Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134382e302f32332d3234203d3e203631333137.roa
File: 3138352e3234312e3134382e302f32332d3234203d3e203631333137.roa (raw, json)
Hash identifier: JYiPSWpDZYQ8X/ZgZDrsyUxQUM33k0spOZjDecGKYZg=
Subject key identifier: 92:BC:F8:DC:67:66:F4:EA:53:0D:35:F1:3C:7D:49:23:3D:26:AF:EF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 21A2A7A63122C68074F037E049CA612EA4D86288
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134382e302f32332d3234203d3e203631333137.roa
Signing time: Fri 22 Aug 2025 14:47:12 +0000
ROA not before: Fri 22 Aug 2025 14:42:12 +0000
ROA not after: Fri 21 Aug 2026 14:47:12 +0000
asID: 61317
IP address blocks: 185.241.148.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:a2:a7:a6:31:22:c6:80:74:f0:37:e0:49:ca:61:2e:a4:d8:62:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:12 2025 GMT
Not After : Aug 21 14:47:12 2026 GMT
Subject: CN=92BCF8DC6766F4EA530D35F13C7D49233D26AFEF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1a:3c:7a:d1:03:87:81:8a:03:77:e6:32:3c:
f6:0f:56:f3:87:18:29:f1:24:ec:54:a4:97:cb:28:
72:c2:59:00:fc:6d:7b:21:f2:16:95:c7:d3:89:3a:
ae:b6:b5:ad:f0:1d:bb:80:38:10:0e:36:14:2b:34:
51:7e:ea:0b:0c:47:75:20:f0:3f:c9:c8:4d:24:2f:
d0:36:77:8a:a9:71:9b:95:0d:7b:50:4e:30:02:15:
48:ec:8f:b2:5b:97:99:d4:bf:5e:b1:0c:4a:b4:76:
82:08:3d:92:1b:65:91:04:3a:86:1c:6e:14:70:b8:
a1:35:10:70:06:99:68:c0:de:2d:c0:53:cc:57:0b:
9b:04:45:84:26:01:0c:45:5e:aa:47:10:3f:33:04:
2e:dc:97:e4:ed:cf:b7:71:c5:76:1c:57:3b:ab:18:
fc:a7:c9:cc:d6:a4:3b:52:36:91:42:00:db:ad:13:
6b:db:68:87:6c:5f:8d:39:f5:06:33:22:7e:62:1b:
fd:ea:3e:17:4e:6c:49:d1:fe:08:1d:a9:e4:7a:79:
1d:a1:68:6d:6d:08:8c:58:6f:2e:df:be:17:2d:6d:
53:f3:38:cd:2a:9e:00:73:49:4d:25:ab:59:bc:d3:
56:f3:38:7d:52:7d:f1:85:cc:fb:f4:6f:78:46:ef:
13:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:BC:F8:DC:67:66:F4:EA:53:0D:35:F1:3C:7D:49:23:3D:26:AF:EF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134382e302f32332d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.148.0/23
Signature Algorithm: sha256WithRSAEncryption
87:d2:3a:30:93:45:cd:9e:88:7c:0a:98:d8:c8:06:35:17:99:
11:8e:de:a1:66:1f:a8:28:30:de:fb:98:8c:52:1a:9e:e1:d0:
39:19:81:83:c9:77:0d:c4:27:c2:a4:9f:df:03:72:83:0c:7e:
7c:16:c0:c8:72:93:b1:18:40:5a:7d:eb:08:a9:44:05:e1:6a:
fd:2f:24:1f:ab:59:f9:c0:43:e7:86:8c:32:e5:2b:27:15:b7:
a8:21:25:54:95:fc:91:83:87:bb:e9:5b:0f:6b:a7:9e:35:ad:
e7:4f:1b:09:14:a8:a5:c3:d2:63:2c:97:a7:9a:a6:a0:77:f4:
74:6b:bb:23:02:e4:95:3a:f2:cc:c5:8b:58:66:0d:ff:82:bf:
6d:8a:eb:63:bb:f3:c7:1d:27:e7:b3:69:f5:e2:23:b0:de:f3:
c3:a8:f8:4b:be:52:8f:96:3f:64:76:31:e4:0f:23:ed:d2:f3:
0e:66:3c:0c:5d:9c:db:3d:60:e5:f3:6b:93:03:85:60:d7:95:
a0:31:91:4b:56:54:db:47:9c:6b:a5:68:0b:ee:c7:25:f5:04:
c8:82:84:85:ea:27:00:7e:f0:b1:35:89:df:40:76:35:83:42:
a2:ca:56:ee:01:dd:d3:fd:98:26:fd:b3:12:f5:b3:c2:01:dd:
58:19:38:47
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIaKnpjEixoB08DfgScphLqTYYogwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTJaFw0yNjA4MjExNDQ3MTJaMDMxMTAvBgNV
BAMTKDkyQkNGOERDNjc2NkY0RUE1MzBEMzVGMTNDN0Q0OTIzM0QyNkFGRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7Gjx60QOHgYoDd+YyPPYPVvOH
GCnxJOxUpJfLKHLCWQD8bXsh8haVx9OJOq62ta3wHbuAOBAONhQrNFF+6gsMR3Ug
8D/JyE0kL9A2d4qpcZuVDXtQTjACFUjsj7Jbl5nUv16xDEq0doIIPZIbZZEEOoYc
bhRwuKE1EHAGmWjA3i3AU8xXC5sERYQmAQxFXqpHED8zBC7cl+Ttz7dxxXYcVzur
GPynyczWpDtSNpFCANutE2vbaIdsX4059QYzIn5iG/3qPhdObEnR/ggdqeR6eR2h
aG1tCIxYby7fvhctbVPzOM0qngBzSU0lq1m801bzOH1SffGFzPv0b3hG7xPBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUkrz43Gdm9OpTDTXxPH1JIz0mr+8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjM0MzEyZTMx
MzQzODJlMzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAG58ZQwDQYJKoZIhvcNAQELBQADggEBAIfSOjCTRc2eiHwKmNjIBjUXmRGO3qFm
H6goMN77mIxSGp7h0DkZgYPJdw3EJ8Kkn98DcoMMfnwWwMhyk7EYQFp96wipRAXh
av0vJB+rWfnAQ+eGjDLlKycVt6ghJVSV/JGDh7vpWw9rp541redPGwkUqKXD0mMs
l6eapqB39HRruyMC5JU68szFi1hmDf+Cv22K62O788cdJ+ezafXiI7De88Oo+Eu+
Uo+WP2R2MeQPI+3S8w5mPAxdnNs9YOXza5MDhWDXlaAxkUtWVNtHnGulaAvuxyX1
BMiChIXqJwB+8LE1id9AdjWDQqLKVu4B3dP9mCb9sxL1s8IB3VgZOEc=
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:24:18 2025 by rpki-client