Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139342e3231382e302f32332d3332203d3e203531313637.roa
File: 3138352e3139342e3231382e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: naI0i3zb+MLIpCmRvUESzAPGh9D9LmSy6FbERl730bM=
Subject key identifier: 46:EA:F7:B2:06:80:38:6A:AB:AC:C9:7D:1E:0A:74:DC:AA:97:30:EB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 301B3830D7FA9E9A3DE33FF4AD7C437A36040A84
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139342e3231382e302f32332d3332203d3e203531313637.roa
Signing time: Fri 22 Aug 2025 14:47:21 +0000
ROA not before: Fri 22 Aug 2025 14:42:21 +0000
ROA not after: Fri 21 Aug 2026 14:47:21 +0000
asID: 51167
IP address blocks: 185.194.218.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:1b:38:30:d7:fa:9e:9a:3d:e3:3f:f4:ad:7c:43:7a:36:04:0a:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:21 2025 GMT
Not After : Aug 21 14:47:21 2026 GMT
Subject: CN=46EAF7B20680386AABACC97D1E0A74DCAA9730EB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7c:10:56:ad:32:02:bb:46:88:0c:8d:4f:1b:
17:b4:37:3a:09:7c:1d:33:57:eb:aa:56:4e:75:fc:
0f:c4:e0:3e:6f:ff:a8:75:03:13:41:c6:d3:f4:bd:
52:3c:0e:02:4e:10:b4:55:2a:ae:cf:7d:1b:59:2c:
25:94:5b:9b:0a:c3:f0:7a:58:44:26:c8:21:1d:bb:
7c:ac:7b:9a:75:f5:d5:7b:9a:01:59:a4:97:9c:3f:
29:dc:a1:25:56:66:a7:c9:7f:6f:81:8b:ac:5e:96:
db:a7:60:9c:12:92:fe:e4:5b:f4:36:be:ca:57:38:
a1:f7:9a:63:3d:33:7f:18:65:a9:37:b4:2c:64:8d:
13:ee:db:94:64:1e:c1:6b:03:e8:c5:06:9f:07:a0:
8d:03:39:30:2c:96:cb:9d:92:7f:77:0d:e7:80:d3:
ba:c3:d1:0f:10:f9:ba:4d:12:18:b4:08:39:3c:a4:
30:b9:77:80:70:e1:57:01:1d:62:c7:92:06:ad:3e:
1b:e5:22:3e:c9:7d:e9:d6:de:7e:e3:71:af:d5:65:
25:81:27:a2:39:cc:29:25:88:61:a2:d8:ee:6f:c1:
bb:fd:ba:25:ec:29:f1:06:0b:8c:da:75:13:00:1c:
ab:d3:3f:e2:ba:59:59:59:5e:74:d3:0b:cd:3c:49:
f2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:EA:F7:B2:06:80:38:6A:AB:AC:C9:7D:1E:0A:74:DC:AA:97:30:EB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139342e3231382e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.218.0/23
Signature Algorithm: sha256WithRSAEncryption
78:36:3e:26:f2:60:5b:16:60:f1:4f:42:8a:0c:b3:6a:6d:25:
35:90:86:22:c7:79:35:63:2b:41:25:65:8a:05:80:7e:32:03:
5b:31:0c:57:a1:08:fa:cc:b4:cf:2f:41:33:98:9e:46:05:d2:
9f:18:63:ab:8b:39:3a:51:62:a4:6c:bb:e2:40:d4:1c:0c:6b:
51:e2:97:7c:08:62:a6:47:e6:7e:a2:09:aa:18:7b:52:8a:80:
4b:8a:fe:fa:ef:57:e9:50:e4:0a:a5:80:ba:83:de:63:59:ec:
91:96:21:e7:d2:7a:37:d2:01:1a:86:66:74:43:0e:17:c0:ac:
b4:8a:19:55:41:b9:9d:21:17:ab:2f:50:87:55:96:7a:74:ec:
2b:5f:63:5c:34:11:3c:68:1a:1d:d4:59:0e:6f:f5:8d:61:0c:
2e:ea:ca:2f:5a:d5:2b:4f:68:ae:3c:a9:b0:af:8d:40:63:5c:
f0:1b:e3:5e:9f:f1:a0:76:45:5c:81:d9:75:26:b4:e6:d7:01:
d1:fd:18:ac:da:4f:ee:68:e9:d3:46:64:e2:48:95:66:61:e8:
7c:7c:e2:e5:96:e7:c5:63:9d:4a:1a:e4:10:da:ed:9e:be:aa:
9f:5d:e6:62:1c:7d:22:7d:b5:d3:ff:fb:bf:ac:d6:4e:36:66:
04:43:e2:72
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUMBs4MNf6npo94z/0rXxDejYECoQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMjFaFw0yNjA4MjExNDQ3MjFaMDMxMTAvBgNV
BAMTKDQ2RUFGN0IyMDY4MDM4NkFBQkFDQzk3RDFFMEE3NERDQUE5NzMwRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwfBBWrTICu0aIDI1PGxe0NzoJ
fB0zV+uqVk51/A/E4D5v/6h1AxNBxtP0vVI8DgJOELRVKq7PfRtZLCWUW5sKw/B6
WEQmyCEdu3yse5p19dV7mgFZpJecPyncoSVWZqfJf2+Bi6xeltunYJwSkv7kW/Q2
vspXOKH3mmM9M38YZak3tCxkjRPu25RkHsFrA+jFBp8HoI0DOTAslsudkn93DeeA
07rD0Q8Q+bpNEhi0CDk8pDC5d4Bw4VcBHWLHkgatPhvlIj7JfenW3n7jca/VZSWB
J6I5zCkliGGi2O5vwbv9uiXsKfEGC4zadRMAHKvTP+K6WVlZXnTTC808SfJPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQURur3sgaAOGqrrMl9Hgp03KqXMOswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzQyZTMy
MzEzODJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG5wtowDQYJKoZIhvcNAQELBQADggEBAHg2PibyYFsWYPFPQooMs2ptJTWQhiLH
eTVjK0ElZYoFgH4yA1sxDFehCPrMtM8vQTOYnkYF0p8YY6uLOTpRYqRsu+JA1BwM
a1Hil3wIYqZH5n6iCaoYe1KKgEuK/vrvV+lQ5AqlgLqD3mNZ7JGWIefSejfSARqG
ZnRDDhfArLSKGVVBuZ0hF6svUIdVlnp07CtfY1w0ETxoGh3UWQ5v9Y1hDC7qyi9a
1StPaK48qbCvjUBjXPAb416f8aB2RVyB2XUmtObXAdH9GKzaT+5o6dNGZOJIlWZh
6Hx84uWW58VjnUoa5BDa7Z6+qp9d5mIcfSJ9tdP/+7+s1k42ZgRD4nI=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:42:07 2025 by rpki-client