Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3232312e302f32342d3234203d3e20313431303339.roa
File: 3138352e3230322e3232312e302f32342d3234203d3e20313431303339.roa (raw, json)
Hash identifier: daPfJA49Vz3M5+OSSuIi9d4l/tBmFntnd0QcjXMu6Wg=
Subject key identifier: B6:BB:91:82:19:7D:68:81:70:E6:87:92:78:C5:E8:1B:4F:17:D9:42
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0A1A5922EC84031776242004638E79367E5B778F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3232312e302f32342d3234203d3e20313431303339.roa
Signing time: Fri 22 Aug 2025 14:47:16 +0000
ROA not before: Fri 22 Aug 2025 14:42:16 +0000
ROA not after: Fri 21 Aug 2026 14:47:16 +0000
asID: 141039
IP address blocks: 185.202.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:1a:59:22:ec:84:03:17:76:24:20:04:63:8e:79:36:7e:5b:77:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:16 2025 GMT
Not After : Aug 21 14:47:16 2026 GMT
Subject: CN=B6BB9182197D688170E6879278C5E81B4F17D942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:04:ae:27:20:eb:96:88:d1:82:b5:4b:be:bb:
59:10:10:68:58:4b:51:07:42:2f:de:5e:b1:ba:0a:
f2:70:f0:ee:d9:37:5f:52:7f:09:2f:28:a7:62:96:
88:6f:1c:d7:c9:92:ea:2a:75:ad:c8:18:ec:92:35:
25:a7:a8:a5:41:9c:e7:d7:33:8a:36:1c:5c:bd:44:
87:46:b3:ab:15:8c:6e:97:9f:04:57:26:d3:17:bf:
0d:9e:e3:75:42:8a:3a:0b:3d:be:4c:9b:f1:00:b7:
86:49:fa:31:82:ed:c6:01:ef:32:e9:ea:34:81:29:
ed:87:ab:7d:a9:e3:12:6f:66:6f:f8:4d:a6:94:cf:
7a:6c:99:ba:06:99:09:c7:8c:3c:ee:02:7b:ce:68:
55:b6:0e:44:f1:ad:c2:3f:f9:df:d9:9f:2a:03:c5:
43:43:1d:3c:ca:88:00:db:19:6e:79:f3:29:80:ce:
1d:02:e7:8d:a5:16:4a:79:91:c9:99:82:19:c8:ab:
a1:4f:33:ab:97:dd:b0:32:3a:73:91:d8:9d:01:dc:
1b:06:3b:1b:c6:cf:69:6e:0e:8e:9c:7c:19:4f:80:
bc:c8:dc:1c:75:40:bc:fa:33:25:d3:0f:3b:ce:19:
30:52:2e:45:c5:ed:5e:5e:83:85:cb:89:85:b8:75:
dc:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:BB:91:82:19:7D:68:81:70:E6:87:92:78:C5:E8:1B:4F:17:D9:42
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3232312e302f32342d3234203d3e20313431303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.221.0/24
Signature Algorithm: sha256WithRSAEncryption
90:e4:71:0e:52:f9:1e:3a:67:cf:c7:35:ab:fa:fc:b2:75:43:
68:d3:bf:a0:e1:15:74:d2:96:dc:29:d8:a5:3b:29:42:58:3f:
b4:ef:1d:4d:c3:09:cc:ec:5b:a9:eb:9d:b2:05:92:af:c7:b2:
88:0d:bb:0d:a9:14:b6:10:c8:f5:82:bd:7b:f7:d0:bc:cb:13:
36:aa:c3:3c:a4:4b:b4:ef:b7:8a:65:1b:44:0b:36:b2:7f:31:
48:3e:a3:7f:e9:73:bf:89:23:40:f8:97:e5:b9:85:fe:1c:6c:
80:50:4d:02:1f:9d:5b:42:6c:85:27:af:9a:36:e3:c9:d9:ae:
b9:c3:c8:0c:a8:ca:cd:91:ce:2b:9a:74:a7:98:e9:5c:f8:6a:
dd:e6:7e:40:6f:dc:37:2e:c7:d9:47:9a:77:69:b2:1d:d9:88:
b0:25:3b:d9:7d:21:9a:ea:1f:cd:8d:b9:e6:52:c7:07:54:fb:
82:3d:a8:5e:ff:fc:82:dd:ef:b6:96:df:fe:9e:ed:98:6a:4e:
46:d3:27:f2:19:88:56:48:35:f1:b2:30:eb:ea:f0:b2:14:5f:
2c:c0:fe:10:28:13:c5:91:2d:f2:06:3c:6e:46:ba:35:d6:a7:
58:ba:c4:b3:a0:0d:36:34:34:be:52:56:5d:0c:ab:a2:5d:91:
01:a6:6d:6d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUChpZIuyEAxd2JCAEY455Nn5bd48wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTZaFw0yNjA4MjExNDQ3MTZaMDMxMTAvBgNV
BAMTKEI2QkI5MTgyMTk3RDY4ODE3MEU2ODc5Mjc4QzVFODFCNEYxN0Q5NDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVBK4nIOuWiNGCtUu+u1kQEGhY
S1EHQi/eXrG6CvJw8O7ZN19SfwkvKKdilohvHNfJkuoqda3IGOySNSWnqKVBnOfX
M4o2HFy9RIdGs6sVjG6XnwRXJtMXvw2e43VCijoLPb5Mm/EAt4ZJ+jGC7cYB7zLp
6jSBKe2Hq32p4xJvZm/4TaaUz3psmboGmQnHjDzuAnvOaFW2DkTxrcI/+d/ZnyoD
xUNDHTzKiADbGW558ymAzh0C542lFkp5kcmZghnIq6FPM6uX3bAyOnOR2J0B3BsG
OxvGz2luDo6cfBlPgLzI3Bx1QLz6MyXTDzvOGTBSLkXF7V5eg4XLiYW4ddwrAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUtruRghl9aIFw5oeSeMXoG08X2UIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzIyZTMy
MzIzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzMTMwMzMzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnK3TANBgkqhkiG9w0BAQsFAAOCAQEAkORxDlL5Hjpnz8c1q/r8snVDaNO/
oOEVdNKW3CnYpTspQlg/tO8dTcMJzOxbqeudsgWSr8eyiA27DakUthDI9YK9e/fQ
vMsTNqrDPKRLtO+3imUbRAs2sn8xSD6jf+lzv4kjQPiX5bmF/hxsgFBNAh+dW0Js
hSevmjbjydmuucPIDKjKzZHOK5p0p5jpXPhq3eZ+QG/cNy7H2Uead2myHdmIsCU7
2X0hmuofzY255lLHB1T7gj2oXv/8gt3vtpbf/p7tmGpORtMn8hmIVkg18bIw6+rw
shRfLMD+ECgTxZEt8gY8bka6NdanWLrEs6ANNjQ0vlJWXQyrol2RAaZtbQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:24:47 2025 by rpki-client