Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231302e302f32342d3234203d3e20323039313831.roa
File: 38352e3233372e3231302e302f32342d3234203d3e20323039313831.roa (raw, json)
Hash identifier: Bdyf4Q2T0K6u2suXmtiEjJJmgto+snzoYTeWTP94teI=
Subject key identifier: 24:5C:08:EC:CF:1F:5D:E7:1E:EC:8F:BE:B9:43:E6:2B:96:4C:C4:66
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 486C52FFE8F1296D4741E277A340D70DDBA03F05
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231302e302f32342d3234203d3e20323039313831.roa
Signing time: Wed 10 Sep 2025 09:55:02 +0000
ROA not before: Wed 10 Sep 2025 09:50:02 +0000
ROA not after: Wed 09 Sep 2026 09:55:02 +0000
asID: 209181
IP address blocks: 85.237.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Oct 2025 11:35:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:6c:52:ff:e8:f1:29:6d:47:41:e2:77:a3:40:d7:0d:db:a0:3f:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 10 09:50:02 2025 GMT
Not After : Sep 9 09:55:02 2026 GMT
Subject: CN=245C08ECCF1F5DE71EEC8FBEB943E62B964CC466
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:4e:17:a1:39:d7:a2:07:8a:26:68:dd:9b:ee:
8d:58:34:a8:97:c9:18:bf:8d:8e:43:6a:bf:35:75:
24:89:bd:db:95:84:2b:9e:57:51:d4:31:0e:41:52:
9c:2b:ce:59:3b:13:13:cf:b3:40:72:53:6c:be:b3:
a8:f6:77:87:f3:92:27:d8:9e:40:9d:c0:75:f3:b2:
15:3b:53:38:e2:57:1f:bd:39:ff:7a:e9:09:fa:71:
1a:b5:a0:d4:fd:4d:fd:34:fe:e2:a5:d5:d2:dd:fa:
16:33:8f:6e:c9:78:c2:44:a8:02:9a:2d:8b:11:dd:
95:b2:c4:60:97:da:d3:9d:89:40:2a:f0:75:d5:fe:
08:9f:8e:e4:ab:5a:3a:c7:bf:e4:a4:98:2d:68:87:
a7:78:23:29:68:13:97:9d:76:64:94:10:9f:e2:9e:
4d:fd:2f:0c:94:e1:c4:58:1c:73:89:4f:a0:bf:a8:
98:13:6d:0f:00:cd:1b:2e:55:87:46:87:9e:0b:64:
fe:5c:d5:86:83:c5:4c:e1:b9:59:90:5f:62:4e:a4:
11:36:d5:24:75:8e:59:5e:c8:e4:a5:49:8b:16:83:
ae:0a:3a:8a:cc:4c:7c:a5:7b:91:5c:ea:80:8c:86:
41:6b:4a:b5:c6:f9:53:e3:46:e1:d6:fa:92:e9:d0:
f2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:5C:08:EC:CF:1F:5D:E7:1E:EC:8F:BE:B9:43:E6:2B:96:4C:C4:66
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231302e302f32342d3234203d3e20323039313831.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.210.0/24
Signature Algorithm: sha256WithRSAEncryption
68:a4:73:3b:15:53:c8:d0:9b:8d:cf:2e:73:a1:83:02:2b:d6:
35:d4:ac:e1:c6:b6:3e:a2:58:ec:23:35:2f:67:16:47:3c:c3:
71:26:d3:c3:54:1d:d2:7e:3d:ac:fd:35:7f:92:5e:8a:d7:41:
66:95:62:92:a7:b5:d0:28:5a:ab:b6:c6:15:63:0c:71:3f:8c:
04:62:f6:83:8e:09:b0:36:fc:c9:0b:45:48:2a:f5:97:47:75:
3e:9f:5b:80:3b:87:f9:1f:3f:74:9e:83:3d:69:41:10:e3:ac:
0d:6d:e4:e1:9d:dc:60:9b:f8:ad:f6:74:2a:4d:7c:36:6e:4a:
0d:60:f5:57:32:9c:a4:98:e5:fe:8c:99:f3:62:69:f9:cf:09:
e7:99:9e:8c:a0:56:55:09:15:fd:ab:b4:29:d3:cf:26:ab:f6:
e9:fa:49:87:ac:24:2d:0e:94:7a:48:9b:c3:0f:06:1a:7e:06:
0f:af:db:1e:06:a4:8a:ac:b3:a6:9c:b4:c7:35:a0:61:d7:03:
2e:95:cf:75:11:97:71:e2:e3:c6:7b:1d:a9:b9:31:c3:76:9a:
61:1a:f3:be:d6:c1:25:89:09:a2:c5:3d:ec:86:60:c7:c6:90:
8f:42:66:cf:88:24:b4:72:98:7b:f0:60:f1:8b:6c:63:a7:51:
13:2f:f0:f4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSGxS/+jxKW1HQeJ3o0DXDdugPwUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA5MTAwOTUwMDJaFw0yNjA5MDkwOTU1MDJaMDMxMTAvBgNV
BAMTKDI0NUMwOEVDQ0YxRjVERTcxRUVDOEZCRUI5NDNFNjJCOTY0Q0M0NjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKThehOdeiB4omaN2b7o1YNKiX
yRi/jY5Dar81dSSJvduVhCueV1HUMQ5BUpwrzlk7ExPPs0ByU2y+s6j2d4fzkifY
nkCdwHXzshU7UzjiVx+9Of966Qn6cRq1oNT9Tf00/uKl1dLd+hYzj27JeMJEqAKa
LYsR3ZWyxGCX2tOdiUAq8HXV/gifjuSrWjrHv+SkmC1oh6d4IyloE5eddmSUEJ/i
nk39LwyU4cRYHHOJT6C/qJgTbQ8AzRsuVYdGh54LZP5c1YaDxUzhuVmQX2JOpBE2
1SR1jlleyOSlSYsWg64KOorMTHyle5Fc6oCMhkFrSrXG+VPjRuHW+pLp0PJPAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUJFwI7M8fXece7I++uUPmK5ZMxGYwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzMTM4MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dIwDQYJKoZIhvcNAQELBQADggEBAGikczsVU8jQm43PLnOhgwIr1jXUrOHG
tj6iWOwjNS9nFkc8w3Em08NUHdJ+Paz9NX+SXorXQWaVYpKntdAoWqu2xhVjDHE/
jARi9oOOCbA2/MkLRUgq9ZdHdT6fW4A7h/kfP3Segz1pQRDjrA1t5OGd3GCb+K32
dCpNfDZuSg1g9VcynKSY5f6MmfNiafnPCeeZnoygVlUJFf2rtCnTzyar9un6SYes
JC0OlHpIm8MPBhp+Bg+v2x4GpIqss6actMc1oGHXAy6Vz3URl3Hi48Z7Ham5McN2
mmEa877WwSWJCaLFPeyGYMfGkI9CZs+IJLRymHvwYPGLbGOnURMv8PQ=
-----END CERTIFICATE-----
Generated at Sat Oct 18 01:57:49 2025 by rpki-client