Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232392e3131382e302f32342d3234203d3e203437353833.roa
File: 3138352e3232392e3131382e302f32342d3234203d3e203437353833.roa (raw, json)
Hash identifier: d6hSBLIzVjZxl6Qme69bGW11xSDnMWtcMo9V46dob5M=
Subject key identifier: 6B:E2:A0:C5:26:C2:AC:AB:EE:F1:20:00:1B:7A:CC:1F:0F:85:74:6F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6FE4131F20B84A65144C464D31DC00266F48B3EF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232392e3131382e302f32342d3234203d3e203437353833.roa
Signing time: Fri 22 Aug 2025 14:47:12 +0000
ROA not before: Fri 22 Aug 2025 14:42:12 +0000
ROA not after: Fri 21 Aug 2026 14:47:12 +0000
asID: 47583
IP address blocks: 185.229.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:e4:13:1f:20:b8:4a:65:14:4c:46:4d:31:dc:00:26:6f:48:b3:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:12 2025 GMT
Not After : Aug 21 14:47:12 2026 GMT
Subject: CN=6BE2A0C526C2ACABEEF120001B7ACC1F0F85746F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:32:bb:ae:a4:18:88:75:66:b0:3c:ac:64:39:
da:45:69:74:4a:d4:07:74:b1:14:4b:d7:71:fb:ae:
19:76:35:35:90:f4:06:2a:e8:ca:71:b4:3e:13:50:
c6:18:93:b0:fe:0d:8e:ad:7d:13:23:16:8a:11:c4:
ac:14:64:15:15:ff:1e:08:d5:73:43:02:f5:40:89:
c7:61:74:23:34:6c:ef:92:d5:da:b9:86:3d:46:12:
bc:ac:31:8e:58:32:6a:25:67:14:71:9a:a2:1e:c7:
f6:3d:f8:12:d6:c8:b6:69:a5:db:9f:d1:2c:b3:5f:
ea:1b:80:59:5f:6b:cc:08:52:a7:8c:4b:9c:5d:49:
7e:39:45:b8:06:d7:cb:c8:fd:5a:c6:24:56:b1:a5:
47:3f:e4:38:59:da:c0:49:d8:f6:bd:e1:48:f8:61:
49:e0:24:c0:9b:ee:ea:54:05:e0:3d:7c:3d:42:3c:
e1:85:3a:9a:45:6f:96:bb:60:44:58:c0:24:88:19:
e3:62:94:99:ba:5a:bc:f6:b7:1e:4f:df:8d:b3:4d:
67:2b:e3:85:7e:c1:c1:bc:7a:4a:d7:d2:f7:35:22:
6b:b2:11:2e:d2:98:04:6b:b9:40:b6:c1:d9:5d:4a:
23:0b:f4:19:23:44:8b:3f:e1:31:56:37:10:8d:fe:
64:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:E2:A0:C5:26:C2:AC:AB:EE:F1:20:00:1B:7A:CC:1F:0F:85:74:6F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3232392e3131382e302f32342d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.118.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:88:15:62:85:ca:17:a6:1d:1c:d4:46:7d:5e:52:2c:a1:5d:
11:2a:df:8f:c1:df:1e:55:6c:f5:e8:cd:42:00:02:03:15:1a:
93:09:1e:6f:6c:7e:9c:fc:7a:b8:4f:b2:9c:9d:36:7f:29:87:
f0:0a:54:78:0b:9e:54:be:1f:86:5d:04:8b:d2:0b:40:14:6f:
0e:d3:24:de:11:09:91:a1:4d:a4:27:0b:45:79:bb:87:99:35:
25:15:41:c1:bf:1b:7f:46:5c:c1:6b:2f:14:61:b7:58:f2:af:
da:d6:fc:db:5e:0f:27:d0:2c:0d:36:5d:55:ac:b3:a6:fe:9a:
4b:b7:72:47:05:21:14:08:f0:9d:a5:53:3f:de:fa:00:2b:5f:
46:a9:c9:ef:72:ed:70:70:ab:f6:bb:a9:cf:98:b7:fb:c9:3e:
00:af:07:88:86:e6:ae:c2:1c:9e:c0:7b:83:c2:8e:41:61:e5:
8f:3a:2f:5b:2f:cf:60:6b:55:12:11:d2:9c:f3:bb:fb:de:cc:
ff:8d:a2:04:06:0a:aa:18:64:5c:c0:08:63:d7:1b:3c:6b:1e:
20:4e:e3:79:76:f4:5b:16:1e:9d:2e:c5:c3:cc:89:af:ea:82:
02:76:74:03:f0:32:39:70:db:53:12:99:bf:b3:84:07:4e:13:
6c:a7:5f:e0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUb+QTHyC4SmUUTEZNMdwAJm9Is+8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTJaFw0yNjA4MjExNDQ3MTJaMDMxMTAvBgNV
BAMTKDZCRTJBMEM1MjZDMkFDQUJFRUYxMjAwMDFCN0FDQzFGMEY4NTc0NkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUMruupBiIdWawPKxkOdpFaXRK
1Ad0sRRL13H7rhl2NTWQ9AYq6MpxtD4TUMYYk7D+DY6tfRMjFooRxKwUZBUV/x4I
1XNDAvVAicdhdCM0bO+S1dq5hj1GErysMY5YMmolZxRxmqIex/Y9+BLWyLZppduf
0SyzX+obgFlfa8wIUqeMS5xdSX45RbgG18vI/VrGJFaxpUc/5DhZ2sBJ2Pa94Uj4
YUngJMCb7upUBeA9fD1CPOGFOppFb5a7YERYwCSIGeNilJm6Wrz2tx5P342zTWcr
44V+wcG8ekrX0vc1ImuyES7SmARruUC2wdldSiML9BkjRIs/4TFWNxCN/mQBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUa+KgxSbCrKvu8SAAG3rMHw+FdG8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMyMzkyZTMx
MzEzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC55XYwDQYJKoZIhvcNAQELBQADggEBAKGIFWKFyhemHRzURn1eUiyhXREq34/B
3x5VbPXozUIAAgMVGpMJHm9sfpz8erhPspydNn8ph/AKVHgLnlS+H4ZdBIvSC0AU
bw7TJN4RCZGhTaQnC0V5u4eZNSUVQcG/G39GXMFrLxRht1jyr9rW/NteDyfQLA02
XVWss6b+mku3ckcFIRQI8J2lUz/e+gArX0apye9y7XBwq/a7qc+Yt/vJPgCvB4iG
5q7CHJ7Ae4PCjkFh5Y86L1svz2BrVRIR0pzzu/vezP+NogQGCqoYZFzACGPXGzxr
HiBO43l29FsWHp0uxcPMia/qggJ2dAPwMjlw21MSmb+zhAdOE2ynX+A=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:43:17 2025 by rpki-client