Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3136382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3231372e3136382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: +kWXOXgeA8EnLYLK3tMjLFPN+hTmymtxtXwfbHIL5WU=
Subject key identifier: 34:8B:50:74:D5:49:4A:7A:C3:EF:24:E3:D3:EB:21:C9:D5:01:BF:DA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 238C6D62D81B5BBCCBD087851B6644C13074A807
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3136382e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 24 Jun 2025 21:46:44 +0000
ROA not before: Tue 24 Jun 2025 21:41:44 +0000
ROA not after: Tue 23 Jun 2026 21:46:44 +0000
asID: 136787
IP address blocks: 185.217.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 20:58:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:8c:6d:62:d8:1b:5b:bc:cb:d0:87:85:1b:66:44:c1:30:74:a8:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 24 21:41:44 2025 GMT
Not After : Jun 23 21:46:44 2026 GMT
Subject: CN=348B5074D5494A7AC3EF24E3D3EB21C9D501BFDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:d0:41:ca:82:50:fe:5b:6b:1e:37:e3:91:68:
57:1d:79:c1:f5:27:51:c1:b7:96:06:0f:c5:8d:2d:
83:39:1d:f9:71:45:63:c4:be:27:f1:27:38:b5:a6:
38:af:b5:d9:00:4f:57:de:ee:ad:35:6f:2f:84:e2:
d5:47:6a:cb:3f:3c:80:31:0a:17:96:fb:fe:57:19:
51:e3:23:0e:96:73:28:c2:54:d1:96:c5:2f:37:f5:
4e:87:69:6a:d8:99:ec:e1:db:86:96:25:a0:c1:4a:
9e:54:55:93:8e:5d:8b:c4:a9:df:ec:ff:f0:aa:c8:
79:cd:94:d0:8b:b1:aa:5b:0b:51:63:b5:55:73:7d:
ab:54:08:50:76:88:48:5f:e4:47:af:00:f9:d0:b6:
0a:77:01:c3:85:52:7a:8c:b5:30:44:6f:b9:fd:6c:
96:36:9d:a3:e2:08:67:20:66:68:a4:27:ef:05:b1:
94:3a:5b:88:37:89:43:98:b8:38:2e:76:85:b4:af:
41:70:0b:a6:43:65:cb:66:fa:16:7b:ee:56:5e:78:
46:04:b3:7a:d8:71:5c:86:08:29:91:1f:db:29:c1:
93:35:47:06:56:ca:c4:de:7d:4b:24:67:a8:28:01:
7b:03:ee:cf:eb:68:86:16:56:6e:71:10:b7:c9:a8:
72:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:8B:50:74:D5:49:4A:7A:C3:EF:24:E3:D3:EB:21:C9:D5:01:BF:DA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231372e3136382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.217.168.0/24
Signature Algorithm: sha256WithRSAEncryption
07:52:fd:34:91:5b:a9:f8:23:a6:83:56:fc:0f:a0:4d:75:15:
f7:64:b6:8b:fe:a1:0e:2e:f7:fc:8a:09:81:18:e2:e7:e5:77:
f0:09:59:dc:de:07:45:ce:d1:c1:b0:a5:5e:17:c4:b9:bf:88:
55:d0:c2:e9:6e:02:1d:af:db:2c:82:da:bc:cf:86:ad:15:2a:
0f:0b:ec:72:16:ea:02:75:21:e1:b3:75:1c:31:da:d3:96:b5:
f7:1a:5a:fe:75:90:ee:a3:57:c8:2c:22:9f:62:69:7e:0e:a8:
0e:af:af:d0:1e:a8:0b:63:df:b0:5f:8e:ea:f4:b2:ec:66:0a:
ef:67:27:ed:5c:2f:87:24:31:f7:34:e1:dc:9b:f0:51:2f:ae:
4b:4d:b5:03:30:2a:14:d7:71:1e:da:e2:c8:7c:b7:cb:39:31:
2f:32:8b:a4:6a:f9:50:50:11:06:70:31:4f:2d:71:d5:93:1e:
e4:1a:0a:da:ac:8d:8f:64:f3:ce:bd:bd:0e:7f:ef:a4:ce:7d:
ed:95:67:e9:33:45:7f:26:6d:a8:ae:be:3e:96:58:6b:4b:9f:
f5:1a:3e:39:4a:88:2b:44:57:c4:c4:43:b4:c9:51:24:97:4c:
a0:1c:4b:ed:c0:27:f6:f8:83:c5:3e:9c:6e:84:6a:15:b6:69:
13:08:ff:86
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUI4xtYtgbW7zL0IeFG2ZEwTB0qAcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA2MjQyMTQxNDRaFw0yNjA2MjMyMTQ2NDRaMDMxMTAvBgNV
BAMTKDM0OEI1MDc0RDU0OTRBN0FDM0VGMjRFM0QzRUIyMUM5RDUwMUJGREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDT0EHKglD+W2seN+ORaFcdecH1
J1HBt5YGD8WNLYM5HflxRWPEvifxJzi1pjivtdkAT1fe7q01by+E4tVHass/PIAx
CheW+/5XGVHjIw6WcyjCVNGWxS839U6HaWrYmezh24aWJaDBSp5UVZOOXYvEqd/s
//CqyHnNlNCLsapbC1FjtVVzfatUCFB2iEhf5EevAPnQtgp3AcOFUnqMtTBEb7n9
bJY2naPiCGcgZmikJ+8FsZQ6W4g3iUOYuDgudoW0r0FwC6ZDZctm+hZ77lZeeEYE
s3rYcVyGCCmRH9spwZM1RwZWysTefUskZ6goAXsD7s/raIYWVm5xELfJqHIdAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUNItQdNVJSnrD7yTj0+shydUBv9owHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzcyZTMx
MzYzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnZqDANBgkqhkiG9w0BAQsFAAOCAQEAB1L9NJFbqfgjpoNW/A+gTXUV92S2
i/6hDi73/IoJgRji5+V38AlZ3N4HRc7RwbClXhfEub+IVdDC6W4CHa/bLILavM+G
rRUqDwvschbqAnUh4bN1HDHa05a19xpa/nWQ7qNXyCwin2Jpfg6oDq+v0B6oC2Pf
sF+O6vSy7GYK72cn7VwvhyQx9zTh3JvwUS+uS021AzAqFNdxHtriyHy3yzkxLzKL
pGr5UFARBnAxTy1x1ZMe5BoK2qyNj2Tzzr29Dn/vpM597ZVn6TNFfyZtqK6+PpZY
a0uf9Ro+OUqIK0RXxMRDtMlRJJdMoBxL7cAn9viDxT6cboRqFbZpEwj/hg==
-----END CERTIFICATE-----
Generated at Sun Jun 29 11:27:13 2025 by rpki-client