Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3231312e33322e302f32342d3234203d3e20323132323338.roa
File: 3138352e3231312e33322e302f32342d3234203d3e20323132323338.roa (raw, json)
Hash identifier: 2NXxrbCFkZ5FOh6cbA1gvRhVu+RrFbZG9L9FDXunICI=
Subject key identifier: 8C:46:4A:E6:CF:B0:16:77:19:17:4C:13:15:27:BB:04:4A:5D:1F:71
Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Certificate serial: 6DE66BFE4A2AF0879223891AB5F68319381D363C
Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3231312e33322e302f32342d3234203d3e20323132323338.roa
Signing time: Mon 23 Jun 2025 11:36:03 +0000
ROA not before: Mon 23 Jun 2025 11:31:03 +0000
ROA not after: Mon 22 Jun 2026 11:36:03 +0000
asID: 212238
IP address blocks: 185.211.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 21:02:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:e6:6b:fe:4a:2a:f0:87:92:23:89:1a:b5:f6:83:19:38:1d:36:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a
Validity
Not Before: Jun 23 11:31:03 2025 GMT
Not After : Jun 22 11:36:03 2026 GMT
Subject: CN=8C464AE6CFB0167719174C131527BB044A5D1F71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:91:c3:dc:91:0c:5d:f0:62:97:ee:07:4b:e5:
f0:f5:20:06:33:11:91:10:03:c5:24:e9:2b:28:6c:
01:a7:14:a9:a4:f3:d5:bc:40:ee:b0:fd:65:94:f9:
77:ae:83:08:60:fa:9b:e6:5d:9b:fc:09:c2:90:a4:
27:6c:a2:51:40:64:92:00:cf:f8:b5:24:1d:d6:1d:
d2:e9:01:f8:f7:61:e4:53:19:d7:52:30:84:87:ac:
bd:82:14:de:6a:d4:a6:1a:a9:29:36:b9:9b:af:e5:
7b:79:c4:5c:cf:8f:3c:d2:ad:29:61:44:4d:89:0c:
0c:07:07:16:5c:4f:2b:45:4d:e6:2b:3b:4f:a0:57:
60:c2:f1:1d:ac:51:83:3c:4d:85:07:8e:e9:66:8c:
52:fb:4a:ed:02:e9:32:4d:f5:db:99:b4:03:21:97:
cd:e8:48:71:42:4e:49:83:4e:cf:a4:7f:2f:01:19:
67:dd:48:50:89:aa:73:82:8e:73:9d:0a:55:20:04:
51:b2:f1:66:5b:f0:11:70:74:23:19:23:f1:28:1f:
e9:b2:9e:2c:f3:93:e7:50:f4:0f:50:3d:7a:4a:de:
b5:32:db:dd:18:59:68:06:d1:ee:1b:d2:c4:c6:cb:
75:d3:b7:b1:a1:fa:f1:67:65:e8:79:67:5b:af:a6:
ce:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:46:4A:E6:CF:B0:16:77:19:17:4C:13:15:27:BB:04:4A:5D:1F:71
X509v3 Authority Key Identifier:
keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3231312e33322e302f32342d3234203d3e20323132323338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.32.0/24
Signature Algorithm: sha256WithRSAEncryption
24:bb:a0:0a:d1:24:0c:be:6f:e2:dd:a4:88:9d:8e:90:74:44:
b7:48:39:20:09:1a:d8:39:88:7a:57:6f:ea:5b:da:b0:f8:70:
f3:e4:da:7a:f4:91:b8:e3:f6:38:49:5e:20:cd:85:15:c1:27:
1f:54:79:df:89:ad:78:6f:5f:30:04:e8:4d:b8:61:26:12:13:
89:96:5c:2f:b1:39:49:c7:ba:40:77:67:ef:31:ef:c5:f1:91:
de:39:17:74:d5:6f:46:9e:90:98:54:7d:a5:e2:de:cd:36:f5:
d9:15:9b:69:52:b4:15:cc:35:60:7e:36:df:31:8b:3a:90:4b:
17:8b:b7:aa:b9:87:63:52:c2:41:4a:e2:b7:ed:db:99:87:08:
44:94:37:f4:b3:f8:b5:81:04:00:0b:4d:8a:d8:ac:27:ee:2b:
06:5c:05:3a:29:03:62:8b:fe:8e:98:26:2a:c0:16:43:9b:6e:
4d:e4:77:b1:64:44:8d:d9:1d:10:77:d3:30:46:fd:cf:74:84:
85:63:1d:8c:6e:03:e8:61:74:5c:0e:88:69:04:64:45:9c:77:
26:96:cd:93:0e:5f:59:49:d4:a2:97:ad:9e:cf:42:db:b2:4b:
b3:86:f7:c5:31:51:61:5d:13:fa:d2:23:b4:34:ad:a0:3d:0b:
1d:cf:ba:06
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUbeZr/koq8IeSI4katfaDGTgdNjwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj
MjMxM2EzYTAeFw0yNTA2MjMxMTMxMDNaFw0yNjA2MjIxMTM2MDNaMDMxMTAvBgNV
BAMTKDhDNDY0QUU2Q0ZCMDE2NzcxOTE3NEMxMzE1MjdCQjA0NEE1RDFGNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYkcPckQxd8GKX7gdL5fD1IAYz
EZEQA8Uk6SsobAGnFKmk89W8QO6w/WWU+Xeugwhg+pvmXZv8CcKQpCdsolFAZJIA
z/i1JB3WHdLpAfj3YeRTGddSMISHrL2CFN5q1KYaqSk2uZuv5Xt5xFzPjzzSrSlh
RE2JDAwHBxZcTytFTeYrO0+gV2DC8R2sUYM8TYUHjulmjFL7Su0C6TJN9duZtAMh
l83oSHFCTkmDTs+kfy8BGWfdSFCJqnOCjnOdClUgBFGy8WZb8BFwdCMZI/EoH+my
nizzk+dQ9A9QPXpK3rUy290YWWgG0e4b0sTGy3XTt7Gh+vFnZeh5Z1uvps7JAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUjEZK5s+wFncZF0wTFSe7BEpdH3EwHwYDVR0j
BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J
eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMjMxMzEyZTMz
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC50yAwDQYJKoZIhvcNAQELBQADggEBACS7oArRJAy+b+LdpIidjpB0RLdIOSAJ
Gtg5iHpXb+pb2rD4cPPk2nr0kbjj9jhJXiDNhRXBJx9Ued+JrXhvXzAE6E24YSYS
E4mWXC+xOUnHukB3Z+8x78Xxkd45F3TVb0aekJhUfaXi3s029dkVm2lStBXMNWB+
Nt8xizqQSxeLt6q5h2NSwkFK4rft25mHCESUN/Sz+LWBBAALTYrYrCfuKwZcBTop
A2KL/o6YJirAFkObbk3kd7FkRI3ZHRB30zBG/c90hIVjHYxuA+hhdFwOiGkEZEWc
dyaWzZMOX1lJ1KKXrZ7PQtuyS7OG98UxUWFdE/rSI7Q0raA9Cx3PugY=
-----END CERTIFICATE-----
Generated at Sun Jun 29 07:57:55 2025 by rpki-client