Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230362e302f32332d3234203d3e20343031343433.roa
File: 38352e3233372e3230362e302f32332d3234203d3e20343031343433.roa (raw, json)
Hash identifier: wRTooflKmZoeHzvH+QWGcmv76BJehylVrFb1e1R0U6Q=
Subject key identifier: 40:66:1D:73:47:AA:22:C9:0F:84:23:16:7D:BA:0E:86:70:BF:77:CB
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 29B8FD4625175F7512F76634E8A2311C00E35C42
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230362e302f32332d3234203d3e20343031343433.roa
Signing time: Thu 09 Oct 2025 13:08:21 +0000
ROA not before: Thu 09 Oct 2025 13:03:21 +0000
ROA not after: Thu 08 Oct 2026 13:08:21 +0000
asID: 401443
IP address blocks: 85.237.206.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 Oct 2025 20:33:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:b8:fd:46:25:17:5f:75:12:f7:66:34:e8:a2:31:1c:00:e3:5c:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Oct 9 13:03:21 2025 GMT
Not After : Oct 8 13:08:21 2026 GMT
Subject: CN=40661D7347AA22C90F8423167DBA0E8670BF77CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f3:47:60:fa:12:ca:df:94:8d:8e:26:3a:99:
9f:b6:fe:a6:7a:69:97:85:b9:cb:04:1d:32:e3:a5:
f3:2e:44:92:d0:10:be:7f:f1:cc:cb:a6:ff:bb:44:
04:31:04:b5:c9:98:3c:cb:4e:3d:bf:94:80:e6:43:
2c:e6:83:ce:bf:a2:ad:27:f9:9e:a9:64:5d:df:02:
bb:79:27:a2:e2:b2:4f:4a:6e:4f:27:f0:f2:e3:70:
3e:25:41:d1:77:5f:7d:79:23:b6:45:0f:c0:b3:7b:
c9:31:e3:a1:37:c6:60:44:f1:75:6d:50:c3:bf:8e:
86:2a:19:72:2c:34:5f:18:ff:ba:8c:ce:23:b1:21:
48:70:f4:ff:a8:c9:f3:62:ae:8f:02:ff:81:72:66:
fd:44:eb:1b:46:58:03:25:5b:26:c9:e2:1b:b1:78:
14:a7:19:7c:50:e0:ee:7f:a3:c3:a1:75:40:ff:66:
f8:a2:d7:e2:64:1b:ea:ee:6f:98:2f:53:3c:56:49:
0a:b5:f3:39:5a:56:99:4f:ce:6f:d6:d0:b5:3b:60:
f9:f4:a0:2c:0a:75:32:91:16:6d:0e:2d:d2:ef:0e:
9e:ea:e0:1e:12:a8:52:88:c4:ea:39:ab:ff:aa:8e:
9f:cb:1f:68:ad:32:47:6e:4a:4a:f2:1d:b5:30:ba:
a8:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:66:1D:73:47:AA:22:C9:0F:84:23:16:7D:BA:0E:86:70:BF:77:CB
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230362e302f32332d3234203d3e20343031343433.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.206.0/23
Signature Algorithm: sha256WithRSAEncryption
60:8b:46:20:a7:ea:24:aa:f5:ce:9f:3c:5d:84:07:85:36:10:
da:21:a2:76:05:fb:88:c0:e5:04:d6:1f:02:a7:3d:0c:c4:80:
4b:0b:9b:c4:d5:67:fa:40:6e:76:a5:0c:6b:f9:8a:14:6d:b1:
a5:8b:b1:50:f9:28:a6:d4:32:98:2d:f2:fd:d2:67:c4:53:7d:
4e:b2:26:b7:7e:09:4e:15:52:b0:1c:a1:a7:f7:18:72:cd:7e:
2f:1f:de:59:d0:ca:90:7f:9d:b8:31:18:6a:fb:8e:95:3d:6f:
fc:e5:4c:26:af:74:33:e7:56:80:f9:09:5b:42:22:cc:ad:c1:
36:37:5c:b3:ef:ac:62:78:8c:7e:c0:c2:b6:e1:b6:32:0a:c7:
d8:a7:4b:05:21:10:2b:32:61:b8:53:37:e5:63:3d:29:72:b7:
51:85:b0:fc:c4:93:46:2f:8a:23:a1:d2:4c:fd:cc:8e:50:30:
99:fb:6a:7a:4f:09:6a:1b:2c:98:dd:00:55:f6:e5:00:7d:e2:
fc:14:10:33:90:a5:c0:7b:20:34:8d:ea:8d:e2:46:16:ec:f3:
c7:37:bb:1f:8d:a8:f9:15:12:b7:43:97:ee:ff:df:d5:dd:72:
d6:c1:ed:ce:76:3a:11:af:b0:a1:09:11:15:1a:28:6c:31:58:
13:95:75:5a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKbj9RiUXX3US92Y06KIxHADjXEIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTEwMDkxMzAzMjFaFw0yNjEwMDgxMzA4MjFaMDMxMTAvBgNV
BAMTKDQwNjYxRDczNDdBQTIyQzkwRjg0MjMxNjdEQkEwRTg2NzBCRjc3Q0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC780dg+hLK35SNjiY6mZ+2/qZ6
aZeFucsEHTLjpfMuRJLQEL5/8czLpv+7RAQxBLXJmDzLTj2/lIDmQyzmg86/oq0n
+Z6pZF3fArt5J6Lisk9Kbk8n8PLjcD4lQdF3X315I7ZFD8Cze8kx46E3xmBE8XVt
UMO/joYqGXIsNF8Y/7qMziOxIUhw9P+oyfNiro8C/4FyZv1E6xtGWAMlWybJ4hux
eBSnGXxQ4O5/o8OhdUD/Zvii1+JkG+rub5gvUzxWSQq18zlaVplPzm/W0LU7YPn0
oCwKdTKRFm0OLdLvDp7q4B4SqFKIxOo5q/+qjp/LH2itMkduSkryHbUwuqhrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUQGYdc0eqIskPhCMWfboOhnC/d8swHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzYyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNDMwMzEzNDM0MzMucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAFV7c4wDQYJKoZIhvcNAQELBQADggEBAGCLRiCn6iSq9c6fPF2EB4U2ENohonYF
+4jA5QTWHwKnPQzEgEsLm8TVZ/pAbnalDGv5ihRtsaWLsVD5KKbUMpgt8v3SZ8RT
fU6yJrd+CU4VUrAcoaf3GHLNfi8f3lnQypB/nbgxGGr7jpU9b/zlTCavdDPnVoD5
CVtCIsytwTY3XLPvrGJ4jH7AwrbhtjIKx9inSwUhECsyYbhTN+VjPSlyt1GFsPzE
k0YviiOh0kz9zI5QMJn7anpPCWobLJjdAFX25QB94vwUEDOQpcB7IDSN6o3iRhbs
88c3ux+NqPkVErdDl+7/39XdctbB7c52OhGvsKEJERUaKGwxWBOVdVo=
-----END CERTIFICATE-----
Generated at Thu Oct 16 01:54:20 2025 by rpki-client