Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133372e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232352e3133372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: z8YoKGM06olKXmSF8d7AQsGmEa4UBH56tTKjTRPNblI=
Subject key identifier: AF:25:5B:7D:1E:DB:4B:ED:CF:17:1B:A2:E6:5B:81:3F:5F:79:11:E7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7DEB10036E6506C942FBAF6422BACC548CFC0AF7
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133372e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 14 Aug 2025 22:47:05 +0000
ROA not before: Thu 14 Aug 2025 22:42:05 +0000
ROA not after: Thu 13 Aug 2026 22:47:05 +0000
asID: 136787
IP address blocks: 185.225.137.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:eb:10:03:6e:65:06:c9:42:fb:af:64:22:ba:cc:54:8c:fc:0a:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 14 22:42:05 2025 GMT
Not After : Aug 13 22:47:05 2026 GMT
Subject: CN=AF255B7D1EDB4BEDCF171BA2E65B813F5F7911E7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:98:28:99:7f:96:1b:a0:a7:04:38:6d:3e:0e:
60:ea:1c:ea:7b:bf:c1:5f:6b:7a:be:33:e9:da:e4:
1f:aa:64:35:b5:bc:93:4c:ea:ab:99:ca:71:ce:72:
37:f0:3d:d6:f5:b9:c2:a4:ec:6e:3e:39:9d:61:58:
2b:a6:8e:20:9b:cc:2d:6f:a7:86:b7:fc:ad:05:8a:
d4:61:9d:c7:ab:9a:b5:18:13:08:24:ca:dd:9b:c9:
2d:01:df:fc:59:27:46:30:27:fd:70:da:c5:39:e1:
2d:a3:b3:33:5b:d7:70:44:8c:d7:f2:8a:7c:a7:54:
e3:43:b4:8b:a9:75:26:d0:13:a0:e1:fc:64:81:c2:
c2:4e:5b:66:e8:ae:d3:5d:c4:09:85:57:6e:1a:31:
20:2b:70:15:ad:ba:8d:8a:9a:56:a4:34:d2:4a:f4:
f2:80:d7:7e:a4:38:14:ac:39:8e:70:34:51:52:0b:
e7:df:37:91:54:b9:50:5f:26:ec:43:56:cb:f8:bd:
6f:d8:37:e2:98:bb:de:ae:59:66:ee:15:b1:03:dc:
48:a1:bf:92:ae:a0:9f:15:53:6c:7d:7b:f1:b6:d9:
12:90:39:4b:28:11:a3:56:6e:b2:fd:ce:f4:c2:76:
89:b2:3a:bf:ac:cd:58:54:0f:e2:79:ac:14:96:8d:
1a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:25:5B:7D:1E:DB:4B:ED:CF:17:1B:A2:E6:5B:81:3F:5F:79:11:E7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.137.0/24
Signature Algorithm: sha256WithRSAEncryption
53:d2:90:d9:6d:b1:ed:0a:2c:ae:f2:1c:1c:f1:fd:53:07:46:
ae:85:e9:e7:3f:29:2a:a9:ff:6c:d3:f0:c4:67:63:99:2c:35:
a5:82:22:1c:72:8a:f9:1d:0d:8b:49:d4:8b:c2:bb:54:ea:3e:
1d:97:23:ce:66:7f:94:6b:f0:20:79:fb:5b:ba:ad:15:66:0b:
65:20:4d:8d:f0:b4:9a:c9:d9:9a:c5:b4:89:64:50:e0:72:a5:
a0:95:03:f8:e0:17:45:82:90:bc:1e:a6:60:99:d6:10:81:c1:
47:21:e1:60:6d:44:d1:b6:57:a4:49:e6:5f:fa:6b:e0:9e:21:
89:34:f0:47:7a:4d:4a:50:81:4c:b1:06:66:af:ea:94:57:e6:
84:4f:a0:d0:19:86:b7:b0:ba:60:2a:fe:af:59:5d:98:e2:ed:
43:ce:42:7a:7c:d2:4f:a0:bb:59:44:fe:b3:e7:09:a3:97:d3:
2c:5f:cb:2d:9c:2c:00:a4:df:35:21:e7:62:c3:bd:f6:34:da:
eb:29:f5:ef:77:d6:24:96:2a:44:d4:66:be:47:53:11:b1:d7:
ec:6a:7a:b6:8e:99:48:1f:20:4d:0d:99:d0:47:d5:38:0e:8b:
11:32:88:ff:d4:63:f7:08:12:46:0c:20:7f:52:c7:51:d1:55:
3e:81:6a:4f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUfesQA25lBslC+69kIrrMVIz8CvcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MTQyMjQyMDVaFw0yNjA4MTMyMjQ3MDVaMDMxMTAvBgNV
BAMTKEFGMjU1QjdEMUVEQjRCRURDRjE3MUJBMkU2NUI4MTNGNUY3OTExRTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNmCiZf5YboKcEOG0+DmDqHOp7
v8Ffa3q+M+na5B+qZDW1vJNM6quZynHOcjfwPdb1ucKk7G4+OZ1hWCumjiCbzC1v
p4a3/K0FitRhncermrUYEwgkyt2byS0B3/xZJ0YwJ/1w2sU54S2jszNb13BEjNfy
inynVONDtIupdSbQE6Dh/GSBwsJOW2bortNdxAmFV24aMSArcBWtuo2KmlakNNJK
9PKA136kOBSsOY5wNFFSC+ffN5FUuVBfJuxDVsv4vW/YN+KYu96uWWbuFbED3Eih
v5KuoJ8VU2x9e/G22RKQOUsoEaNWbrL9zvTCdomyOr+szVhUD+J5rBSWjRrVAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUryVbfR7bS+3PFxui5luBP195EecwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzUyZTMx
MzMzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnhiTANBgkqhkiG9w0BAQsFAAOCAQEAU9KQ2W2x7QosrvIcHPH9UwdGroXp
5z8pKqn/bNPwxGdjmSw1pYIiHHKK+R0Ni0nUi8K7VOo+HZcjzmZ/lGvwIHn7W7qt
FWYLZSBNjfC0msnZmsW0iWRQ4HKloJUD+OAXRYKQvB6mYJnWEIHBRyHhYG1E0bZX
pEnmX/pr4J4hiTTwR3pNSlCBTLEGZq/qlFfmhE+g0BmGt7C6YCr+r1ldmOLtQ85C
enzST6C7WUT+s+cJo5fTLF/LLZwsAKTfNSHnYsO99jTa6yn173fWJJYqRNRmvkdT
EbHX7Gp6to6ZSB8gTQ2Z0EfVOA6LETKI/9Rj9wgSRgwgf1LHUdFVPoFqTw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:54:45 2025 by rpki-client