Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133382e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232352e3133382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: mJTrj8Ktt++eJkZijdMYwyC1JJmsRMuT0vj5eHuQl1o=
Subject key identifier: 31:93:4F:73:26:83:16:F4:9A:0F:6C:9D:1F:EB:93:01:8D:F9:6E:FC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0D5094B7A4AC65715F9B85D4091DBFF9C2BA77F0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133382e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 14 Aug 2025 22:47:05 +0000
ROA not before: Thu 14 Aug 2025 22:42:05 +0000
ROA not after: Thu 13 Aug 2026 22:47:05 +0000
asID: 136787
IP address blocks: 185.225.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:50:94:b7:a4:ac:65:71:5f:9b:85:d4:09:1d:bf:f9:c2:ba:77:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 14 22:42:05 2025 GMT
Not After : Aug 13 22:47:05 2026 GMT
Subject: CN=31934F73268316F49A0F6C9D1FEB93018DF96EFC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:98:8b:c3:7c:f8:de:7f:c8:41:33:3d:e7:bf:
08:fa:39:2b:e8:30:ed:4e:4c:b7:48:26:95:22:d9:
26:80:7d:1e:7c:bc:4a:bc:25:e6:39:d6:35:8e:f3:
7f:51:a3:c0:c0:55:a6:ab:fc:02:ee:8f:ee:33:ff:
e1:1d:5d:74:b5:d8:2f:c8:92:2c:05:24:0f:c1:b4:
30:45:34:47:45:bb:89:e2:76:06:62:40:c1:bb:3b:
b8:0b:81:bc:bd:d2:7e:3b:39:29:17:02:74:de:33:
36:c6:f5:3f:79:0a:14:97:b6:63:b6:57:8b:5e:ed:
ba:2b:8b:9e:51:b2:5d:b8:98:ab:15:ec:b9:1f:49:
84:08:5d:6b:84:16:ed:84:50:d4:58:03:a2:8b:d0:
7b:0d:c3:33:36:b1:f1:fe:3b:25:ed:f7:3c:09:d3:
de:60:45:df:91:ee:70:92:cf:6a:36:a8:5e:f3:7a:
71:65:cc:f3:b7:32:53:44:4e:4c:fa:15:97:4a:70:
a6:a3:66:b1:3c:60:fa:bf:54:9b:60:4e:a8:17:1a:
95:57:95:c4:00:6d:55:63:36:b0:78:f5:fd:c0:4a:
cb:c9:5e:d8:ef:4d:17:75:54:47:83:a8:a1:69:27:
48:ef:1d:da:5b:6f:9e:d4:cb:7c:2c:0e:ea:73:aa:
e2:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:93:4F:73:26:83:16:F4:9A:0F:6C:9D:1F:EB:93:01:8D:F9:6E:FC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232352e3133382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.138.0/24
Signature Algorithm: sha256WithRSAEncryption
88:a2:08:2d:e7:67:72:1f:9d:c0:90:f8:e9:0f:89:c0:f1:0d:
0f:84:cc:62:6d:a0:2e:06:7e:9c:6d:b6:c7:c6:bd:29:61:71:
ef:f8:2c:31:33:43:5b:6a:ab:d2:5f:83:d7:80:09:7b:a4:46:
70:09:a4:8d:6c:e0:4a:5f:0d:de:ad:06:b4:bd:9e:52:1f:64:
34:3c:41:2b:f9:23:2c:af:cb:6c:1d:c9:75:03:4e:4f:2e:76:
43:87:cb:72:24:26:46:87:21:86:df:2f:4f:85:21:77:36:94:
c9:c2:31:67:9a:94:2b:d3:89:a8:c4:c8:ad:5b:10:76:b8:a5:
3a:55:4c:50:2d:22:88:67:f0:1c:16:74:8f:4e:30:30:7b:04:
5f:7b:49:41:30:3a:d0:71:43:f7:13:02:10:b2:04:78:bf:8c:
e4:ca:7c:3b:3a:9c:44:ad:fb:3c:cf:05:c7:61:1f:7a:63:bf:
c7:3e:0c:af:f5:35:41:b7:59:f7:16:4a:8d:91:2e:99:61:2b:
33:8c:d8:54:4d:7b:1b:1f:a1:0a:c9:8e:0b:00:3c:ad:32:e5:
73:97:28:92:1c:81:62:f6:71:7b:57:6a:d4:e0:0e:b4:eb:71:
63:af:05:9a:cc:5a:c3:dc:24:38:7f:bf:25:4d:29:fe:4c:2a:
c7:4d:18:1a
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUDVCUt6SsZXFfm4XUCR2/+cK6d/AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MTQyMjQyMDVaFw0yNjA4MTMyMjQ3MDVaMDMxMTAvBgNV
BAMTKDMxOTM0RjczMjY4MzE2RjQ5QTBGNkM5RDFGRUI5MzAxOERGOTZFRkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpmIvDfPjef8hBMz3nvwj6OSvo
MO1OTLdIJpUi2SaAfR58vEq8JeY51jWO839Ro8DAVaar/ALuj+4z/+EdXXS12C/I
kiwFJA/BtDBFNEdFu4nidgZiQMG7O7gLgby90n47OSkXAnTeMzbG9T95ChSXtmO2
V4te7bori55Rsl24mKsV7LkfSYQIXWuEFu2EUNRYA6KL0HsNwzM2sfH+OyXt9zwJ
095gRd+R7nCSz2o2qF7zenFlzPO3MlNETkz6FZdKcKajZrE8YPq/VJtgTqgXGpVX
lcQAbVVjNrB49f3ASsvJXtjvTRd1VEeDqKFpJ0jvHdpbb57Uy3wsDupzquIFAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUMZNPcyaDFvSaD2ydH+uTAY35bvwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzUyZTMx
MzMzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnhijANBgkqhkiG9w0BAQsFAAOCAQEAiKIILednch+dwJD46Q+JwPEND4TM
Ym2gLgZ+nG22x8a9KWFx7/gsMTNDW2qr0l+D14AJe6RGcAmkjWzgSl8N3q0GtL2e
Uh9kNDxBK/kjLK/LbB3JdQNOTy52Q4fLciQmRochht8vT4UhdzaUycIxZ5qUK9OJ
qMTIrVsQdrilOlVMUC0iiGfwHBZ0j04wMHsEX3tJQTA60HFD9xMCELIEeL+M5Mp8
OzqcRK37PM8Fx2EfemO/xz4Mr/U1QbdZ9xZKjZEumWErM4zYVE17Gx+hCsmOCwA8
rTLlc5cokhyBYvZxe1dq1OAOtOtxY68Fmsxaw9wkOH+/JU0p/kwqx00YGg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:46:30 2025 by rpki-client