Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3231312e302f32342d3332203d3e203531313637.roa
File: 3138352e3233392e3231312e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: aAblnHoPmvmFO/OuvypSrc9T+Ylz4XaTyKbrxy3Q/BA=
Subject key identifier: 2B:27:87:E0:07:50:2F:56:3F:A6:09:7C:7A:15:E3:D9:67:C4:66:90
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7D0A1D3C00CCB6A9058F8242FC4866FB557B5951
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3231312e302f32342d3332203d3e203531313637.roa
Signing time: Fri 22 Aug 2025 14:47:15 +0000
ROA not before: Fri 22 Aug 2025 14:42:15 +0000
ROA not after: Fri 21 Aug 2026 14:47:15 +0000
asID: 51167
IP address blocks: 185.239.211.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:0a:1d:3c:00:cc:b6:a9:05:8f:82:42:fc:48:66:fb:55:7b:59:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:15 2025 GMT
Not After : Aug 21 14:47:15 2026 GMT
Subject: CN=2B2787E007502F563FA6097C7A15E3D967C46690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:71:a2:dc:91:66:78:8c:65:c4:e4:f0:4c:c3:
7e:30:f4:b5:3b:61:98:ed:a4:3f:bb:2a:97:e3:b2:
01:e6:90:87:c8:8c:d0:0a:16:2b:b9:7e:b3:c3:a9:
72:77:ec:11:90:cd:35:fd:38:a7:24:fa:53:05:84:
01:f8:b9:3a:f0:b5:8c:6c:72:e6:6b:d2:a3:99:29:
cd:a6:ed:da:23:7b:be:3d:fc:5f:86:65:2c:be:49:
b3:ea:13:ef:cf:db:75:e7:cc:e1:69:2c:66:3a:d0:
42:1e:f7:b3:ca:e7:39:7c:ae:42:58:fe:97:fb:3f:
69:71:78:46:09:d9:f7:50:1e:83:4f:d4:29:1f:0a:
7b:db:81:93:7c:2c:20:ba:ac:e3:e9:8a:eb:a3:34:
f2:e9:08:ba:2c:d1:fe:de:fb:af:51:98:75:8f:f2:
72:8e:31:91:44:44:06:63:33:2f:b7:df:be:22:a8:
cb:8e:6e:0e:62:2b:bc:1c:04:21:31:e8:89:20:02:
51:94:d8:20:09:48:2d:2c:06:f4:b0:a5:19:53:98:
2b:60:c1:cb:1c:44:75:e4:e1:f9:6c:54:23:5b:34:
65:c8:64:06:ae:ce:82:db:39:1e:2b:46:02:a0:5f:
c8:9b:34:a7:f4:4a:be:79:bd:fc:c0:27:ec:db:c7:
a1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:27:87:E0:07:50:2F:56:3F:A6:09:7C:7A:15:E3:D9:67:C4:66:90
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233392e3231312e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.211.0/24
Signature Algorithm: sha256WithRSAEncryption
04:29:f9:dc:28:0b:97:31:7e:01:44:cb:27:05:ed:b0:30:e0:
db:d5:ea:d9:76:e4:3c:0a:7a:76:d8:1c:a6:3b:7f:fa:b1:fa:
40:85:c0:8a:79:52:89:ed:cb:b5:07:63:ce:24:79:0d:25:47:
55:63:af:3b:8b:43:cc:c9:31:bd:d6:fc:0f:33:23:0b:89:98:
8f:e4:56:65:fa:53:d9:7d:f9:6c:56:20:67:1f:61:d8:a8:f6:
69:96:de:0b:1c:e1:32:45:3d:fc:a0:a3:bc:76:7e:07:48:dc:
0f:ac:54:a0:ea:0c:dd:00:65:ac:db:ad:7d:06:03:ea:7a:cf:
39:7d:54:1c:b9:e7:61:70:a3:84:b4:a5:64:f9:78:e5:fa:80:
4d:fc:00:67:7d:06:86:0f:3d:63:8e:e4:42:c7:75:09:bd:04:
0f:b2:7e:96:2b:78:c1:3d:44:1a:bb:02:41:df:95:21:0f:b4:
8e:a1:c4:e8:bd:28:2d:bf:cc:0a:df:43:23:5a:0d:42:77:db:
fb:14:0e:58:8b:ca:5a:ad:3d:bd:54:f1:3b:12:d0:dc:db:1d:
38:95:ad:ca:63:fa:a5:51:35:10:96:e3:a2:20:b5:09:2f:d7:
61:a2:26:0e:52:ce:61:df:80:f1:db:62:f0:cf:8e:4f:60:8f:
61:95:37:1b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfQodPADMtqkFj4JC/Ehm+1V7WVEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTVaFw0yNjA4MjExNDQ3MTVaMDMxMTAvBgNV
BAMTKDJCMjc4N0UwMDc1MDJGNTYzRkE2MDk3QzdBMTVFM0Q5NjdDNDY2OTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzcaLckWZ4jGXE5PBMw34w9LU7
YZjtpD+7KpfjsgHmkIfIjNAKFiu5frPDqXJ37BGQzTX9OKck+lMFhAH4uTrwtYxs
cuZr0qOZKc2m7doje749/F+GZSy+SbPqE+/P23XnzOFpLGY60EIe97PK5zl8rkJY
/pf7P2lxeEYJ2fdQHoNP1CkfCnvbgZN8LCC6rOPpiuujNPLpCLos0f7e+69RmHWP
8nKOMZFERAZjMy+3374iqMuObg5iK7wcBCEx6IkgAlGU2CAJSC0sBvSwpRlTmCtg
wcscRHXk4flsVCNbNGXIZAauzoLbOR4rRgKgX8ibNKf0Sr55vfzAJ+zbx6H7AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKyeH4AdQL1Y/pgl8ehXj2WfEZpAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzkyZTMy
MzEzMTJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC579MwDQYJKoZIhvcNAQELBQADggEBAAQp+dwoC5cxfgFEyycF7bAw4NvV6tl2
5DwKenbYHKY7f/qx+kCFwIp5Uonty7UHY84keQ0lR1VjrzuLQ8zJMb3W/A8zIwuJ
mI/kVmX6U9l9+WxWIGcfYdio9mmW3gsc4TJFPfygo7x2fgdI3A+sVKDqDN0AZazb
rX0GA+p6zzl9VBy552Fwo4S0pWT5eOX6gE38AGd9BoYPPWOO5ELHdQm9BA+yfpYr
eME9RBq7AkHflSEPtI6hxOi9KC2/zArfQyNaDUJ32/sUDliLylqtPb1U8TsS0Nzb
HTiVrcpj+qVRNRCW46IgtQkv12GiJg5SzmHfgPHbYvDPjk9gj2GVNxs=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:45:17 2025 by rpki-client