Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e36302e302f32342d3234203d3e203631333137.roa
File: 38352e3135382e36302e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: d1v3HRYHrpN/lLKIafNnQmLU03l8pNsovId42+sBXQw=
Subject key identifier: AE:81:5C:AB:2D:E9:8B:90:16:26:62:0B:5E:B1:6B:75:89:EB:8A:E9
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 753FAA0673D725322E3333BB8AC860109FC95913
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e36302e302f32342d3234203d3e203631333137.roa
Signing time: Wed 10 Sep 2025 09:55:01 +0000
ROA not before: Wed 10 Sep 2025 09:50:01 +0000
ROA not after: Wed 09 Sep 2026 09:55:01 +0000
asID: 61317
IP address blocks: 85.158.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 00:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:3f:aa:06:73:d7:25:32:2e:33:33:bb:8a:c8:60:10:9f:c9:59:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 10 09:50:01 2025 GMT
Not After : Sep 9 09:55:01 2026 GMT
Subject: CN=AE815CAB2DE98B901626620B5EB16B7589EB8AE9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:57:7e:9b:a1:13:e3:64:96:86:18:9a:ff:cc:
bd:e8:7e:c6:33:1d:59:e5:86:f0:b3:33:33:2b:87:
69:4b:2a:a5:06:6a:38:8f:41:40:f0:9a:6a:d3:fc:
e7:69:57:40:c6:31:5f:1d:79:ab:c9:9f:34:0d:c0:
5d:03:00:7a:ec:d7:97:68:4a:e9:06:bd:e4:15:8a:
cc:a4:da:23:03:2c:bd:f5:b2:35:b7:9d:e7:0b:76:
7e:14:6d:c3:8d:57:20:2c:8f:4c:b1:92:c7:b9:a2:
fe:0b:51:54:93:cf:a5:0f:3a:99:58:6a:6a:c3:43:
cf:c8:91:e9:61:44:f9:e3:85:9b:1e:0a:13:02:be:
49:a2:af:40:4a:e9:15:57:bc:1e:94:3c:51:01:7c:
e9:77:5e:96:28:ea:81:f6:a9:1d:d2:4a:d0:d2:48:
cc:d3:fe:e5:c4:f0:a0:45:70:b3:8f:24:49:63:83:
65:68:d5:99:ea:f8:65:7e:49:6a:33:98:a9:fa:c5:
fc:e7:3f:41:28:09:76:e6:bb:4c:52:60:64:3e:e3:
dd:ab:f6:aa:cc:95:4f:dd:4f:ce:72:7c:cc:9f:aa:
e7:26:3f:a0:d2:73:f4:ad:28:e1:20:26:6e:9f:50:
b3:5a:4e:80:dd:61:a2:45:43:e1:fc:d8:3c:88:29:
84:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:81:5C:AB:2D:E9:8B:90:16:26:62:0B:5E:B1:6B:75:89:EB:8A:E9
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3135382e36302e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.60.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:d2:59:89:6c:1b:64:6c:31:e9:ff:3b:18:d4:2b:56:8b:88:
12:16:48:df:5d:54:3c:66:6f:22:30:9d:2f:8e:0e:89:99:1c:
a0:5c:e5:32:3c:18:2f:2d:96:b6:ab:12:13:fd:80:a6:6d:5c:
3d:73:e1:c7:8d:c8:1c:60:c1:bd:ee:a2:4c:5e:29:22:19:29:
c8:48:d1:0e:66:0b:ef:37:e1:20:6d:c3:1f:2e:64:60:c9:58:
06:c5:b9:e0:7d:54:fb:47:dc:f1:b1:b9:f9:df:09:45:7e:1e:
10:f2:35:fd:60:4a:d2:17:d0:27:a0:e9:bf:3d:17:98:46:c6:
fb:f6:e7:90:45:4b:d5:4e:ad:a2:9b:a6:bf:f1:67:ff:89:11:
2b:21:20:1a:ee:7a:b3:2a:4d:bb:a7:90:17:22:fc:86:0d:53:
ad:e7:99:5d:7a:df:60:e6:8c:2c:28:91:0d:a0:8e:df:23:97:
13:36:2d:8c:5a:c9:d2:9d:eb:88:69:b7:6a:56:87:da:8f:f9:
5c:a3:30:a6:49:c9:8b:58:48:f6:52:87:c7:81:80:04:de:43:
3b:53:73:3d:a2:8e:36:ef:28:16:7c:4c:98:e4:53:be:5b:1c:
16:a7:82:31:56:fe:fd:9e:01:c3:29:7d:ac:0e:94:7d:05:cf:
58:82:c0:ab
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUdT+qBnPXJTIuMzO7ishgEJ/JWRMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA5MTAwOTUwMDFaFw0yNjA5MDkwOTU1MDFaMDMxMTAvBgNV
BAMTKEFFODE1Q0FCMkRFOThCOTAxNjI2NjIwQjVFQjE2Qjc1ODlFQjhBRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeV36boRPjZJaGGJr/zL3ofsYz
HVnlhvCzMzMrh2lLKqUGajiPQUDwmmrT/OdpV0DGMV8deavJnzQNwF0DAHrs15do
SukGveQVisyk2iMDLL31sjW3necLdn4UbcONVyAsj0yxkse5ov4LUVSTz6UPOplY
amrDQ8/IkelhRPnjhZseChMCvkmir0BK6RVXvB6UPFEBfOl3XpYo6oH2qR3SStDS
SMzT/uXE8KBFcLOPJEljg2Vo1Znq+GV+SWozmKn6xfznP0EoCXbmu0xSYGQ+492r
9qrMlU/dT85yfMyfqucmP6DSc/StKOEgJm6fULNaToDdYaJFQ+H82DyIKYQTAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUroFcqy3pi5AWJmILXrFrdYnriukwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzEzNTM4MmUzNjMw
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTMzMzEzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFWe
PDANBgkqhkiG9w0BAQsFAAOCAQEATtJZiWwbZGwx6f87GNQrVouIEhZI311UPGZv
IjCdL44OiZkcoFzlMjwYLy2WtqsSE/2Apm1cPXPhx43IHGDBve6iTF4pIhkpyEjR
DmYL7zfhIG3DHy5kYMlYBsW54H1U+0fc8bG5+d8JRX4eEPI1/WBK0hfQJ6Dpvz0X
mEbG+/bnkEVL1U6topumv/Fn/4kRKyEgGu56sypNu6eQFyL8hg1TreeZXXrfYOaM
LCiRDaCO3yOXEzYtjFrJ0p3riGm3alaH2o/5XKMwpknJi1hI9lKHx4GABN5DO1Nz
PaKONu8oFnxMmORTvlscFqeCMVb+/Z4Bwyl9rA6UfQXPWILAqw==
-----END CERTIFICATE-----
Generated at Wed Sep 17 17:35:31 2025 by rpki-client