Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3233362e302f32342d3332203d3e203531313637.roa
File: 3138352e3230322e3233362e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: TOKvPkTGdDguBOQnxfUwfO984OwHdEuDHCy2yM4YD+g=
Subject key identifier: 62:21:76:A6:39:2F:C0:2C:FB:14:31:18:EB:34:B4:40:15:BD:FD:3A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5449801ECAEDB4F30141A29BF13223E3D2AD4732
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3233362e302f32342d3332203d3e203531313637.roa
Signing time: Fri 22 Aug 2025 14:47:21 +0000
ROA not before: Fri 22 Aug 2025 14:42:21 +0000
ROA not after: Fri 21 Aug 2026 14:47:21 +0000
asID: 51167
IP address blocks: 185.202.236.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:49:80:1e:ca:ed:b4:f3:01:41:a2:9b:f1:32:23:e3:d2:ad:47:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:21 2025 GMT
Not After : Aug 21 14:47:21 2026 GMT
Subject: CN=622176A6392FC02CFB143118EB34B44015BDFD3A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ed:10:62:9e:14:94:dc:9b:5d:32:5b:3b:83:
6a:9f:61:84:31:63:51:b3:4d:bf:84:ab:01:07:44:
f1:42:72:dd:a9:29:ba:59:fa:40:29:50:cb:2b:64:
ba:2d:bf:fd:c8:6b:15:92:32:23:6e:70:06:79:fb:
1d:36:3c:54:cb:10:57:25:b9:f9:db:94:2b:34:09:
91:34:4b:6c:d8:25:6b:52:f8:e3:26:4b:f3:2e:01:
8b:a9:2f:a6:95:1e:d7:9d:bc:d4:11:d0:32:f9:84:
df:86:1f:1d:b0:c9:21:42:3c:bb:13:c1:7f:ee:f4:
5c:e1:0d:fa:ed:dd:73:10:8f:03:71:68:98:64:f0:
cf:4b:f6:02:60:79:57:08:45:12:d5:bf:09:7b:1c:
ff:d4:57:8e:4d:ab:f9:e5:a6:93:a9:4f:b7:ff:e7:
97:04:11:d7:02:4d:68:72:2b:14:2e:55:bd:2b:43:
35:5a:1a:33:57:f1:72:64:30:7b:c8:4c:b4:3f:ad:
2c:ee:b2:91:37:f1:da:f5:47:2e:c2:c1:53:20:f8:
72:bd:cd:53:d1:5b:ea:60:02:a1:ce:3c:fc:42:43:
7c:68:92:cd:9a:ba:02:9d:2a:38:6c:13:c1:50:4b:
db:7f:0a:9a:fc:8b:07:6f:bc:65:3e:2a:9e:ee:c3:
8a:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:21:76:A6:39:2F:C0:2C:FB:14:31:18:EB:34:B4:40:15:BD:FD:3A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230322e3233362e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.236.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:26:f3:c5:9a:55:23:94:5d:03:3e:6e:76:66:4e:46:24:17:
40:e7:cc:96:72:d0:1e:1d:c0:aa:4f:13:6b:37:8d:c1:09:5e:
8e:d2:ca:4a:7f:5b:cf:73:1b:e8:c6:74:4c:dc:aa:92:7e:e5:
44:f3:ae:37:3a:8f:0e:1d:af:b4:cc:f9:87:28:84:bd:d4:bd:
12:36:3f:ca:8f:e6:7b:16:49:40:14:9a:83:55:1b:38:9b:d7:
57:f0:ff:8d:20:94:7c:32:52:6b:ec:53:9c:1e:d1:93:51:d7:
93:a9:bb:63:24:1b:a2:82:ac:1d:65:e2:7c:b4:44:14:1f:34:
73:7d:1f:d1:1c:88:f1:76:5d:a4:34:95:ef:6c:f0:63:4e:21:
4c:b0:7f:7d:9b:7a:dc:8e:18:59:b1:ff:f7:a7:3a:f4:ae:e1:
0f:82:39:d5:bd:3e:71:1a:e4:41:6b:73:7a:ce:08:39:da:6c:
5f:bb:2f:fa:05:14:b1:ec:9a:2f:a5:69:da:c1:97:b4:e1:f1:
62:b4:e5:25:5d:ad:0a:b9:87:28:5c:bf:fa:1d:0a:cc:5e:e5:
fb:40:5c:5d:90:75:ae:4e:12:4d:82:4f:07:cf:5b:9a:26:f8:
39:ff:1c:56:44:90:1a:a8:cc:ea:d2:43:1d:53:89:a9:aa:c1:
79:49:4c:e6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVEmAHsrttPMBQaKb8TIj49KtRzIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMjFaFw0yNjA4MjExNDQ3MjFaMDMxMTAvBgNV
BAMTKDYyMjE3NkE2MzkyRkMwMkNGQjE0MzExOEVCMzRCNDQwMTVCREZEM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDg7RBinhSU3JtdMls7g2qfYYQx
Y1GzTb+EqwEHRPFCct2pKbpZ+kApUMsrZLotv/3IaxWSMiNucAZ5+x02PFTLEFcl
ufnblCs0CZE0S2zYJWtS+OMmS/MuAYupL6aVHtedvNQR0DL5hN+GHx2wySFCPLsT
wX/u9FzhDfrt3XMQjwNxaJhk8M9L9gJgeVcIRRLVvwl7HP/UV45Nq/nlppOpT7f/
55cEEdcCTWhyKxQuVb0rQzVaGjNX8XJkMHvITLQ/rSzuspE38dr1Ry7CwVMg+HK9
zVPRW+pgAqHOPPxCQ3xoks2augKdKjhsE8FQS9t/Cpr8iwdvvGU+Kp7uw4oFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUYiF2pjkvwCz7FDEY6zS0QBW9/TowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzIyZTMy
MzMzNjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5yuwwDQYJKoZIhvcNAQELBQADggEBAA0m88WaVSOUXQM+bnZmTkYkF0DnzJZy
0B4dwKpPE2s3jcEJXo7Sykp/W89zG+jGdEzcqpJ+5UTzrjc6jw4dr7TM+YcohL3U
vRI2P8qP5nsWSUAUmoNVGzib11fw/40glHwyUmvsU5we0ZNR15Opu2MkG6KCrB1l
4ny0RBQfNHN9H9EciPF2XaQ0le9s8GNOIUywf32betyOGFmx//enOvSu4Q+COdW9
PnEa5EFrc3rOCDnabF+7L/oFFLHsmi+ladrBl7Th8WK05SVdrQq5hyhcv/odCsxe
5ftAXF2Qda5OEk2CTwfPW5om+Dn/HFZEkBqozOrSQx1TiamqwXlJTOY=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:43:17 2025 by rpki-client