Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134392e302f32342d3234203d3e20333937343233.roa
File: 3138352e3234312e3134392e302f32342d3234203d3e20333937343233.roa (raw, json)
Hash identifier: +Y5Rji+BlCEpLaBVFYnRFEgeIRswOq2WvubDdZm2AWE=
Subject key identifier: 7D:A6:EE:BA:F6:40:46:5A:A3:C4:70:2F:91:67:B8:11:E8:32:60:C8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5342D0225D86C4D17856AC3960D4B82913E136F9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134392e302f32342d3234203d3e20333937343233.roa
Signing time: Fri 22 Aug 2025 14:47:12 +0000
ROA not before: Fri 22 Aug 2025 14:42:12 +0000
ROA not after: Fri 21 Aug 2026 14:47:12 +0000
asID: 397423
IP address blocks: 185.241.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 17:37:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:42:d0:22:5d:86:c4:d1:78:56:ac:39:60:d4:b8:29:13:e1:36:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 22 14:42:12 2025 GMT
Not After : Aug 21 14:47:12 2026 GMT
Subject: CN=7DA6EEBAF640465AA3C4702F9167B811E83260C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:91:33:44:7f:76:e8:70:5d:17:50:22:46:44:
4d:91:32:1a:1d:78:1f:3a:d2:b8:29:75:68:05:6a:
8c:37:67:a7:ed:93:8a:b4:f6:18:c0:2c:60:d2:be:
37:49:31:35:4f:44:ca:e9:f6:0a:6b:3c:c2:e6:88:
62:30:b3:89:5b:f5:f7:e2:c0:a3:19:26:87:c0:2e:
a4:bc:2f:e5:c3:0f:55:d9:ab:33:af:29:ea:6b:1a:
bf:67:0f:ae:e8:67:62:63:ac:4a:7d:33:a6:9a:4d:
c0:41:5e:49:04:ab:36:e1:08:6a:6c:6b:15:a9:97:
fa:59:1c:60:00:56:f3:9c:e9:57:8a:65:ec:e1:2c:
ba:f8:68:dc:ba:1e:a0:1c:54:3d:90:09:ef:fd:53:
2d:f8:59:bb:97:79:5d:ff:96:5d:d2:2f:da:9f:6b:
8b:d8:f4:2b:59:0d:ac:6b:da:2e:41:95:26:c5:8f:
4d:40:fe:6b:7f:a8:4a:33:3d:8b:82:47:45:cd:0b:
5d:ca:7c:73:e9:0c:d3:d4:2a:c2:e7:83:38:3e:c2:
28:9a:0b:e0:f8:92:c5:99:e9:e9:81:0a:e6:8b:1e:
24:8e:0b:b4:df:47:07:15:b2:b7:85:25:01:f3:a1:
88:b4:a7:75:bd:cc:2e:59:6c:a0:1e:40:35:c5:44:
9c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:A6:EE:BA:F6:40:46:5A:A3:C4:70:2F:91:67:B8:11:E8:32:60:C8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3234312e3134392e302f32342d3234203d3e20333937343233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.241.149.0/24
Signature Algorithm: sha256WithRSAEncryption
21:8c:9a:28:3f:ad:ca:9e:a8:0c:b9:17:4f:ac:d1:27:80:b3:
79:6e:b7:6f:5a:09:d6:54:f8:27:aa:3e:cd:3c:ac:db:1b:75:
70:bb:29:d5:be:e9:2b:18:18:02:98:fc:67:1f:60:a4:e9:5a:
40:25:2a:e0:73:cd:dc:6e:03:8a:ee:c6:69:1a:0e:33:1c:ae:
5d:dc:15:c5:36:10:15:07:5c:e6:d4:9b:b5:1c:82:eb:54:c7:
9a:9e:02:f2:d2:dd:bc:a7:6a:55:ad:21:21:72:5a:d5:61:63:
5a:bc:7b:2e:fd:ac:7b:02:b8:fe:d1:86:fb:ea:c8:2c:ba:49:
76:77:45:61:4c:ee:e7:23:e2:c2:2b:a2:2e:4e:42:10:6c:fc:
60:fa:85:da:08:f5:78:8d:42:10:2d:ba:36:99:24:01:48:a8:
81:dc:70:7b:74:6d:81:48:5e:51:c4:60:e4:e4:fa:4c:93:f7:
8e:e0:7a:b2:14:e3:4d:02:d9:21:2a:c5:e6:42:fe:69:86:87:
89:76:7e:5e:d1:b7:67:a9:98:ab:cd:96:53:b9:2c:4e:2e:43:
d0:ea:2d:13:58:51:83:6d:48:2a:37:3f:da:b9:53:9e:39:80:
08:c1:67:a0:3a:bc:64:69:db:5b:de:3c:cd:fa:c7:2d:3e:84:
aa:42:c1:0d
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUU0LQIl2GxNF4Vqw5YNS4KRPhNvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA4MjIxNDQyMTJaFw0yNjA4MjExNDQ3MTJaMDMxMTAvBgNV
BAMTKDdEQTZFRUJBRjY0MDQ2NUFBM0M0NzAyRjkxNjdCODExRTgzMjYwQzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7kTNEf3bocF0XUCJGRE2RMhod
eB860rgpdWgFaow3Z6ftk4q09hjALGDSvjdJMTVPRMrp9gprPMLmiGIws4lb9ffi
wKMZJofALqS8L+XDD1XZqzOvKeprGr9nD67oZ2JjrEp9M6aaTcBBXkkEqzbhCGps
axWpl/pZHGAAVvOc6VeKZezhLLr4aNy6HqAcVD2QCe/9Uy34WbuXeV3/ll3SL9qf
a4vY9CtZDaxr2i5BlSbFj01A/mt/qEozPYuCR0XNC13KfHPpDNPUKsLngzg+wiia
C+D4ksWZ6emBCuaLHiSOC7TfRwcVsreFJQHzoYi0p3W9zC5ZbKAeQDXFRJydAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUfabuuvZARlqjxHAvkWe4EegyYMgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjM0MzEyZTMx
MzQzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMzMzkzNzM0MzIzMy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnxlTANBgkqhkiG9w0BAQsFAAOCAQEAIYyaKD+typ6oDLkXT6zRJ4CzeW63
b1oJ1lT4J6o+zTys2xt1cLsp1b7pKxgYApj8Zx9gpOlaQCUq4HPN3G4Diu7GaRoO
MxyuXdwVxTYQFQdc5tSbtRyC61THmp4C8tLdvKdqVa0hIXJa1WFjWrx7Lv2sewK4
/tGG++rILLpJdndFYUzu5yPiwiuiLk5CEGz8YPqF2gj1eI1CEC26NpkkAUiogdxw
e3RtgUheUcRg5OT6TJP3juB6shTjTQLZISrF5kL+aYaHiXZ+XtG3Z6mYq82WU7ks
Ti5D0OotE1hRg21IKjc/2rlTnjmACMFnoDq8ZGnbW948zfrHLT6EqkLBDQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:42:19 2025 by rpki-client