Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37322e302f32342d3234203d3e20323133313232.roa
File: 3138352e3231362e37322e302f32342d3234203d3e20323133313232.roa (raw, json)
Hash identifier: TfetbJKBKABCrVYG/IBNhA6RzrKaO8vbppRWd0KjCGg=
Subject key identifier: D0:AE:AD:61:78:2E:CE:46:81:38:E7:29:AA:DF:2F:B5:AE:F1:6D:B9
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5A869CFEB93A859D70809F612FEFEEA5B5077F7F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37322e302f32342d3234203d3e20323133313232.roa
Signing time: Fri 22 Aug 2025 14:47:20 +0000
ROA not before: Fri 22 Aug 2025 14:42:20 +0000
ROA not after: Fri 21 Aug 2026 14:47:20 +0000
asID: 213122
IP address blocks: 185.216.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:86:9c:fe:b9:3a:85:9d:70:80:9f:61:2f:ef:ee:a5:b5:07:7f:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:20 2025 GMT
Not After : Aug 21 14:47:20 2026 GMT
Subject: CN=D0AEAD61782ECE468138E729AADF2FB5AEF16DB9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:4e:a9:ab:c1:ab:1c:3f:4d:62:ea:33:09:9a:
f8:b0:f9:3b:13:99:ae:48:93:bf:97:47:7a:69:42:
ac:08:24:8a:f6:8b:fe:5d:39:45:71:af:a1:ee:b9:
0b:f0:f8:a3:29:11:e7:08:2d:a3:77:b0:af:f4:ac:
7a:38:a9:68:3f:aa:93:be:50:4a:e5:fb:96:2f:3b:
27:a3:ac:de:cd:7b:19:d4:7f:e3:7f:12:e7:64:ba:
8f:0a:38:4a:a2:01:a0:52:1a:81:33:61:9d:cf:ef:
46:9a:79:67:e4:f8:fa:96:bd:8c:3a:c0:dd:0a:58:
c8:ef:28:0b:44:aa:14:6e:44:1c:5f:79:97:38:af:
34:fb:50:90:1e:42:7a:39:fa:73:e7:0b:c0:3a:59:
a8:cf:0d:7b:8e:e1:a8:d4:42:0e:08:60:2c:9d:8b:
42:2b:6d:f5:66:e0:e2:43:33:80:3c:c3:76:74:21:
dd:6d:df:f5:f9:a8:de:b5:e6:9d:ed:45:60:e8:b0:
82:14:9d:56:05:d3:66:7a:d2:c5:82:db:d7:65:33:
c4:b1:ff:a1:42:fa:6d:40:40:13:a3:13:e8:c0:1b:
6b:c4:21:41:92:58:5c:12:8a:7a:6f:72:d7:b4:f8:
6c:ca:d4:94:9a:ca:0b:dc:31:6f:23:87:de:cb:c4:
89:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:AE:AD:61:78:2E:CE:46:81:38:E7:29:AA:DF:2F:B5:AE:F1:6D:B9
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37322e302f32342d3234203d3e20323133313232.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.72.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:8b:c6:1a:37:08:36:bd:73:4c:4c:9c:1e:c2:3c:ba:3c:6a:
56:68:a5:5e:96:4e:45:e4:92:33:86:f6:fd:66:b0:e9:f0:0d:
4e:57:a7:43:ee:37:64:fc:5e:bc:4d:29:1d:23:f4:93:6b:e7:
7b:9a:48:75:56:4f:a0:db:ba:aa:34:f2:db:8b:cd:b3:39:bd:
d0:13:22:96:88:d6:25:36:75:2a:7d:3e:99:0a:fb:fb:bc:24:
9a:44:cc:62:8c:64:47:14:24:32:bf:96:34:7e:07:30:41:4c:
e1:17:e2:82:6c:f5:b0:fe:81:38:4a:8d:48:e0:fe:41:dd:6b:
90:48:10:c9:b7:68:6c:6f:6d:10:a0:1a:50:04:5b:6e:92:04:
14:a4:97:73:af:c8:3d:93:49:08:44:de:97:d8:92:ed:7d:ae:
c4:12:04:02:20:ea:f9:7f:3e:54:37:45:75:04:23:2d:4b:f8:
03:2f:d9:e4:28:f4:10:a1:80:95:76:1e:7c:71:8b:7d:ad:7d:
86:9b:6d:ce:71:94:71:f5:c1:8c:49:8b:9e:c0:c8:31:39:1a:
dc:50:86:7a:72:c6:bf:41:d6:dd:ba:8b:da:07:68:bd:6b:10:
67:a9:95:b6:7e:be:00:39:d0:bd:ee:2b:fb:17:c9:92:38:8d:
cd:7f:be:78
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUWoac/rk6hZ1wgJ9hL+/upbUHf38wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMjBaFw0yNjA4MjExNDQ3MjBaMDMxMTAvBgNV
BAMTKEQwQUVBRDYxNzgyRUNFNDY4MTM4RTcyOUFBREYyRkI1QUVGMTZEQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLTqmrwascP01i6jMJmviw+TsT
ma5Ik7+XR3ppQqwIJIr2i/5dOUVxr6HuuQvw+KMpEecILaN3sK/0rHo4qWg/qpO+
UErl+5YvOyejrN7NexnUf+N/Eudkuo8KOEqiAaBSGoEzYZ3P70aaeWfk+PqWvYw6
wN0KWMjvKAtEqhRuRBxfeZc4rzT7UJAeQno5+nPnC8A6WajPDXuO4ajUQg4IYCyd
i0IrbfVm4OJDM4A8w3Z0Id1t3/X5qN615p3tRWDosIIUnVYF02Z60sWC29dlM8Sx
/6FC+m1AQBOjE+jAG2vEIUGSWFwSinpvcte0+GzK1JSaygvcMW8jh97LxInZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU0K6tYXguzkaBOOcpqt8vta7xbbkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzYyZTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzMzMTMyMzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC52EgwDQYJKoZIhvcNAQELBQADggEBABqLxho3CDa9c0xMnB7CPLo8alZopV6W
TkXkkjOG9v1msOnwDU5Xp0PuN2T8XrxNKR0j9JNr53uaSHVWT6Dbuqo08tuLzbM5
vdATIpaI1iU2dSp9PpkK+/u8JJpEzGKMZEcUJDK/ljR+BzBBTOEX4oJs9bD+gThK
jUjg/kHda5BIEMm3aGxvbRCgGlAEW26SBBSkl3OvyD2TSQhE3pfYku19rsQSBAIg
6vl/PlQ3RXUEIy1L+AMv2eQo9BChgJV2Hnxxi32tfYabbc5xlHH1wYxJi57AyDE5
GtxQhnpyxr9B1t26i9oHaL1rEGeplbZ+vgA50L3uK/sXyZI4jc1/vng=
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:56:27 2025 by rpki-client