Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231322e302f32342d3234203d3e20323036303932.roa
File: 38352e3233372e3231322e302f32342d3234203d3e20323036303932.roa (raw, json)
Hash identifier: AJExMsB0HO8tFMbmyfAookpZNN5UUSDf4Vh1iCZz8dI=
Subject key identifier: 5D:5D:7C:E2:48:11:1F:16:F8:94:8C:2B:CB:68:3E:64:1E:5C:8B:6E
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 666DC296EE4327CE44890E0EA721A03DCFD33B71
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231322e302f32342d3234203d3e20323036303932.roa
Signing time: Wed 10 Sep 2025 09:55:01 +0000
ROA not before: Wed 10 Sep 2025 09:50:01 +0000
ROA not after: Wed 09 Sep 2026 09:55:01 +0000
asID: 206092
IP address blocks: 85.237.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 Oct 2025 20:33:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:6d:c2:96:ee:43:27:ce:44:89:0e:0e:a7:21:a0:3d:cf:d3:3b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 10 09:50:01 2025 GMT
Not After : Sep 9 09:55:01 2026 GMT
Subject: CN=5D5D7CE248111F16F8948C2BCB683E641E5C8B6E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:a9:c1:de:a7:35:6e:d6:53:d4:d7:65:f8:4e:
c2:b6:20:70:a8:7d:08:3d:f7:c4:c7:ad:3b:dc:c2:
47:33:7f:b3:85:dd:b4:c8:2a:55:ab:05:a9:e3:72:
33:1c:6e:f5:9f:7e:27:f8:e2:bf:13:9f:b8:bd:41:
88:e4:ee:7c:0a:0d:56:0b:a8:29:4c:ae:91:44:59:
e3:bd:fb:bd:66:fa:7e:53:52:64:13:c4:ab:57:f8:
3a:7e:24:e4:83:9b:7c:cd:ed:98:c6:34:c8:b6:6b:
61:89:78:f7:87:cb:32:9e:b0:a5:ba:45:3a:11:d8:
d3:36:86:92:ff:37:d1:82:2a:08:d8:f7:2d:f5:b1:
d4:cc:7b:79:c6:14:f9:c9:28:93:7d:5b:49:96:12:
7e:12:00:dc:7d:75:74:8c:52:35:eb:11:31:0e:1a:
a1:86:8f:59:1f:59:ed:5f:4d:11:5e:90:58:12:be:
20:e6:c4:f5:c9:a3:e2:d5:71:2f:0f:22:c5:72:25:
fc:31:ee:41:bd:0c:0f:6a:69:08:43:5f:05:d7:59:
19:05:4b:e2:03:65:b7:b8:73:d8:c1:85:a0:f4:76:
17:35:1e:93:ba:33:e1:7e:a6:07:41:ed:e2:8a:83:
c9:2f:2a:fd:42:0a:45:c9:e9:30:f8:ed:3d:f4:5a:
a5:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:5D:7C:E2:48:11:1F:16:F8:94:8C:2B:CB:68:3E:64:1E:5C:8B:6E
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231322e302f32342d3234203d3e20323036303932.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.212.0/24
Signature Algorithm: sha256WithRSAEncryption
41:c9:2e:b2:dd:26:00:80:1b:07:f3:b5:6c:33:94:15:47:dc:
60:64:40:d8:7b:0c:ae:3f:66:7b:d4:b3:6b:44:5c:8e:44:66:
da:7c:46:a5:ff:ee:68:1d:bc:37:e2:a4:6b:3f:5c:35:ad:f9:
38:a2:a4:58:2e:0a:e9:b2:52:61:f4:43:72:45:c6:5d:58:6c:
75:d6:df:02:19:28:27:f4:e4:97:43:d0:ba:d5:c0:34:be:bf:
4f:2d:09:91:47:58:93:25:92:5e:4b:b4:d2:b8:a4:a2:7b:15:
e8:44:b3:bd:da:31:7b:4b:f3:67:b2:20:11:7b:bf:21:98:35:
20:fc:d1:ed:93:f5:23:93:ef:f7:da:c4:6d:db:2d:03:cb:1d:
88:0c:ee:17:8b:a8:9e:34:a2:60:99:a3:16:f8:d3:7c:22:8f:
1b:53:d4:aa:86:fe:8e:7f:c5:e9:51:ee:ae:d0:eb:4b:77:8d:
82:13:fb:30:58:8a:07:8a:e1:41:af:2d:8a:90:23:f3:c7:4e:
f1:a5:75:a2:22:3d:34:f7:0c:bb:6d:93:a5:9c:50:d3:1d:39:
60:fc:0b:81:9d:0a:98:4f:06:b9:d3:a0:95:ad:37:d6:ab:9e:
a3:43:d6:66:1f:5b:a4:9c:b3:f1:f9:f4:61:13:4b:95:20:d4:
fb:4b:f8:ac
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZm3Clu5DJ85EiQ4OpyGgPc/TO3EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA5MTAwOTUwMDFaFw0yNjA5MDkwOTU1MDFaMDMxMTAvBgNV
BAMTKDVENUQ3Q0UyNDgxMTFGMTZGODk0OEMyQkNCNjgzRTY0MUU1QzhCNkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMqcHepzVu1lPU12X4TsK2IHCo
fQg998THrTvcwkczf7OF3bTIKlWrBanjcjMcbvWffif44r8Tn7i9QYjk7nwKDVYL
qClMrpFEWeO9+71m+n5TUmQTxKtX+Dp+JOSDm3zN7ZjGNMi2a2GJePeHyzKesKW6
RToR2NM2hpL/N9GCKgjY9y31sdTMe3nGFPnJKJN9W0mWEn4SANx9dXSMUjXrETEO
GqGGj1kfWe1fTRFekFgSviDmxPXJo+LVcS8PIsVyJfwx7kG9DA9qaQhDXwXXWRkF
S+IDZbe4c9jBhaD0dhc1HpO6M+F+pgdB7eKKg8kvKv1CCkXJ6TD47T30WqVHAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUXV184kgRHxb4lIwry2g+ZB5ci24wHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzYzMDM5MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dQwDQYJKoZIhvcNAQELBQADggEBAEHJLrLdJgCAGwfztWwzlBVH3GBkQNh7
DK4/ZnvUs2tEXI5EZtp8RqX/7mgdvDfipGs/XDWt+TiipFguCumyUmH0Q3JFxl1Y
bHXW3wIZKCf05JdD0LrVwDS+v08tCZFHWJMlkl5LtNK4pKJ7FehEs73aMXtL82ey
IBF7vyGYNSD80e2T9SOT7/faxG3bLQPLHYgM7heLqJ40omCZoxb403wijxtT1KqG
/o5/xelR7q7Q60t3jYIT+zBYigeK4UGvLYqQI/PHTvGldaIiPTT3DLttk6WcUNMd
OWD8C4GdCphPBrnToJWtN9arnqND1mYfW6Scs/H59GETS5Ug1PtL+Kw=
-----END CERTIFICATE-----
Generated at Thu Oct 16 05:50:01 2025 by rpki-client