Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232302e302f32342d3234203d3e203331373135.roa
File: 38352e3233372e3232302e302f32342d3234203d3e203331373135.roa (raw, json)
Hash identifier: 30Um6PcjApUgOq2XOy6b1mSig+yRvRoaXPjwL4ZGrJk=
Subject key identifier: CD:A3:AA:99:27:55:41:B9:67:D9:D8:F8:7E:24:57:7D:A9:5C:AC:95
Certificate issuer: /CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Certificate serial: 32733FD32A1FA415B6B8BB172B01C9F536645E41
Authority key identifier: DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232302e302f32342d3234203d3e203331373135.roa
Signing time: Fri 14 Nov 2025 11:07:20 +0000
ROA not before: Fri 14 Nov 2025 11:02:20 +0000
ROA not after: Fri 13 Nov 2026 11:07:20 +0000
asID: 31715
IP address blocks: 85.237.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.mft
rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 15:37:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:73:3f:d3:2a:1f:a4:15:b6:b8:bb:17:2b:01:c9:f5:36:64:5e:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc943cc2a7cdc378a37702573bb4f821170b530d
Validity
Not Before: Nov 14 11:02:20 2025 GMT
Not After : Nov 13 11:07:20 2026 GMT
Subject: CN=CDA3AA99275541B967D9D8F87E24577DA95CAC95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:d0:bc:26:40:e0:d2:ad:e5:f1:61:eb:3a:87:
0e:68:8e:59:83:75:fa:34:98:e2:fb:01:72:3d:13:
05:26:45:e0:33:3b:d6:36:02:4b:21:cd:97:76:2d:
60:64:86:e7:6c:97:73:5f:1a:ca:21:d7:cc:c5:78:
b4:23:2a:be:6b:e1:f7:fa:bd:3d:5e:1a:b9:98:73:
60:bb:33:9f:de:54:43:90:ed:23:19:81:e8:16:d8:
72:09:55:48:f2:68:b2:98:8e:91:68:0c:13:8d:9d:
c5:fb:a8:17:7d:56:6b:d4:43:7f:8a:58:6f:ca:91:
92:29:76:30:66:e6:d4:03:cd:f7:e2:e8:ce:6d:6a:
e5:25:93:46:bb:28:0f:43:d4:f7:8f:b1:e6:df:38:
f7:83:b8:05:8c:a4:f1:a9:58:4b:a6:0b:4b:7c:48:
d2:fe:2e:8a:10:ae:bd:0c:60:f3:79:2a:25:7c:ad:
c5:26:e6:17:1b:f6:3e:28:0b:8d:df:e7:f0:95:11:
96:30:8d:43:62:9e:c8:31:8e:4e:85:34:98:c2:07:
69:a9:05:11:b3:03:26:07:fd:58:1a:65:f7:01:a9:
5d:c1:fd:34:1f:1e:71:96:a0:16:e3:dd:21:cb:e7:
6d:fa:fc:e8:c9:e5:7b:77:14:9d:97:c8:65:d0:99:
e3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A3:AA:99:27:55:41:B9:67:D9:D8:F8:7E:24:57:7D:A9:5C:AC:95
X509v3 Authority Key Identifier:
keyid:DC:94:3C:C2:A7:CD:C3:78:A3:77:02:57:3B:B4:F8:21:17:0B:53:0D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/DC943CC2A7CDC378A37702573BB4F821170B530D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JQ8wqfNw3ijdwJXO7T4IRcLUw0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/6ab0722f-64d8-4ca9-9267-4e5154434101/0/38352e3233372e3232302e302f32342d3234203d3e203331373135.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.237.220.0/24
Signature Algorithm: sha256WithRSAEncryption
73:be:b5:88:50:a5:d4:d4:46:5e:e4:ea:d4:80:11:ca:8d:d3:
55:ee:22:0b:24:93:69:9b:54:a9:cd:cc:12:c6:0d:83:fb:a7:
7a:3b:fd:bc:b3:b5:c8:fe:e3:ab:b0:67:0f:16:c6:99:08:1a:
53:ab:5d:0d:85:15:71:28:df:d4:fa:1a:c6:41:59:3e:1f:b9:
af:ca:ae:af:01:b2:5d:f7:4c:93:4e:63:ba:f2:9b:90:14:27:
f9:41:e2:51:9c:92:40:7d:87:84:ab:58:4f:0b:f3:0e:44:57:
7e:4c:b7:cd:35:42:3e:f1:98:25:96:0e:e9:c1:44:ba:02:29:
ee:aa:0d:ef:fd:e4:8b:63:37:6a:1a:49:98:0e:87:f2:ae:27:
55:57:f5:6a:59:17:e9:48:59:72:37:8b:03:30:6a:4f:9c:09:
18:7f:60:f6:0c:93:67:29:df:4f:d5:f0:c4:70:ab:ab:38:b6:
0a:3f:70:60:c1:09:bc:13:ce:1e:db:9b:bb:48:2c:ac:1e:d3:
89:43:74:99:7f:b9:d0:5d:bd:d3:1e:fa:59:7f:96:fe:80:65:
40:61:c5:00:32:b3:67:e5:83:fc:35:61:2f:99:12:03:b2:86:
16:bf:88:8f:e2:74:e5:6f:6e:72:e4:ce:0d:de:50:31:cd:d8:
a3:5c:03:5f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUMnM/0yofpBW2uLsXKwHJ9TZkXkEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGM5NDNjYzJhN2NkYzM3OGEzNzcwMjU3M2JiNGY4MjEx
NzBiNTMwZDAeFw0yNTExMTQxMTAyMjBaFw0yNjExMTMxMTA3MjBaMDMxMTAvBgNV
BAMTKENEQTNBQTk5Mjc1NTQxQjk2N0Q5RDhGODdFMjQ1NzdEQTk1Q0FDOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH0LwmQODSreXxYes6hw5ojlmD
dfo0mOL7AXI9EwUmReAzO9Y2AkshzZd2LWBkhudsl3NfGsoh18zFeLQjKr5r4ff6
vT1eGrmYc2C7M5/eVEOQ7SMZgegW2HIJVUjyaLKYjpFoDBONncX7qBd9VmvUQ3+K
WG/KkZIpdjBm5tQDzffi6M5tauUlk0a7KA9D1PePsebfOPeDuAWMpPGpWEumC0t8
SNL+LooQrr0MYPN5KiV8rcUm5hcb9j4oC43f5/CVEZYwjUNinsgxjk6FNJjCB2mp
BRGzAyYH/VgaZfcBqV3B/TQfHnGWoBbj3SHL5236/OjJ5Xt3FJ2XyGXQmePnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUzaOqmSdVQbln2dj4fiRXfalcrJUwHwYDVR0j
BBgwFoAU3JQ8wqfNw3ijdwJXO7T4IRcLUw0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYtNjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0
MTAxLzAvREM5NDNDQzJBN0NEQzM3OEEzNzcwMjU3M0JCNEY4MjExNzBCNTMwRC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzNKUTh3cWZOdzNpamR3SlhPN1Q0SVJj
TFV3MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvNmFiMDcyMmYt
NjRkOC00Y2E5LTkyNjctNGU1MTU0NDM0MTAxLzAvMzgzNTJlMzIzMzM3MmUzMjMy
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMzMxMzczMTM1LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
Ve3cMA0GCSqGSIb3DQEBCwUAA4IBAQBzvrWIUKXU1EZe5OrUgBHKjdNV7iILJJNp
m1SpzcwSxg2D+6d6O/28s7XI/uOrsGcPFsaZCBpTq10NhRVxKN/U+hrGQVk+H7mv
yq6vAbJd90yTTmO68puQFCf5QeJRnJJAfYeEq1hPC/MORFd+TLfNNUI+8Zgllg7p
wUS6Ainuqg3v/eSLYzdqGkmYDofyridVV/VqWRfpSFlyN4sDMGpPnAkYf2D2DJNn
Kd9P1fDEcKurOLYKP3BgwQm8E84e25u7SCysHtOJQ3SZf7nQXb3THvpZf5b+gGVA
YcUAMrNn5YP8NWEvmRIDsoYWv4iP4nTlb25y5M4N3lAxzdijXANf
-----END CERTIFICATE-----
Generated at Sat Nov 15 23:08:41 2025 by rpki-client