Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231382e302f32342d3234203d3e20323132363039.roa
File: 38352e3233372e3231382e302f32342d3234203d3e20323132363039.roa (raw, json)
Hash identifier: FQhFPoA14lfkV1OOZyHPSBUcdj8JOmXeeg9iy6SwrLo=
Subject key identifier: 15:20:2C:6D:53:54:8B:F0:14:0E:08:AF:6A:30:73:9C:55:C8:02:8D
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 5F20C2CBC97ABDF98E807CAC70B5C6EAA014712C
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231382e302f32342d3234203d3e20323132363039.roa
Signing time: Wed 10 Sep 2025 09:55:02 +0000
ROA not before: Wed 10 Sep 2025 09:50:02 +0000
ROA not after: Wed 09 Sep 2026 09:55:02 +0000
asID: 212609
IP address blocks: 85.237.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 00:06:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:20:c2:cb:c9:7a:bd:f9:8e:80:7c:ac:70:b5:c6:ea:a0:14:71:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Sep 10 09:50:02 2025 GMT
Not After : Sep 9 09:55:02 2026 GMT
Subject: CN=15202C6D53548BF0140E08AF6A30739C55C8028D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b0:e6:74:f7:9b:b3:fb:c6:b9:94:09:0c:a2:
11:9d:ff:47:97:e3:ca:7e:a1:78:2b:40:5b:f2:a1:
1b:88:f9:47:f0:aa:b0:85:fa:95:83:d0:e1:01:fd:
ff:31:a3:91:15:a4:50:fd:65:a5:a9:47:ff:5f:c5:
53:a6:6c:64:55:00:a5:f0:43:ea:1c:a4:59:9b:39:
0e:58:91:50:26:96:1b:04:43:4c:0b:1f:4b:14:05:
54:52:a3:80:28:b1:aa:37:20:0e:27:7f:fb:e0:6f:
bc:4a:73:a3:74:de:38:3f:02:3e:6d:3e:39:25:95:
1b:7a:ed:c2:6a:6f:2a:d3:d2:1c:cd:f6:06:6a:1a:
e2:b9:22:48:20:fc:26:63:40:24:f8:d7:ad:ff:fc:
44:9b:97:ee:80:46:a6:ef:ba:73:e0:0f:e1:51:5b:
d0:b7:9f:21:f8:d9:8a:88:0f:5b:7c:cf:b9:40:ab:
32:54:cc:37:89:26:f1:71:c0:60:d0:80:99:53:04:
2d:f5:55:cb:d1:b7:83:2f:90:84:63:93:3e:86:cd:
e0:ea:2d:0a:93:a6:65:a6:94:fb:3c:9f:b1:02:a6:
99:2d:bc:e1:ed:92:5a:17:bf:d8:46:e2:5e:ff:dc:
6b:b8:9b:bd:59:8e:75:cd:7d:c1:24:ef:28:ab:ab:
af:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:20:2C:6D:53:54:8B:F0:14:0E:08:AF:6A:30:73:9C:55:C8:02:8D
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3231382e302f32342d3234203d3e20323132363039.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.218.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:9a:86:45:92:59:77:c5:c6:8e:58:f1:d5:97:e5:3f:88:00:
04:4e:2f:fa:b8:81:33:35:27:a3:2d:42:1e:6e:75:d9:b0:84:
d9:bb:2b:13:8e:b9:89:96:65:ca:51:16:41:54:d6:6a:10:12:
8b:7c:cb:89:3b:13:69:1d:7f:ed:04:fc:b7:7b:c9:92:60:5f:
13:b6:4b:a5:3d:99:54:d7:d4:6a:5d:9f:c9:b0:da:a4:79:93:
f8:cd:e0:7c:0c:3b:02:9a:0f:0a:76:00:51:db:b6:ce:69:16:
12:14:89:54:c9:75:58:90:98:b0:13:4b:2e:2a:64:17:24:02:
63:65:cf:c4:ac:d5:8c:c6:68:91:f3:bd:bd:40:11:df:c5:55:
36:9d:99:2d:6f:03:79:33:2d:33:73:33:81:52:4d:04:55:53:
c4:75:87:0a:d2:60:d3:88:ea:84:b5:90:ad:92:9e:c5:ec:3f:
ec:a4:d2:a2:f8:c5:9c:dd:92:78:16:ba:10:40:f6:fc:81:22:
9e:8e:7d:7a:90:00:6f:3e:e4:30:bc:41:90:0d:d2:e4:ea:0d:
e1:3f:83:95:46:f5:52:7c:6c:05:2f:52:c0:e9:fb:ba:26:c5:
68:64:bd:fc:bf:aa:29:99:d7:b5:6d:28:f8:30:15:4f:66:ea:
22:e7:3c:4b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXyDCy8l6vfmOgHyscLXG6qAUcSwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTA5MTAwOTUwMDJaFw0yNjA5MDkwOTU1MDJaMDMxMTAvBgNV
BAMTKDE1MjAyQzZENTM1NDhCRjAxNDBFMDhBRjZBMzA3MzlDNTVDODAyOEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTsOZ095uz+8a5lAkMohGd/0eX
48p+oXgrQFvyoRuI+UfwqrCF+pWD0OEB/f8xo5EVpFD9ZaWpR/9fxVOmbGRVAKXw
Q+ocpFmbOQ5YkVAmlhsEQ0wLH0sUBVRSo4Aosao3IA4nf/vgb7xKc6N03jg/Aj5t
PjkllRt67cJqbyrT0hzN9gZqGuK5Ikgg/CZjQCT4163//ESbl+6ARqbvunPgD+FR
W9C3nyH42YqID1t8z7lAqzJUzDeJJvFxwGDQgJlTBC31VcvRt4MvkIRjkz6GzeDq
LQqTpmWmlPs8n7ECppktvOHtkloXv9hG4l7/3Gu4m71ZjnXNfcEk7yirq68xAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUFSAsbVNUi/AUDgivajBznFXIAo0wHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMx
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzNjMwMzkucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BABV7dowDQYJKoZIhvcNAQELBQADggEBAC6ahkWSWXfFxo5Y8dWX5T+IAAROL/q4
gTM1J6MtQh5uddmwhNm7KxOOuYmWZcpRFkFU1moQEot8y4k7E2kdf+0E/Ld7yZJg
XxO2S6U9mVTX1Gpdn8mw2qR5k/jN4HwMOwKaDwp2AFHbts5pFhIUiVTJdViQmLAT
Sy4qZBckAmNlz8Ss1YzGaJHzvb1AEd/FVTadmS1vA3kzLTNzM4FSTQRVU8R1hwrS
YNOI6oS1kK2SnsXsP+yk0qL4xZzdkngWuhBA9vyBIp6OfXqQAG8+5DC8QZAN0uTq
DeE/g5VG9VJ8bAUvUsDp+7omxWhkvfy/qimZ17VtKPgwFU9m6iLnPEs=
-----END CERTIFICATE-----
Generated at Wed Sep 17 17:36:50 2025 by rpki-client