Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232312e3133322e302f32342d3234203d3e20323033333830.roa
File: 3138352e3232312e3133322e302f32342d3234203d3e20323033333830.roa (raw, json)
Hash identifier: akIetrgUc5DKyks0n93aDuej8sKH0KWq/rabx+zm2R0=
Subject key identifier: D4:AE:C8:EE:55:E3:7A:9B:49:3E:B1:A7:D0:2B:91:4C:8B:0C:11:7F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 03EEBEE665223D61856452D9D316024CD8DA53A4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232312e3133322e302f32342d3234203d3e20323033333830.roa
Signing time: Fri 22 Aug 2025 14:47:09 +0000
ROA not before: Fri 22 Aug 2025 14:42:09 +0000
ROA not after: Fri 21 Aug 2026 14:47:09 +0000
asID: 203380
IP address blocks: 185.221.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:ee:be:e6:65:22:3d:61:85:64:52:d9:d3:16:02:4c:d8:da:53:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:09 2025 GMT
Not After : Aug 21 14:47:09 2026 GMT
Subject: CN=D4AEC8EE55E37A9B493EB1A7D02B914C8B0C117F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:bd:96:7e:d9:9b:7d:74:22:81:65:8f:02:5c:
96:bc:31:71:39:2b:14:7c:ad:29:b1:09:56:3f:cc:
3c:c1:57:27:d7:4e:71:fe:2b:d0:52:fe:c8:6f:d8:
cc:80:19:9f:51:d2:d5:d7:9c:d1:11:72:91:81:7a:
46:a6:a3:7f:1c:6d:c2:db:a7:3a:e7:d1:78:40:05:
0e:10:97:44:e2:60:79:58:9b:02:7c:d5:86:55:a3:
83:b2:58:0f:29:8d:f8:77:fe:19:57:53:e7:65:59:
7b:c5:03:51:42:57:99:23:0e:d7:6a:d6:f2:93:90:
1c:84:a9:49:ef:40:ec:6b:ac:6b:ec:77:00:76:e3:
91:ff:d4:8e:30:6e:6c:de:63:f2:b0:94:76:55:07:
ea:3c:21:70:28:c1:2a:20:92:e5:c6:44:88:10:b6:
c4:82:2d:30:23:33:2f:93:2b:cc:59:33:f7:08:1d:
4c:99:cc:01:84:33:07:8c:d3:d4:38:22:8b:81:a2:
39:0b:32:c3:81:6d:c6:4e:80:84:78:81:40:86:1b:
58:4a:66:87:94:5c:65:bc:d2:40:6b:f4:1e:c9:3e:
ad:ed:29:4b:a1:5c:9f:b8:a3:9e:01:f5:84:f2:37:
42:20:69:2c:96:5e:21:f8:15:10:6e:54:a3:e4:56:
90:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:AE:C8:EE:55:E3:7A:9B:49:3E:B1:A7:D0:2B:91:4C:8B:0C:11:7F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232312e3133322e302f32342d3234203d3e20323033333830.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.132.0/24
Signature Algorithm: sha256WithRSAEncryption
52:f3:fa:b4:77:69:c2:fc:3a:e0:70:2c:55:6a:e7:1f:b8:be:
58:7e:25:80:cb:f1:35:3d:ba:9a:c7:77:fb:2b:1d:a9:8b:2d:
5a:55:f9:10:95:39:c2:a4:6d:6a:d8:1f:0c:fb:71:d7:82:ed:
7d:e1:59:9c:22:4a:25:af:60:1a:7a:33:99:89:1b:c9:db:27:
21:72:29:bd:66:3a:15:2f:da:a7:42:1a:4b:65:b1:e4:2b:4b:
ce:e9:d1:9a:57:00:5b:cd:77:f6:69:27:d2:03:52:76:fc:5a:
2b:f8:43:1b:59:82:81:84:38:1a:fd:dc:d8:fd:bd:ca:52:7c:
ce:ba:05:38:a8:ba:a7:a7:50:73:36:71:55:ff:cc:5c:ce:e8:
0f:78:0c:a7:51:44:9f:0c:7e:45:8f:31:ac:74:86:64:78:8a:
2d:85:90:d0:41:e3:69:89:16:6e:cf:13:94:1d:56:11:a6:15:
d9:2f:5e:46:40:c3:64:e1:8f:33:f7:d1:fc:ce:45:ff:3c:1e:
42:3d:d6:34:58:53:b5:78:52:dd:78:83:7f:b8:02:ff:63:9d:
e5:de:25:c7:e0:28:08:9d:f3:36:43:c4:3b:a0:87:da:4a:e4:
6d:d7:db:2d:c4:60:dd:4e:cb:82:df:50:aa:c9:72:42:dd:e1:
91:6a:a3:fe
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUA+6+5mUiPWGFZFLZ0xYCTNjaU6QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMDlaFw0yNjA4MjExNDQ3MDlaMDMxMTAvBgNV
BAMTKEQ0QUVDOEVFNTVFMzdBOUI0OTNFQjFBN0QwMkI5MTRDOEIwQzExN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD5vZZ+2Zt9dCKBZY8CXJa8MXE5
KxR8rSmxCVY/zDzBVyfXTnH+K9BS/shv2MyAGZ9R0tXXnNERcpGBekamo38cbcLb
pzrn0XhABQ4Ql0TiYHlYmwJ81YZVo4OyWA8pjfh3/hlXU+dlWXvFA1FCV5kjDtdq
1vKTkByEqUnvQOxrrGvsdwB245H/1I4wbmzeY/KwlHZVB+o8IXAowSogkuXGRIgQ
tsSCLTAjMy+TK8xZM/cIHUyZzAGEMweM09Q4IouBojkLMsOBbcZOgIR4gUCGG1hK
ZoeUXGW80kBr9B7JPq3tKUuhXJ+4o54B9YTyN0IgaSyWXiH4FRBuVKPkVpDxAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU1K7I7lXjeptJPrGn0CuRTIsMEX8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzEyZTMx
MzMzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzMzMzMzgzMC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALndhDANBgkqhkiG9w0BAQsFAAOCAQEAUvP6tHdpwvw64HAsVWrnH7i+WH4l
gMvxNT26msd3+ysdqYstWlX5EJU5wqRtatgfDPtx14LtfeFZnCJKJa9gGnozmYkb
ydsnIXIpvWY6FS/ap0IaS2Wx5CtLzunRmlcAW8139mkn0gNSdvxaK/hDG1mCgYQ4
Gv3c2P29ylJ8zroFOKi6p6dQczZxVf/MXM7oD3gMp1FEnwx+RY8xrHSGZHiKLYWQ
0EHjaYkWbs8TlB1WEaYV2S9eRkDDZOGPM/fR/M5F/zweQj3WNFhTtXhS3XiDf7gC
/2Od5d4lx+AoCJ3zNkPEO6CH2krkbdfbLcRg3U7Lgt9QqslyQt3hkWqj/g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:45:46 2025 by rpki-client