Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231382e3132362e302f32342d3332203d3e203531313637.roa
File: 3138352e3231382e3132362e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: 5gLevv+fy2CMozpWAud18RPNBWihcYyJ84/Fgco0YsE=
Subject key identifier: 16:1F:7A:56:9C:A8:C2:87:BD:7F:F0:E9:1C:D8:19:35:B3:83:5E:B4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7328EE7ACC85A014AB4FEE2FCAB96A963BC354C9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231382e3132362e302f32342d3332203d3e203531313637.roa
Signing time: Fri 22 Aug 2025 14:47:15 +0000
ROA not before: Fri 22 Aug 2025 14:42:15 +0000
ROA not after: Fri 21 Aug 2026 14:47:15 +0000
asID: 51167
IP address blocks: 185.218.126.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:28:ee:7a:cc:85:a0:14:ab:4f:ee:2f:ca:b9:6a:96:3b:c3:54:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:15 2025 GMT
Not After : Aug 21 14:47:15 2026 GMT
Subject: CN=161F7A569CA8C287BD7FF0E91CD81935B3835EB4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1c:79:d7:20:59:b4:e6:bb:41:f9:93:2c:59:
f9:fd:56:20:ef:31:f9:da:65:1b:00:88:f4:14:54:
99:f9:6f:01:38:30:5b:ca:e3:2b:c7:57:9c:e7:b2:
ea:59:52:73:f0:5b:a1:d6:d9:4c:fb:71:c8:f3:43:
38:95:0a:ca:a9:75:d8:4d:d1:b7:be:63:f7:8a:3e:
e4:d9:2d:fa:03:8d:3f:ed:e8:0a:ba:61:22:94:f3:
2e:57:6e:8d:dd:a7:21:6f:85:ee:20:f8:9a:7a:2a:
6a:5d:b5:ad:32:39:04:fc:98:6c:c7:7f:bf:32:7a:
73:81:40:e1:fb:c7:95:44:05:99:a1:ed:c4:6f:3d:
0b:6b:20:0b:ee:5a:87:38:8e:c5:1c:1e:65:69:a7:
06:67:5e:cd:ad:9d:54:d3:79:c8:3e:9b:4b:fc:d1:
82:70:3c:03:b1:b7:c4:8e:19:00:c2:ee:a4:c2:ef:
4a:e8:28:41:e7:64:72:60:9b:ee:d8:98:4f:70:87:
56:36:10:f5:5d:27:e2:f8:ff:e0:46:bc:9a:bc:57:
18:14:1c:bc:2d:05:36:72:05:59:9c:4d:ac:cd:3c:
24:4a:6b:53:e3:bb:39:5d:0b:1c:f7:8b:5b:38:2a:
57:9f:ec:7c:20:7e:2e:56:b9:68:8d:b6:7a:01:0b:
32:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:1F:7A:56:9C:A8:C2:87:BD:7F:F0:E9:1C:D8:19:35:B3:83:5E:B4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3231382e3132362e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.126.0/24
Signature Algorithm: sha256WithRSAEncryption
23:b7:33:ae:ce:a1:29:f9:13:7a:1c:0b:84:89:73:28:35:f9:
4a:3c:a6:72:a1:88:bc:07:fa:89:1b:fd:53:dd:4c:53:9b:0b:
74:b1:d8:0b:0a:b9:d6:cf:5c:e0:5f:6a:18:7d:98:16:26:3d:
f7:1e:15:be:31:24:2f:9f:4d:5a:e1:35:b2:b8:76:7d:69:56:
f2:e9:ec:63:d2:3d:4c:56:d0:b7:71:e6:b7:f6:83:2f:98:ff:
9e:82:de:e8:3f:c3:02:57:3f:36:a1:f4:39:a3:17:a9:ce:80:
04:b1:c3:cd:b6:06:57:8b:cd:b7:12:43:b8:86:71:16:7a:24:
e9:25:4e:5a:a3:2e:b7:15:f8:a2:22:7f:b5:c8:26:c8:fc:90:
9d:b9:4f:b1:1f:0a:77:0b:83:f2:78:0a:95:97:6b:60:c1:68:
74:e3:3a:b5:7a:11:9e:bc:eb:43:08:6c:da:92:37:22:76:93:
8f:df:9a:d7:0f:0a:af:3f:b7:2e:fe:53:3c:30:9c:10:87:10:
a0:96:24:97:c6:89:cd:1a:74:64:a0:b9:c9:d5:8c:ae:86:58:
1d:87:05:8a:11:bf:b6:7b:9f:b5:21:79:96:b0:f8:5e:bc:4a:
46:b3:5b:aa:f4:75:d5:bc:97:fc:c9:6b:ea:78:5c:6a:d8:56:
58:5b:99:6b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcyjuesyFoBSrT+4vyrlqljvDVMkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTVaFw0yNjA4MjExNDQ3MTVaMDMxMTAvBgNV
BAMTKDE2MUY3QTU2OUNBOEMyODdCRDdGRjBFOTFDRDgxOTM1QjM4MzVFQjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdHHnXIFm05rtB+ZMsWfn9ViDv
MfnaZRsAiPQUVJn5bwE4MFvK4yvHV5znsupZUnPwW6HW2Uz7ccjzQziVCsqpddhN
0be+Y/eKPuTZLfoDjT/t6Aq6YSKU8y5Xbo3dpyFvhe4g+Jp6Kmpdta0yOQT8mGzH
f78yenOBQOH7x5VEBZmh7cRvPQtrIAvuWoc4jsUcHmVppwZnXs2tnVTTecg+m0v8
0YJwPAOxt8SOGQDC7qTC70roKEHnZHJgm+7YmE9wh1Y2EPVdJ+L4/+BGvJq8VxgU
HLwtBTZyBVmcTazNPCRKa1PjuzldCxz3i1s4Klef7Hwgfi5WuWiNtnoBCzIzAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUFh96Vpyowoe9f/DpHNgZNbODXrQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMxMzgyZTMx
MzIzNjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC52n4wDQYJKoZIhvcNAQELBQADggEBACO3M67OoSn5E3ocC4SJcyg1+Uo8pnKh
iLwH+okb/VPdTFObC3Sx2AsKudbPXOBfahh9mBYmPfceFb4xJC+fTVrhNbK4dn1p
VvLp7GPSPUxW0Ldx5rf2gy+Y/56C3ug/wwJXPzah9DmjF6nOgASxw822BleLzbcS
Q7iGcRZ6JOklTlqjLrcV+KIif7XIJsj8kJ25T7EfCncLg/J4CpWXa2DBaHTjOrV6
EZ6860MIbNqSNyJ2k4/fmtcPCq8/ty7+UzwwnBCHEKCWJJfGic0adGSgucnVjK6G
WB2HBYoRv7Z7n7UheZaw+F68SkazW6r0ddW8l/zJa+p4XGrYVlhbmWs=
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:29:35 2025 by rpki-client