Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234392e302f32342d3234203d3e203235313938.roa
File: 3138352e3231332e3234392e302f32342d3234203d3e203235313938.roa (raw, json)
Hash identifier: RAmqdtOqt2GXnv4T7A8gAKdg4H2+TG5CqjE3/MvQxnU=
Subject key identifier: E4:4C:AC:30:61:35:6D:5C:99:76:18:4E:89:A0:04:80:35:B0:9F:1A
Certificate issuer: /CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Certificate serial: 03341BC706185BCACF3238E35218C38FE0A00A11
Authority key identifier: 0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234392e302f32342d3234203d3e203235313938.roa
Signing time: Thu 23 Oct 2025 07:41:57 +0000
ROA not before: Thu 23 Oct 2025 07:36:57 +0000
ROA not after: Thu 22 Oct 2026 07:41:57 +0000
asID: 25198
IP address blocks: 185.213.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.mft
rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Nov 2025 07:54:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:34:1b:c7:06:18:5b:ca:cf:32:38:e3:52:18:c3:8f:e0:a0:0a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d7ffae300def0876bf84890fb6ea17be841a4d3
Validity
Not Before: Oct 23 07:36:57 2025 GMT
Not After : Oct 22 07:41:57 2026 GMT
Subject: CN=E44CAC3061356D5C9976184E89A0048035B09F1A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7b:ea:9d:3c:1f:42:8d:51:82:5e:d4:47:76:
81:7e:9a:53:9f:7b:f1:5e:e1:db:1f:59:62:d5:3e:
ec:46:16:e0:2a:78:7e:e6:a1:6a:fb:ba:ec:9d:a1:
c1:d1:7b:c0:a1:41:ee:29:05:7c:ca:db:2a:d3:c3:
46:ba:fe:ed:f1:f2:7e:e2:3a:b8:60:44:65:77:d2:
8e:98:17:08:28:9b:04:99:f9:53:9d:5c:be:f3:c2:
b7:8a:5c:fd:6c:12:2f:7d:0f:d3:06:d1:5c:d2:ba:
9c:fa:0d:c0:36:38:4a:df:08:9f:45:44:94:7d:ca:
8e:1c:99:8e:49:ae:2c:0a:e8:4d:cd:d9:a2:eb:27:
3d:35:be:e4:32:b2:7e:49:51:f9:c6:fb:bb:cf:e1:
27:27:c7:03:28:fd:fa:d8:03:8b:97:64:34:ca:8a:
a6:d6:84:af:a5:1d:ff:1e:e5:63:db:c1:59:e7:3d:
04:e1:91:45:7c:52:9f:d2:ce:ea:c1:0e:23:1d:2c:
55:8c:2c:7d:71:a2:b2:2f:c6:01:12:cb:88:78:c2:
77:2b:fd:ec:00:fe:76:d5:fb:f6:0c:4c:de:d8:ce:
0e:79:5c:f4:38:60:25:3c:03:c9:f7:d4:58:cc:93:
db:d1:e1:2a:83:4f:3f:a3:07:c4:b0:ed:32:a0:6c:
ff:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:4C:AC:30:61:35:6D:5C:99:76:18:4E:89:A0:04:80:35:B0:9F:1A
X509v3 Authority Key Identifier:
keyid:0D:7F:FA:E3:00:DE:F0:87:6B:F8:48:90:FB:6E:A1:7B:E8:41:A4:D3
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/0D7FFAE300DEF0876BF84890FB6EA17BE841A4D3.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DX_64wDe8Idr-EiQ-26he-hBpNM.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8113dda6-7ade-445d-8c6e-448a78e48ca1/1/3138352e3231332e3234392e302f32342d3234203d3e203235313938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.249.0/24
Signature Algorithm: sha256WithRSAEncryption
10:df:ec:bd:11:1d:46:19:63:4f:51:96:3e:8b:1f:ae:8e:21:
44:db:c1:9c:1a:0a:89:83:d2:7f:b2:09:8b:6b:80:df:3d:38:
68:9f:9f:b3:21:9d:13:bc:22:6a:21:02:88:fd:2c:01:ca:43:
20:c7:ba:69:81:f4:08:2e:52:db:85:da:4f:34:60:9a:19:7a:
0c:8b:9c:05:2c:c5:b1:12:13:8c:71:96:ce:97:7e:a2:8a:22:
0b:e6:db:5e:67:71:3f:e6:8c:17:ee:cb:ef:bd:22:be:4a:fe:
ee:18:89:78:10:b9:fc:98:13:5d:94:1f:a1:26:bb:a7:c9:92:
28:9d:d2:94:dd:8d:89:8e:fe:86:43:e0:9a:d3:d7:e0:f3:7b:
74:62:5c:8a:bb:8b:d0:88:13:71:46:c9:f4:10:33:71:8e:bc:
a7:76:4e:c7:b8:ca:f5:43:9b:ce:f3:43:13:aa:ba:c8:b2:ab:
b3:87:2d:4e:15:f8:75:7e:21:43:28:a8:c2:9e:05:65:5d:ec:
d1:3d:db:1f:dc:db:93:ba:5c:c4:16:fb:b0:5c:d0:f9:b9:ca:
e0:58:c5:ff:b6:79:94:44:19:0c:44:43:2d:81:38:b3:e5:b9:
4d:c1:7b:84:fa:8a:42:f2:b2:69:29:81:34:28:9d:ac:49:ff:
d4:0a:5a:01
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUAzQbxwYYW8rPMjjjUhjDj+CgChEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGQ3ZmZhZTMwMGRlZjA4NzZiZjg0ODkwZmI2ZWExN2Jl
ODQxYTRkMzAeFw0yNTEwMjMwNzM2NTdaFw0yNjEwMjIwNzQxNTdaMDMxMTAvBgNV
BAMTKEU0NENBQzMwNjEzNTZENUM5OTc2MTg0RTg5QTAwNDgwMzVCMDlGMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXe+qdPB9CjVGCXtRHdoF+mlOf
e/Fe4dsfWWLVPuxGFuAqeH7moWr7uuydocHRe8ChQe4pBXzK2yrTw0a6/u3x8n7i
OrhgRGV30o6YFwgomwSZ+VOdXL7zwreKXP1sEi99D9MG0VzSupz6DcA2OErfCJ9F
RJR9yo4cmY5JriwK6E3N2aLrJz01vuQysn5JUfnG+7vP4ScnxwMo/frYA4uXZDTK
iqbWhK+lHf8e5WPbwVnnPQThkUV8Up/SzurBDiMdLFWMLH1xorIvxgESy4h4wncr
/ewA/nbV+/YMTN7Yzg55XPQ4YCU8A8n31FjMk9vR4SqDTz+jB8Sw7TKgbP9jAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU5EysMGE1bVyZdhhOiaAEgDWwnxowHwYDVR0j
BBgwFoAUDX/64wDe8Idr+EiQ+26he+hBpNMwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODExM2RkYTYtN2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4
Y2ExLzEvMEQ3RkZBRTMwMERFRjA4NzZCRjg0ODkwRkI2RUExN0JFODQxQTREMy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RYXzY0d0RlOElkci1FaVEtMjZoZS1o
QnBOTS5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvODExM2RkYTYt
N2FkZS00NDVkLThjNmUtNDQ4YTc4ZTQ4Y2ExLzEvMzEzODM1MmUzMjMxMzMyZTMy
MzQzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzUzMTM5Mzgucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAC51fkwDQYJKoZIhvcNAQELBQADggEBABDf7L0RHUYZY09Rlj6LH66OIUTbwZwa
ComD0n+yCYtrgN89OGifn7MhnRO8ImohAoj9LAHKQyDHummB9AguUtuF2k80YJoZ
egyLnAUsxbESE4xxls6XfqKKIgvm215ncT/mjBfuy++9Ir5K/u4YiXgQufyYE12U
H6Emu6fJkiid0pTdjYmO/oZD4JrT1+Dze3RiXIq7i9CIE3FGyfQQM3GOvKd2Tse4
yvVDm87zQxOqusiyq7OHLU4V+HV+IUMoqMKeBWVd7NE92x/c25O6XMQW+7Bc0Pm5
yuBYxf+2eZREGQxEQy2BOLPluU3Be4T6ikLysmkpgTQonaxJ/9QKWgE=
-----END CERTIFICATE-----
Generated at Sat Nov 1 14:10:48 2025 by rpki-client