Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232332e302f32342d3332203d3e203531313637.roa
File: 3138352e3230392e3232332e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: OLS4egEJZmHTo2Cv0/xz/JjnTtM6yHL5n8JyjtiioUQ=
Subject key identifier: 42:0E:59:CE:4E:55:E1:0E:8E:B5:87:C2:D8:86:37:D6:82:58:07:FF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4C2945A0C19CDD5C9235957DE084D6E21EAA06DA
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232332e302f32342d3332203d3e203531313637.roa
Signing time: Fri 22 Aug 2025 14:47:12 +0000
ROA not before: Fri 22 Aug 2025 14:42:12 +0000
ROA not after: Fri 21 Aug 2026 14:47:12 +0000
asID: 51167
IP address blocks: 185.209.223.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:29:45:a0:c1:9c:dd:5c:92:35:95:7d:e0:84:d6:e2:1e:aa:06:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:12 2025 GMT
Not After : Aug 21 14:47:12 2026 GMT
Subject: CN=420E59CE4E55E10E8EB587C2D88637D6825807FF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:5b:51:e6:f8:bd:28:53:b4:cb:e7:40:3c:e6:
25:83:6d:4f:58:85:78:5b:a8:0e:d6:cd:a0:9f:2b:
e0:48:4c:82:43:e9:fd:6f:3d:e3:16:4c:8b:4e:c2:
c6:3e:7d:1c:87:59:aa:bb:46:74:2e:90:46:0b:2c:
62:f6:7a:42:e8:8d:e5:24:43:ef:03:a7:42:fe:14:
a9:41:90:be:49:99:af:d1:48:6f:6a:15:11:e4:df:
b3:5a:0c:5b:70:5d:d8:20:4e:2b:bb:c3:d8:b6:74:
a7:e2:2c:81:12:39:87:95:c5:4a:ce:00:1b:62:f2:
ed:ab:a3:d1:fe:ef:54:61:3f:15:cf:0f:37:d7:f7:
b3:95:4a:f2:3f:5b:a7:93:51:9e:d3:3f:94:2f:4c:
be:57:8a:7b:d2:4f:98:ff:4c:c9:ff:79:48:0b:b7:
e6:43:96:8c:c2:f3:9d:da:1a:e9:94:c7:09:9b:d9:
99:87:5c:a5:1b:be:94:5a:40:2e:88:a7:a7:77:f4:
f1:55:a2:e3:2a:9f:ea:8c:73:d9:1f:66:e8:8f:9e:
47:76:e8:ef:73:b4:b7:f6:d7:85:35:dd:91:35:bc:
21:5c:1a:3b:ba:ed:88:4b:04:ba:b3:4c:04:dc:81:
2e:bf:af:35:89:d1:0d:88:4f:21:25:63:68:ba:b8:
c9:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:0E:59:CE:4E:55:E1:0E:8E:B5:87:C2:D8:86:37:D6:82:58:07:FF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232332e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.223.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:a8:4d:38:6c:0c:b2:75:6f:08:6f:00:a5:86:50:1e:5e:38:
cb:6b:b1:78:c0:94:d9:33:ce:c5:db:86:9e:7b:fe:c1:42:af:
76:83:ed:a5:10:4d:31:b4:9b:ed:1c:89:9a:c6:8e:d3:4f:c8:
b3:59:df:b0:d0:10:33:bc:8c:bc:65:1a:7f:82:03:4d:d3:0e:
c0:48:a1:7c:81:27:a1:c2:0a:b2:5d:9f:90:10:81:c8:60:47:
25:4a:cf:4e:d0:60:d0:f3:c9:4e:d7:4c:ba:0c:4b:c9:b8:12:
2c:ae:e7:04:46:3f:01:7e:e8:f4:cc:9e:cf:5a:16:17:38:78:
7f:cc:d2:47:e1:af:00:02:79:dd:8e:48:0c:e1:61:be:5d:33:
dc:e5:a7:91:66:f1:94:a4:f0:a4:9f:fe:7f:39:cb:7b:8f:9e:
53:ad:3c:12:77:c9:65:88:74:fa:a8:8a:a6:9c:0b:96:21:fa:
a0:ba:b6:de:bf:12:c5:f0:83:83:3e:e7:c8:b1:53:94:0d:ac:
51:02:da:0c:1c:5b:62:40:2c:ff:2e:3a:ac:c3:d7:57:9b:73:
4f:f6:b1:82:40:e8:ab:39:f7:8e:72:62:f0:ce:de:32:73:f7:
e4:cc:52:c7:fd:14:b1:34:8e:51:8d:50:27:54:56:0e:ab:b9:
02:6b:3c:3d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTClFoMGc3VySNZV94ITW4h6qBtowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTJaFw0yNjA4MjExNDQ3MTJaMDMxMTAvBgNV
BAMTKDQyMEU1OUNFNEU1NUUxMEU4RUI1ODdDMkQ4ODYzN0Q2ODI1ODA3RkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8W1Hm+L0oU7TL50A85iWDbU9Y
hXhbqA7WzaCfK+BITIJD6f1vPeMWTItOwsY+fRyHWaq7RnQukEYLLGL2ekLojeUk
Q+8Dp0L+FKlBkL5Jma/RSG9qFRHk37NaDFtwXdggTiu7w9i2dKfiLIESOYeVxUrO
ABti8u2ro9H+71RhPxXPDzfX97OVSvI/W6eTUZ7TP5QvTL5XinvST5j/TMn/eUgL
t+ZDlozC853aGumUxwmb2ZmHXKUbvpRaQC6Ip6d39PFVouMqn+qMc9kfZuiPnkd2
6O9ztLf214U13ZE1vCFcGju67YhLBLqzTATcgS6/rzWJ0Q2ITyElY2i6uMmhAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUQg5Zzk5V4Q6OtYfC2IY31oJYB/8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy
MzIzMzJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC50d8wDQYJKoZIhvcNAQELBQADggEBAH+oTThsDLJ1bwhvAKWGUB5eOMtrsXjA
lNkzzsXbhp57/sFCr3aD7aUQTTG0m+0ciZrGjtNPyLNZ37DQEDO8jLxlGn+CA03T
DsBIoXyBJ6HCCrJdn5AQgchgRyVKz07QYNDzyU7XTLoMS8m4Eiyu5wRGPwF+6PTM
ns9aFhc4eH/M0kfhrwACed2OSAzhYb5dM9zlp5Fm8ZSk8KSf/n85y3uPnlOtPBJ3
yWWIdPqoiqacC5Yh+qC6tt6/EsXwg4M+58ixU5QNrFEC2gwcW2JALP8uOqzD11eb
c0/2sYJA6Ks5945yYvDO3jJz9+TMUsf9FLE0jlGNUCdUVg6ruQJrPD0=
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:53:38 2025 by rpki-client