Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e203431393434.roa
File: 3138352e3230392e3232302e302f32342d3234203d3e203431393434.roa (raw, json)
Hash identifier: RGAb/hOtQ5tKKd2X8BMherwt1arGJiaMZzGlf4QbeI4=
Subject key identifier: 95:60:77:3D:6C:10:5A:1A:27:7A:33:B5:FF:46:B8:49:5F:FF:60:6D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6AC3E7DE6B610F90F78B3596BA192C2E786CB880
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e203431393434.roa
Signing time: Fri 22 Aug 2025 14:47:12 +0000
ROA not before: Fri 22 Aug 2025 14:42:12 +0000
ROA not after: Fri 21 Aug 2026 14:47:12 +0000
asID: 41944
IP address blocks: 185.209.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:c3:e7:de:6b:61:0f:90:f7:8b:35:96:ba:19:2c:2e:78:6c:b8:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:12 2025 GMT
Not After : Aug 21 14:47:12 2026 GMT
Subject: CN=9560773D6C105A1A277A33B5FF46B8495FFF606D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b0:10:d7:ab:cd:b2:cd:b1:54:d9:00:a0:19:
51:29:64:0d:ba:30:7d:19:4b:b3:6e:49:67:e2:66:
f5:17:bc:10:b6:91:f2:44:f0:78:ce:90:8d:5e:ce:
dc:c2:df:7f:5f:36:61:89:63:b9:c5:fe:8b:0a:cb:
c3:c4:f6:e1:54:73:08:8a:dd:3c:bc:49:a4:31:09:
85:cd:31:e9:8b:a9:55:c1:e5:e9:d1:ae:43:be:22:
44:e0:42:23:f0:46:77:32:c9:2e:53:40:8e:07:cb:
ce:02:43:c3:bd:b1:dd:21:e2:49:8a:d8:e0:f5:4f:
f3:fe:2f:3a:4f:77:ad:c9:85:14:bd:6a:09:ac:a6:
b7:fa:21:e3:2f:84:84:26:75:f7:10:99:2f:a4:e7:
f9:a4:7f:4f:f8:12:25:66:8e:ec:ec:df:85:77:9c:
dd:5d:71:48:12:73:4c:bb:93:7b:6d:fe:8e:33:14:
2d:c4:34:11:4e:f8:c6:71:18:e9:eb:85:9b:3c:7a:
ec:9b:2f:03:a2:b5:53:a0:12:dc:70:ed:fa:db:ec:
60:d0:c7:45:05:a7:15:02:61:c5:e1:77:9f:fe:4d:
88:05:c6:1f:d0:c5:97:8b:bf:e7:34:bf:71:2f:15:
a2:f8:21:23:46:d4:5b:72:28:43:fa:53:09:bc:54:
45:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:60:77:3D:6C:10:5A:1A:27:7A:33:B5:FF:46:B8:49:5F:FF:60:6D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232302e302f32342d3234203d3e203431393434.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.220.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:93:4d:78:e7:c2:f4:1e:9e:76:e8:74:1e:b7:17:d9:34:99:
4e:ad:38:89:53:ef:f4:bb:bf:71:d9:de:f5:c7:b9:4e:9c:69:
d5:f9:f9:b2:a2:51:f6:4e:41:a5:f6:74:6f:6c:0e:1a:dc:48:
20:8d:6b:b7:3a:1e:87:01:70:9f:09:00:74:c6:90:64:f6:70:
2e:d1:09:9d:0d:94:5e:cc:d9:36:0e:fb:dd:ed:dd:1f:5a:15:
49:66:6f:18:c0:92:03:49:ab:2d:e2:35:aa:62:41:5d:d4:a9:
36:02:66:ae:43:4e:c2:0d:c3:09:fc:31:f6:13:64:67:8d:c1:
d4:1f:d6:53:68:8d:31:0b:f4:52:8d:2c:09:50:72:83:d7:77:
60:5f:d5:b0:49:a7:cc:e2:d5:95:12:8a:f0:20:bb:fa:8d:44:
98:4a:9f:20:73:9e:34:4f:1a:4f:a6:59:e2:60:ac:35:01:c1:
33:2d:24:45:89:62:44:8c:f8:cd:ee:47:4a:81:10:1e:c3:77:
6d:89:c3:2e:04:10:0f:24:c0:92:37:52:06:82:40:8e:76:76:
e4:c8:04:ea:58:ed:01:26:56:ea:cd:fe:cf:09:7f:f6:8f:09:
6d:5e:29:d2:ae:2c:ab:a6:f4:e2:b6:e5:70:2c:4f:6a:da:60:
7a:55:12:59
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUasPn3mthD5D3izWWuhksLnhsuIAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTJaFw0yNjA4MjExNDQ3MTJaMDMxMTAvBgNV
BAMTKDk1NjA3NzNENkMxMDVBMUEyNzdBMzNCNUZGNDZCODQ5NUZGRjYwNkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwsBDXq82yzbFU2QCgGVEpZA26
MH0ZS7NuSWfiZvUXvBC2kfJE8HjOkI1eztzC339fNmGJY7nF/osKy8PE9uFUcwiK
3Ty8SaQxCYXNMemLqVXB5enRrkO+IkTgQiPwRncyyS5TQI4Hy84CQ8O9sd0h4kmK
2OD1T/P+LzpPd63JhRS9agmsprf6IeMvhIQmdfcQmS+k5/mkf0/4EiVmjuzs34V3
nN1dcUgSc0y7k3tt/o4zFC3ENBFO+MZxGOnrhZs8euybLwOitVOgEtxw7frb7GDQ
x0UFpxUCYcXhd5/+TYgFxh/QxZeLv+c0v3EvFaL4ISNG1FtyKEP6Uwm8VEVTAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlWB3PWwQWhonejO1/0a4SV//YG0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzEzOTM0MzQucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC50dwwDQYJKoZIhvcNAQELBQADggEBAF+TTXjnwvQennbodB63F9k0mU6tOIlT
7/S7v3HZ3vXHuU6cadX5+bKiUfZOQaX2dG9sDhrcSCCNa7c6HocBcJ8JAHTGkGT2
cC7RCZ0NlF7M2TYO+93t3R9aFUlmbxjAkgNJqy3iNapiQV3UqTYCZq5DTsINwwn8
MfYTZGeNwdQf1lNojTEL9FKNLAlQcoPXd2Bf1bBJp8zi1ZUSivAgu/qNRJhKnyBz
njRPGk+mWeJgrDUBwTMtJEWJYkSM+M3uR0qBEB7Dd22Jwy4EEA8kwJI3UgaCQI52
duTIBOpY7QEmVurN/s8Jf/aPCW1eKdKuLKum9OK25XAsT2raYHpVElk=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:52:47 2025 by rpki-client