Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37342e302f32342d3332203d3e20313336373837.roa
File: 3138352e3231362e37342e302f32342d3332203d3e20313336373837.roa (raw, json)
Hash identifier: PvCLkiVbwksX73AuOy8ZYFLK1hOWZtwI3X6GU4TQsrU=
Subject key identifier: A0:86:BE:D2:86:53:D1:91:8B:B4:DB:87:E0:3E:8D:6E:69:40:3F:1A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0A710F7836A04323EC1C10C827BD0513A5535FFA
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37342e302f32342d3332203d3e20313336373837.roa
Signing time: Fri 22 Aug 2025 14:47:17 +0000
ROA not before: Fri 22 Aug 2025 14:42:17 +0000
ROA not after: Fri 21 Aug 2026 14:47:17 +0000
asID: 136787
IP address blocks: 185.216.74.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:71:0f:78:36:a0:43:23:ec:1c:10:c8:27:bd:05:13:a5:53:5f:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:17 2025 GMT
Not After : Aug 21 14:47:17 2026 GMT
Subject: CN=A086BED28653D1918BB4DB87E03E8D6E69403F1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:88:49:e8:b5:df:0d:32:d2:05:d7:2c:bb:94:
02:37:74:6b:25:8e:7f:85:95:e3:87:59:8a:8f:56:
c8:ef:e5:65:4d:18:7f:c5:90:b3:6a:73:b8:e5:d7:
80:e6:74:c1:8f:54:1b:70:4d:32:b7:82:fb:62:1c:
f8:54:da:0e:7f:05:d1:0f:6f:29:0b:5d:5f:46:1a:
1a:b3:e1:55:1a:3a:87:63:98:48:44:d7:49:db:ea:
b1:1e:39:cf:b3:a9:87:7c:b0:b3:3a:be:b7:31:8f:
c9:7f:43:d0:ea:2c:b9:a4:f2:38:ab:57:28:fa:c1:
39:92:09:bf:9e:aa:19:18:b3:e9:12:80:07:48:13:
9e:11:85:8f:a1:53:6f:c2:7a:8e:7b:62:9e:e5:00:
ec:1f:12:e3:8d:54:6d:55:29:09:96:ce:ac:10:64:
fe:28:2e:7c:4a:4e:d3:ce:27:3d:39:54:8c:3e:c6:
6a:4e:c7:91:a3:00:bc:48:63:89:ac:3b:62:d1:3a:
68:1f:f6:52:48:fb:e9:6e:2e:94:c4:f8:0e:8e:96:
ee:a2:29:3e:f1:f0:a5:4e:ee:5f:ba:ee:29:f6:83:
1d:bd:83:f2:5c:d5:67:ad:ff:57:f8:72:f5:d2:ac:
df:05:2c:a5:7e:60:29:54:b1:68:34:56:2a:2f:2b:
9f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:86:BE:D2:86:53:D1:91:8B:B4:DB:87:E0:3E:8D:6E:69:40:3F:1A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231362e37342e302f32342d3332203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.74.0/24
Signature Algorithm: sha256WithRSAEncryption
93:6e:f3:de:64:9c:5e:29:f3:86:a8:1b:2b:c4:05:44:12:41:
4b:05:5f:62:d9:25:74:d0:05:bf:dc:32:85:2c:68:2e:5e:9a:
c1:64:97:5a:c4:84:07:e8:31:4c:f4:a6:fb:4a:22:eb:2b:d7:
6b:a1:0d:1a:8d:d3:ae:77:86:22:ea:e5:ed:25:82:37:6a:8c:
cb:b3:75:8d:55:b8:37:36:f4:f7:c8:06:9b:5a:3b:5d:67:42:
8d:15:c0:d0:c2:a0:86:50:0f:7e:c9:20:74:42:53:ef:3f:0b:
bd:92:d1:db:42:34:13:fe:a0:e0:23:4a:36:96:40:30:62:c9:
70:1e:a6:6e:6f:d6:59:d9:1a:95:03:4d:6c:1e:e6:c4:79:81:
8a:b9:0e:c9:16:b4:7b:ce:02:25:96:7b:3c:76:b7:0d:93:0d:
53:b8:0b:48:62:6c:c5:b2:22:a4:31:c5:4e:4f:9b:e2:b1:62:
9d:b8:c7:47:f4:14:e7:99:c3:41:3e:99:06:77:e0:f6:ed:61:
60:22:f6:e2:04:58:f3:2d:ed:5b:28:a2:28:bd:b2:b8:17:f8:
e2:ae:64:aa:9c:a5:30:da:ee:65:71:20:1f:2f:c6:59:97:9f:
20:82:1b:dc:34:29:bf:a3:f1:7d:24:ab:04:36:82:3b:c9:9f:
b1:b3:75:a2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCnEPeDagQyPsHBDIJ70FE6VTX/owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTdaFw0yNjA4MjExNDQ3MTdaMDMxMTAvBgNV
BAMTKEEwODZCRUQyODY1M0QxOTE4QkI0REI4N0UwM0U4RDZFNjk0MDNGMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuiEnotd8NMtIF1yy7lAI3dGsl
jn+FleOHWYqPVsjv5WVNGH/FkLNqc7jl14DmdMGPVBtwTTK3gvtiHPhU2g5/BdEP
bykLXV9GGhqz4VUaOodjmEhE10nb6rEeOc+zqYd8sLM6vrcxj8l/Q9DqLLmk8jir
Vyj6wTmSCb+eqhkYs+kSgAdIE54RhY+hU2/Ceo57Yp7lAOwfEuONVG1VKQmWzqwQ
ZP4oLnxKTtPOJz05VIw+xmpOx5GjALxIY4msO2LROmgf9lJI++luLpTE+A6Olu6i
KT7x8KVO7l+67in2gx29g/Jc1Wet/1f4cvXSrN8FLKV+YClUsWg0ViovK58FAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUoIa+0oZT0ZGLtNuH4D6NbmlAPxowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzYyZTM3
MzQyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC52EowDQYJKoZIhvcNAQELBQADggEBAJNu895knF4p84aoGyvEBUQSQUsFX2LZ
JXTQBb/cMoUsaC5emsFkl1rEhAfoMUz0pvtKIusr12uhDRqN0653hiLq5e0lgjdq
jMuzdY1VuDc29PfIBptaO11nQo0VwNDCoIZQD37JIHRCU+8/C72S0dtCNBP+oOAj
SjaWQDBiyXAepm5v1lnZGpUDTWwe5sR5gYq5DskWtHvOAiWWezx2tw2TDVO4C0hi
bMWyIqQxxU5Pm+KxYp24x0f0FOeZw0E+mQZ34PbtYWAi9uIEWPMt7Vsooii9srgX
+OKuZKqcpTDa7mVxIB8vxlmXnyCCG9w0Kb+j8X0kqwQ2gjvJn7GzdaI=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:45:15 2025 by rpki-client