Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231362e302f32342d3234203d3e20323039323432.roa
File: 38352e3233372e3231362e302f32342d3234203d3e20323039323432.roa (raw, json)
Hash identifier: P8pKIYB2nxs/xTw7G3xB0IFFE7oOrUq3dicS0U/H7+8=
Subject key identifier: 13:F7:79:CC:92:3E:C4:F9:3F:E7:21:4B:4F:20:B0:1D:C6:CE:C7:D5
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 57212725C4349ED89A3295C55D8577A4FC8BE97E
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231362e302f32342d3234203d3e20323039323432.roa
Signing time: Wed 03 Sep 2025 07:55:00 +0000
ROA not before: Wed 03 Sep 2025 07:50:00 +0000
ROA not after: Wed 02 Sep 2026 07:55:00 +0000
asID: 209242
IP address blocks: 85.237.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 15:33:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:21:27:25:c4:34:9e:d8:9a:32:95:c5:5d:85:77:a4:fc:8b:e9:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 3 07:50:00 2025 GMT
Not After : Sep 2 07:55:00 2026 GMT
Subject: CN=13F779CC923EC4F93FE7214B4F20B01DC6CEC7D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:0c:b0:3d:2c:2e:01:95:67:dd:25:97:c7:f7:
cb:1a:2f:19:a5:55:f2:01:66:c2:85:bb:5b:1b:95:
36:1b:69:c4:89:01:57:96:d2:8e:87:28:c0:2f:6b:
fa:aa:64:08:76:27:f5:b9:aa:8d:1c:24:c3:ba:ce:
9f:50:fa:a9:ba:c2:33:1c:77:60:87:28:90:08:09:
bb:b1:42:29:71:94:94:5e:7a:cb:7e:18:fb:be:8c:
20:5f:1b:7b:5e:70:88:69:82:29:6e:89:23:51:fb:
b8:c9:11:e1:96:70:ca:97:aa:5a:d3:85:93:e6:3c:
7a:d2:2e:48:1a:cc:59:4c:2b:b0:d5:a9:65:3d:ba:
ca:94:cd:34:c7:b8:ec:b8:70:a6:0d:99:a7:71:08:
b4:40:6a:f8:ad:8a:cc:c5:c1:dd:ef:39:4e:35:68:
5f:46:c4:26:49:5f:5c:85:b7:0e:88:5d:72:df:1c:
0c:dd:ad:fe:3e:a0:13:13:e2:07:95:f0:07:27:7c:
b5:60:8f:13:9f:bf:07:73:11:78:85:9c:d3:de:53:
f6:59:58:24:86:bb:37:b2:61:c4:45:1e:86:17:a6:
4a:c5:4f:d0:2f:91:ec:9f:7f:cc:52:8f:ea:19:6c:
f6:50:13:69:76:ec:ee:2c:4c:83:4c:d2:ef:bb:4f:
52:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:F7:79:CC:92:3E:C4:F9:3F:E7:21:4B:4F:20:B0:1D:C6:CE:C7:D5
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231362e302f32342d3234203d3e20323039323432.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.216.0/24
Signature Algorithm: sha256WithRSAEncryption
40:04:91:ab:23:ff:a9:05:af:14:1b:5c:11:e0:e6:34:c6:51:
1d:32:25:e3:f7:ee:77:47:b7:94:07:79:5b:13:ba:86:de:c3:
9b:1b:65:b0:1d:1a:08:48:13:47:7b:80:bd:fc:b5:fe:79:3d:
7d:9d:c1:15:32:b7:32:7d:99:77:56:e9:9b:88:99:b4:04:c0:
05:36:02:7a:bc:b6:84:ba:9c:4a:4b:4f:af:f9:1f:1d:05:02:
fa:70:a1:21:c6:b1:3d:6b:5f:84:23:a7:06:45:2f:e5:bd:05:
78:e4:4b:ad:8a:55:2f:54:e2:ad:90:8e:f0:ef:bc:31:6c:e6:
34:31:61:5e:c1:66:4c:71:8f:41:98:98:3f:53:ff:e6:80:42:
81:59:a0:4c:5f:d3:a2:8e:86:3e:0c:0d:fb:48:b7:53:4d:94:
08:b4:68:17:89:4f:aa:48:e3:d2:22:da:c5:64:fd:2d:74:61:
65:de:08:df:20:fe:41:58:c7:4d:cd:2c:85:17:0d:6b:32:33:
9a:68:7d:47:e7:cf:a1:b7:93:f6:d8:5c:9f:9f:74:ff:f1:27:
f0:31:67:a8:94:e6:d6:1a:16:12:83:71:d0:33:19:20:58:8f:
38:38:36:4f:96:86:aa:de:43:f7:e7:5e:ac:ec:ad:91:f5:7e:
5f:cf:f0:e0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVyEnJcQ0ntiaMpXFXYV3pPyL6X4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA5MDMwNzUwMDBaFw0yNjA5MDIwNzU1MDBaMDMxMTAvBgNV
BAMTKDEzRjc3OUNDOTIzRUM0RjkzRkU3MjE0QjRGMjBCMDFEQzZDRUM3RDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwDLA9LC4BlWfdJZfH98saLxml
VfIBZsKFu1sblTYbacSJAVeW0o6HKMAva/qqZAh2J/W5qo0cJMO6zp9Q+qm6wjMc
d2CHKJAICbuxQilxlJReest+GPu+jCBfG3tecIhpgiluiSNR+7jJEeGWcMqXqlrT
hZPmPHrSLkgazFlMK7DVqWU9usqUzTTHuOy4cKYNmadxCLRAavitiszFwd3vOU41
aF9GxCZJX1yFtw6IXXLfHAzdrf4+oBMT4geV8AcnfLVgjxOfvwdzEXiFnNPeU/ZZ
WCSGuzeyYcRFHoYXpkrFT9Avkeyff8xSj+oZbPZQE2l27O4sTINM0u+7T1LNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUE/d5zJI+xPk/5yFLTyCwHcbOx9UwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzkzMjM0MzIucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dgwDQYJKoZIhvcNAQELBQADggEBAEAEkasj/6kFrxQbXBHg5jTGUR0yJeP3
7ndHt5QHeVsTuobew5sbZbAdGghIE0d7gL38tf55PX2dwRUytzJ9mXdW6ZuImbQE
wAU2Anq8toS6nEpLT6/5Hx0FAvpwoSHGsT1rX4QjpwZFL+W9BXjkS62KVS9U4q2Q
jvDvvDFs5jQxYV7BZkxxj0GYmD9T/+aAQoFZoExf06KOhj4MDftIt1NNlAi0aBeJ
T6pI49Ii2sVk/S10YWXeCN8g/kFYx03NLIUXDWsyM5pofUfnz6G3k/bYXJ+fdP/x
J/AxZ6iU5tYaFhKDcdAzGSBYjzg4Nk+WhqreQ/fnXqzsrZH1fl/P8OA=
-----END CERTIFICATE-----
Generated at Wed Sep 17 17:36:47 2025 by rpki-client