Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323033333830.roa
File: 3138352e3230392e3232302e302f32342d3234203d3e20323033333830.roa (raw, json)
Hash identifier: +JEV+6aTSwRoXzq8iIBIChh5rI94/02LZcuGKJw43/Y=
Subject key identifier: 4D:8A:22:73:64:B5:18:9D:17:8A:22:06:EA:5A:59:7D:DF:CC:4C:94
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 04F813BC51D4B8FC0E392D832DEF5477C63731A1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323033333830.roa
Signing time: Fri 22 Aug 2025 14:47:21 +0000
ROA not before: Fri 22 Aug 2025 14:42:21 +0000
ROA not after: Fri 21 Aug 2026 14:47:21 +0000
asID: 203380
IP address blocks: 185.209.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:f8:13:bc:51:d4:b8:fc:0e:39:2d:83:2d:ef:54:77:c6:37:31:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:21 2025 GMT
Not After : Aug 21 14:47:21 2026 GMT
Subject: CN=4D8A227364B5189D178A2206EA5A597DDFCC4C94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:96:01:a1:f2:aa:88:cd:a4:21:ad:23:5e:0e:
24:81:7a:17:a6:2b:89:60:d3:e6:5c:06:01:f4:c0:
62:53:65:a9:d6:f7:86:d8:d0:84:37:e8:24:f7:a7:
e4:52:07:3e:8b:b6:c5:21:45:d4:07:20:52:a4:c5:
20:cb:87:14:74:78:37:db:a9:bc:a8:4b:a6:fd:90:
c9:e2:78:c0:2b:b2:97:61:e5:da:0d:21:5b:f4:1c:
3e:f3:9c:2c:33:70:4e:dc:97:4c:8d:9e:e5:b7:3f:
e2:b9:6b:94:c8:74:19:53:f0:82:30:1f:78:63:70:
80:df:6f:dc:1b:8a:08:dc:27:fc:f5:5e:37:0b:05:
92:c3:15:4e:bc:ac:c8:26:b7:84:87:9a:79:01:91:
f4:13:11:f0:42:88:b3:df:da:88:26:f3:99:e5:58:
a2:02:8c:cc:82:03:f8:5e:2f:04:33:ee:d7:f1:0b:
93:cb:f9:a0:34:a9:74:23:a4:b9:06:00:a9:bb:12:
5c:e6:86:38:e6:64:ef:0d:57:53:80:69:43:4b:b6:
ce:26:e9:31:ad:4c:31:79:c5:e2:e3:48:14:ef:f2:
52:83:73:5a:0d:a5:41:ff:c7:f4:48:eb:1a:a5:ef:
d5:0f:13:08:46:a2:2c:42:26:99:42:53:e9:05:2b:
6a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:8A:22:73:64:B5:18:9D:17:8A:22:06:EA:5A:59:7D:DF:CC:4C:94
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e20323033333830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
65:22:80:07:ea:c3:b2:5a:6b:8f:2c:9a:ce:21:13:15:1e:b4:
35:f0:d5:e8:c2:74:de:fd:dc:85:69:96:bd:ab:90:8c:cf:73:
cb:76:98:46:91:76:23:39:a1:c1:5b:ac:65:61:89:16:62:f1:
08:82:88:1c:bb:a8:e0:66:43:54:91:56:c6:37:80:0b:06:0d:
16:d3:ad:01:19:18:99:03:58:73:94:fd:00:67:4e:c3:6f:59:
1a:89:b1:c5:9e:f5:c0:8b:78:5f:45:44:8f:83:12:51:be:37:
8a:e1:61:c1:2a:d7:8e:3c:e7:41:82:fc:5a:35:46:e3:37:5d:
79:e9:27:42:ec:d4:16:11:29:ae:c2:b0:56:77:09:91:35:6c:
c1:2e:03:44:d4:de:54:dc:dd:92:e4:76:f9:3a:69:83:d5:8e:
91:6c:44:df:75:ca:0a:9b:06:c8:0a:63:3f:7a:97:06:f0:10:
96:6c:83:69:95:59:f5:fa:a2:38:e4:3c:9c:36:49:cf:b8:07:
e2:6f:b1:38:10:e3:bf:74:03:c7:f1:46:72:fe:2e:77:c2:eb:
9b:cd:13:28:be:15:15:93:95:c9:ea:70:e2:b2:5b:ac:6a:a1:
ea:01:e2:61:02:40:80:4e:86:cf:f8:87:5e:4c:cd:4b:32:e6:
6a:61:cb:62
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUBPgTvFHUuPwOOS2DLe9Ud8Y3MaEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMjFaFw0yNjA4MjExNDQ3MjFaMDMxMTAvBgNV
BAMTKDREOEEyMjczNjRCNTE4OUQxNzhBMjIwNkVBNUE1OTdEREZDQzRDOTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCklgGh8qqIzaQhrSNeDiSBehem
K4lg0+ZcBgH0wGJTZanW94bY0IQ36CT3p+RSBz6LtsUhRdQHIFKkxSDLhxR0eDfb
qbyoS6b9kMnieMArspdh5doNIVv0HD7znCwzcE7cl0yNnuW3P+K5a5TIdBlT8IIw
H3hjcIDfb9wbigjcJ/z1XjcLBZLDFU68rMgmt4SHmnkBkfQTEfBCiLPf2ogm85nl
WKICjMyCA/heLwQz7tfxC5PL+aA0qXQjpLkGAKm7ElzmhjjmZO8NV1OAaUNLts4m
6TGtTDF5xeLjSBTv8lKDc1oNpUH/x/RI6xql79UPEwhGoixCJplCU+kFK2pxAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUTYoic2S1GJ0XiiIG6lpZfd/MTJQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMzMzgzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnR3DANBgkqhkiG9w0BAQsFAAOCAQEAZSKAB+rDslprjyyaziETFR60NfDV
6MJ03v3chWmWvauQjM9zy3aYRpF2IzmhwVusZWGJFmLxCIKIHLuo4GZDVJFWxjeA
CwYNFtOtARkYmQNYc5T9AGdOw29ZGomxxZ71wIt4X0VEj4MSUb43iuFhwSrXjjzn
QYL8WjVG4zddeeknQuzUFhEprsKwVncJkTVswS4DRNTeVNzdkuR2+Tppg9WOkWxE
33XKCpsGyApjP3qXBvAQlmyDaZVZ9fqiOOQ8nDZJz7gH4m+xOBDjv3QDx/FGcv4u
d8Lrm80TKL4VFZOVyepw4rJbrGqh6gHiYQJAgE6Gz/iHXkzNSzLmamHLYg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:03:18 2025 by rpki-client