Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134342e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232362e3134342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: gTk+hbaolMuXGHvuLpqi9roB9lkQTU7zqdvecug4Krw=
Subject key identifier: 1A:E6:10:33:30:BE:D7:0A:C5:E7:B3:E3:BF:2C:2E:9B:A8:92:13:63
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2EC20B45847B11BD47997F089116001B7488BF82
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134342e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 14 Aug 2025 22:47:05 +0000
ROA not before: Thu 14 Aug 2025 22:42:05 +0000
ROA not after: Thu 13 Aug 2026 22:47:05 +0000
asID: 136787
IP address blocks: 185.226.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:c2:0b:45:84:7b:11:bd:47:99:7f:08:91:16:00:1b:74:88:bf:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 14 22:42:05 2025 GMT
Not After : Aug 13 22:47:05 2026 GMT
Subject: CN=1AE6103330BED70AC5E7B3E3BF2C2E9BA8921363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a7:c2:6e:ae:de:11:a0:47:a2:b8:73:33:01:
20:10:bb:43:1c:bd:75:c0:8a:47:03:8c:0f:ea:db:
06:d0:c8:9a:40:ae:e2:44:f6:7e:4c:22:f8:db:7d:
11:5c:e5:71:4c:99:e5:5f:83:a0:7f:17:d0:34:27:
68:f6:6d:8c:1b:ac:a2:03:f5:bc:d1:d9:4b:af:78:
ef:77:7b:ca:43:74:44:5b:66:94:3c:86:94:f8:7e:
18:62:0b:ae:83:5e:ed:f5:6e:d9:5b:d3:9f:53:63:
0f:10:bf:80:d7:7d:02:e6:92:d3:bd:28:14:bb:07:
3a:1e:f0:ae:0d:b7:0f:e9:15:2d:2e:87:2c:c3:48:
f5:7c:3d:ad:43:03:dc:30:2f:09:70:2b:35:57:27:
9e:d7:c7:71:41:fe:7e:16:e3:41:e2:d9:8c:b7:10:
26:0c:ec:7c:2a:54:f9:5d:cd:04:2c:0d:da:36:56:
94:d7:9b:2d:52:ac:4d:bf:f2:6b:01:4e:4b:85:5d:
b8:dd:1b:5f:94:cb:23:87:e4:f8:5a:33:46:ad:a8:
d3:ce:3e:79:ef:69:bb:54:1f:b3:b1:4c:df:2f:61:
0e:5f:48:c0:4c:26:75:cc:b4:49:76:05:9d:7f:e0:
0e:3a:a9:79:7f:62:9a:44:ca:28:61:c9:7d:ef:ea:
ed:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:E6:10:33:30:BE:D7:0A:C5:E7:B3:E3:BF:2C:2E:9B:A8:92:13:63
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.144.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:ab:55:b1:3f:12:f1:79:b5:17:32:83:90:59:6d:df:8d:c0:
f8:b7:6e:01:d6:0d:96:04:19:36:44:ea:e1:9c:45:d3:2b:24:
1f:9e:09:44:4a:8f:4d:ee:3a:3a:12:e9:81:5a:58:bf:8b:9a:
de:4f:aa:91:61:68:d9:6c:84:cb:85:53:c8:7f:83:27:02:f5:
6b:32:01:4b:c5:b5:c6:a5:a9:05:2b:7c:52:32:b5:99:40:06:
a6:30:60:0f:09:7a:b8:3b:31:70:6c:38:cb:8e:72:cb:37:7d:
fd:3d:38:a2:f8:6c:8b:7b:b4:66:2f:9a:71:f7:30:57:c1:a5:
e6:5c:87:4d:35:ab:17:11:ca:81:ee:a3:27:08:12:d5:30:18:
25:b5:d9:42:7f:a7:49:d9:ce:65:24:fd:64:74:f9:3e:4b:cc:
01:b0:16:92:a0:20:2f:09:b8:5c:31:fd:64:c0:37:fe:1b:ac:
67:3c:6c:95:a5:cf:bc:29:01:85:ab:ac:ce:ea:d8:32:0c:7f:
2c:00:db:0a:34:36:fa:4d:28:33:3b:11:1f:90:cf:c1:81:77:
bc:0a:99:ff:45:d1:93:35:46:eb:4a:99:5f:5f:26:51:58:8f:
4d:07:d8:be:0a:6c:01:7c:de:68:83:51:8c:d1:6f:16:07:d1:
d9:60:75:7b
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIULsILRYR7Eb1HmX8IkRYAG3SIv4IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MTQyMjQyMDVaFw0yNjA4MTMyMjQ3MDVaMDMxMTAvBgNV
BAMTKDFBRTYxMDMzMzBCRUQ3MEFDNUU3QjNFM0JGMkMyRTlCQTg5MjEzNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHp8Jurt4RoEeiuHMzASAQu0Mc
vXXAikcDjA/q2wbQyJpAruJE9n5MIvjbfRFc5XFMmeVfg6B/F9A0J2j2bYwbrKID
9bzR2UuveO93e8pDdERbZpQ8hpT4fhhiC66DXu31btlb059TYw8Qv4DXfQLmktO9
KBS7Bzoe8K4Ntw/pFS0uhyzDSPV8Pa1DA9wwLwlwKzVXJ57Xx3FB/n4W40Hi2Yy3
ECYM7HwqVPldzQQsDdo2VpTXmy1SrE2/8msBTkuFXbjdG1+UyyOH5PhaM0atqNPO
PnnvabtUH7OxTN8vYQ5fSMBMJnXMtEl2BZ1/4A46qXl/YppEyihhyX3v6u0ZAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUGuYQMzC+1wrF57Pjvywum6iSE2MwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzYyZTMx
MzQzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnikDANBgkqhkiG9w0BAQsFAAOCAQEADatVsT8S8Xm1FzKDkFlt343A+Ldu
AdYNlgQZNkTq4ZxF0yskH54JREqPTe46OhLpgVpYv4ua3k+qkWFo2WyEy4VTyH+D
JwL1azIBS8W1xqWpBSt8UjK1mUAGpjBgDwl6uDsxcGw4y45yyzd9/T04ovhsi3u0
Zi+acfcwV8Gl5lyHTTWrFxHKge6jJwgS1TAYJbXZQn+nSdnOZST9ZHT5PkvMAbAW
kqAgLwm4XDH9ZMA3/husZzxslaXPvCkBhauszurYMgx/LADbCjQ2+k0oMzsRH5DP
wYF3vAqZ/0XRkzVG60qZX18mUViPTQfYvgpsAXzeaINRjNFvFgfR2WB1ew==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:51:31 2025 by rpki-client