Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233372e3235342e302f32342d3234203d3e20313336373837.roa
File: 3138352e3233372e3235342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: XIF/8G9sAi+sa9PoVx04KnRVDCcPcIU8x0AkuZJzlDU=
Subject key identifier: 3F:53:2B:9D:73:65:21:65:1A:B8:12:F0:D3:B2:CE:BE:4E:73:0C:00
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 479516E9C2A86108D2FE69B7BD22681E3E24E64F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233372e3235342e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 22 Aug 2025 14:47:16 +0000
ROA not before: Fri 22 Aug 2025 14:42:16 +0000
ROA not after: Fri 21 Aug 2026 14:47:16 +0000
asID: 136787
IP address blocks: 185.237.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:95:16:e9:c2:a8:61:08:d2:fe:69:b7:bd:22:68:1e:3e:24:e6:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:16 2025 GMT
Not After : Aug 21 14:47:16 2026 GMT
Subject: CN=3F532B9D736521651AB812F0D3B2CEBE4E730C00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d1:e6:a0:0a:91:4e:8b:75:60:a5:f4:ec:d8:
5d:b1:f1:fe:54:65:83:61:76:9b:64:fb:38:fd:57:
ff:e8:65:be:18:20:e8:8e:01:9c:66:b4:57:3e:6d:
90:e0:06:c6:2e:28:c5:36:f8:41:9d:70:76:b9:96:
b6:6a:a4:ce:fc:13:21:c3:37:ff:aa:a7:85:f0:2a:
d8:32:f9:66:af:52:4f:f1:62:80:ea:ba:72:a0:54:
7e:82:50:d9:ed:73:33:24:0f:56:bf:89:b0:8a:74:
8f:a5:e0:74:01:1c:46:71:20:ee:eb:1f:6a:77:11:
36:38:9f:27:74:30:9c:f7:e6:65:e8:23:66:24:cf:
2a:72:6b:c5:ed:91:e4:c6:b1:a5:f5:32:21:68:8e:
bd:3e:71:17:52:9d:f4:ed:f7:b9:1e:cd:ff:9e:3b:
06:e2:7e:14:dd:7a:c2:ee:de:2f:f4:de:47:75:ec:
a2:46:34:ce:d3:ad:58:cc:ee:ef:00:9e:af:39:51:
10:cb:d8:6e:92:3c:40:0a:2f:d4:39:58:13:78:33:
59:ad:36:6c:84:7c:ac:44:20:bf:0d:06:e7:2b:0b:
59:f4:d7:93:3c:fb:69:02:da:c1:46:72:1a:5b:f1:
bc:28:d9:45:bf:dc:40:6c:27:12:93:a2:82:d5:93:
db:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:53:2B:9D:73:65:21:65:1A:B8:12:F0:D3:B2:CE:BE:4E:73:0C:00
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233372e3235342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.254.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:29:45:a5:ad:c4:75:a0:91:91:a0:fe:d5:c3:37:29:e9:93:
ab:8a:99:c7:4a:56:e0:53:17:eb:3a:76:6b:69:97:b4:1f:a9:
d1:d9:6c:23:9b:ac:fc:ba:0a:5d:2d:7e:75:19:31:7e:eb:6e:
ab:d8:e0:c5:94:22:6b:c1:f5:92:66:2f:f8:42:f8:86:de:f7:
6c:94:92:7b:17:81:5a:48:5c:1c:fc:08:07:dd:73:26:4d:13:
c7:5d:cf:65:6a:0d:0e:57:70:73:22:25:d1:64:50:17:a5:99:
cb:cc:d0:f8:9b:49:2f:99:f9:29:4d:86:19:a7:b6:fe:1c:9c:
3f:54:cc:c5:61:81:a7:c8:10:21:45:ca:a6:90:c2:06:14:43:
22:5e:fd:fd:28:c9:cc:d3:c7:cc:8b:7d:f1:59:e9:55:9f:0c:
c5:cc:13:b3:09:d2:c0:0f:8e:e0:f8:6b:33:ed:78:ec:19:99:
d7:b0:55:cf:56:51:1a:9b:d2:f1:c6:2f:c1:da:4d:fe:7b:94:
a7:1e:33:3f:25:ad:00:88:f4:4b:ae:e7:49:46:48:1a:9c:b1:
3e:99:66:1c:a5:de:54:1b:18:ef:86:2d:72:fe:bd:09:19:d7:
1c:32:29:fa:31:25:70:b9:88:d5:bd:85:d4:ec:36:14:c7:0f:
f3:b9:e6:99
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUR5UW6cKoYQjS/mm3vSJoHj4k5k8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTZaFw0yNjA4MjExNDQ3MTZaMDMxMTAvBgNV
BAMTKDNGNTMyQjlENzM2NTIxNjUxQUI4MTJGMEQzQjJDRUJFNEU3MzBDMDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCY0eagCpFOi3VgpfTs2F2x8f5U
ZYNhdptk+zj9V//oZb4YIOiOAZxmtFc+bZDgBsYuKMU2+EGdcHa5lrZqpM78EyHD
N/+qp4XwKtgy+WavUk/xYoDqunKgVH6CUNntczMkD1a/ibCKdI+l4HQBHEZxIO7r
H2p3ETY4nyd0MJz35mXoI2Ykzypya8XtkeTGsaX1MiFojr0+cRdSnfTt97kezf+e
OwbifhTdesLu3i/03kd17KJGNM7TrVjM7u8Anq85URDL2G6SPEAKL9Q5WBN4M1mt
NmyEfKxEIL8NBucrC1n015M8+2kC2sFGchpb8bwo2UW/3EBsJxKTooLVk9srAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUP1MrnXNlIWUauBLw07LOvk5zDAAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzcyZTMy
MzUzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnt/jANBgkqhkiG9w0BAQsFAAOCAQEAbilFpa3EdaCRkaD+1cM3KemTq4qZ
x0pW4FMX6zp2a2mXtB+p0dlsI5us/LoKXS1+dRkxfutuq9jgxZQia8H1kmYv+EL4
ht73bJSSexeBWkhcHPwIB91zJk0Tx13PZWoNDldwcyIl0WRQF6WZy8zQ+JtJL5n5
KU2GGae2/hycP1TMxWGBp8gQIUXKppDCBhRDIl79/SjJzNPHzIt98VnpVZ8MxcwT
swnSwA+O4PhrM+147BmZ17BVz1ZRGpvS8cYvwdpN/nuUpx4zPyWtAIj0S67nSUZI
GpyxPplmHKXeVBsY74Ytcv69CRnXHDIp+jElcLmI1b2F1Ow2FMcP87nmmQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:53:47 2025 by rpki-client