Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3233352e33322e302f32342d3234203d3e203230343733.roa
File: 3138352e3233352e33322e302f32342d3234203d3e203230343733.roa (raw, json)
Hash identifier: 1URLA5gtddKTIr2p8sr17bAhm+lvM12xyQRUkgRLsLM=
Subject key identifier: AE:1D:C9:88:FB:D6:84:29:F7:C0:F9:10:B9:1E:4E:8F:A7:CC:25:42
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 4E40F5BF70EA5F549FA3FB39F026478F7CF0B420
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3233352e33322e302f32342d3234203d3e203230343733.roa
Signing time: Wed 10 Sep 2025 09:55:02 +0000
ROA not before: Wed 10 Sep 2025 09:50:02 +0000
ROA not after: Wed 09 Sep 2026 09:55:02 +0000
asID: 20473
IP address blocks: 185.235.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 Oct 2025 14:36:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:40:f5:bf:70:ea:5f:54:9f:a3:fb:39:f0:26:47:8f:7c:f0:b4:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 10 09:50:02 2025 GMT
Not After : Sep 9 09:55:02 2026 GMT
Subject: CN=AE1DC988FBD68429F7C0F910B91E4E8FA7CC2542
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:90:2a:8e:e4:dc:a6:db:2c:49:65:46:81:49:
49:f0:ad:0d:6e:b4:1c:21:fd:e0:e6:56:97:3c:bd:
a0:01:d3:89:38:51:d2:3b:93:ce:e4:2d:c1:66:6e:
a2:3f:cb:fe:21:3f:71:28:a5:3f:d9:2b:26:af:6b:
38:f8:07:8d:e4:ed:e8:6b:d3:bd:12:da:93:af:36:
be:b6:11:4b:6d:98:da:67:82:c2:93:9a:0e:9c:9c:
39:02:d8:5c:df:44:8a:5e:4e:e0:f1:04:88:14:59:
b9:a3:16:0d:3b:aa:af:34:68:e7:62:2f:66:b4:b8:
4a:cb:76:4c:f4:4d:af:70:2e:aa:2c:b3:7b:a7:d9:
78:ea:6a:d2:8c:f9:3c:be:f1:d6:b4:23:3d:0f:66:
38:57:f0:c8:af:e1:7d:da:98:33:be:1d:cf:9d:d5:
94:79:04:12:eb:4e:f5:77:ef:01:70:13:ce:14:86:
8c:66:e8:86:ed:ba:40:1d:1f:9b:44:9a:a5:09:ed:
25:bb:3a:b6:62:ac:b6:ea:52:34:c2:18:c4:bd:3d:
f3:a6:36:bf:91:67:4f:08:f7:64:39:d1:9a:25:a9:
84:6e:a2:9e:f1:8a:41:15:67:bc:43:7c:e9:78:40:
c1:69:3f:c6:5a:40:51:19:2b:8e:ad:f4:11:f0:49:
9c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:1D:C9:88:FB:D6:84:29:F7:C0:F9:10:B9:1E:4E:8F:A7:CC:25:42
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/3138352e3233352e33322e302f32342d3234203d3e203230343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.235.32.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:52:10:37:21:dc:08:a6:3f:c1:4b:d3:57:33:5d:e8:ea:a7:
02:4a:1a:66:c1:a1:51:e3:71:a2:23:02:ed:da:50:19:23:63:
d0:0b:74:bd:f8:07:e0:06:b4:4b:b7:34:d1:f2:f4:d7:8a:8d:
30:40:5e:44:60:63:91:34:68:c0:f1:c6:f4:c8:01:7a:66:96:
26:df:da:6a:ba:b5:b8:c8:9c:85:a9:01:6c:dc:c4:ea:32:56:
12:79:6e:b5:bb:9a:39:1e:92:fa:19:f9:a4:10:cf:4f:3f:88:
58:48:70:50:0a:f4:ff:6c:72:53:58:18:28:2f:fb:a9:a9:47:
60:f9:8f:1a:54:4a:01:ad:be:98:f1:e7:31:a9:14:b0:94:bd:
3b:a5:62:9a:ee:09:64:83:8c:12:55:6a:57:cd:ab:73:f8:a5:
39:f0:e0:61:54:69:59:a4:94:05:93:1f:48:7e:d9:7b:ae:ee:
5e:ed:e3:76:fe:83:c9:f2:3b:03:f4:d9:92:6d:97:1e:86:43:
3e:a2:45:7a:bc:89:f8:2a:48:79:e1:38:7a:b5:d5:93:03:ce:
59:30:80:7b:af:ee:c9:c5:f8:6c:c2:84:b7:a1:b3:e3:9e:55:
f3:90:78:92:4c:03:68:dc:68:4c:bc:62:32:78:f5:a0:58:ad:
67:43:01:3a
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUTkD1v3DqX1Sfo/s58CZHj3zwtCAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA5MTAwOTUwMDJaFw0yNjA5MDkwOTU1MDJaMDMxMTAvBgNV
BAMTKEFFMURDOTg4RkJENjg0MjlGN0MwRjkxMEI5MUU0RThGQTdDQzI1NDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCukCqO5Nym2yxJZUaBSUnwrQ1u
tBwh/eDmVpc8vaAB04k4UdI7k87kLcFmbqI/y/4hP3EopT/ZKyavazj4B43k7ehr
070S2pOvNr62EUttmNpngsKTmg6cnDkC2FzfRIpeTuDxBIgUWbmjFg07qq80aOdi
L2a0uErLdkz0Ta9wLqoss3un2XjqatKM+Ty+8da0Iz0PZjhX8Miv4X3amDO+Hc+d
1ZR5BBLrTvV37wFwE84Uhoxm6IbtukAdH5tEmqUJ7SW7OrZirLbqUjTCGMS9PfOm
Nr+RZ08I92Q50ZolqYRuop7xikEVZ7xDfOl4QMFpP8ZaQFEZK46t9BHwSZwBAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUrh3JiPvWhCn3wPkQuR5Oj6fMJUIwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzEzODM1MmUzMjMzMzUyZTMz
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
uesgMA0GCSqGSIb3DQEBCwUAA4IBAQCNUhA3IdwIpj/BS9NXM13o6qcCShpmwaFR
43GiIwLt2lAZI2PQC3S9+AfgBrRLtzTR8vTXio0wQF5EYGORNGjA8cb0yAF6ZpYm
39pqurW4yJyFqQFs3MTqMlYSeW61u5o5HpL6GfmkEM9PP4hYSHBQCvT/bHJTWBgo
L/upqUdg+Y8aVEoBrb6Y8ecxqRSwlL07pWKa7glkg4wSVWpXzatz+KU58OBhVGlZ
pJQFkx9Iftl7ru5e7eN2/oPJ8jsD9NmSbZcehkM+okV6vIn4Kkh54Th6tdWTA85Z
MIB7r+7JxfhswoS3obPjnlXzkHiSTANo3GhMvGIyePWgWK1nQwE6
-----END CERTIFICATE-----
Generated at Mon Oct 13 22:16:03 2025 by rpki-client