f32342d3234203d3e203439393831.roa
File: 3138352e3139332e36352e302f32342d3234203d3e203439393831.roa (raw, json)
Hash identifier: t6OKpfV19axHEs5qC9BCamNk9QEimPnq6WH+FQG5T2Y=
Subject key identifier: 04:0E:9B:76:A0:50:FB:59:16:1C:10:D5:36:E0:CE:F3:53:F6:A1:D6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 42A39F1A01F73D223187F1A77D9E58C679B3E5C0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139332e36352e302f32342d3234203d3e203439393831.roa
Signing time: Fri 22 Aug 2025 14:47:23 +0000
ROA not before: Fri 22 Aug 2025 14:42:23 +0000
ROA not after: Fri 21 Aug 2026 14:47:23 +0000
asID: 49981
IP address blocks: 185.193.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:a3:9f:1a:01:f7:3d:22:31:87:f1:a7:7d:9e:58:c6:79:b3:e5:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:23 2025 GMT
Not After : Aug 21 14:47:23 2026 GMT
Subject: CN=040E9B76A050FB59161C10D536E0CEF353F6A1D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:5b:29:6e:b6:ca:f6:83:ea:8c:35:0b:fe:7c:
17:7c:ea:dc:28:bd:07:5c:67:b3:c4:47:aa:9d:25:
36:2b:f4:ba:f6:b3:43:24:a9:8c:e0:1f:b7:b1:bb:
e2:4e:20:26:ea:da:66:f0:f4:00:6f:b9:65:5c:05:
47:b9:be:fe:4b:de:0a:b9:85:ae:0f:d0:0a:0b:19:
b0:d5:e4:23:2a:a3:b5:5e:c4:21:0c:0d:5f:73:0b:
75:f9:d3:80:c0:0c:fc:5f:47:bf:d5:fe:e1:22:41:
69:3b:66:d7:e9:17:17:cf:0d:52:52:58:33:0a:b6:
be:a9:69:82:a4:a9:2a:a2:66:56:2f:e9:f5:56:9c:
50:02:24:fa:25:82:fd:fc:a9:67:0d:f2:93:16:a5:
90:6d:eb:4b:0b:a1:c7:0a:a3:fb:fe:df:17:9a:60:
eb:c2:bf:3e:16:57:47:13:2b:f5:9f:45:68:a6:3b:
bd:18:b2:32:53:53:ae:71:cf:50:6e:57:d1:ca:7d:
5b:0d:01:be:08:e2:d2:98:89:36:b3:58:03:86:00:
dc:15:98:ba:26:59:ec:ed:60:9a:81:4b:54:b4:f1:
22:ba:10:3c:bc:6b:8a:32:87:c5:58:d1:b5:61:18:
46:c7:c2:08:66:05:29:75:f5:2b:e0:df:bd:bf:b3:
f6:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:0E:9B:76:A0:50:FB:59:16:1C:10:D5:36:E0:CE:F3:53:F6:A1:D6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139332e36352e302f32342d3234203d3e203439393831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.65.0/24
Signature Algorithm: sha256WithRSAEncryption
26:17:38:02:e8:04:fb:cd:f1:7a:88:80:4e:bf:3b:75:9a:73:
49:30:1e:71:a3:99:8b:b2:60:1a:92:14:d7:5e:b7:55:44:c6:
c0:f5:ef:84:76:94:24:75:bb:d2:f5:a2:4e:7f:46:1b:4c:48:
8f:7a:dd:32:e6:e1:9e:19:89:34:7e:c6:4e:08:b6:36:11:a7:
30:96:a8:3f:8a:10:1d:d7:b4:86:73:32:93:2b:b5:f4:66:2c:
f0:67:89:98:28:43:eb:7f:34:08:f1:db:94:b3:df:00:6e:74:
22:54:17:30:c0:37:a8:fa:b2:d5:38:c3:87:78:63:77:ae:a7:
97:ac:8f:1b:c7:46:90:3e:73:53:93:09:ac:1f:2f:ef:2a:98:
42:ff:52:34:d7:89:3f:04:a2:05:49:cd:dd:5c:77:3a:c0:84:
bb:15:22:71:ed:f1:4e:50:fe:b9:a8:d5:e8:d6:2a:67:a1:f6:
1c:26:7a:b1:9b:00:4c:b8:17:76:b9:d1:d5:1a:9e:60:a7:95:
6b:4b:32:2f:96:94:a6:eb:90:63:51:8e:76:c6:c2:34:e4:e4:
81:b1:89:5a:08:9b:5d:1c:af:e9:dc:45:43:f9:62:bf:1f:62:
ff:52:72:14:1f:b7:dc:24:1f:ca:68:1e:da:bc:22:e3:f2:3d:
3d:f6:c7:ca
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUQqOfGgH3PSIxh/GnfZ5Yxnmz5cAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMjNaFw0yNjA4MjExNDQ3MjNaMDMxMTAvBgNV
BAMTKDA0MEU5Qjc2QTA1MEZCNTkxNjFDMTBENTM2RTBDRUYzNTNGNkExRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTWylutsr2g+qMNQv+fBd86two
vQdcZ7PER6qdJTYr9Lr2s0MkqYzgH7exu+JOICbq2mbw9ABvuWVcBUe5vv5L3gq5
ha4P0AoLGbDV5CMqo7VexCEMDV9zC3X504DADPxfR7/V/uEiQWk7ZtfpFxfPDVJS
WDMKtr6paYKkqSqiZlYv6fVWnFACJPolgv38qWcN8pMWpZBt60sLoccKo/v+3xea
YOvCvz4WV0cTK/WfRWimO70YsjJTU65xz1BuV9HKfVsNAb4I4tKYiTazWAOGANwV
mLomWeztYJqBS1S08SK6EDy8a4oyh8VY0bVhGEbHwghmBSl19Svg372/s/bXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUBA6bdqBQ+1kWHBDVNuDO81P2odYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzMyZTM2
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM5MzkzODMxLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
ucFBMA0GCSqGSIb3DQEBCwUAA4IBAQAmFzgC6AT7zfF6iIBOvzt1mnNJMB5xo5mL
smAakhTXXrdVRMbA9e+EdpQkdbvS9aJOf0YbTEiPet0y5uGeGYk0fsZOCLY2Eacw
lqg/ihAd17SGczKTK7X0ZizwZ4mYKEPrfzQI8duUs98AbnQiVBcwwDeo+rLVOMOH
eGN3rqeXrI8bx0aQPnNTkwmsHy/vKphC/1I014k/BKIFSc3dXHc6wIS7FSJx7fFO
UP65qNXo1ipnofYcJnqxmwBMuBd2udHVGp5gp5VrSzIvlpSm65BjUY52xsI05OSB
sYlaCJtdHK/p3EVD+WK/H2L/UnIUH7fcJB/KaB7avCLj8j099sfK
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:42:23 2025 by rpki-client