Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ebc533f-7f31-4bd6-874d-e736e9fde5bd/0/3138352e33312e3230322e302f32342d3234203d3e20323038373635.roa
File: 3138352e33312e3230322e302f32342d3234203d3e20323038373635.roa (raw, json)
Hash identifier: AYXBM6Gs7ye6sJ6OSz0wwrESd1N1gaJYldRKbiReV2s=
Subject key identifier: 53:CE:45:F6:F4:62:59:53:BC:93:56:68:64:C4:70:92:79:8D:79:76
Certificate issuer: /CN=6464045da5bed0687d15cbda67a04eb87a8fb03e
Certificate serial: 1E4408F3CF6CD9C0E49337527EBF4394326C13CC
Authority key identifier: 64:64:04:5D:A5:BE:D0:68:7D:15:CB:DA:67:A0:4E:B8:7A:8F:B0:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZGQEXaW-0Gh9FcvaZ6BOuHqPsD4.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ebc533f-7f31-4bd6-874d-e736e9fde5bd/0/3138352e33312e3230322e302f32342d3234203d3e20323038373635.roa
Signing time: Tue 26 Aug 2025 14:15:30 +0000
ROA not before: Tue 26 Aug 2025 14:10:30 +0000
ROA not after: Tue 25 Aug 2026 14:15:30 +0000
asID: 208765
IP address blocks: 185.31.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ebc533f-7f31-4bd6-874d-e736e9fde5bd/0/6464045DA5BED0687D15CBDA67A04EB87A8FB03E.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ebc533f-7f31-4bd6-874d-e736e9fde5bd/0/6464045DA5BED0687D15CBDA67A04EB87A8FB03E.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZGQEXaW-0Gh9FcvaZ6BOuHqPsD4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 21:55:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:44:08:f3:cf:6c:d9:c0:e4:93:37:52:7e:bf:43:94:32:6c:13:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6464045da5bed0687d15cbda67a04eb87a8fb03e
Validity
Not Before: Aug 26 14:10:30 2025 GMT
Not After : Aug 25 14:15:30 2026 GMT
Subject: CN=53CE45F6F4625953BC93566864C47092798D7976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ca:8c:8e:0e:3f:b0:1b:49:df:07:04:5d:c3:
af:fc:e4:57:5c:92:6e:4d:79:15:40:78:74:1e:be:
0c:05:70:ef:ab:39:1a:00:01:cc:18:77:c6:4b:bb:
33:ea:db:b8:f3:30:73:4b:c8:5e:ab:39:38:01:d7:
88:84:71:7e:e1:88:e3:58:18:41:a0:07:3d:ce:a4:
e1:ce:3b:fe:cb:4e:41:de:bd:ec:7a:d4:9c:14:f5:
7d:50:19:61:93:ec:0f:0d:7f:be:cc:80:04:ce:58:
e8:17:01:2a:25:5b:3a:54:57:0f:cf:83:52:04:dc:
b0:c5:fb:93:73:87:de:cb:5b:06:cd:ba:fd:8b:b9:
ce:f8:91:3d:e2:4e:d4:05:c0:2d:80:94:98:aa:68:
57:32:10:dd:e0:f9:0a:3d:0b:f4:08:32:6a:ba:2b:
d8:9f:cc:6b:da:46:e8:53:ab:ef:ac:d6:ec:6d:c1:
fc:75:c0:21:6d:3d:8c:90:c8:96:4a:db:27:7a:15:
28:6f:44:15:22:b9:98:48:18:06:36:26:ac:db:42:
51:ab:ee:ba:09:d0:d3:a8:c5:e9:28:03:02:1d:fa:
76:06:4b:0f:4c:7e:96:ea:d9:9f:8f:b1:f8:78:be:
52:4b:04:3e:3e:0b:e0:1b:b1:85:e4:94:e6:11:58:
d3:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:CE:45:F6:F4:62:59:53:BC:93:56:68:64:C4:70:92:79:8D:79:76
X509v3 Authority Key Identifier:
keyid:64:64:04:5D:A5:BE:D0:68:7D:15:CB:DA:67:A0:4E:B8:7A:8F:B0:3E
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ebc533f-7f31-4bd6-874d-e736e9fde5bd/0/6464045DA5BED0687D15CBDA67A04EB87A8FB03E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZGQEXaW-0Gh9FcvaZ6BOuHqPsD4.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ebc533f-7f31-4bd6-874d-e736e9fde5bd/0/3138352e33312e3230322e302f32342d3234203d3e20323038373635.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.202.0/24
Signature Algorithm: sha256WithRSAEncryption
07:4d:6b:da:32:bd:23:95:2c:a6:64:d4:c8:c4:16:39:fa:26:
2a:f5:6a:a0:96:94:e3:0a:a5:30:9b:ca:bd:c6:08:04:d8:18:
40:a4:77:c0:aa:e6:36:c2:4b:56:6f:c1:a0:4d:17:70:9f:01:
46:9a:dc:21:95:de:c5:a1:00:28:c2:d3:67:4e:63:88:28:15:
04:e2:71:74:1a:c9:b9:f9:91:d9:89:b9:4b:40:91:c3:df:35:
79:20:91:52:43:c6:be:e1:47:6c:c8:30:0c:70:34:f5:03:86:
ee:a6:89:76:1b:d8:89:53:f5:c5:94:6e:f4:e7:c3:93:d1:74:
13:f6:67:75:62:19:25:08:9c:9f:12:c9:a3:8a:d2:9a:5e:07:
d5:58:0d:cd:a2:52:89:ef:d5:bb:bc:cb:3e:58:a4:c6:8e:f2:
fe:6c:da:13:d5:77:43:c8:c5:c2:c7:70:b7:45:cc:8b:2c:ea:
2e:9f:28:83:c9:14:97:f5:6f:b4:32:04:98:6b:a2:7c:6d:7c:
eb:74:27:bc:53:c2:a4:16:3f:71:76:c1:36:47:69:c1:6a:97:
6f:f9:e4:ff:93:b5:46:90:c3:b3:3c:99:40:2a:0b:df:b1:a4:
65:95:95:72:a2:48:94:e9:44:32:69:57:ed:8e:01:bf:0f:1e:
e1:47:23:c0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHkQI889s2cDkkzdSfr9DlDJsE8wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjQ2NDA0NWRhNWJlZDA2ODdkMTVjYmRhNjdhMDRlYjg3
YThmYjAzZTAeFw0yNTA4MjYxNDEwMzBaFw0yNjA4MjUxNDE1MzBaMDMxMTAvBgNV
BAMTKDUzQ0U0NUY2RjQ2MjU5NTNCQzkzNTY2ODY0QzQ3MDkyNzk4RDc5NzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbyoyODj+wG0nfBwRdw6/85Fdc
km5NeRVAeHQevgwFcO+rORoAAcwYd8ZLuzPq27jzMHNLyF6rOTgB14iEcX7hiONY
GEGgBz3OpOHOO/7LTkHevex61JwU9X1QGWGT7A8Nf77MgATOWOgXASolWzpUVw/P
g1IE3LDF+5Nzh97LWwbNuv2Luc74kT3iTtQFwC2AlJiqaFcyEN3g+Qo9C/QIMmq6
K9ifzGvaRuhTq++s1uxtwfx1wCFtPYyQyJZK2yd6FShvRBUiuZhIGAY2JqzbQlGr
7roJ0NOoxekoAwId+nYGSw9Mfpbq2Z+Psfh4vlJLBD4+C+AbsYXklOYRWNPrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUU85F9vRiWVO8k1ZoZMRwknmNeXYwHwYDVR0j
BBgwFoAUZGQEXaW+0Gh9FcvaZ6BOuHqPsD4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ViYzUzM2YtN2YzMS00YmQ2LTg3NGQtZTczNmU5ZmRl
NWJkLzAvNjQ2NDA0NURBNUJFRDA2ODdEMTVDQkRBNjdBMDRFQjg3QThGQjAzRS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1pHUUVYYVctMEdoOUZjdmFaNkJPdUhx
UHNENC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvN2ViYzUzM2Yt
N2YzMS00YmQ2LTg3NGQtZTczNmU5ZmRlNWJkLzAvMzEzODM1MmUzMzMxMmUzMjMw
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzgzNzM2MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC5H8owDQYJKoZIhvcNAQELBQADggEBAAdNa9oyvSOVLKZk1MjEFjn6Jir1aqCW
lOMKpTCbyr3GCATYGECkd8Cq5jbCS1ZvwaBNF3CfAUaa3CGV3sWhACjC02dOY4go
FQTicXQaybn5kdmJuUtAkcPfNXkgkVJDxr7hR2zIMAxwNPUDhu6miXYb2IlT9cWU
bvTnw5PRdBP2Z3ViGSUInJ8SyaOK0ppeB9VYDc2iUonv1bu8yz5YpMaO8v5s2hPV
d0PIxcLHcLdFzIss6i6fKIPJFJf1b7QyBJhronxtfOt0J7xTwqQWP3F2wTZHacFq
l2/55P+TtUaQw7M8mUAqC9+xpGWVlXKiSJTpRDJpV+2OAb8PHuFHI8A=
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:00:39 2025 by rpki-client