Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139342e3231362e302f32332d3332203d3e203531313637.roa
File: 3138352e3139342e3231362e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: whQPyvHFF5b+S9A7RlnmShDXjFSbbbT2w18DHVQnHRs=
Subject key identifier: 37:1B:CD:41:1D:4F:F7:35:52:DB:D0:2E:29:68:BE:F9:22:99:BA:53
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4682BD115285B2E637C4AE16FCB090B6B722624D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139342e3231362e302f32332d3332203d3e203531313637.roa
Signing time: Fri 22 Aug 2025 14:47:19 +0000
ROA not before: Fri 22 Aug 2025 14:42:19 +0000
ROA not after: Fri 21 Aug 2026 14:47:19 +0000
asID: 51167
IP address blocks: 185.194.216.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:82:bd:11:52:85:b2:e6:37:c4:ae:16:fc:b0:90:b6:b7:22:62:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:19 2025 GMT
Not After : Aug 21 14:47:19 2026 GMT
Subject: CN=371BCD411D4FF73552DBD02E2968BEF92299BA53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:78:4a:ac:78:b7:12:05:8b:11:17:bf:e8:11:
9c:30:60:12:fe:18:be:6e:10:49:e9:1c:13:92:e2:
d2:d3:32:02:1a:2c:32:b1:dc:33:d0:aa:b1:c3:e5:
fc:29:ee:1a:1d:1e:66:a9:75:3e:c3:64:99:0a:a2:
6b:cc:ac:81:01:5f:76:31:c5:59:82:41:b6:6f:40:
78:b5:03:95:fb:b1:46:c3:ad:8c:57:4b:8a:d9:31:
4e:2f:d6:2e:6f:ad:65:7e:10:c6:6a:50:9b:06:75:
e4:c4:24:b3:37:fb:b8:27:15:4c:2a:49:12:b5:7d:
6d:16:99:59:57:06:97:5a:ee:51:cd:bf:3c:55:d9:
b8:2f:d5:ac:d3:73:0c:d7:d2:44:e2:26:7a:29:44:
30:57:c8:d9:e7:74:ba:7d:a2:4c:5b:9b:d1:c1:71:
b5:f1:50:66:86:4f:3f:c7:c9:a4:4b:04:5d:68:32:
d0:ff:a8:a8:fe:b3:9b:d1:34:dc:ee:9e:14:65:09:
c5:81:16:aa:de:3a:4c:4f:9b:fb:1e:cf:2f:76:c0:
17:12:cf:d8:54:cd:43:dc:91:9c:1c:2d:98:f6:f2:
35:4d:aa:aa:da:0e:29:89:bf:63:c0:66:ec:22:0f:
be:d1:f7:d7:82:38:10:da:4b:50:82:2b:d1:1b:77:
91:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:1B:CD:41:1D:4F:F7:35:52:DB:D0:2E:29:68:BE:F9:22:99:BA:53
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139342e3231362e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.216.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:8f:15:c0:db:33:3a:71:ed:9b:e6:f1:70:49:14:83:9e:c5:
36:b7:5e:2a:13:fb:b2:bf:92:95:0b:50:96:ba:75:9d:5c:5e:
eb:24:be:4d:d5:e7:76:18:04:86:26:1d:64:9b:7a:a2:26:24:
fb:2b:52:89:e2:55:56:4c:5f:9d:4a:76:03:30:ec:73:5d:d5:
5d:e3:d8:ce:51:d7:28:9b:2f:f6:13:f8:c5:a3:d7:d1:d5:83:
d7:47:c0:01:2a:3e:35:08:9f:49:cb:c6:39:4f:82:00:25:15:
4d:88:a1:7e:6b:36:98:a6:2e:20:b5:d8:e1:c9:4a:4f:f3:4a:
2d:b9:b3:0d:16:65:21:62:e0:5b:39:a2:50:0d:91:e2:e4:c1:
54:69:e7:26:e5:00:81:6e:7c:69:b8:12:e4:63:5a:1d:5a:61:
e9:56:4b:3c:d4:29:0b:2d:aa:75:79:d1:3b:6e:f0:2c:ab:33:
88:2b:cd:be:ff:11:9c:38:41:3d:4f:e0:f4:34:96:94:00:0c:
ee:fd:0f:5b:c8:36:fb:b8:10:18:49:32:98:01:6f:4d:6a:f9:
2a:a4:80:aa:c5:b3:35:8d:69:ba:80:aa:9f:c6:b2:d3:f9:7c:
e2:4d:a0:3d:19:fa:d4:5d:3b:52:d1:da:9a:e9:0e:22:8e:9c:
cf:6b:df:df
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURoK9EVKFsuY3xK4W/LCQtrciYk0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTlaFw0yNjA4MjExNDQ3MTlaMDMxMTAvBgNV
BAMTKDM3MUJDRDQxMUQ0RkY3MzU1MkRCRDAyRTI5NjhCRUY5MjI5OUJBNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPeEqseLcSBYsRF7/oEZwwYBL+
GL5uEEnpHBOS4tLTMgIaLDKx3DPQqrHD5fwp7hodHmapdT7DZJkKomvMrIEBX3Yx
xVmCQbZvQHi1A5X7sUbDrYxXS4rZMU4v1i5vrWV+EMZqUJsGdeTEJLM3+7gnFUwq
SRK1fW0WmVlXBpda7lHNvzxV2bgv1azTcwzX0kTiJnopRDBXyNnndLp9okxbm9HB
cbXxUGaGTz/HyaRLBF1oMtD/qKj+s5vRNNzunhRlCcWBFqreOkxPm/sezy92wBcS
z9hUzUPckZwcLZj28jVNqqraDimJv2PAZuwiD77R99eCOBDaS1CCK9Ebd5G/AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUNxvNQR1P9zVS29AuKWi++SKZulMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzQyZTMy
MzEzNjJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5wtgwDQYJKoZIhvcNAQELBQADggEBAFqPFcDbMzpx7Zvm8XBJFIOexTa3XioT
+7K/kpULUJa6dZ1cXuskvk3V53YYBIYmHWSbeqImJPsrUoniVVZMX51KdgMw7HNd
1V3j2M5R1yibL/YT+MWj19HVg9dHwAEqPjUIn0nLxjlPggAlFU2IoX5rNpimLiC1
2OHJSk/zSi25sw0WZSFi4Fs5olANkeLkwVRp5yblAIFufGm4EuRjWh1aYelWSzzU
KQstqnV50Ttu8CyrM4grzb7/EZw4QT1P4PQ0lpQADO79D1vINvu4EBhJMpgBb01q
+SqkgKrFszWNabqAqp/GstP5fOJNoD0Z+tRdO1LR2prpDiKOnM9r398=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:45:20 2025 by rpki-client