Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233372e3235322e302f32332d3332203d3e203531313637.roa
File: 3138352e3233372e3235322e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: K6wJ3MR3C51KuE/WaPuXqCDHdFp4PYOhQmLUNbSADTs=
Subject key identifier: B8:20:B4:8B:81:0F:AA:C7:B0:CD:BB:3B:D0:DA:DE:55:ED:DB:2E:CC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 61408C7887BDBB3D2851E53C9FFD87111026F7D2
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233372e3235322e302f32332d3332203d3e203531313637.roa
Signing time: Fri 22 Aug 2025 14:47:11 +0000
ROA not before: Fri 22 Aug 2025 14:42:11 +0000
ROA not after: Fri 21 Aug 2026 14:47:11 +0000
asID: 51167
IP address blocks: 185.237.252.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:40:8c:78:87:bd:bb:3d:28:51:e5:3c:9f:fd:87:11:10:26:f7:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:11 2025 GMT
Not After : Aug 21 14:47:11 2026 GMT
Subject: CN=B820B48B810FAAC7B0CDBB3BD0DADE55EDDB2ECC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4c:8e:b3:f0:20:4f:d1:bf:36:cf:04:39:59:
e1:5c:f4:0a:3f:5d:74:29:fc:3c:d7:dc:92:51:d0:
cd:5f:8b:a7:e9:e0:e0:7c:62:39:38:c2:d0:78:00:
6d:50:48:fd:e5:83:20:10:7c:22:36:52:d0:cd:6a:
f7:a2:88:8a:0f:a9:24:11:71:70:ac:d8:9d:c6:ae:
5c:3b:2b:90:8b:fb:c9:1c:66:75:93:6e:64:11:49:
d8:77:bb:98:1a:5c:2d:f9:bf:aa:11:f6:4a:d4:f8:
1e:5e:34:de:d6:4d:11:2a:dc:42:f7:c5:01:f9:9d:
93:6e:cd:b7:a9:6a:99:6b:a7:1f:fa:db:94:99:32:
01:ae:46:d7:6f:d8:ad:aa:2a:ca:e0:28:3e:43:0b:
1c:30:ff:1e:52:22:8a:5d:88:d3:40:ec:8a:db:14:
f5:26:fe:6b:88:5d:ea:66:54:aa:88:26:16:39:a0:
a9:6a:82:a1:11:85:00:74:0f:da:a8:62:55:8b:5a:
48:05:13:48:a6:c1:2c:b8:27:e0:96:4f:0b:f0:1c:
eb:6a:be:d3:87:57:17:3d:b2:9d:3e:0e:18:4a:72:
93:6c:f6:a5:54:d7:ae:5b:8c:c6:bd:18:d1:d6:91:
28:af:7c:fe:39:69:af:10:30:5c:c7:12:35:7b:6f:
09:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:20:B4:8B:81:0F:AA:C7:B0:CD:BB:3B:D0:DA:DE:55:ED:DB:2E:CC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233372e3235322e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.252.0/23
Signature Algorithm: sha256WithRSAEncryption
31:0d:ba:ff:cd:0e:25:33:e9:f3:03:96:47:14:63:14:3e:ad:
6a:d7:3d:66:e2:e5:49:53:12:bd:63:5f:4b:2c:a1:77:e4:9e:
3b:84:45:8d:0e:6c:75:8f:55:ba:26:c4:11:f1:ab:6c:b8:d9:
c5:24:a7:77:0f:91:02:fc:11:d3:06:ac:b4:41:2d:0a:8b:7c:
26:8a:f7:e9:82:21:2b:0f:9c:4e:c9:62:1e:70:63:03:0c:7e:
cd:0f:8f:7e:44:1d:14:fa:67:3d:22:9f:cb:37:91:b7:80:65:
c0:d9:34:70:d4:c7:91:3a:d2:89:f4:41:47:c2:fe:bc:a4:fb:
54:4f:55:3d:f4:60:06:86:6a:ab:c0:e6:af:3a:37:77:1f:1a:
f0:b8:2a:ae:7c:48:8b:0e:7d:59:16:22:0a:78:1d:ba:2d:93:
f4:3e:f2:96:ec:8f:46:cb:72:db:74:c1:19:5a:1e:4f:ad:ee:
e6:f6:58:98:9f:eb:25:e0:71:29:64:ae:95:b2:a0:a8:4b:f2:
cc:c6:97:84:0f:89:29:03:a8:a7:fd:ce:c5:02:f3:9a:a2:91:
b3:f0:69:dc:cb:b1:36:ad:e5:ce:15:59:40:e4:6c:b9:85:37:
9c:61:c5:82:cc:af:55:2b:bd:64:10:41:b7:55:ea:72:57:ee:
ea:0c:cf:30
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYUCMeIe9uz0oUeU8n/2HERAm99IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTFaFw0yNjA4MjExNDQ3MTFaMDMxMTAvBgNV
BAMTKEI4MjBCNDhCODEwRkFBQzdCMENEQkIzQkQwREFERTU1RUREQjJFQ0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmTI6z8CBP0b82zwQ5WeFc9Ao/
XXQp/DzX3JJR0M1fi6fp4OB8Yjk4wtB4AG1QSP3lgyAQfCI2UtDNaveiiIoPqSQR
cXCs2J3Grlw7K5CL+8kcZnWTbmQRSdh3u5gaXC35v6oR9krU+B5eNN7WTREq3EL3
xQH5nZNuzbepaplrpx/625SZMgGuRtdv2K2qKsrgKD5DCxww/x5SIopdiNNA7Irb
FPUm/muIXepmVKqIJhY5oKlqgqERhQB0D9qoYlWLWkgFE0imwSy4J+CWTwvwHOtq
vtOHVxc9sp0+DhhKcpNs9qVU165bjMa9GNHWkSivfP45aa8QMFzHEjV7bwnzAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUuCC0i4EPqsewzbs70NreVe3bLswwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzcyZTMy
MzUzMjJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG57fwwDQYJKoZIhvcNAQELBQADggEBADENuv/NDiUz6fMDlkcUYxQ+rWrXPWbi
5UlTEr1jX0ssoXfknjuERY0ObHWPVbomxBHxq2y42cUkp3cPkQL8EdMGrLRBLQqL
fCaK9+mCISsPnE7JYh5wYwMMfs0Pj35EHRT6Zz0in8s3kbeAZcDZNHDUx5E60on0
QUfC/ryk+1RPVT30YAaGaqvA5q86N3cfGvC4Kq58SIsOfVkWIgp4Hbotk/Q+8pbs
j0bLctt0wRlaHk+t7ub2WJif6yXgcSlkrpWyoKhL8szGl4QPiSkDqKf9zsUC85qi
kbPwadzLsTat5c4VWUDkbLmFN5xhxYLMr1UrvWQQQbdV6nJX7uoMzzA=
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:19:54 2025 by rpki-client