Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230332e3231392e302f32342d3234203d3e20313431303339.roa
File: 3138352e3230332e3231392e302f32342d3234203d3e20313431303339.roa (raw, json)
Hash identifier: +mYY8E/m5jVxKiXB04oFeOTiI/970JcmzcR/Hc27woE=
Subject key identifier: C7:9D:C4:CB:EE:A0:C9:52:06:FA:52:6B:A7:CC:19:02:43:59:25:30
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 272A787C9FB0EC04AE26499A40800D2043E0A4F9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230332e3231392e302f32342d3234203d3e20313431303339.roa
Signing time: Fri 22 Aug 2025 14:47:16 +0000
ROA not before: Fri 22 Aug 2025 14:42:16 +0000
ROA not after: Fri 21 Aug 2026 14:47:16 +0000
asID: 141039
IP address blocks: 185.203.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:2a:78:7c:9f:b0:ec:04:ae:26:49:9a:40:80:0d:20:43:e0:a4:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:16 2025 GMT
Not After : Aug 21 14:47:16 2026 GMT
Subject: CN=C79DC4CBEEA0C95206FA526BA7CC190243592530
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a9:7c:dd:91:a4:77:fc:87:9e:47:b3:e6:3d:
48:be:a5:52:e8:42:e9:d3:9d:68:25:23:a8:ab:9d:
c0:fa:e4:73:85:d5:90:68:e7:a0:45:d5:94:ef:36:
4d:fc:11:2b:61:61:40:c6:84:7d:db:ea:5b:d3:82:
a7:b8:37:87:5b:fd:31:ca:b7:5a:7b:53:25:1f:83:
19:92:94:4c:0f:93:a5:ba:7a:f8:24:8e:48:98:61:
67:c4:1c:b6:18:a3:1c:39:fa:67:1b:4b:4b:6c:47:
f2:97:6d:1f:e5:c9:f2:a7:6c:96:f2:a3:68:2b:1b:
d9:26:2d:f7:53:76:57:7f:73:19:50:1a:ff:30:5d:
6e:96:b9:21:88:a8:ae:97:a5:c8:90:9e:56:e3:d4:
9d:a8:8c:9d:78:54:9c:8c:90:73:d7:fe:ff:6e:6f:
48:d2:cb:76:e8:55:a8:7e:c3:71:1c:83:2c:83:ab:
32:3c:85:a2:6b:d1:0b:2c:85:c1:fe:ad:37:25:1e:
f6:85:4f:7d:9b:3c:a7:40:65:f0:aa:70:c9:24:bf:
da:57:96:ea:ec:08:fa:41:1c:99:4b:e0:5a:10:1b:
c5:d6:97:91:57:65:2d:5d:88:52:4c:47:bf:04:95:
41:8c:0b:f8:d1:d3:19:7f:61:d9:52:2a:d9:90:00:
3c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:9D:C4:CB:EE:A0:C9:52:06:FA:52:6B:A7:CC:19:02:43:59:25:30
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230332e3231392e302f32342d3234203d3e20313431303339.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.219.0/24
Signature Algorithm: sha256WithRSAEncryption
43:fe:83:76:da:89:84:42:1d:99:32:8c:94:61:c0:f9:30:e0:
be:d0:f1:ee:c6:4d:4d:b0:8f:dc:d6:8a:3a:e1:49:51:1f:f4:
cf:cf:26:16:88:9a:53:61:d4:79:e7:37:13:d1:f4:5b:65:6a:
fb:dd:6f:16:44:fc:81:75:52:cf:84:87:7b:8f:e9:4f:e4:15:
05:b1:ae:e5:81:b9:ce:4d:38:0d:1a:c9:5f:26:e5:c0:b9:c9:
ec:46:38:53:bd:f2:8a:d0:02:02:09:83:77:78:a3:9b:76:ee:
10:2e:04:81:6b:4a:da:ec:9a:18:e3:61:9f:02:32:9b:b0:97:
01:43:34:0e:e4:98:1a:e9:df:74:fc:6c:f5:d4:96:75:23:ea:
80:76:fc:60:bd:ad:76:8e:d5:41:82:fd:b6:d3:e8:96:f2:04:
26:34:b7:21:13:1f:e4:ce:91:13:55:4d:1f:f2:ea:a0:bc:cf:
28:cf:44:09:37:43:09:7a:16:e5:d1:55:ae:d7:d1:94:88:1e:
2f:75:ad:ec:d5:6a:15:51:ea:73:4b:df:58:17:88:ef:79:d7:
29:2f:01:fe:1a:9b:0c:66:2f:37:89:6b:be:36:ef:72:0f:a9:
19:24:b5:86:e3:80:61:99:fd:8b:a1:76:4f:ca:e2:d0:65:c9:
63:67:ef:24
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUJyp4fJ+w7ASuJkmaQIANIEPgpPkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTZaFw0yNjA4MjExNDQ3MTZaMDMxMTAvBgNV
BAMTKEM3OURDNENCRUVBMEM5NTIwNkZBNTI2QkE3Q0MxOTAyNDM1OTI1MzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMqXzdkaR3/IeeR7PmPUi+pVLo
QunTnWglI6irncD65HOF1ZBo56BF1ZTvNk38ESthYUDGhH3b6lvTgqe4N4db/THK
t1p7UyUfgxmSlEwPk6W6evgkjkiYYWfEHLYYoxw5+mcbS0tsR/KXbR/lyfKnbJby
o2grG9kmLfdTdld/cxlQGv8wXW6WuSGIqK6XpciQnlbj1J2ojJ14VJyMkHPX/v9u
b0jSy3boVah+w3EcgyyDqzI8haJr0QsshcH+rTclHvaFT32bPKdAZfCqcMkkv9pX
lursCPpBHJlL4FoQG8XWl5FXZS1diFJMR78ElUGMC/jR0xl/YdlSKtmQADwfAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUx53Ey+6gyVIG+lJrp8wZAkNZJTAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzMyZTMy
MzEzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzMTMwMzMzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnL2zANBgkqhkiG9w0BAQsFAAOCAQEAQ/6DdtqJhEIdmTKMlGHA+TDgvtDx
7sZNTbCP3NaKOuFJUR/0z88mFoiaU2HUeec3E9H0W2Vq+91vFkT8gXVSz4SHe4/p
T+QVBbGu5YG5zk04DRrJXyblwLnJ7EY4U73yitACAgmDd3ijm3buEC4EgWtK2uya
GONhnwIym7CXAUM0DuSYGunfdPxs9dSWdSPqgHb8YL2tdo7VQYL9ttPolvIEJjS3
IRMf5M6RE1VNH/LqoLzPKM9ECTdDCXoW5dFVrtfRlIgeL3Wt7NVqFVHqc0vfWBeI
73nXKS8B/hqbDGYvN4lrvjbvcg+pGSS1huOAYZn9i6F2T8ri0GXJY2fvJA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:26:21 2025 by rpki-client