Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231332e302f32342d3234203d3e20323038393439.roa
File: 3138352e3130302e3231332e302f32342d3234203d3e20323038393439.roa (raw, json)
Hash identifier: /M1+3+GCoTFqywk4pxftjquZbE+0pUFTH+UV2LnA/1k=
Subject key identifier: B5:E0:A4:D6:3C:E9:34:B1:2D:74:7C:E0:84:8C:44:85:59:D2:6A:C0
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 10463264E702181C30878E6E18B1C7AA4BA54454
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231332e302f32342d3234203d3e20323038393439.roa
Signing time: Wed 10 Sep 2025 09:55:00 +0000
ROA not before: Wed 10 Sep 2025 09:50:00 +0000
ROA not after: Wed 09 Sep 2026 09:55:00 +0000
asID: 208949
IP address blocks: 185.100.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 17:09:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:46:32:64:e7:02:18:1c:30:87:8e:6e:18:b1:c7:aa:4b:a5:44:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 10 09:50:00 2025 GMT
Not After : Sep 9 09:55:00 2026 GMT
Subject: CN=B5E0A4D63CE934B12D747CE0848C448559D26AC0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:02:9a:bf:35:5f:c6:65:49:bf:19:e7:b7:bd:
b8:47:ac:3c:e4:ae:39:b8:9b:8d:aa:07:e3:84:08:
3f:1b:ea:8d:ad:5e:2c:46:83:88:7d:dc:ea:b0:15:
a7:db:a3:fb:07:c2:b7:fb:af:1d:06:21:e7:c4:52:
b7:bd:1b:ec:77:c8:bf:29:31:f3:d6:25:05:3d:27:
d2:b6:8d:99:f6:48:ed:45:6a:b8:be:40:99:7e:b0:
10:ae:af:cb:71:37:99:ed:2b:6d:9f:81:8f:15:00:
30:2e:01:8f:23:6e:f7:2f:46:3f:94:10:19:88:e7:
8b:86:d5:c3:75:4c:34:de:fe:44:34:74:d0:be:88:
b5:af:48:b3:18:66:87:49:64:8d:56:b6:4c:76:07:
da:92:e7:8d:3d:ee:d4:a2:ca:66:9c:a3:43:e5:72:
92:55:9a:f5:a3:e0:d3:6e:e3:6b:eb:75:1e:b5:8a:
6b:5e:4c:d2:15:53:21:cf:d2:9a:c1:ad:e1:42:9c:
fc:58:7f:62:b1:88:ee:db:74:8e:ac:c1:45:36:ee:
ef:1d:3e:45:46:04:f8:f6:d4:bf:5d:22:21:ba:8d:
8b:6e:cb:a5:49:26:ed:fb:a4:54:6d:ad:e7:38:88:
8b:43:a5:63:1b:c7:8f:38:2c:ee:83:53:3b:81:6a:
8c:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:E0:A4:D6:3C:E9:34:B1:2D:74:7C:E0:84:8C:44:85:59:D2:6A:C0
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3130302e3231332e302f32342d3234203d3e20323038393439.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.100.213.0/24
Signature Algorithm: sha256WithRSAEncryption
05:09:a4:86:7d:10:cf:27:1f:69:5a:62:04:80:23:64:83:51:
8b:49:40:ea:38:8a:60:30:74:05:d5:82:66:ca:1d:90:e9:10:
26:cc:d8:e6:af:b0:b9:5a:07:f5:43:b3:c3:8d:8a:4b:fa:b5:
6f:2d:e1:41:30:73:36:3d:74:06:1d:b4:d4:63:71:5f:f7:60:
9f:60:48:a5:57:6b:e8:e9:a8:f3:c9:f4:21:b7:e2:f0:e1:a3:
d2:35:0e:67:29:c7:fc:0c:f6:8a:25:23:5c:ac:56:fe:6e:95:
1a:16:1a:3a:b9:89:60:d4:5d:bc:60:33:0d:18:60:b1:35:05:
84:96:a3:12:30:d0:98:f0:96:a4:e9:9c:fe:5c:34:61:07:d0:
93:d7:4a:24:7b:05:d3:65:6c:67:df:95:88:bd:d5:9f:b4:2b:
87:f4:02:b1:0b:f5:f1:94:48:fa:7d:5f:23:13:9e:8a:d6:c9:
bb:92:42:46:9f:a9:e8:85:ab:6a:5f:bb:3e:23:49:6c:d3:52:
59:dc:24:c0:b0:c3:73:67:86:d4:8c:35:48:5e:30:55:1c:58:
9b:d5:25:8f:ca:5e:ed:09:67:7b:04:7a:ae:31:0e:57:16:56:
5f:79:40:dd:56:65:d9:83:a7:04:9f:58:48:50:01:0a:31:b0:
44:91:55:84
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUEEYyZOcCGBwwh45uGLHHqkulRFQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA5MTAwOTUwMDBaFw0yNjA5MDkwOTU1MDBaMDMxMTAvBgNV
BAMTKEI1RTBBNEQ2M0NFOTM0QjEyRDc0N0NFMDg0OEM0NDg1NTlEMjZBQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSApq/NV/GZUm/Gee3vbhHrDzk
rjm4m42qB+OECD8b6o2tXixGg4h93OqwFafbo/sHwrf7rx0GIefEUre9G+x3yL8p
MfPWJQU9J9K2jZn2SO1Fari+QJl+sBCur8txN5ntK22fgY8VADAuAY8jbvcvRj+U
EBmI54uG1cN1TDTe/kQ0dNC+iLWvSLMYZodJZI1Wtkx2B9qS54097tSiymaco0Pl
cpJVmvWj4NNu42vrdR61imteTNIVUyHP0prBreFCnPxYf2KxiO7bdI6swUU27u8d
PkVGBPj21L9dIiG6jYtuy6VJJu37pFRtrec4iItDpWMbx484LO6DUzuBaoyrAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUteCk1jzpNLEtdHzghIxEhVnSasAwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzMTMwMzAyZTMy
MzEzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzODM5MzQzOS5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALlk1TANBgkqhkiG9w0BAQsFAAOCAQEABQmkhn0QzycfaVpiBIAjZINRi0lA
6jiKYDB0BdWCZsodkOkQJszY5q+wuVoH9UOzw42KS/q1by3hQTBzNj10Bh201GNx
X/dgn2BIpVdr6Omo88n0Ibfi8OGj0jUOZynH/Az2iiUjXKxW/m6VGhYaOrmJYNRd
vGAzDRhgsTUFhJajEjDQmPCWpOmc/lw0YQfQk9dKJHsF02VsZ9+ViL3Vn7Qrh/QC
sQv18ZRI+n1fIxOeitbJu5JCRp+p6IWral+7PiNJbNNSWdwkwLDDc2eG1Iw1SF4w
VRxYm9Ulj8pe7QlnewR6rjEOVxZWX3lA3VZl2YOnBJ9YSFABCjGwRJFVhA==
-----END CERTIFICATE-----
Generated at Thu Sep 18 03:24:45 2025 by rpki-client