Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3231332e3234302e3134382e302f32342d3234203d3e203630313233.roa
File: 3231332e3234302e3134382e302f32342d3234203d3e203630313233.roa (raw, json)
Hash identifier: g+nJR+k6xMqTyk9W1MdwPxCGY2YdkIse3OmApYBov7w=
Subject key identifier: 3B:54:6A:CF:7F:A9:03:AC:83:59:2B:C9:D3:D2:57:71:ED:2F:E2:1B
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 6B3F812E7F4675C05341EB89CB8056776C4F7E7E
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3231332e3234302e3134382e302f32342d3234203d3e203630313233.roa
Signing time: Thu 04 Sep 2025 10:40:05 +0000
ROA not before: Thu 04 Sep 2025 10:35:05 +0000
ROA not after: Thu 03 Sep 2026 10:40:05 +0000
asID: 60123
IP address blocks: 213.240.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 12:34:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:3f:81:2e:7f:46:75:c0:53:41:eb:89:cb:80:56:77:6c:4f:7e:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Sep 4 10:35:05 2025 GMT
Not After : Sep 3 10:40:05 2026 GMT
Subject: CN=3B546ACF7FA903AC83592BC9D3D25771ED2FE21B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:08:34:54:8b:d9:fd:c8:21:bb:22:6f:08:49:
cc:c0:d2:4e:79:2a:dd:6a:9b:94:73:6f:e4:62:57:
5c:a7:2d:11:6d:37:09:1d:29:25:10:ed:07:88:da:
d0:5d:cd:b1:bf:85:1b:49:f4:54:7a:3a:0d:3f:3b:
5b:10:1c:ea:77:9b:83:3e:5b:a0:ff:df:77:9c:d3:
10:33:d5:7f:e7:10:c4:38:63:a0:fe:06:49:03:4a:
17:1f:3b:5d:0e:0a:33:6b:88:5a:dc:2c:b2:36:0c:
a8:27:ee:b3:43:25:38:81:bf:c1:ca:5b:5f:58:69:
85:a4:d8:9c:a7:eb:2b:f4:6f:77:4c:e3:ce:96:e8:
52:50:2b:0f:82:9f:19:14:16:da:97:f1:76:e9:b6:
68:19:7f:be:c8:f9:3c:17:bc:2b:7b:64:b5:a4:49:
95:d0:6a:24:4d:94:0c:e6:e3:cd:60:cf:09:37:51:
7c:d4:a0:35:43:88:07:77:fa:61:b4:fb:0b:e9:35:
ca:92:fd:ce:eb:6b:d0:73:e8:f1:2d:34:05:d6:d4:
d3:a2:ed:9e:4d:e9:59:03:6f:11:ce:df:0a:06:e1:
45:22:c6:ee:c2:d5:f8:0b:92:e1:fc:f4:07:c8:f4:
78:3d:bb:bd:ea:38:8f:be:29:ec:a5:61:e3:49:15:
5d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:54:6A:CF:7F:A9:03:AC:83:59:2B:C9:D3:D2:57:71:ED:2F:E2:1B
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3231332e3234302e3134382e302f32342d3234203d3e203630313233.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.240.148.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:8e:4b:e6:bb:9a:af:37:5a:bb:e7:15:60:17:5f:ce:cc:e2:
64:b4:ad:1a:c5:c1:6b:70:45:71:b6:ef:b4:78:10:ae:90:e8:
90:f2:fe:cf:c1:f2:70:a7:44:21:0f:3e:b5:d5:c3:63:7c:66:
1b:ce:b3:1a:25:17:db:97:88:23:aa:af:dc:97:f0:d1:a2:ee:
38:81:81:1c:62:45:cd:0b:26:7b:e4:ea:fa:d6:19:81:a2:12:
cd:11:4f:17:17:b2:64:2a:03:e9:1b:6e:2a:0d:28:6f:ba:ab:
07:48:51:80:83:38:43:17:12:05:2b:06:0b:91:8f:3e:70:5d:
03:00:70:04:a0:23:df:4a:f8:4b:05:ac:a6:0d:31:4b:29:34:
78:b4:48:02:08:bd:2e:46:2e:6e:d4:c8:7a:76:48:69:80:17:
5d:e2:b9:6c:43:b4:6d:d3:99:ef:1b:3b:50:66:1c:7f:cf:0f:
6c:5b:be:59:0c:6b:35:b4:e8:38:c5:5a:f9:18:d7:cd:d0:37:
14:5e:45:64:a5:32:41:93:a4:ee:89:de:23:70:ef:7a:3b:cb:
83:68:01:e1:cd:8b:1a:ce:5a:80:4d:64:5f:4a:84:ca:d8:4f:
91:e2:79:7e:43:23:db:45:da:45:b5:4f:94:67:cf:4e:25:fe:
aa:9a:70:b9
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUaz+BLn9GdcBTQeuJy4BWd2xPfn4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTA5MDQxMDM1MDVaFw0yNjA5MDMxMDQwMDVaMDMxMTAvBgNV
BAMTKDNCNTQ2QUNGN0ZBOTAzQUM4MzU5MkJDOUQzRDI1NzcxRUQyRkUyMUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiCDRUi9n9yCG7Im8ISczA0k55
Kt1qm5Rzb+RiV1ynLRFtNwkdKSUQ7QeI2tBdzbG/hRtJ9FR6Og0/O1sQHOp3m4M+
W6D/33ec0xAz1X/nEMQ4Y6D+BkkDShcfO10OCjNriFrcLLI2DKgn7rNDJTiBv8HK
W19YaYWk2Jyn6yv0b3dM486W6FJQKw+CnxkUFtqX8XbptmgZf77I+TwXvCt7ZLWk
SZXQaiRNlAzm481gzwk3UXzUoDVDiAd3+mG0+wvpNcqS/c7ra9Bz6PEtNAXW1NOi
7Z5N6VkDbxHO3woG4UUixu7C1fgLkuH89AfI9Hg9u73qOI++KeylYeNJFV1TAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUO1Rqz3+pA6yDWSvJ09JXce0v4hswHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUt
OWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1NGJjLzAvMzIzMTMzMmUzMjM0MzAyZTMx
MzQzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzAzMTMyMzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BADV8JQwDQYJKoZIhvcNAQELBQADggEBAGyOS+a7mq83WrvnFWAXX87M4mS0rRrF
wWtwRXG277R4EK6Q6JDy/s/B8nCnRCEPPrXVw2N8ZhvOsxolF9uXiCOqr9yX8NGi
7jiBgRxiRc0LJnvk6vrWGYGiEs0RTxcXsmQqA+kbbioNKG+6qwdIUYCDOEMXEgUr
BguRjz5wXQMAcASgI99K+EsFrKYNMUspNHi0SAIIvS5GLm7UyHp2SGmAF13iuWxD
tG3Tme8bO1BmHH/PD2xbvlkMazW06DjFWvkY183QNxReRWSlMkGTpO6J3iNw73o7
y4NoAeHNixrOWoBNZF9KhMrYT5HieX5DI9tF2kW1T5Rnz04l/qqacLk=
-----END CERTIFICATE-----
Generated at Sun Sep 7 03:55:32 2025 by rpki-client