Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139342e302f32342d3234203d3e20323036303932.roa
File: 38352e3233372e3139342e302f32342d3234203d3e20323036303932.roa (raw, json)
Hash identifier: KqXMD4rmyq3rkjIW0qjsByh9QjDIowNjL8oCNcBRe9o=
Subject key identifier: 0F:88:BF:0A:90:7D:02:08:4C:02:2D:C7:B5:45:20:9B:82:59:C3:47
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 4A877DECE54F9295DA4200AEE259AAA2CA118556
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139342e302f32342d3234203d3e20323036303932.roa
Signing time: Wed 10 Sep 2025 09:55:01 +0000
ROA not before: Wed 10 Sep 2025 09:50:01 +0000
ROA not after: Wed 09 Sep 2026 09:55:01 +0000
asID: 206092
IP address blocks: 85.237.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 Oct 2025 20:33:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:87:7d:ec:e5:4f:92:95:da:42:00:ae:e2:59:aa:a2:ca:11:85:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 10 09:50:01 2025 GMT
Not After : Sep 9 09:55:01 2026 GMT
Subject: CN=0F88BF0A907D02084C022DC7B545209B8259C347
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1a:f5:2c:f8:02:c5:8f:48:5d:29:f0:a7:80:
12:2a:0d:ea:e3:27:0b:74:88:95:40:91:ed:b7:45:
89:2c:45:c7:34:7f:6d:e9:ce:0b:73:fa:59:46:d4:
7f:27:d1:e1:7e:84:fe:22:59:c5:48:eb:1f:6f:34:
dd:27:b8:3e:0b:79:4b:10:46:22:78:6f:68:9d:33:
d6:69:b7:39:5f:25:59:3e:6b:6b:57:2e:e3:5e:de:
bf:58:8b:9c:25:95:cc:e8:db:56:fc:0c:51:09:96:
56:fd:6f:15:94:b0:f1:76:42:ab:bd:4c:97:73:62:
02:85:c8:c0:2b:e6:31:e8:19:36:00:e3:92:2b:f4:
f7:72:93:30:78:2c:f3:56:5d:e8:14:52:e4:2e:1c:
13:99:93:83:46:95:e8:5d:0d:5d:04:6c:cd:eb:3c:
40:19:37:b5:a7:dd:11:f1:66:61:7a:c9:1c:de:9a:
5f:39:98:00:8c:31:07:8c:74:5c:0f:72:49:63:3d:
ba:32:06:6a:ab:0e:50:92:2c:0c:5d:29:31:75:e6:
7b:6f:55:8a:d0:dd:03:24:a6:ca:9b:6b:af:00:dd:
8c:ea:d7:cb:ce:78:a1:06:b8:3e:47:8b:c1:2f:6f:
e8:79:10:21:66:a6:c0:70:43:76:0a:78:c1:41:f4:
ce:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:88:BF:0A:90:7D:02:08:4C:02:2D:C7:B5:45:20:9B:82:59:C3:47
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139342e302f32342d3234203d3e20323036303932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.194.0/24
Signature Algorithm: sha256WithRSAEncryption
78:e5:fe:76:e4:32:82:bf:29:be:9e:b8:64:eb:18:60:bf:ca:
6e:21:4f:d5:d0:c7:a1:f1:65:00:cc:6a:47:3d:d2:3c:d6:d4:
ca:1d:5e:52:fa:c6:fa:bd:27:c6:ce:df:2a:a7:8c:e4:4c:92:
da:a5:6e:97:04:99:8c:d1:17:01:18:53:32:64:d4:b9:ef:c7:
fe:31:81:52:6b:3a:dd:c6:0f:c6:38:5d:1a:22:1f:81:a1:9b:
0a:ad:22:6a:da:c2:ed:f3:73:99:67:a7:6a:c3:ca:79:40:2a:
50:12:07:88:60:cf:99:76:98:fb:80:45:ad:ac:59:66:f2:6f:
ef:da:ee:2d:09:d2:c3:44:0d:ab:01:8c:a5:95:89:92:50:bd:
2a:a3:e3:85:1d:e6:8f:99:ad:cd:4a:49:d1:45:98:98:80:d9:
d4:1c:df:90:65:3c:7a:de:12:0b:77:c1:24:85:c3:7b:eb:17:
a4:00:cf:43:75:9a:e2:03:43:0c:75:4d:83:d2:08:67:7b:7b:
e8:50:46:5a:8f:0c:36:3e:2e:37:18:1e:5f:18:61:a1:f0:fd:
a6:27:b2:28:6a:6d:9e:0d:c6:11:81:3e:71:b3:18:4c:03:94:
8f:03:f6:0c:e8:46:78:02:f8:ad:3e:8a:9e:a9:87:32:23:10:
ec:1e:b7:25
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSod97OVPkpXaQgCu4lmqosoRhVYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA5MTAwOTUwMDFaFw0yNjA5MDkwOTU1MDFaMDMxMTAvBgNV
BAMTKDBGODhCRjBBOTA3RDAyMDg0QzAyMkRDN0I1NDUyMDlCODI1OUMzNDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6GvUs+ALFj0hdKfCngBIqDerj
Jwt0iJVAke23RYksRcc0f23pzgtz+llG1H8n0eF+hP4iWcVI6x9vNN0nuD4LeUsQ
RiJ4b2idM9ZptzlfJVk+a2tXLuNe3r9Yi5wllczo21b8DFEJllb9bxWUsPF2Qqu9
TJdzYgKFyMAr5jHoGTYA45Ir9PdykzB4LPNWXegUUuQuHBOZk4NGlehdDV0EbM3r
PEAZN7Wn3RHxZmF6yRzeml85mACMMQeMdFwPckljPboyBmqrDlCSLAxdKTF15ntv
VYrQ3QMkpsqba68A3Yzq18vOeKEGuD5Hi8Evb+h5ECFmpsBwQ3YKeMFB9M4LAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUD4i/CpB9AghMAi3HtUUgm4JZw0cwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMTM5
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzMDM5MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7cIwDQYJKoZIhvcNAQELBQADggEBAHjl/nbkMoK/Kb6euGTrGGC/ym4hT9XQ
x6HxZQDMakc90jzW1ModXlL6xvq9J8bO3yqnjORMktqlbpcEmYzRFwEYUzJk1Lnv
x/4xgVJrOt3GD8Y4XRoiH4GhmwqtImrawu3zc5lnp2rDynlAKlASB4hgz5l2mPuA
Ra2sWWbyb+/a7i0J0sNEDasBjKWViZJQvSqj44Ud5o+Zrc1KSdFFmJiA2dQc35Bl
PHreEgt3wSSFw3vrF6QAz0N1muIDQwx1TYPSCGd7e+hQRlqPDDY+LjcYHl8YYaHw
/aYnsihqbZ4NxhGBPnGzGEwDlI8D9gzoRngC+K0+ip6phzIjEOwetyU=
-----END CERTIFICATE-----
Generated at Thu Oct 16 05:50:02 2025 by rpki-client