Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134372e302f32342d3234203d3e20313336373837.roa
File: 3138352e3232362e3134372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: j4JAEoUIx0TnB8WwsrzErR3joPkzqJsYCtwb7rhRC10=
Subject key identifier: C4:BE:43:99:21:4D:5E:96:4A:0A:FD:3F:15:9F:C3:83:A0:B0:7A:95
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 33EA2CC52AE23A3DA52018036F84512599107EDC
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134372e302f32342d3234203d3e20313336373837.roa
Signing time: Thu 14 Aug 2025 22:47:04 +0000
ROA not before: Thu 14 Aug 2025 22:42:04 +0000
ROA not after: Thu 13 Aug 2026 22:47:04 +0000
asID: 136787
IP address blocks: 185.226.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:ea:2c:c5:2a:e2:3a:3d:a5:20:18:03:6f:84:51:25:99:10:7e:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 14 22:42:04 2025 GMT
Not After : Aug 13 22:47:04 2026 GMT
Subject: CN=C4BE4399214D5E964A0AFD3F159FC383A0B07A95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:81:82:4b:73:5b:95:e3:27:ff:fa:d2:b4:6b:
96:5b:9c:5c:4f:84:f3:87:22:a5:7f:b9:f0:3d:5e:
43:0d:34:24:76:1a:82:c6:16:65:76:3d:98:b9:e3:
30:1c:75:fc:9c:13:ac:56:1b:6b:ee:2e:48:17:43:
da:8a:7f:56:86:0d:8b:99:1f:b4:09:54:ea:b6:c8:
28:2a:61:23:9c:f2:f6:f0:af:d4:f0:29:15:5b:48:
e6:ec:30:37:93:c5:65:c2:71:1f:90:04:e4:ed:c6:
03:3e:0f:b3:09:02:3b:45:60:cb:dc:25:35:2a:8b:
71:5c:be:7a:9c:83:73:0c:25:2d:29:a7:fc:3b:4f:
bf:4f:5b:0a:14:52:fe:6d:34:29:82:17:e6:75:ef:
83:01:f3:cc:5a:2b:ab:a3:97:69:da:e4:2e:50:8f:
f9:ba:c3:a3:c5:53:fa:59:a2:91:3c:95:a1:72:20:
97:c5:bc:95:8a:05:9a:74:bf:9b:ef:1a:5c:0e:3f:
d2:c2:e5:70:6c:43:5e:5a:23:b6:59:04:34:c1:42:
d8:f1:6b:bf:a3:1f:4c:ac:61:65:54:16:2b:d9:39:
c3:f3:81:0b:3e:e3:6a:f6:62:9d:d1:b0:d5:47:2b:
d3:d5:35:8b:51:c7:d9:81:03:61:af:d7:bc:26:32:
12:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:BE:43:99:21:4D:5E:96:4A:0A:FD:3F:15:9F:C3:83:A0:B0:7A:95
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232362e3134372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.147.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:b3:b8:dc:2a:f8:e8:31:bb:0d:4a:f6:08:f1:fe:15:9d:ea:
f9:53:55:83:03:9b:5e:11:83:f3:14:d4:71:5c:74:95:0f:af:
6a:cd:5c:d4:71:c9:d6:b4:25:82:0a:75:52:28:ad:55:79:6a:
78:ac:69:c4:d0:6c:e1:8a:5a:73:33:79:6d:ae:27:6b:80:37:
a5:25:ee:76:37:48:2e:b8:cb:71:94:89:30:ab:ce:27:96:0c:
2d:1c:2e:0f:0d:3f:7d:92:d2:29:1e:42:06:61:75:6d:8f:2f:
d5:5a:ac:6c:38:e8:5b:1a:a3:0f:2b:1f:47:21:86:d8:cb:fc:
60:e5:20:95:cf:05:42:ab:67:e6:09:36:f0:ff:28:e7:79:90:
5e:53:90:72:f2:0e:43:c6:5d:81:96:12:3f:8b:64:0b:6b:3c:
bc:7a:ba:e9:49:83:f4:a7:e0:34:56:7c:ce:ce:4b:ea:da:1e:
97:9d:97:b5:44:15:f0:eb:ad:55:0d:16:a0:a5:33:e8:c2:0a:
a2:01:21:0f:e9:05:79:01:9e:86:e0:5e:3e:bc:d4:62:7f:e2:
fe:80:b1:29:aa:48:90:ca:21:3b:d7:2e:f3:ce:6b:5d:10:f3:
f4:bf:1d:3a:f2:3f:8f:fb:d1:a1:26:3b:8a:b6:4f:65:1c:dc:
ae:36:92:cc
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUM+osxSriOj2lIBgDb4RRJZkQftwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MTQyMjQyMDRaFw0yNjA4MTMyMjQ3MDRaMDMxMTAvBgNV
BAMTKEM0QkU0Mzk5MjE0RDVFOTY0QTBBRkQzRjE1OUZDMzgzQTBCMDdBOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSgYJLc1uV4yf/+tK0a5ZbnFxP
hPOHIqV/ufA9XkMNNCR2GoLGFmV2PZi54zAcdfycE6xWG2vuLkgXQ9qKf1aGDYuZ
H7QJVOq2yCgqYSOc8vbwr9TwKRVbSObsMDeTxWXCcR+QBOTtxgM+D7MJAjtFYMvc
JTUqi3Fcvnqcg3MMJS0pp/w7T79PWwoUUv5tNCmCF+Z174MB88xaK6ujl2na5C5Q
j/m6w6PFU/pZopE8laFyIJfFvJWKBZp0v5vvGlwOP9LC5XBsQ15aI7ZZBDTBQtjx
a7+jH0ysYWVUFivZOcPzgQs+42r2Yp3RsNVHK9PVNYtRx9mBA2Gv17wmMhJ3AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUxL5DmSFNXpZKCv0/FZ/Dg6CwepUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzYyZTMx
MzQzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnikzANBgkqhkiG9w0BAQsFAAOCAQEAb7O43Cr46DG7DUr2CPH+FZ3q+VNV
gwObXhGD8xTUcVx0lQ+vas1c1HHJ1rQlggp1UiitVXlqeKxpxNBs4YpaczN5ba4n
a4A3pSXudjdILrjLcZSJMKvOJ5YMLRwuDw0/fZLSKR5CBmF1bY8v1VqsbDjoWxqj
DysfRyGG2Mv8YOUglc8FQqtn5gk28P8o53mQXlOQcvIOQ8ZdgZYSP4tkC2s8vHq6
6UmD9KfgNFZ8zs5L6toel52XtUQV8OutVQ0WoKUz6MIKogEhD+kFeQGehuBePrzU
Yn/i/oCxKapIkMohO9cu885rXRDz9L8dOvI/j/vRoSY7irZPZRzcrjaSzA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:50:29 2025 by rpki-client