Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231332e38312e302f32342d3234203d3e203437353833.roa
File: 3138352e3231332e38312e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: /Qlaz3tAxbacBRicUPk8M9k4lurgYrmxWwY+nA6myDA=
Subject key identifier: DF:D1:FE:0D:AF:8A:9F:C9:F4:BB:A0:68:38:3C:83:B5:B9:87:21:2A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 28F7702C14335D4A841F767784C8C4BF4987C74E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231332e38312e302f32342d3234203d3e203437353833.roa
Signing time: Fri 22 Aug 2025 14:47:10 +0000
ROA not before: Fri 22 Aug 2025 14:42:10 +0000
ROA not after: Fri 21 Aug 2026 14:47:10 +0000
asID: 47583
IP address blocks: 185.213.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:f7:70:2c:14:33:5d:4a:84:1f:76:77:84:c8:c4:bf:49:87:c7:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:10 2025 GMT
Not After : Aug 21 14:47:10 2026 GMT
Subject: CN=DFD1FE0DAF8A9FC9F4BBA068383C83B5B987212A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ce:86:3f:a2:0d:93:7a:b4:78:5d:73:50:5d:
57:35:3d:24:b0:14:13:1e:42:1d:ec:a1:3a:0f:60:
5b:d5:f1:b1:c8:fe:35:d5:83:4b:5e:7f:4b:9e:3f:
06:0b:6b:b2:40:e2:d8:ba:94:10:6e:ca:57:ec:fb:
4d:53:bb:3a:7f:92:85:c9:37:bc:10:02:9c:86:f7:
d4:8d:56:10:ab:a1:d7:5d:63:2d:44:92:6d:a3:9d:
f6:0b:68:8b:01:c6:71:05:7d:78:42:c5:c2:c6:10:
f5:13:a5:13:8e:b8:18:f9:20:b9:ff:15:e9:65:51:
ba:d3:74:cd:b0:c1:32:c1:31:8c:1f:ce:2b:a8:45:
bc:9c:2f:58:94:c2:9a:6c:ba:13:f2:6b:30:1c:b7:
c1:ed:40:3f:08:6d:6d:99:b8:81:29:e7:54:d4:7c:
e6:ef:01:16:71:d0:03:cf:72:a7:9b:cb:eb:9b:3f:
ae:af:f7:fc:b7:73:48:0e:53:2d:ed:d7:2e:0d:3e:
bf:17:fd:c6:57:24:0a:ff:66:e6:b3:7c:bd:7a:1e:
42:39:87:55:b1:4f:31:80:7f:e0:dd:2d:56:2a:05:
43:1f:52:d8:46:03:ed:9e:26:5e:db:f8:da:20:39:
62:0b:bd:71:b9:16:07:03:17:f7:ea:23:b2:73:12:
a5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D1:FE:0D:AF:8A:9F:C9:F4:BB:A0:68:38:3C:83:B5:B9:87:21:2A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231332e38312e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.81.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:da:02:11:89:82:0f:77:63:eb:3c:ff:00:30:3c:37:96:2a:
6c:c8:5e:e4:c9:fd:ef:7c:fc:67:30:20:99:13:5e:27:c4:1f:
92:4c:5c:28:55:e4:07:17:20:52:d7:07:4c:45:7a:74:e9:b3:
f1:6c:c8:4a:81:ad:72:e7:c9:5b:5d:8d:44:40:35:94:80:c3:
4b:7d:ed:a5:b4:6c:04:de:73:54:00:b8:fa:02:de:ab:19:f5:
fd:01:c8:85:3d:c9:3f:4f:cd:18:90:25:34:d2:a8:ad:df:ed:
e5:56:56:41:9e:13:76:bf:70:09:33:6c:fe:92:c0:e7:85:82:
d5:07:59:c6:fb:0a:fe:b3:b6:65:bc:03:79:13:f0:48:d8:bb:
3a:dd:29:77:b3:84:28:18:38:ac:87:50:12:34:40:88:a9:b7:
76:d8:b3:36:e9:04:90:e4:a8:58:01:a0:9a:92:79:65:c6:50:
af:81:e6:d0:ea:56:66:60:d4:e3:a3:fe:1a:7e:3f:3b:5c:17:
b7:e6:f6:e7:a2:59:2a:0c:28:58:84:e3:38:af:5f:b6:aa:d1:
21:54:e2:b8:0b:30:56:ab:b2:6b:10:91:76:3f:b2:f9:3f:6e:
4b:87:9c:db:d3:2f:df:24:59:04:a5:c7:e6:71:32:bf:51:c7:
91:ba:08:6f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKPdwLBQzXUqEH3Z3hMjEv0mHx04wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTBaFw0yNjA4MjExNDQ3MTBaMDMxMTAvBgNV
BAMTKERGRDFGRTBEQUY4QTlGQzlGNEJCQTA2ODM4M0M4M0I1Qjk4NzIxMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzzoY/og2TerR4XXNQXVc1PSSw
FBMeQh3soToPYFvV8bHI/jXVg0tef0uePwYLa7JA4ti6lBBuylfs+01Tuzp/koXJ
N7wQApyG99SNVhCrodddYy1Ekm2jnfYLaIsBxnEFfXhCxcLGEPUTpROOuBj5ILn/
FellUbrTdM2wwTLBMYwfziuoRbycL1iUwppsuhPyazAct8HtQD8IbW2ZuIEp51TU
fObvARZx0APPcqeby+ubP66v9/y3c0gOUy3t1y4NPr8X/cZXJAr/ZuazfL16HkI5
h1WxTzGAf+DdLVYqBUMfUthGA+2eJl7b+NogOWILvXG5FgcDF/fqI7JzEqXXAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU39H+Da+Kn8n0u6BoODyDtbmHISowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzMyZTM4
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
udVRMA0GCSqGSIb3DQEBCwUAA4IBAQBq2gIRiYIPd2PrPP8AMDw3lipsyF7kyf3v
fPxnMCCZE14nxB+STFwoVeQHFyBS1wdMRXp06bPxbMhKga1y58lbXY1EQDWUgMNL
fe2ltGwE3nNUALj6At6rGfX9AciFPck/T80YkCU00qit3+3lVlZBnhN2v3AJM2z+
ksDnhYLVB1nG+wr+s7ZlvAN5E/BI2Ls63Sl3s4QoGDish1ASNECIqbd22LM26QSQ
5KhYAaCaknllxlCvgebQ6lZmYNTjo/4afj87XBe35vbnolkqDChYhOM4r1+2qtEh
VOK4CzBWq7JrEJF2P7L5P25Lh5zb0y/fJFkEpcfmcTK/UceRughv
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:19:01 2025 by rpki-client