Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231372e302f32342d3234203d3e203231383539.roa
File: 38352e3233372e3231372e302f32342d3234203d3e203231383539.roa (raw, json)
Hash identifier: H7Yb4Y1/sAR8Zgft4fKrSd1d4E0rfFcYIeKFh2MyFgY=
Subject key identifier: 7C:D9:DB:E5:6E:51:70:E6:E3:B0:49:BA:CD:47:06:2B:B4:23:1F:EB
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 6212F5254F043FA8DC80F634C177B835F580580E
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231372e302f32342d3234203d3e203231383539.roa
Signing time: Wed 18 Jun 2025 07:27:38 +0000
ROA not before: Wed 18 Jun 2025 07:22:38 +0000
ROA not after: Wed 17 Jun 2026 07:27:38 +0000
asID: 21859
IP address blocks: 85.237.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 16:57:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:12:f5:25:4f:04:3f:a8:dc:80:f6:34:c1:77:b8:35:f5:80:58:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Jun 18 07:22:38 2025 GMT
Not After : Jun 17 07:27:38 2026 GMT
Subject: CN=7CD9DBE56E5170E6E3B049BACD47062BB4231FEB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9e:3b:08:91:78:49:8b:44:d5:0d:e7:71:51:
a1:31:3d:ff:b4:30:d7:79:8f:5d:6c:70:4b:26:05:
8f:09:ce:28:fb:02:f3:8d:76:43:fc:0c:53:ff:f2:
58:7f:49:1e:ba:36:d8:6c:10:50:7b:80:f0:72:8b:
27:0c:2a:2a:d9:05:88:ba:cd:dc:07:07:41:10:db:
ca:75:d6:5e:b8:ff:da:da:0d:e8:57:60:62:1d:a9:
c9:68:2b:d6:d0:71:e4:97:7e:c4:97:c9:a4:cc:9c:
f5:91:ba:cb:0d:cd:6e:a1:95:32:c8:73:5b:96:e9:
dd:80:50:0c:5f:61:4e:b7:bd:0d:c8:49:96:6b:9f:
f6:c3:14:aa:15:fb:c1:f3:ba:d8:c3:83:87:cd:a3:
cf:ea:a1:d3:b5:1b:5c:5d:0f:47:0c:32:aa:07:2d:
28:8b:7b:ea:7c:04:5e:48:8a:0e:2a:21:d1:f9:bb:
63:cc:bc:a5:c5:0d:1b:aa:c2:d0:f5:11:55:d7:f4:
db:d0:5e:b7:ec:f4:2b:b7:87:ee:fc:32:7c:2b:22:
6f:3f:47:bf:4a:5b:1f:c1:0a:b4:6e:a1:ae:56:1f:
0d:8f:bd:ad:33:a7:ea:2c:7d:a9:e5:cb:01:ef:8f:
14:90:b3:3b:de:78:d9:c3:ff:29:25:39:27:99:2b:
0c:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:D9:DB:E5:6E:51:70:E6:E3:B0:49:BA:CD:47:06:2B:B4:23:1F:EB
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231372e302f32342d3234203d3e203231383539.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.217.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:8f:1e:02:e8:60:8d:72:ad:3a:4c:f1:76:d5:7c:87:21:39:
9c:73:4d:47:fb:0c:16:11:ad:40:35:ab:de:d5:18:72:2f:9d:
27:4e:d6:0f:9a:80:5c:40:38:61:bf:5f:f7:92:db:60:66:cb:
a3:97:b8:d8:7c:7f:7f:d5:85:75:ef:a9:f2:86:ff:5c:85:28:
25:d2:f0:e0:3c:c5:7b:81:d8:52:c0:74:93:1f:7c:c6:d9:f3:
fe:8a:ed:47:aa:3a:55:ae:e8:87:92:9f:7c:19:5a:83:48:47:
02:15:92:80:e4:9f:63:8f:c9:da:b4:ab:e1:82:d5:02:98:2b:
f1:a2:cd:fb:c7:6f:58:0e:df:d9:bf:e6:c4:70:a4:30:fd:9c:
5e:04:69:b8:fd:48:bf:48:d6:45:6b:0b:e5:99:d6:19:02:66:
2d:fc:b8:7f:79:e8:d1:e5:dd:f9:8c:ee:df:e7:a7:02:0b:d8:
87:38:c3:d3:66:94:4d:8f:ac:6e:5b:43:54:fc:0f:78:2e:7b:
b9:38:a1:5e:45:08:ae:44:97:72:cc:6c:7d:67:1f:51:55:ac:
1d:54:8f:c2:c7:15:0a:f8:55:b6:93:b6:d5:8c:fb:a8:d2:5c:
bf:eb:ee:8b:bc:71:18:45:c0:0c:d0:2f:60:4f:c5:70:18:4a:
c6:bf:68:fb
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYhL1JU8EP6jcgPY0wXe4NfWAWA4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA2MTgwNzIyMzhaFw0yNjA2MTcwNzI3MzhaMDMxMTAvBgNV
BAMTKDdDRDlEQkU1NkU1MTcwRTZFM0IwNDlCQUNENDcwNjJCQjQyMzFGRUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClnjsIkXhJi0TVDedxUaExPf+0
MNd5j11scEsmBY8Jzij7AvONdkP8DFP/8lh/SR66NthsEFB7gPByiycMKirZBYi6
zdwHB0EQ28p11l64/9raDehXYGIdqcloK9bQceSXfsSXyaTMnPWRussNzW6hlTLI
c1uW6d2AUAxfYU63vQ3ISZZrn/bDFKoV+8HzutjDg4fNo8/qodO1G1xdD0cMMqoH
LSiLe+p8BF5Iig4qIdH5u2PMvKXFDRuqwtD1EVXX9NvQXrfs9Cu3h+78MnwrIm8/
R79KWx/BCrRuoa5WHw2Pva0zp+osfanlywHvjxSQszveeNnD/yklOSeZKwx1AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUfNnb5W5RcObjsEm6zUcGK7QjH+swHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzgzNTM5LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3ZMA0GCSqGSIb3DQEBCwUAA4IBAQAPjx4C6GCNcq06TPF21XyHITmcc01H+wwW
Ea1ANave1RhyL50nTtYPmoBcQDhhv1/3kttgZsujl7jYfH9/1YV176nyhv9chSgl
0vDgPMV7gdhSwHSTH3zG2fP+iu1HqjpVruiHkp98GVqDSEcCFZKA5J9jj8natKvh
gtUCmCvxos37x29YDt/Zv+bEcKQw/ZxeBGm4/Ui/SNZFawvlmdYZAmYt/Lh/eejR
5d35jO7f56cCC9iHOMPTZpRNj6xuW0NU/A94Lnu5OKFeRQiuRJdyzGx9Zx9RVawd
VI/CxxUK+FW2k7bVjPuo0ly/6+6LvHEYRcAM0C9gT8VwGErGv2j7
-----END CERTIFICATE-----
Generated at Tue Jul 1 21:32:06 2025 by rpki-client