Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139372e302f32342d3234203d3e20343030303430.roa
File: 38352e3233372e3139372e302f32342d3234203d3e20343030303430.roa (raw, json)
Hash identifier: JZMJsetCGvV7Kk2THOa//y0z2rn64FAzTl7Lkja5OzI=
Subject key identifier: 60:F1:E4:F0:CE:EA:62:02:35:E0:07:5D:D0:06:0A:DA:11:59:3D:33
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 4CE6DA8EBFA68DC4B11ABCBFA2A6AAF2EF03EA6C
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139372e302f32342d3234203d3e20343030303430.roa
Signing time: Wed 10 Sep 2025 09:55:01 +0000
ROA not before: Wed 10 Sep 2025 09:50:01 +0000
ROA not after: Wed 09 Sep 2026 09:55:01 +0000
asID: 400040
IP address blocks: 85.237.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 17:09:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:e6:da:8e:bf:a6:8d:c4:b1:1a:bc:bf:a2:a6:aa:f2:ef:03:ea:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 10 09:50:01 2025 GMT
Not After : Sep 9 09:55:01 2026 GMT
Subject: CN=60F1E4F0CEEA620235E0075DD0060ADA11593D33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:42:a0:2d:96:76:d8:48:fd:e9:e6:6b:01:2a:
07:57:43:c3:97:55:47:0e:54:ff:4f:e1:ab:cb:63:
2f:95:29:eb:50:c8:f0:7f:f6:2e:9a:f3:fb:b0:8d:
02:91:1c:6f:23:fb:2f:d9:61:c6:bd:ae:7f:34:97:
85:9a:99:0a:c1:96:75:00:3f:a3:b3:3c:1e:4d:0e:
99:70:44:cc:93:03:0e:bb:e5:5d:1e:42:10:bc:4e:
93:d8:c0:2a:3a:15:5c:88:9b:06:43:48:af:fe:3f:
84:56:4b:30:29:a5:40:68:fc:98:3d:c3:83:a2:0d:
6c:32:59:55:c9:ec:d8:2f:dd:bf:28:0f:58:71:4b:
44:8f:b5:a7:11:cb:dc:78:6c:b2:03:b4:f5:62:31:
75:2b:ad:ae:71:3f:00:a0:e5:46:85:a8:1c:54:90:
f0:bf:f1:89:da:d6:0a:21:de:ad:99:a4:ff:c9:55:
96:40:ee:50:ca:b0:0c:7c:be:30:ef:68:bd:9d:c7:
c1:37:ed:8c:68:15:5b:44:02:23:b7:0e:85:f8:48:
33:05:88:b5:ce:35:04:0d:05:53:79:92:57:07:23:
ff:e8:dd:b1:ea:82:bd:75:be:a2:eb:3e:66:ae:c5:
94:93:d6:3b:82:d6:cc:94:00:90:cb:55:b1:97:c6:
d9:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:F1:E4:F0:CE:EA:62:02:35:E0:07:5D:D0:06:0A:DA:11:59:3D:33
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3139372e302f32342d3234203d3e20343030303430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.197.0/24
Signature Algorithm: sha256WithRSAEncryption
28:2a:43:94:3f:e6:54:65:e5:ba:f5:10:92:75:62:48:f4:c8:
d2:aa:07:a8:3c:a9:e3:77:cf:2d:17:15:1c:9d:d1:e2:68:9a:
0d:38:17:44:7b:b9:05:21:2b:7f:fe:86:d1:c7:71:96:b9:a5:
8f:c7:58:52:2d:19:78:57:c1:91:b4:41:7b:d9:b1:61:aa:87:
b7:0d:7f:38:e4:6f:16:ab:e7:04:3a:4a:a6:69:22:02:47:2e:
0c:7a:9c:3d:58:c0:43:6c:37:f4:32:18:3a:bf:82:45:a9:b0:
44:55:af:c2:e5:70:bd:df:ff:39:fd:6a:29:64:d6:ce:99:92:
65:5d:03:70:67:65:28:be:8d:c6:25:0c:60:a0:38:d4:0e:d1:
0a:7a:f9:2a:0b:02:8d:5e:44:bc:ba:d4:52:dd:72:9e:8c:f2:
04:bd:d1:ed:ef:61:89:6b:0c:e8:24:3e:40:d1:eb:a7:91:f7:
46:2f:30:66:d1:61:ca:dd:0f:e9:6d:72:82:77:27:f9:0b:02:
1c:17:8b:78:fd:f7:3b:5e:5b:12:a6:56:5a:0d:50:f3:d8:bc:
0c:7b:98:8d:77:3e:5e:4c:c5:9d:21:35:7b:08:a0:72:2c:59:
be:bc:5f:16:c3:a6:0b:da:70:74:d0:ed:a1:ed:31:b0:1b:54:
95:89:70:98
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTObajr+mjcSxGry/oqaq8u8D6mwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA5MTAwOTUwMDFaFw0yNjA5MDkwOTU1MDFaMDMxMTAvBgNV
BAMTKDYwRjFFNEYwQ0VFQTYyMDIzNUUwMDc1REQwMDYwQURBMTE1OTNEMzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2QqAtlnbYSP3p5msBKgdXQ8OX
VUcOVP9P4avLYy+VKetQyPB/9i6a8/uwjQKRHG8j+y/ZYca9rn80l4WamQrBlnUA
P6OzPB5NDplwRMyTAw675V0eQhC8TpPYwCo6FVyImwZDSK/+P4RWSzAppUBo/Jg9
w4OiDWwyWVXJ7Ngv3b8oD1hxS0SPtacRy9x4bLIDtPViMXUrra5xPwCg5UaFqBxU
kPC/8Yna1goh3q2ZpP/JVZZA7lDKsAx8vjDvaL2dx8E37YxoFVtEAiO3DoX4SDMF
iLXONQQNBVN5klcHI//o3bHqgr11vqLrPmauxZST1juC1syUAJDLVbGXxtk3AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUYPHk8M7qYgI14Add0AYK2hFZPTMwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMTM5
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzAzMDM0MzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7cUwDQYJKoZIhvcNAQELBQADggEBACgqQ5Q/5lRl5br1EJJ1Ykj0yNKqB6g8
qeN3zy0XFRyd0eJomg04F0R7uQUhK3/+htHHcZa5pY/HWFItGXhXwZG0QXvZsWGq
h7cNfzjkbxar5wQ6SqZpIgJHLgx6nD1YwENsN/QyGDq/gkWpsERVr8LlcL3f/zn9
ailk1s6ZkmVdA3BnZSi+jcYlDGCgONQO0Qp6+SoLAo1eRLy61FLdcp6M8gS90e3v
YYlrDOgkPkDR66eR90YvMGbRYcrdD+ltcoJ3J/kLAhwXi3j99zteWxKmVloNUPPY
vAx7mI13Pl5MxZ0hNXsIoHIsWb68XxbDpgvacHTQ7aHtMbAbVJWJcJg=
-----END CERTIFICATE-----
Generated at Thu Sep 18 10:30:02 2025 by rpki-client