Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230362e302f32342d3234203d3e20313938313030.roa
File: 38352e3233372e3230362e302f32342d3234203d3e20313938313030.roa (raw, json)
Hash identifier: Susqcelon61GVWo3VFSBhQWdtuWO9+oI/JNtliy7lzA=
Subject key identifier: D9:C5:C7:B7:0E:2C:62:C4:F9:F7:9F:94:6C:81:4E:80:EF:69:AC:45
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 347C61E5A38B5F87427D09B1095FFB524BDDB922
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230362e302f32342d3234203d3e20313938313030.roa
Signing time: Wed 10 Sep 2025 09:55:01 +0000
ROA not before: Wed 10 Sep 2025 09:50:01 +0000
ROA not after: Wed 09 Sep 2026 09:55:01 +0000
asID: 198100
IP address blocks: 85.237.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 00:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:7c:61:e5:a3:8b:5f:87:42:7d:09:b1:09:5f:fb:52:4b:dd:b9:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 10 09:50:01 2025 GMT
Not After : Sep 9 09:55:01 2026 GMT
Subject: CN=D9C5C7B70E2C62C4F9F79F946C814E80EF69AC45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c8:fe:c3:03:9e:92:31:40:c9:df:07:a6:f8:
0a:7f:d1:4b:bd:3c:da:40:48:72:d6:cb:97:e7:a1:
87:b8:6f:ee:91:53:a6:86:4b:6a:00:78:b7:7a:53:
d7:87:35:e0:f1:7f:ae:00:2a:c2:d9:14:8d:c2:a1:
27:28:83:db:6d:f8:4a:82:a1:ec:6c:f6:d0:03:3a:
33:bb:e8:86:0d:24:f0:7b:04:ed:4d:53:e5:6a:7d:
31:5b:39:7c:7d:78:2c:5c:46:fb:ab:3e:96:74:e5:
f3:a9:bd:8d:52:1a:3c:93:f8:21:cd:b2:f8:cd:23:
b9:d5:17:42:77:ed:52:3a:95:33:ba:c4:87:de:4c:
67:4f:76:2e:fa:3a:64:c3:9f:70:2a:95:42:21:be:
20:a4:f7:be:4a:51:51:31:fe:da:87:1b:d2:54:ea:
f3:93:2a:8c:60:79:fd:f1:bc:b4:29:5d:f7:22:0d:
e5:1d:b1:aa:9b:07:30:0b:fb:5d:d0:72:c7:a5:59:
82:d8:69:ec:72:65:76:a3:77:98:77:5f:ec:bd:c4:
6e:90:6b:09:03:6b:8b:53:34:60:bd:e6:41:a6:03:
ed:e6:72:63:69:31:90:7b:e5:41:fb:46:b2:de:ba:
26:ef:b8:1d:d3:2b:4d:9e:80:4f:c3:cf:0e:15:12:
90:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C5:C7:B7:0E:2C:62:C4:F9:F7:9F:94:6C:81:4E:80:EF:69:AC:45
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3230362e302f32342d3234203d3e20313938313030.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.206.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:a9:f5:cf:a5:92:bc:21:8a:00:db:1c:d5:75:a2:61:c1:1b:
e5:e2:cb:a3:4f:3f:6c:b3:9b:4b:8f:a5:ab:42:5b:ce:bc:0e:
f0:62:77:95:e5:cf:40:a3:7b:a3:f3:86:fd:49:5c:f0:56:88:
79:14:74:44:96:03:04:d7:89:72:7a:21:ef:a9:55:92:12:b6:
dc:a0:77:88:7f:c7:3a:c9:e1:a1:4a:11:8c:e4:0d:a1:1a:89:
22:a8:63:04:c8:39:f3:12:09:31:88:e8:e3:64:92:a4:a0:79:
c0:ae:ca:79:29:d0:22:2c:fe:e1:da:65:89:0f:ea:83:e5:74:
60:72:64:19:48:00:ce:66:95:ef:ea:26:09:0d:f9:6e:1b:15:
ab:fb:7d:6a:40:84:c2:e5:c5:ff:93:bd:a8:5d:97:cb:fe:63:
cf:bc:0c:7b:34:69:88:dd:ee:82:67:9b:b3:01:4d:85:bc:e5:
bc:11:7d:43:12:4f:c6:79:a6:05:21:72:c2:41:76:40:bf:cb:
23:41:f0:36:7c:62:12:95:af:34:99:f8:a1:45:d1:1b:1c:a8:
1a:23:fe:71:6d:99:12:7a:ee:9b:50:e8:1a:89:0b:4a:0a:60:
00:da:9d:ea:4f:6e:c7:ef:43:c5:09:8f:0b:18:e2:90:5c:3a:
d8:da:c9:0b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNHxh5aOLX4dCfQmxCV/7UkvduSIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA5MTAwOTUwMDFaFw0yNjA5MDkwOTU1MDFaMDMxMTAvBgNV
BAMTKEQ5QzVDN0I3MEUyQzYyQzRGOUY3OUY5NDZDODE0RTgwRUY2OUFDNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChyP7DA56SMUDJ3wem+Ap/0Uu9
PNpASHLWy5fnoYe4b+6RU6aGS2oAeLd6U9eHNeDxf64AKsLZFI3CoScog9tt+EqC
oexs9tADOjO76IYNJPB7BO1NU+VqfTFbOXx9eCxcRvurPpZ05fOpvY1SGjyT+CHN
svjNI7nVF0J37VI6lTO6xIfeTGdPdi76OmTDn3AqlUIhviCk975KUVEx/tqHG9JU
6vOTKoxgef3xvLQpXfciDeUdsaqbBzAL+13QcselWYLYaexyZXajd5h3X+y9xG6Q
awkDa4tTNGC95kGmA+3mcmNpMZB75UH7RrLeuibvuB3TK02egE/Dzw4VEpD3AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU2cXHtw4sYsT595+UbIFOgO9prEUwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMw
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM5MzgzMTMwMzAucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7c4wDQYJKoZIhvcNAQELBQADggEBAG6p9c+lkrwhigDbHNV1omHBG+Xiy6NP
P2yzm0uPpatCW868DvBid5Xlz0Cje6Pzhv1JXPBWiHkUdESWAwTXiXJ6Ie+pVZIS
ttygd4h/xzrJ4aFKEYzkDaEaiSKoYwTIOfMSCTGI6ONkkqSgecCuynkp0CIs/uHa
ZYkP6oPldGByZBlIAM5mle/qJgkN+W4bFav7fWpAhMLlxf+Tvahdl8v+Y8+8DHs0
aYjd7oJnm7MBTYW85bwRfUMST8Z5pgUhcsJBdkC/yyNB8DZ8YhKVrzSZ+KFF0Rsc
qBoj/nFtmRJ67ptQ6BqJC0oKYADanepPbsfvQ8UJjwsY4pBcOtjayQs=
-----END CERTIFICATE-----
Generated at Wed Sep 17 17:36:44 2025 by rpki-client