Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130302e302f32342d3332203d3e20313336373837.roa
File: 3138352e3139392e3130302e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: uiHf1c+kF8bhDWL+SvO/9JbGRcDu5KIQ+VDbrlcBkzg=
Subject key identifier: F2:61:0D:02:D8:96:09:4C:93:11:7E:04:CE:D2:7A:C5:DB:78:B6:FC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 312CFCA1E420B931618DD757CB3D4F5268D08544
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130302e302f32342d3332203d3e20313336373837.roa
Signing time: Fri 22 Aug 2025 14:47:09 +0000
ROA not before: Fri 22 Aug 2025 14:42:09 +0000
ROA not after: Fri 21 Aug 2026 14:47:09 +0000
asID: 136787
IP address blocks: 185.199.100.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:2c:fc:a1:e4:20:b9:31:61:8d:d7:57:cb:3d:4f:52:68:d0:85:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:09 2025 GMT
Not After : Aug 21 14:47:09 2026 GMT
Subject: CN=F2610D02D896094C93117E04CED27AC5DB78B6FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:26:1c:f6:2c:3f:56:9e:59:a5:07:d2:4a:4f:
86:c7:75:ab:83:0a:bc:fd:9c:eb:4b:f8:1a:89:d0:
1f:36:39:3e:48:9e:9e:9d:a7:30:fc:8b:b3:23:71:
eb:d2:f4:82:e4:45:d9:49:6e:a0:e6:eb:67:01:47:
ff:fd:9e:3a:45:e3:37:33:0d:ec:d0:8b:3e:4d:ef:
6a:f6:d2:6d:ee:0b:73:da:55:15:19:ad:e6:46:38:
44:98:a7:c0:68:e9:d0:ac:36:f3:22:a4:37:ad:fe:
1e:35:a6:65:8b:d8:69:38:c3:61:75:11:00:dc:32:
9a:e4:ba:41:44:68:56:92:d1:03:b6:0e:96:24:b9:
70:01:9b:e2:ea:f8:83:9a:01:5f:59:e7:2e:a4:6d:
68:f9:66:ee:76:8a:a9:53:7b:f7:55:e6:41:34:59:
e8:29:9e:53:95:52:5a:8b:88:ee:ee:f8:57:8c:36:
e6:bb:e1:ed:54:18:6e:e4:38:8f:cc:e3:aa:48:26:
b0:2a:6d:1b:24:48:42:b4:02:b9:78:0f:58:bc:f2:
7f:0e:70:ae:6d:f1:6b:98:16:1d:12:62:b8:dc:ce:
e4:e2:43:55:5d:3a:12:46:d2:79:ce:f3:d4:07:7b:
83:6b:c5:9e:32:f2:cf:64:d2:51:2b:f4:55:ec:bc:
86:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:61:0D:02:D8:96:09:4C:93:11:7E:04:CE:D2:7A:C5:DB:78:B6:FC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130302e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.100.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:c6:32:93:c3:5c:d9:54:d7:ee:0c:47:d4:1e:db:d5:f2:0c:
ed:75:3b:a4:db:b3:e7:dd:ae:f7:2c:0c:8e:8b:58:b9:df:ce:
40:79:bf:44:93:6b:4d:50:15:95:2f:eb:f2:ba:dd:85:23:a0:
40:09:73:73:19:20:1a:d2:8d:fa:7d:22:89:e5:12:e7:3e:fe:
13:61:be:30:ae:23:fa:d0:13:61:f0:f9:b7:2c:be:7a:7d:70:
e5:db:e3:8a:91:2e:5a:a2:13:8d:57:83:ec:84:3f:f3:11:89:
9a:0a:7f:d2:37:44:42:6b:e5:f3:e0:67:8c:12:16:55:8d:19:
7c:4c:6d:72:bb:7c:2f:90:b3:27:17:7e:3d:42:f8:02:31:85:
5f:9c:4a:89:2a:32:f2:20:3e:b6:bf:89:29:d0:bc:f7:52:1a:
99:0e:8b:05:e9:e9:06:f4:8c:26:2d:ba:7d:45:98:4e:f9:f3:
1c:6e:5b:51:42:4c:23:bc:49:6e:fa:73:7f:d9:3c:49:2f:b2:
3d:4e:c7:76:dc:98:cc:63:6f:76:4b:bc:24:9a:15:91:5b:5b:
fd:54:f1:3c:ba:83:82:55:73:0a:f3:69:81:89:b2:b8:96:a5:
fa:d3:e5:bb:48:10:64:67:fe:11:1b:14:50:07:89:a0:f2:a0:
db:e3:33:f0
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUMSz8oeQguTFhjddXyz1PUmjQhUQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMDlaFw0yNjA4MjExNDQ3MDlaMDMxMTAvBgNV
BAMTKEYyNjEwRDAyRDg5NjA5NEM5MzExN0UwNENFRDI3QUM1REI3OEI2RkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHJhz2LD9WnlmlB9JKT4bHdauD
Crz9nOtL+BqJ0B82OT5Inp6dpzD8i7MjcevS9ILkRdlJbqDm62cBR//9njpF4zcz
DezQiz5N72r20m3uC3PaVRUZreZGOESYp8Bo6dCsNvMipDet/h41pmWL2Gk4w2F1
EQDcMprkukFEaFaS0QO2DpYkuXABm+Lq+IOaAV9Z5y6kbWj5Zu52iqlTe/dV5kE0
WegpnlOVUlqLiO7u+FeMNua74e1UGG7kOI/M46pIJrAqbRskSEK0Arl4D1i88n8O
cK5t8WuYFh0SYrjczuTiQ1VdOhJG0nnO89QHe4NrxZ4y8s9k0lEr9FXsvIaXAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU8mENAtiWCUyTEX4EztJ6xdt4tvwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzkyZTMx
MzAzMDJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnHZDANBgkqhkiG9w0BAQsFAAOCAQEAjsYyk8Nc2VTX7gxH1B7b1fIM7XU7
pNuz592u9ywMjotYud/OQHm/RJNrTVAVlS/r8rrdhSOgQAlzcxkgGtKN+n0iieUS
5z7+E2G+MK4j+tATYfD5tyy+en1w5dvjipEuWqITjVeD7IQ/8xGJmgp/0jdEQmvl
8+BnjBIWVY0ZfExtcrt8L5CzJxd+PUL4AjGFX5xKiSoy8iA+tr+JKdC891IamQ6L
BenpBvSMJi26fUWYTvnzHG5bUUJMI7xJbvpzf9k8SS+yPU7HdtyYzGNvdku8JJoV
kVtb/VTxPLqDglVzCvNpgYmyuJal+tPlu0gQZGf+ERsUUAeJoPKg2+Mz8A==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:23:33 2025 by rpki-client