Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234322e302f32342d3332203d3e203531313637.roa
File: 3138352e3232322e3234322e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: mx4RvEkYx7qlFJxXD+Q+TVB5/NEdqI/LAzPLpL1FQy0=
Subject key identifier: 47:E8:81:54:FE:AE:F0:61:EA:C8:5D:B5:4A:5E:7F:A1:02:FA:5C:E7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 341EF7EDAA85D52BF14EE5571F56AF5BD96656E8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234322e302f32342d3332203d3e203531313637.roa
Signing time: Fri 22 Aug 2025 14:47:15 +0000
ROA not before: Fri 22 Aug 2025 14:42:15 +0000
ROA not after: Fri 21 Aug 2026 14:47:15 +0000
asID: 51167
IP address blocks: 185.222.242.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:1e:f7:ed:aa:85:d5:2b:f1:4e:e5:57:1f:56:af:5b:d9:66:56:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:15 2025 GMT
Not After : Aug 21 14:47:15 2026 GMT
Subject: CN=47E88154FEAEF061EAC85DB54A5E7FA102FA5CE7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:76:ea:68:43:bb:e4:2b:16:0f:4c:fa:5e:ae:
19:c3:e3:aa:fd:8e:b0:db:dd:f8:b5:12:a7:68:42:
2b:15:c8:91:c2:10:95:12:91:37:ae:9a:89:95:cb:
95:83:36:20:77:80:96:23:f6:88:3f:ef:44:27:23:
93:7b:52:1c:da:61:02:68:19:c2:11:09:9a:d4:f0:
bb:5b:17:f4:62:d6:e2:a4:d8:f2:e5:f7:7f:66:cf:
e5:84:18:cd:85:f9:89:04:ad:bd:a2:ac:26:d9:df:
c0:a8:4e:d0:8e:d1:a0:c3:70:e3:91:53:20:f8:cb:
0b:31:a7:70:bd:b1:be:7a:68:ed:0f:04:29:0e:d3:
53:00:e0:2e:90:db:00:32:bf:76:82:f0:cc:f0:61:
17:84:7f:9e:d4:71:aa:3c:c9:5f:6f:70:87:fb:66:
29:53:22:ab:87:16:ae:67:be:cb:b5:04:ed:67:d5:
7d:65:11:68:62:45:d3:38:a0:b4:6d:40:7e:a8:f0:
a3:12:b2:7d:20:c1:24:76:e0:0b:47:a1:9f:9f:df:
75:67:72:52:4f:09:35:75:7a:53:9c:eb:f1:d4:b2:
5c:e7:2c:83:90:de:d9:e0:ed:6c:fd:a8:dd:d2:f9:
72:f2:4c:45:9a:3d:7d:23:37:aa:9e:b0:59:75:b0:
77:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:E8:81:54:FE:AE:F0:61:EA:C8:5D:B5:4A:5E:7F:A1:02:FA:5C:E7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232322e3234322e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.242.0/24
Signature Algorithm: sha256WithRSAEncryption
06:a4:d7:bf:ec:37:12:03:7c:2e:ba:b6:41:51:fa:a4:86:48:
09:c6:82:23:4c:18:ce:ba:f5:15:79:3b:06:08:03:86:aa:d8:
c4:b2:35:b8:45:57:2d:f1:be:e3:fb:2f:dc:e0:00:96:8a:45:
ac:2b:94:40:6d:38:23:5c:34:25:2e:cd:7e:6a:6d:f2:3e:18:
78:7a:99:b5:d6:be:cf:ec:83:7e:c6:e9:66:c5:79:81:42:96:
4a:3f:5b:87:10:17:94:a5:96:22:b9:03:3e:41:c7:ed:61:70:
f4:61:a5:56:c3:d7:0f:fb:ab:15:c5:d7:d0:3c:ae:ac:ea:59:
5e:3a:72:cc:35:cf:88:39:20:ff:fc:62:5c:ce:1b:8f:41:21:
03:68:a2:06:b6:d2:a1:47:5d:8f:be:91:08:80:0f:2c:a1:fd:
d6:65:36:2d:02:ed:62:5f:41:94:bf:7b:71:b9:bb:b2:a0:99:
75:b3:39:e0:62:7c:51:e7:a1:e6:1a:8a:a6:79:c0:01:8e:2d:
8f:b5:c3:88:3d:6d:41:6d:f7:49:7a:a7:fd:ac:35:96:f6:18:
0d:e7:7c:d9:97:a5:4b:3b:6e:5e:e0:52:53:48:8f:db:ea:ee:
9e:d8:39:cf:35:79:09:a0:c7:45:7c:28:fa:cd:bd:e6:8b:85:
b1:ab:52:58
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNB737aqF1SvxTuVXH1avW9lmVugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTVaFw0yNjA4MjExNDQ3MTVaMDMxMTAvBgNV
BAMTKDQ3RTg4MTU0RkVBRUYwNjFFQUM4NURCNTRBNUU3RkExMDJGQTVDRTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkdupoQ7vkKxYPTPperhnD46r9
jrDb3fi1EqdoQisVyJHCEJUSkTeumomVy5WDNiB3gJYj9og/70QnI5N7UhzaYQJo
GcIRCZrU8LtbF/Ri1uKk2PLl939mz+WEGM2F+YkErb2irCbZ38CoTtCO0aDDcOOR
UyD4ywsxp3C9sb56aO0PBCkO01MA4C6Q2wAyv3aC8MzwYReEf57Ucao8yV9vcIf7
ZilTIquHFq5nvsu1BO1n1X1lEWhiRdM4oLRtQH6o8KMSsn0gwSR24AtHoZ+f33Vn
clJPCTV1elOc6/HUslznLIOQ3tng7Wz9qN3S+XLyTEWaPX0jN6qesFl1sHf7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUR+iBVP6u8GHqyF21Sl5/oQL6XOcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzIyZTMy
MzQzMjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC53vIwDQYJKoZIhvcNAQELBQADggEBAAak17/sNxIDfC66tkFR+qSGSAnGgiNM
GM669RV5OwYIA4aq2MSyNbhFVy3xvuP7L9zgAJaKRawrlEBtOCNcNCUuzX5qbfI+
GHh6mbXWvs/sg37G6WbFeYFClko/W4cQF5SlliK5Az5Bx+1hcPRhpVbD1w/7qxXF
19A8rqzqWV46csw1z4g5IP/8YlzOG49BIQNooga20qFHXY++kQiADyyh/dZlNi0C
7WJfQZS/e3G5u7KgmXWzOeBifFHnoeYaiqZ5wAGOLY+1w4g9bUFt90l6p/2sNZb2
GA3nfNmXpUs7bl7gUlNIj9vq7p7YOc81eQmgx0V8KPrNveaLhbGrUlg=
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:18:34 2025 by rpki-client