Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130322e302f32342d3332203d3e20313336373837.roa
File: 3138352e3139392e3130322e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: tpInXgu3XWwi9SMZzyaAzJX3W8IZH/eFo8DRs03J/C4=
Subject key identifier: 19:2E:C0:34:E6:E7:B9:07:1C:A9:08:5A:EF:2D:00:79:12:38:5C:67
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 70092C5DB674B5CC5BA9835AABEF3EC1367361A7
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130322e302f32342d3332203d3e20313336373837.roa
Signing time: Fri 22 Aug 2025 14:47:19 +0000
ROA not before: Fri 22 Aug 2025 14:42:19 +0000
ROA not after: Fri 21 Aug 2026 14:47:19 +0000
asID: 136787
IP address blocks: 185.199.102.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:09:2c:5d:b6:74:b5:cc:5b:a9:83:5a:ab:ef:3e:c1:36:73:61:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:19 2025 GMT
Not After : Aug 21 14:47:19 2026 GMT
Subject: CN=192EC034E6E7B9071CA9085AEF2D007912385C67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c1:b5:c4:4d:43:96:3d:c9:bf:37:9b:bf:5c:
0a:5a:a1:b1:08:36:a9:91:97:ce:47:6b:42:98:8f:
3e:86:e2:a1:d8:30:69:f5:ab:44:71:2b:8d:34:d3:
f8:3f:ad:b5:b8:b0:12:e3:92:90:56:67:f2:c7:5c:
0c:d9:90:21:bb:2a:d8:6b:a9:2e:61:3d:8d:60:30:
58:02:ae:e6:a5:35:a8:ad:02:4e:fa:6a:08:c9:d9:
f6:4b:56:b0:4b:b2:20:6f:41:62:ea:86:ed:6b:8a:
07:1a:f2:54:a8:3e:bd:46:0f:cb:3c:e2:cf:a5:81:
49:bd:e0:14:05:cc:38:06:6e:17:17:47:4e:80:9f:
6a:22:af:d4:66:ee:ae:fa:d5:2e:6e:47:12:e7:57:
d0:c6:5f:86:51:c1:ce:96:90:8b:00:01:82:22:cc:
1f:78:ab:b3:ea:c3:12:d0:f7:12:49:97:89:ab:da:
b7:d9:a7:37:48:b7:d6:f4:67:f6:fb:fc:cd:ea:5e:
b6:f1:e1:a6:ec:19:30:cf:f3:47:ad:47:41:5b:0f:
87:74:8f:fa:72:61:e8:cc:8d:33:5b:d7:c2:e3:8b:
0e:7a:03:90:33:70:7b:2a:ad:dc:68:f9:f9:f8:56:
5e:18:a9:93:c0:34:3d:1c:83:c9:96:7e:c7:f4:16:
79:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:2E:C0:34:E6:E7:B9:07:1C:A9:08:5A:EF:2D:00:79:12:38:5C:67
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3139392e3130322e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.102.0/24
Signature Algorithm: sha256WithRSAEncryption
87:41:41:e1:99:ae:c0:4b:e3:2d:99:e8:6b:2d:a5:be:38:1e:
27:1a:55:b5:17:5f:6b:39:37:9f:03:7a:61:b5:a6:3c:58:a7:
9c:ab:ec:0b:00:01:c7:64:7d:c1:1d:64:1a:77:56:07:bb:9e:
0d:6d:9e:83:5a:5a:e3:1d:8c:b8:80:87:f8:8b:2e:fe:96:d5:
77:a3:ca:39:06:4b:9f:3b:7f:2f:2e:17:ca:7a:03:15:30:71:
ef:e7:fb:51:e8:31:48:52:2c:d8:ef:8d:af:04:ac:4b:6f:ab:
9a:a9:35:1f:5d:79:3c:88:7a:90:31:3d:c8:48:f8:df:38:4a:
15:2a:cb:35:20:81:e1:6b:d2:24:6f:df:9d:15:f0:4f:b5:ec:
b9:0a:61:46:85:16:15:d7:61:4b:44:89:2b:6d:dd:81:45:74:
9d:ac:de:30:21:2b:e4:61:86:6b:50:c1:cd:42:94:40:76:3c:
ee:44:6f:92:5d:9f:d6:e4:fa:8a:d7:05:4f:c1:28:ab:bc:32:
73:0e:02:02:a0:93:c2:77:2c:24:80:24:48:fc:40:91:f4:23:
94:24:31:23:d6:85:9c:79:2e:ae:b5:7e:c3:2f:71:23:c5:a6:
20:fb:1a:7c:78:e3:17:3e:8a:ed:34:98:07:98:20:56:17:1b:
10:e7:60:00
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUcAksXbZ0tcxbqYNaq+8+wTZzYacwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTlaFw0yNjA4MjExNDQ3MTlaMDMxMTAvBgNV
BAMTKDE5MkVDMDM0RTZFN0I5MDcxQ0E5MDg1QUVGMkQwMDc5MTIzODVDNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIwbXETUOWPcm/N5u/XApaobEI
NqmRl85Ha0KYjz6G4qHYMGn1q0RxK4000/g/rbW4sBLjkpBWZ/LHXAzZkCG7Kthr
qS5hPY1gMFgCrualNaitAk76agjJ2fZLVrBLsiBvQWLqhu1rigca8lSoPr1GD8s8
4s+lgUm94BQFzDgGbhcXR06An2oir9Rm7q761S5uRxLnV9DGX4ZRwc6WkIsAAYIi
zB94q7PqwxLQ9xJJl4mr2rfZpzdIt9b0Z/b7/M3qXrbx4absGTDP80etR0FbD4d0
j/pyYejMjTNb18Ljiw56A5AzcHsqrdxo+fn4Vl4YqZPAND0cg8mWfsf0Fnl3AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUGS7ANObnuQccqQha7y0AeRI4XGcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTM5MzkyZTMx
MzAzMjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnHZjANBgkqhkiG9w0BAQsFAAOCAQEAh0FB4ZmuwEvjLZnoay2lvjgeJxpV
tRdfazk3nwN6YbWmPFinnKvsCwABx2R9wR1kGndWB7ueDW2eg1pa4x2MuICH+Isu
/pbVd6PKOQZLnzt/Ly4XynoDFTBx7+f7UegxSFIs2O+NrwSsS2+rmqk1H115PIh6
kDE9yEj43zhKFSrLNSCB4WvSJG/fnRXwT7XsuQphRoUWFddhS0SJK23dgUV0naze
MCEr5GGGa1DBzUKUQHY87kRvkl2f1uT6itcFT8Eoq7wycw4CAqCTwncsJIAkSPxA
kfQjlCQxI9aFnHkurrV+wy9xI8WmIPsafHjjFz6K7TSYB5ggVhcbEOdgAA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:53:18 2025 by rpki-client