Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3230382e302f32332d3332203d3e203531313637.roa
File: 3138352e3233392e3230382e302f32332d3332203d3e203531313637.roa (raw, json)
Hash identifier: jg4k97zGKY7UaEmFwijuHU29uJ3vMW6RpV7lxvCHKUg=
Subject key identifier: D2:70:21:38:00:3E:F6:6D:07:F0:A1:01:28:4D:5B:6D:C7:AE:AB:95
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 192D1300B4A671CF9F8FC8DD13F33D2D9E589674
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3230382e302f32332d3332203d3e203531313637.roa
Signing time: Fri 22 Aug 2025 14:47:19 +0000
ROA not before: Fri 22 Aug 2025 14:42:19 +0000
ROA not after: Fri 21 Aug 2026 14:47:19 +0000
asID: 51167
IP address blocks: 185.239.208.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:2d:13:00:b4:a6:71:cf:9f:8f:c8:dd:13:f3:3d:2d:9e:58:96:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:19 2025 GMT
Not After : Aug 21 14:47:19 2026 GMT
Subject: CN=D2702138003EF66D07F0A101284D5B6DC7AEAB95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5f:3f:22:3f:5d:22:30:0a:0a:ec:25:77:47:
d5:52:89:28:8d:c6:de:c5:48:52:e5:04:5a:37:de:
80:47:53:98:63:dc:35:60:b0:e7:48:6e:bb:49:83:
47:5b:4e:ec:28:dc:e3:da:8f:f1:d3:73:46:36:0b:
49:1a:aa:be:c0:20:a5:06:03:39:4a:02:01:c9:23:
7b:6c:3a:cb:20:ab:3f:f8:d4:63:da:b3:6b:53:0b:
6c:6e:ed:41:09:4c:6b:68:b0:92:7f:45:22:de:59:
92:70:b1:9e:f5:c2:67:a9:7c:01:d1:fc:e4:6f:6e:
14:40:10:e5:20:a3:69:af:5a:b7:fd:5c:6a:79:3e:
80:b2:75:b8:a2:85:62:07:fe:8b:6b:1c:1a:e7:48:
54:2c:8e:5b:2c:c8:22:0b:9d:a9:50:03:64:06:7c:
ed:87:87:45:64:8c:33:64:65:51:d2:6b:68:eb:ce:
28:a0:0c:32:9d:a7:bf:be:96:c4:ef:ab:d5:65:a7:
6d:5a:6d:a9:d1:e4:ea:2c:52:a5:5a:bb:f6:93:49:
10:cf:ea:b8:ab:74:26:5a:c7:a6:4c:d0:40:e1:f6:
4f:4a:61:ea:9a:9c:4e:ae:7a:94:ec:d1:8f:37:ad:
5d:08:ca:3a:46:2b:c7:13:66:c8:43:c6:25:b4:dd:
fc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:70:21:38:00:3E:F6:6D:07:F0:A1:01:28:4D:5B:6D:C7:AE:AB:95
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3230382e302f32332d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.208.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:43:bd:78:82:dd:d3:4d:30:df:6d:f9:d0:0e:d0:bb:a8:e8:
af:9c:91:f7:b2:5d:54:10:31:bd:8c:78:78:d9:7d:86:fe:c8:
c2:88:9a:03:72:fe:32:e9:11:4a:b1:b8:84:e7:3e:6f:3a:87:
73:f5:c6:66:48:3d:0f:b4:83:ce:a6:14:1f:74:c4:3f:8a:12:
1b:78:a1:8a:63:3e:ac:22:90:bd:02:25:fe:dd:26:50:92:17:
78:cf:4a:0c:6e:9f:53:5d:d6:71:28:a4:0d:2e:5f:2c:e6:9f:
10:ad:62:6e:2c:0d:eb:58:74:5b:b3:c5:f9:cf:94:0f:a9:ce:
e8:4d:8e:af:ea:21:35:5d:f7:ed:67:10:f3:c1:00:a6:10:72:
25:25:52:cb:0b:9a:c7:12:77:14:66:97:61:7d:ae:ea:ca:5c:
14:fd:86:31:d5:57:2b:ff:f2:b7:eb:52:d5:9e:de:9a:3d:0a:
db:ee:73:ee:99:94:2a:7f:0c:58:a7:bb:2f:c1:c4:8b:53:03:
f3:c0:1f:f7:7d:33:d4:f0:2c:c3:0f:2e:2e:e4:88:81:f8:1e:
66:10:6e:67:5d:af:e3:0a:f4:5c:9a:8c:c3:86:bf:a6:06:43:
25:e7:f1:c3:ea:a3:6b:a4:c9:81:b1:c8:50:27:d2:2f:c5:23:
0d:66:ca:d5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGS0TALSmcc+fj8jdE/M9LZ5YlnQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTlaFw0yNjA4MjExNDQ3MTlaMDMxMTAvBgNV
BAMTKEQyNzAyMTM4MDAzRUY2NkQwN0YwQTEwMTI4NEQ1QjZEQzdBRUFCOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrXz8iP10iMAoK7CV3R9VSiSiN
xt7FSFLlBFo33oBHU5hj3DVgsOdIbrtJg0dbTuwo3OPaj/HTc0Y2C0kaqr7AIKUG
AzlKAgHJI3tsOssgqz/41GPas2tTC2xu7UEJTGtosJJ/RSLeWZJwsZ71wmepfAHR
/ORvbhRAEOUgo2mvWrf9XGp5PoCydbiihWIH/otrHBrnSFQsjlssyCILnalQA2QG
fO2Hh0VkjDNkZVHSa2jrziigDDKdp7++lsTvq9Vlp21abanR5OosUqVau/aTSRDP
6rirdCZax6ZM0EDh9k9KYeqanE6uepTs0Y83rV0IyjpGK8cTZshDxiW03fyDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU0nAhOAA+9m0H8KEBKE1bbceuq5UwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzkyZTMy
MzAzODJlMzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG579AwDQYJKoZIhvcNAQELBQADggEBAExDvXiC3dNNMN9t+dAO0Luo6K+ckfey
XVQQMb2MeHjZfYb+yMKImgNy/jLpEUqxuITnPm86h3P1xmZIPQ+0g86mFB90xD+K
Eht4oYpjPqwikL0CJf7dJlCSF3jPSgxun1Nd1nEopA0uXyzmnxCtYm4sDetYdFuz
xfnPlA+pzuhNjq/qITVd9+1nEPPBAKYQciUlUssLmscSdxRml2F9rurKXBT9hjHV
Vyv/8rfrUtWe3po9Ctvuc+6ZlCp/DFinuy/BxItTA/PAH/d9M9TwLMMPLi7kiIH4
HmYQbmddr+MK9FyajMOGv6YGQyXn8cPqo2ukyYGxyFAn0i/FIw1mytU=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:51:53 2025 by rpki-client