Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130362e302f32342d3234203d3e20323134343538.roa
File: 3138352e3234302e3130362e302f32342d3234203d3e20323134343538.roa (raw, json)
Hash identifier: 1BInd1OedKcqXcFEvGswCnCL2u3VREZrv7xXz/oRjOg=
Subject key identifier: 66:88:4D:5A:B2:EA:16:65:7C:21:6B:64:E5:75:DA:87:6B:A7:A7:CF
Certificate issuer: /CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Certificate serial: 3AB3921E6169ADF888A3F242795900E0B0C5F2B4
Authority key identifier: 8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130362e302f32342d3234203d3e20323134343538.roa
Signing time: Wed 02 Jul 2025 14:54:13 +0000
ROA not before: Wed 02 Jul 2025 14:49:13 +0000
ROA not after: Wed 01 Jul 2026 14:54:13 +0000
asID: 214458
IP address blocks: 185.240.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.mft
rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 16:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:b3:92:1e:61:69:ad:f8:88:a3:f2:42:79:59:00:e0:b0:c5:f2:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c12b4273832b4156fe0092f6ae7e5b3ce23ad8b
Validity
Not Before: Jul 2 14:49:13 2025 GMT
Not After : Jul 1 14:54:13 2026 GMT
Subject: CN=66884D5AB2EA16657C216B64E575DA876BA7A7CF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:13:ce:af:fa:84:0d:73:9f:3e:e5:5b:9d:3c:
bd:4b:9e:db:2c:ce:60:45:f4:ca:6b:ea:0d:78:3c:
4f:04:df:87:26:ca:80:67:52:8a:d3:12:f4:c1:96:
5e:bf:70:2e:86:12:9f:c5:3d:1b:51:b1:aa:7c:71:
1f:0d:0d:67:37:e5:fa:16:08:9e:03:6e:02:30:b7:
a6:7b:a1:32:89:ac:3d:3f:fc:69:98:04:ce:e7:4a:
c0:23:84:42:7c:b1:93:78:8a:b8:c6:53:c0:c9:95:
36:ed:04:32:25:74:ee:97:d1:9e:e9:36:79:d7:17:
af:c8:be:5d:5e:ea:8f:a5:38:a4:72:20:a5:02:5c:
20:04:3a:95:74:3b:3e:91:42:25:f2:48:11:28:2a:
e1:b7:7b:d6:4f:38:05:9e:ac:d8:fc:58:dd:35:36:
dc:35:83:83:f6:92:9c:61:00:87:1f:56:d4:ec:8f:
6b:4d:b6:fb:35:78:41:22:7b:d7:c3:ee:94:49:71:
26:e0:fe:ea:23:6b:89:69:3c:86:e2:33:45:26:a3:
0e:20:7c:b4:bf:7d:73:45:32:c4:74:c6:68:f7:39:
8a:9c:bc:7b:93:71:78:8b:26:90:3a:2d:4c:16:dd:
09:7e:43:49:69:df:e2:b9:59:5e:8a:0f:60:0f:56:
f3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:88:4D:5A:B2:EA:16:65:7C:21:6B:64:E5:75:DA:87:6B:A7:A7:CF
X509v3 Authority Key Identifier:
keyid:8C:12:B4:27:38:32:B4:15:6F:E0:09:2F:6A:E7:E5:B3:CE:23:AD:8B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/8C12B4273832B4156FE0092F6AE7E5B3CE23AD8B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBK0JzgytBVv4Akvaufls84jrYs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8bfd6882-d6b3-4aa8-bc0a-711d68bd198b/0/3138352e3234302e3130362e302f32342d3234203d3e20323134343538.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.106.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:ba:2d:69:44:fc:57:ce:c9:e9:4f:5e:1a:66:ee:9e:db:46:
99:9f:cc:50:ed:5d:1b:32:cf:8e:b4:9b:f9:7e:f2:f9:55:f1:
67:42:2c:20:28:fd:ca:9e:4f:4f:de:a8:00:12:13:d0:c5:cb:
96:39:c8:27:b9:d9:31:0e:de:3d:ca:2e:6b:ce:bd:47:0d:48:
92:2d:db:f5:97:ae:f4:2b:71:ca:d1:01:24:cb:79:8f:8a:f5:
6e:ce:76:25:a6:5b:37:8c:6b:9f:86:da:04:bc:20:dd:dc:87:
44:ec:e2:78:d1:83:88:bf:6d:54:53:68:d2:41:5e:42:cb:69:
d0:b5:f1:e2:ea:5d:e5:13:7c:97:9d:0b:74:59:f8:70:0a:4e:
65:08:db:08:58:59:9f:cf:3b:06:b6:26:8f:d3:97:46:40:d4:
5e:4e:1a:ab:a5:c5:f9:6b:c1:3c:b5:60:94:b5:07:f4:c0:a5:
74:29:ab:be:9a:f5:41:d0:da:ff:6e:cd:ef:02:d7:c0:b8:18:
64:c1:72:6c:85:4a:e6:7a:87:7a:5b:ed:64:1e:85:8c:4c:3b:
0b:02:50:58:fd:b8:d1:5e:73:c8:a0:54:ee:2b:9a:60:2c:64:
e2:c1:55:66:bc:c0:9f:6b:ca:8a:d2:ad:65:b4:73:f6:35:c4:
c2:e7:87:97
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUOrOSHmFprfiIo/JCeVkA4LDF8rQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGMxMmI0MjczODMyYjQxNTZmZTAwOTJmNmFlN2U1YjNj
ZTIzYWQ4YjAeFw0yNTA3MDIxNDQ5MTNaFw0yNjA3MDExNDU0MTNaMDMxMTAvBgNV
BAMTKDY2ODg0RDVBQjJFQTE2NjU3QzIxNkI2NEU1NzVEQTg3NkJBN0E3Q0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmE86v+oQNc58+5VudPL1Lntss
zmBF9Mpr6g14PE8E34cmyoBnUorTEvTBll6/cC6GEp/FPRtRsap8cR8NDWc35foW
CJ4DbgIwt6Z7oTKJrD0//GmYBM7nSsAjhEJ8sZN4irjGU8DJlTbtBDIldO6X0Z7p
NnnXF6/Ivl1e6o+lOKRyIKUCXCAEOpV0Oz6RQiXySBEoKuG3e9ZPOAWerNj8WN01
Ntw1g4P2kpxhAIcfVtTsj2tNtvs1eEEie9fD7pRJcSbg/uoja4lpPIbiM0Umow4g
fLS/fXNFMsR0xmj3OYqcvHuTcXiLJpA6LUwW3Ql+Q0lp3+K5WV6KD2APVvNpAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUZohNWrLqFmV8IWtk5XXah2unp88wHwYDVR0j
BBgwFoAUjBK0JzgytBVv4Akvaufls84jrYswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOGJmZDY4ODItZDZiMy00YWE4LWJjMGEtNzExZDY4YmQx
OThiLzAvOEMxMkI0MjczODMyQjQxNTZGRTAwOTJGNkFFN0U1QjNDRTIzQUQ4Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2pCSzBKemd5dEJWdjRBa3ZhdWZsczg0
anJZcy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGJmZDY4ODIt
ZDZiMy00YWE4LWJjMGEtNzExZDY4YmQxOThiLzAvMzEzODM1MmUzMjM0MzAyZTMx
MzAzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzNDM0MzUzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALnwajANBgkqhkiG9w0BAQsFAAOCAQEATrotaUT8V87J6U9eGmbunttGmZ/M
UO1dGzLPjrSb+X7y+VXxZ0IsICj9yp5PT96oABIT0MXLljnIJ7nZMQ7ePcoua869
Rw1Iki3b9Zeu9CtxytEBJMt5j4r1bs52JaZbN4xrn4baBLwg3dyHROzieNGDiL9t
VFNo0kFeQstp0LXx4upd5RN8l50LdFn4cApOZQjbCFhZn887BrYmj9OXRkDUXk4a
q6XF+WvBPLVglLUH9MCldCmrvpr1QdDa/27N7wLXwLgYZMFybIVK5nqHelvtZB6F
jEw7CwJQWP240V5zyKBU7iuaYCxk4sFVZrzAn2vKitKtZbRz9jXEwueHlw==
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:00:18 2025 by rpki-client