Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230342e302f32342d3234203d3e203631333137.roa
File: 38352e3233372e3230342e302f32342d3234203d3e203631333137.roa (raw, json)
Hash identifier: NaUbt0FcvDiah9yMdIU+oKfi8LDRLM5WYCM2fH+RyFw=
Subject key identifier: FE:E9:E9:0C:05:48:90:C6:0D:72:CA:2F:2C:D7:5B:04:26:AB:A0:74
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 326B51A32357BD986DFE7E08157303781BC80FB5
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230342e302f32342d3234203d3e203631333137.roa
Signing time: Wed 10 Sep 2025 09:55:01 +0000
ROA not before: Wed 10 Sep 2025 09:50:01 +0000
ROA not after: Wed 09 Sep 2026 09:55:01 +0000
asID: 61317
IP address blocks: 85.237.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 09:41:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:6b:51:a3:23:57:bd:98:6d:fe:7e:08:15:73:03:78:1b:c8:0f:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 10 09:50:01 2025 GMT
Not After : Sep 9 09:55:01 2026 GMT
Subject: CN=FEE9E90C054890C60D72CA2F2CD75B0426ABA074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:47:98:0b:71:b3:e4:a3:f7:f4:d3:7e:26:e4:
c3:72:e8:85:e8:73:7f:72:f6:41:a5:9a:67:ee:f3:
cd:fc:b3:14:49:9c:21:9a:d9:8a:90:18:6b:c0:42:
6f:55:87:14:fb:0b:e3:a6:62:d7:f5:db:6f:48:ca:
e6:5e:5c:10:42:7c:82:b5:5f:7c:92:be:ed:67:ec:
cc:d9:6a:5e:45:cb:a4:2d:6d:0a:39:70:3a:13:4d:
7d:48:44:1b:9b:b6:14:28:5a:48:4d:dc:65:e8:14:
48:88:48:b8:75:00:41:ed:33:93:92:53:8d:0b:dc:
16:dc:65:28:94:c7:09:3c:ef:df:a2:af:43:b4:5c:
a9:76:42:33:7e:85:d5:34:97:9d:5c:fa:c5:5f:54:
61:28:2a:7c:13:a0:40:92:b2:81:1e:5e:29:df:4b:
40:c2:82:78:06:02:e5:d4:f9:88:bf:c1:84:76:0f:
e2:49:bb:3f:99:2e:28:11:60:c6:b3:5f:35:1b:e3:
9e:d3:92:30:51:03:13:dd:c8:fb:e7:ca:6d:2a:7a:
b1:dd:8e:ed:87:3a:da:77:98:62:a4:1d:2d:3d:66:
7e:b5:11:8c:1c:25:a6:14:58:a4:8c:27:4c:98:7e:
c9:62:ca:e9:af:96:61:44:53:3a:1a:a8:34:5c:13:
ee:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E9:E9:0C:05:48:90:C6:0D:72:CA:2F:2C:D7:5B:04:26:AB:A0:74
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230342e302f32342d3234203d3e203631333137.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.204.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:50:3f:51:07:60:39:aa:79:ba:1c:5a:12:25:18:bd:31:ad:
da:02:6f:9f:71:2f:05:05:d6:3b:7b:93:92:47:15:97:be:6c:
ad:85:e7:b2:6f:91:f3:b8:a5:35:a9:30:2b:55:9d:dc:0a:1d:
9e:0a:dd:4c:ef:47:e5:07:58:89:13:e3:6a:76:fb:ce:0d:50:
15:47:b7:47:04:13:9c:d6:a9:0b:11:17:02:f6:7e:db:d0:07:
5f:aa:08:ad:e8:2b:ea:c7:94:c7:08:dc:ec:8b:cc:d8:00:e9:
35:2e:f6:86:13:1a:a3:82:78:89:b9:59:dc:64:78:d8:a2:72:
06:9d:1a:70:56:51:d9:3e:af:fe:88:91:ab:76:15:ab:dc:f2:
8e:c9:a9:d5:c1:c5:92:82:c8:3c:9a:25:df:21:42:65:39:d3:
fd:76:eb:1f:0b:18:84:89:b0:7a:e8:49:21:fc:40:fc:ce:27:
23:b7:c5:9d:ac:2e:45:23:49:cb:e6:90:74:ba:70:bd:ba:3f:
74:32:61:74:65:9f:96:93:4f:f5:31:4b:6a:ea:c1:a2:ef:fe:
20:0c:2e:fd:20:45:29:1f:e6:14:7c:9d:3c:5f:dd:1c:71:3e:
1e:db:bb:e1:5a:ca:a8:4f:e8:6e:33:f0:fd:0e:7a:5a:22:5b:
8f:16:eb:68
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMmtRoyNXvZht/n4IFXMDeBvID7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA5MTAwOTUwMDFaFw0yNjA5MDkwOTU1MDFaMDMxMTAvBgNV
BAMTKEZFRTlFOTBDMDU0ODkwQzYwRDcyQ0EyRjJDRDc1QjA0MjZBQkEwNzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYR5gLcbPko/f0034m5MNy6IXo
c39y9kGlmmfu8838sxRJnCGa2YqQGGvAQm9VhxT7C+OmYtf1229IyuZeXBBCfIK1
X3ySvu1n7MzZal5Fy6QtbQo5cDoTTX1IRBubthQoWkhN3GXoFEiISLh1AEHtM5OS
U40L3BbcZSiUxwk879+ir0O0XKl2QjN+hdU0l51c+sVfVGEoKnwToECSsoEeXinf
S0DCgngGAuXU+Yi/wYR2D+JJuz+ZLigRYMazXzUb457TkjBRAxPdyPvnym0qerHd
ju2HOtp3mGKkHS09Zn61EYwcJaYUWKSMJ0yYfsliyumvlmFEUzoaqDRcE+7tAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU/unpDAVIkMYNcsovLNdbBCaroHQwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3MMA0GCSqGSIb3DQEBCwUAA4IBAQBKUD9RB2A5qnm6HFoSJRi9Ma3aAm+fcS8F
BdY7e5OSRxWXvmytheeyb5HzuKU1qTArVZ3cCh2eCt1M70flB1iJE+NqdvvODVAV
R7dHBBOc1qkLERcC9n7b0Adfqgit6Cvqx5THCNzsi8zYAOk1LvaGExqjgniJuVnc
ZHjYonIGnRpwVlHZPq/+iJGrdhWr3PKOyanVwcWSgsg8miXfIUJlOdP9dusfCxiE
ibB66Ekh/ED8zicjt8WdrC5FI0nL5pB0unC9uj90MmF0ZZ+Wk0/1MUtq6sGi7/4g
DC79IEUpH+YUfJ08X90ccT4e27vhWsqoT+huM/D9DnpaIluPFuto
-----END CERTIFICATE-----
Generated at Thu Sep 18 16:16:47 2025 by rpki-client